logo
episode-header-image
Nov 2024
9m 10s

Unknown Attacker Tries To Frame Security...

Jim Love
About this episode

Cybersecurity Today: GitHub Attacks & Microsoft's November Patch Tuesday Updates

In this episode of Cybersecurity Today, host Jim Love highlights critical cybersecurity updates. The episode covers malicious attacks on GitHub projects, including an orchestrated attempt to frame Texas-based security researcher Mike Bell, and the associated impact on open-source repositories. Additionally, Microsoft's November Patch Tuesday is discussed in detail, with over 90 security issues disclosed, including four critical zero-day vulnerabilities. The episode also addresses a new ransomware strain exploiting vulnerabilities in Veeam backup software, and the disruptions caused by Microsoft's flawed Exchange Server security update. Stay informed on the latest cybersecurity trends and threats.

00:00 Introduction and Sponsor Message 00:29 Cybersecurity Headlines 00:46 GitHub Malicious Code Attack 03:24 Microsoft November Patch Tuesday 05:17 Veeam Backup Software Vulnerability 07:02 Microsoft Exchange Server Update Issues 08:47 Conclusion and Sign-Off

Up next
Today
From CVE To Cyber Attack In Minutes With AI: Cybersecurity Today
Host David Shipley explores the latest in cybersecurity, including the rapid development of AI-generated exploits for critical vulnerabilities, record-high searches of digital devices at US borders, and a fired developer jailed for sabotaging his former employer. Additionally, th ... Show More
8m 26s
Aug 23
The Evolving Landscape of Cybersecurity Training: Effective Strategies and Misleading Headlines
In this episode of Cybersecurity Today, host Jim Love explores the complex dynamics of cybersecurity training with guests Michael Joyce and David Shipley. They discuss the importance of continuous awareness and the temporal decay of training effects. The conversation highlights t ... Show More
1h 22m
Aug 22
Cybersecurity Today: Massive Data Exposures, Microsoft Failures, and PayPal Breach Claims
In this episode of Cybersecurity Today, host Jim Love covers a range of recent cybersecurity incidents. A major privacy failure has hit Elon Musk's Grok chatbot, exposing over 370,000 private conversations with sensitive information. Microsoft's recent security update has caused ... Show More
9m 9s
Recommended Episodes
Jul 2023
Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war.
CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovere ... Show More
32m 18s
Sep 2020
Ransomware slows down many students’ return to school, even virtually. Hacking gamers. Patch Tuesday. Notes on election security from CISA.
Back to school time for everyone...or it would be, if it weren’t for all that ransomware. The sad criminal underworld stealing from online gamers. Notes on Patch Tuesday. Joe Carrigan considers digital comfort zones. Our guest is Sandra Wheatley from Fortinet with key findings fr ... Show More
23m 7s
Aug 2024
A health bot’s security slip-up.
Researchers at Tenable uncovered severe vulnerabilities in Microsoft’s Azure Health Bot Service. Scammers use deepfakes on Facebook and Instagram. Foreign influence operations target the Harris presidential campaign. An Idaho not-for-profit healthcare provider discloses a data br ... Show More
31m 24s
Jun 9
White House reboots cybersecurity priorities.
A new White House executive Order overhauls U.S. cybersecurity policy. The EU updates its “cybersecurity blueprint”. The Pentagon’s inspector general investigates Defense Secretary Hegseth’s Signal messages. Chinese hackers target U.S. smartphones. A new Mirai botnet variant drop ... Show More
36m 12s
Jan 2025
A new Mirai-based botnet.
Researchers ID a new Mirai-based botnet. Android devices get their first round of updates for the new year. Criminals exploit legitimate Apple and Google services in sophisticated voice phishing attacks. Japan attributes over 200 cyberattacks to the Chinese hacking group MirrorFa ... Show More
32m 9s
Sep 2024
UK’s newest cybersecurity MVPs.
The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More
34m 29s
Feb 2025
Hacked in plain sight.
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vuln ... Show More
30m 56s
Jul 2024
Cybersecurity snow day.
A Crowdstrike update takes down IT systems worldwide. A U.S. District Court judge dismissed most charges against SolarWinds. Sophos examines the ransomware threat to the energy sector. European web hosting companies suspend Doppelgänger propaganda. An Australian digital prescript ... Show More
37m 45s
Jan 2025
Bolstering the digital shield.
President Biden issues a comprehensive  cybersecurity executive order. Updates on Silk Typhoon’s US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis br ... Show More
34m 37s
Jan 2025
Massive malware cleanup.
The FBI deletes PlugX malware from thousands of U.S. computers. Researchers uncover vulnerabilities in Windows 11 allowing attackers to bypass protections and execute code at the kernel level. A look at (a busy) Patch Tuesday. Researchers uncovered six critical vulnerabilities in ... Show More
35m 35s
Listen to millions of songs and podcasts on Anghami