logo
episode-header-image
Dec 2024
21m 15s

Watching the watchers. IoT vulnerabiliti...

N2K Networks
About this episode

This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift.

The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Yesterday
Chinese hackers serve up espionage.
Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an allege ... Show More
32m 4s
Oct 7
Critical GoAnywhere bug fuels ransomware wave.
Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based visi ... Show More
32m 23s
Oct 6
Oracle zero-day serves up persistent access.
A critical zero-day in Oracle E-Business Suite is under active exploitation. ICE plans a major expansion of its social media surveillance operations. Discord confirms a third-party data breach. A critical vulnerability in the Unity game engine could allow arbitrary code execution ... Show More
23m 47s
Recommended Episodes
Feb 2025
DeepSeek: The Game-Changer in AI and the Impact on Cybersecurity
In this episode of Cybersecurity Today, host Jim Love dives deep into the latest advancements in AI technology with a focus on the new open-source model, DeepSeek, from China. Love discusses the significant cost differences in training and running this model compared to competito ... Show More
48m 19s
Sep 6
From CVE To Cyber Attack In Minutes With AI: Cybersecurity Today
The Future of Cybersecurity: AI, Exploits, and the CVE Database In this special crossover episode of Cybersecurity Today and Hashtag Trending, the hosts explore the use of artificial intelligence (AI) in cybersecurity. The conversation begins with an overview of the ongoing 'arms ... Show More
31m 51s
Jan 2025
DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025
Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn ... Show More
9m 20s
Mar 2025
New Ransomware As A Service Threats: Cyber Security Today for March 10, 2025
This episode also covers recent ransomware as a service (RaaS) trends, including the rise of SpearWing and Akira groups, advanced ransomware techniques exploiting IoT vulnerabilities, and issues with the ESP32 microcontroller's hidden commands. Additionally, Signal President Mere ... Show More
10m 19s
Jan 2025
DeepSeek - New AI Disruptor Gets Hit With Cyber Attack: Cyber Security Today for Wednesday, January 29, 2025
Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cyberse ... Show More
5m 17s
Jul 9
AI Threats, Enterprise Security, and Google's Confusing Gemini Release: Cybersecurity Today
In this episode of 'Cybersecurity Today,' host Jim Love discusses the recent deep fake attack on high-ranking US government officials using AI voice cloning technology. The conversation highlights the growing ease and risks of AI-generated impersonations. The episode also covers ... Show More
12m 57s
Jul 28
Amazon AI Tool Hacked, Scattered Spider Attacks VMware, and Major Ransomware Takedown | Cybersecurity Today
In this episode of Cybersecurity Today, host David Shipley covers several key incidents impacting the cybersecurity landscape. Amazon's generative AI coding assistant 'Q' was compromised by a hacker who injected data-wiping code into the tool's GitHub repository. Scattered Spider ... Show More
11m 9s
Listen to millions of songs and podcasts on Anghami