logo
episode-header-image
Jan 2025
10m 5s

Cybersecurity Today: Browser Exploits, U...

Jim Love
About this episode

In this episode, we delve into the latest cybersecurity threats and developments. We cover a new double click exploit that bypasses browser protections and a massive compromise affecting millions of Chrome users through infected extensions. Additionally, we discuss the U.S. Treasury hack linked to Chinese state-sponsored hackers and how CrowdStrike rebounded from the largest IT outage in history. Join host Jim Love to explore these critical issues and understand the implications for both users and organizations.

00:00 Introduction and Headlines 00:25 Browser Exploits: Double Click and Extensions 03:24 U.S. Treasury Breach Linked to Chinese Hackers 06:03 CrowdStrike's Comeback After Major IT Outage 09:43 Conclusion and Final Thoughts

Up next
Yesterday
From CVE To Cyber Attack In Minutes With AI: Cybersecurity Today
Host David Shipley explores the latest in cybersecurity, including the rapid development of AI-generated exploits for critical vulnerabilities, record-high searches of digital devices at US borders, and a fired developer jailed for sabotaging his former employer. Additionally, th ... Show More
8m 26s
Aug 23
The Evolving Landscape of Cybersecurity Training: Effective Strategies and Misleading Headlines
In this episode of Cybersecurity Today, host Jim Love explores the complex dynamics of cybersecurity training with guests Michael Joyce and David Shipley. They discuss the importance of continuous awareness and the temporal decay of training effects. The conversation highlights t ... Show More
1h 22m
Aug 22
Cybersecurity Today: Massive Data Exposures, Microsoft Failures, and PayPal Breach Claims
In this episode of Cybersecurity Today, host Jim Love covers a range of recent cybersecurity incidents. A major privacy failure has hit Elon Musk's Grok chatbot, exposing over 370,000 private conversations with sensitive information. Microsoft's recent security update has caused ... Show More
9m 9s
Recommended Episodes
Jan 2025
A breach in the U.S. Treasury.
Chinese hackers breach the U.S. Treasury Department. At least 35 Chrome extensions are compromised. Federal authorities arrest a U.S. Army soldier over accusations of sensitive data stolen from AT&T and Verizon. A misconfigured Amazon cloud server exposes sensitive data from over ... Show More
36m 12s
Jan 2025
China’s shadow over U.S. telecom networks.
New reports shed light on both Volt and Salt Typhoons. Tenable updates faulty Nessus Agents and resumes plugin updates. A new infostealer campaign targets gamers on Discord. A fake version of a popular browser extension has been discovered stealing login credentials and conductin ... Show More
32m 41s
Aug 2024
Almost letting hackers rule the web.
A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart car ... Show More
32m 7s
Jun 9
White House reboots cybersecurity priorities.
A new White House executive Order overhauls U.S. cybersecurity policy. The EU updates its “cybersecurity blueprint”. The Pentagon’s inspector general investigates Defense Secretary Hegseth’s Signal messages. Chinese hackers target U.S. smartphones. A new Mirai botnet variant drop ... Show More
36m 12s
Dec 2024
OpenAI's for-profit plan includes a PBC, Hackers injected malicious code into several Chrome extensions, and Apple just dropped 8 minutes of Severance season 2
OpenAI's for-profit plan includes a public benefit corporation which would strip the company's non-profit of its oversight role, Hackers injected malicious code into several Chrome extensions in a recent attack, and Apple just dropped the first eight minutes of Severance season t ... Show More
7m 28s
Apr 2025
When fake fixes hide real attacks.
Adversary nations are using ClickFix in cyber espionage campaigns. Japan’s Financial Services Agency issues an urgent warning after hundreds of millions in unauthorized trades. The critical Erlang/OTP’s SSH vulnerability now has public exploits. A flawed rollout of a new Microsof ... Show More
31m 36s
Jun 20
A blast from the breached past.
An historic data breach that wasn’t. Aflac says it stopped a ransomware attack. Cloudflare thwarts a record breaking DDoS attack. Mocha Manakin combines clever social engineering with custom-built malware. The Godfather Android trojan uses a sophisticated virtualization technique ... Show More
31m 43s
Dec 2024
Buckets of trouble.
Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency ... Show More
37m 20s
Jan 2025
A cute cover for a dangerous vulnerability. [Research Saturday]
Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit ... Show More
24m 44s
Oct 2018
Busy Bears, again. Mixing IT and OT is a risky business. New Android Trojan. Supply chain seeding attack updates. Facebook purges more "inauthentic" accounts. Data privacy. Cyber sanctions.
In today's podcast we hear that Ukraine says it's under cyberattack, again. ESET connects Telebots and BlackEnergy. Port hacks suggest risks of mixing IT and OT. Talos finds a new Android Trojan. Skepticism over Chinese supply chain seeding attack report continues. Facebook purge ... Show More
25m 44s
Listen to millions of songs and podcasts on Anghami