logo
episode-header-image
Jun 2025
10m 51s

Emergency Patches, Ransomware Exposes, a...

Jim Love
About this episode

In this episode of Cybersecurity Today, host Jim Love discusses the latest urgent security updates and cyber threats. Google has released an emergency Chrome patch to fix a high-severity zero-day vulnerability, while Microsoft issued an emergency patch to resolve Windows 11 boot failures caused by their May 2025 update. A mysterious whistleblower known as 'Gang Exposed' is doxing major ransomware leaders, providing invaluable intelligence for global cybersecurity efforts. Additionally, 'Quishing,' or QR code phishing, is emerging as a new threat, with cybercriminals taping malicious QR codes on public lampposts and street corners. This trend bypasses traditional digital defenses, underscoring the need for public awareness and vigilance. The episode emphasizes the importance of immediate updates, informed vigilance, and proactive cybersecurity measures.

00:00 Emergency Chrome Patch and Windows 11 Boot Fix
00:28 Google's Zero-Day Vulnerability in Chrome
02:28 Microsoft's Emergency Update for Windows 11
05:35 Gang Exposed: Unmasking Ransomware Leaders
07:55 Quishing: The New QR Code Phishing Threat
10:22 Conclusion and Viewer Engagement

Up next
Jun 2024
Cyber Security Today, June 14, 2024 - Employee downloaded file that led to hospital chain's ransomware attack
This episode reports on the latest ransomware news, another North Korean threat actor putting  malicious packages on the NPM registry, vulnerabilities in some open source AI apps, and more 
7m 52s
Jun 2024
Cyber Security Today, June 3, 2024 - Four cloud-related data breaches
This episode reports on confirmation of cyber attacks on Ticketmaster, Santander bank, a Canadian broadcaster, and more 
7m 37s
May 2024
Cyber Security Today, May 27, 2024 - Security controversy over a new Microsoft tool, a new open source threat intelligence service
This episode reports on fake antivirus web sites to stay away from, and more 
6m 14s
Recommended Episodes
Jul 2023
New phishing campaigns hit Microsoft 365 and Adobe users. Big Head ransomware. Multichain bridge compromised. CISA adds a KEV. Progress patches MOVEit. Telegram's role in Russia's war.
New phishing campaigns afflict users of Microsoft 365 and Adobe. An analysis of Big Head ransomware. Multichain reports a crypto heist with over $100 million stolen. CISA makes an addition to the Known Exploited Vulnerability Catalog. Progress Software issues additional MOVEit pa ... Show More
31m 15s
Aug 15
Media server mayday.
Plex urges users to immediately update their Media Server due to an undisclosed security flaw. Cisco warns of a critical remote code execution flaw in their Secure Firewall Management Center software.Rockwell Automation discloses multiple critical and high-severity flaws. Hackers ... Show More
29m 33s
Sep 2020
Ransomware versus shipping, hospitals, and schools. Cyberattacks’ growing sophistication. An interim rule enables implementation of the US Defense Department’s CMMC program.
Three (count ‘em) three big ransomware attacks are in progress. One of them has moved into its doxing phase. Microsoft resolves authentication problems that briefly disrupted services yesterday. Tracking trends in cyberattacks--the sophistication seems to lie in the execution. Th ... Show More
24m 33s
Feb 2025
Hacked in plain sight.
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vuln ... Show More
24m 56s
Feb 2025
PAN-ic mode: The race to secure PAN-OS.
Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commission ... Show More
29m 23s
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
Dec 2024
When AI goes offline.
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophistica ... Show More
27m 10s
May 2019
Stone Panda update. A new strain of Mirai. Bogus cryptocurrency apps are trending in Google Play. Mr. Assange is charged under the Espionage Act. Info ops. Law firms as phishbait.
Stone Panda is distributing the Quasar RAT. A new strain of Mirai is out. Bitcoin prices are up, and so is the incidence of malicious cryptocurrency apps in Google Play. The US charges Wikileaks’ Julain Assagne with seventeen new counts under the Espionage Act. UK political parti ... Show More
27m 11s
Jul 2022
Espionage and cyberespionage. Albania's national IT networks work toward recovery. Malicious apps ejected from Google Play. White House summit addresses the cyber workforce. Notes on cybercrime.
A Cozy Bear sighting. Shaking up Ukraine's intelligence services. Albania's national IT networks continue to work toward recovery. US Justice Department seizes $500k from DPRK threat actors. The FBI warns of apps designed to defraud cryptocurrency speculators. A White House meeti ... Show More
29m 6s
Aug 18
Workday’s bad day.
HR software giant Workday discloses a data breach. Researchers uncover a zero-day in Elastic’s EDR software. Ghost-tapping is an emerging fraud technique where cybercriminals use NFC relay attacks to exploit stolen payment card data. Germany may be on a path to ban ad blockers. A ... Show More
26m 56s
Listen to millions of songs and podcasts on Anghami