logo
episode-header-image
Jul 28
11m 9s

Amazon AI Tool Hacked, Scattered Spider ...

Jim Love
About this episode

In this episode of Cybersecurity Today, host David Shipley covers several key incidents impacting the cybersecurity landscape. Amazon's generative AI coding assistant 'Q' was compromised by a hacker who injected data-wiping code into the tool's GitHub repository. Scattered Spider, a notorious cybercrime group, continues its malware attacks on VMware ESXI hypervisors using advanced social engineering techniques. In a significant enforcement action, global law enforcement dismantled the Black Suit ransomware infrastructure under Operation Checkmate. Lastly, Insurance Giant Allianz Life revealed a data breach affecting its US customer base. Stay tuned to understand the latest threats and protective measures in cybersecurity.

00:00 Introduction and Headlines
00:30 Amazon AI Coding Tool Breach
03:07 Scattered Spider's VMware ESXI Attacks
06:44 Operation Checkmate: Black Suit Ransomware Takedown
08:16 Alliance Life Insurance Data Breach
10:25 Conclusion and Call to Action

Up next
Today
Cybersecurity Alerts: Black Hat Exposes AI and Firmware Vulnerabilities
In this episode, host Jim Love thanks listeners for their support of his book 'Elisa, A Tale of Quantum Kisses,' which is available for 99 cents on Kindle. The show then dives into pressing cybersecurity issues discussed at Black Hat USA, including vulnerabilities in AI assistant ... Show More
11m 54s
Aug 6
Cybersecurity Threats and Trends: From North Korean Spies to AI-Driven Attacks
In this episode, host Jim Love explores a variety of pressing cybersecurity threats and developments. The episode begins with an invitation for listeners to share their summer reading choices. The main content highlights include North Korean operatives infiltrating US companies t ... Show More
11m 55s
Aug 4
Cybersecurity Today: Hamilton's Ransomware Crisis and Emerging AI and OAuth Threats
In this episode of 'Cybersecurity Today,' host David Chipley discusses several major security incidents and threats. Hamilton, Ontario faces a $5 million insurance denial following a ransomware attack due to incomplete deployment of Multi-Factor Authentication (MFA). The episode ... Show More
9m 46s
Recommended Episodes
May 2023
Babuk resurfaces for criminal inspiration. Alert on PaperCut vulnerability exploitation. Too many bad bots. Phishing-as-a-service in the C2C market. KillNet's PMHC regrets.
Babuk source code provides criminal inspiration. CISA and FBI release a joint report on PaperCut. There are more bad bots out there than anyone would like. Phishing-as-a-service tools in the C2C market. CISA’s Eric Goldstein advocates the adoption of strong controls, defensible n ... Show More
27m 30s
Sep 2024
UK’s newest cybersecurity MVPs.
The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More
34m 29s
Aug 2024
A health bot’s security slip-up.
Researchers at Tenable uncovered severe vulnerabilities in Microsoft’s Azure Health Bot Service. Scammers use deepfakes on Facebook and Instagram. Foreign influence operations target the Harris presidential campaign. An Idaho not-for-profit healthcare provider discloses a data br ... Show More
31m 24s
Jan 2025
Bolstering the digital shield.
President Biden issues a comprehensive  cybersecurity executive order. Updates on Silk Typhoon’s US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis br ... Show More
34m 37s
Jul 2023
Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war.
CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovere ... Show More
32m 18s
Jun 20
A blast from the breached past.
An historic data breach that wasn’t. Aflac says it stopped a ransomware attack. Cloudflare thwarts a record breaking DDoS attack. Mocha Manakin combines clever social engineering with custom-built malware. The Godfather Android trojan uses a sophisticated virtualization technique ... Show More
31m 43s
Jan 2025
A new Mirai-based botnet.
Researchers ID a new Mirai-based botnet. Android devices get their first round of updates for the new year. Criminals exploit legitimate Apple and Google services in sophisticated voice phishing attacks. Japan attributes over 200 cyberattacks to the Chinese hacking group MirrorFa ... Show More
32m 9s
Dec 2024
Watching the watchers. IoT vulnerabilities exposed by AI. [Research Saturday]
This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected ... Show More
21m 15s
Dec 2024
Buckets of trouble.
Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency ... Show More
37m 20s
Aug 2024
From screen share to spyware.
Threat actors use a malicious Pidgin plugin to deliver malware. The BlackByte ransomware group is exploiting a recently patched VMware ESXi  vulnerability. The State Department offers a $2.5 million reward for a major malware distributor. A Swiss industrial manufacturer suffers a ... Show More
33m 35s
Listen to millions of songs and podcasts on Anghami