logo
episode-header-image
Sep 8
12m 7s

Hackers Say Thanks For Lousy Security In...

Jim Love
About this episode

Cybersecurity Today: Ghost Action Campaign, SalesLoft Breach, AI Vulnerabilities, and Restaurant Security Flaws

Host David Shipley discusses the latest in cybersecurity, including the Ghost Action Campaign which compromised over 3000 secrets from GitHub repositories, the SalesLoft breach affecting major cybersecurity and SaaS firms, and new research showing how large language model chatbots like GPT-4 can be manipulated easily. Additionally, ethical hackers uncover significant vulnerabilities in the digital platforms of Restaurant Brands International. The episode emphasizes the importance of securing the software development ecosystem and maintaining robust social engineering defenses.

00:00 Introduction and Headlines
00:32 GitHub Supply Chain Attack: Ghost Action Campaign
02:51 SalesLoft Breach: A Deep Dive
05:01 The Summer of Salesforce Attacks
07:19 Manipulating AI: New Research Insights
09:14 Restaurant Brands International: Security Flaws Exposed
11:21 Conclusion and Sign-Off

Up next
Today
AI Tools Lead Corporate Data
North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn s ... Show More
8m 20s
Oct 6
Sora 2 Unveiled To Mixed Reviews
Emerging AI, Google Updates, and Falling Satellites: A Tech Rundown In this episode of hashtag Trending, host Jim Love discusses the latest developments in AI and tech. Open AI's new app Sora 2 promises revolutionary video generation capabilities, but early reviews are mixed with ... Show More
9m 51s
Yesterday
AI Browser Steals Data
AI Browsers Turn Rogue, Discord Data Breach, and Surge in Palo Alto Scans In this episode of Cybersecurity Today, host David Shipley discusses several significant cybersecurity concerns. Firstly, researchers at Layer X have uncovered a flaw in the Perplexity Comet AI browser that ... Show More
10m 55s
Recommended Episodes
Aug 15
Media server mayday.
Plex urges users to immediately update their Media Server due to an undisclosed security flaw. Cisco warns of a critical remote code execution flaw in their Secure Firewall Management Center software.Rockwell Automation discloses multiple critical and high-severity flaws. Hackers ... Show More
29m 33s
Sep 2024
UK’s newest cybersecurity MVPs.
The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More
34m 29s
Jan 2025
Hacking the bureau.
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulne ... Show More
40m 16s
Jan 2025
Biden’s final cyber order tackles digital weaknesses.
The Biden administration is finalizing an executive order to bolster U.S. cybersecurity. Ivanti releases emergency updates to address a critical zero-day vulnerability. A critical vulnerability is discovered in Kerio Control firewall software. Palo Alto Networks patches multiple ... Show More
30m 37s
May 2025
BEAR-ly washed and dangerous.
“Laundry Bear” airs dirty cyber linen in the Netherlands. AI coding agents are tricked by malicious prompts in a Github MCP vulnerability.Tenable patches critical flaws in Network Monitor on Windows. MathWorks confirms ransomware behind MATLAB outage. Feds audit NVD over vulnerab ... Show More
35m 43s
Aug 2024
Almost letting hackers rule the web.
A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart car ... Show More
32m 7s
Jul 2023
New phishing campaigns hit Microsoft 365 and Adobe users. Big Head ransomware. Multichain bridge compromised. CISA adds a KEV. Progress patches MOVEit. Telegram's role in Russia's war.
New phishing campaigns afflict users of Microsoft 365 and Adobe. An analysis of Big Head ransomware. Multichain reports a crypto heist with over $100 million stolen. CISA makes an addition to the Known Exploited Vulnerability Catalog. Progress Software issues additional MOVEit pa ... Show More
31m 15s
Feb 2025
Hacked in plain sight.
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vuln ... Show More
30m 56s
Feb 2025
PAN-ic mode: The race to secure PAN-OS.
Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commission ... Show More
35m 23s
Aug 18
Workday’s bad day.
HR software giant Workday discloses a data breach. Researchers uncover a zero-day in Elastic’s EDR software. Ghost-tapping is an emerging fraud technique where cybercriminals use NFC relay attacks to exploit stolen payment card data. Germany may be on a path to ban ad blockers. A ... Show More
26m 56s
Listen to millions of songs and podcasts on Anghami