Staples Slips Up On Data Removal

Cybersecurity Challenges: Data Privacy Failures, AI Risks, and New Malware Threats

In this episode of Cybersecurity Today, host David Shipley covers a range of pressing issues. The discussion kicks off with Staples Canada reselling laptops without wiping customer data, highlighting loopholes in Canada's privacy laws. Next, David delves into a new class of attacks known as 'Reprompt' that target Microsoft Co-pilot, exposing vulnerabilities in large language models. The episode also explores a critical flaw in ServiceNow's virtual agent that allowed attackers to impersonate legitimate users, emphasizing the importance of robust identity verification. Lastly, a newly discovered advanced Linux malware framework designed for cloud environments is dissected, pointing to evolving threats that leverage customer mistakes. The episode concludes with a call to address these problems through better people, processes, and cultural practices.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.

You can find them at Meter.com/cst

00:00 Introduction and Sponsor Message 00:48 Staples' Privacy Lapse: A Recurring Issue 03:03 Microsoft Co-pilot Vulnerability: Reprompt Attack 05:22 ServiceNow's AI Vulnerability: Authentication Gaps 07:02 Advanced Linux Malware: A Cloud-First Threat 08:46 Conclusion and Key Takeaways 09:37 Closing Remarks and Sponsor Acknowledgment