Cybersecurity Today

Cybersecurity Today: Google Chrome's AI Safety Plan, React2Shell Fixes, & New Ransomware Tactics In this episode of Cybersecurity Today, host Jim Love discusses Google's new security blueprint for AI-powered Chrome agents, highlighting measures against indirect prompt injections and model errors. Learn about Next JS's new tool for addressing the critical React2Shell vulnerability and the emerging threat from Storm 0249 using EDR tools for ransomware. The episode also covers new data showing manufacturers remain top ransomware targets. Sponsored by Meter. 00:00 Introduction and Sponsor Message 00:22 Google's New Security Plan for Chrome Agents 03:41 Next JS Scanner for React2Shell Vulnerability 05:41 Storm 0249: Malware Hidden in EDR Tools 07:45 Ransomware Targets Manufacturing Sector 09:34 Conclusion and Final Notes

A critical React vulnerability, React2Shell, is causing waves for security experts, allowing potential remote code execution. Discover how flaws in AI coding tools could expose integrated development environments to new attacks. The podcast also covers a major ransomware breach affecting over 70 banks, highlighting the urgent need for a stronger security culture. With evolving cyber threats, the discussion emphasizes the importance of proactive measures and resilience in software supply chains.

Join David Shipley, a savvy security commentator from Beauceron Security, and Laura Payne, a nuanced threat modeler from White Tuque, as they dive into the evolving landscape of cybersecurity. They explore 'living off the land' tactics that hackers are using, the hidden dangers of public Wi-Fi, and the recent Oracle E-Business Suite breach. They also address the risks of social engineering through legitimate tools like Calendly and DocuSign. Plus, learn about vital security practices and the importance of clear communication in combating cyber threats.

A severe vulnerability in React Server Components is urging immediate patching. A long-ignored Windows shortcut flaw has now been patched after exploitation was confirmed. Evilginx phishing attacks are cleverly bypassing MFA in educational institutions. The podcast reveals 'Shady Panda,' a group that used legitimate browser extensions for years to harvest user data. Plus, a Google AI mishap resulted in a developer's hard drive being wiped clean, highlighting the risks of unchecked AI tools.

Explore the growing threat of 'living off the land' attacks, where hackers exploit legitimate Windows tools to conceal their activities. Discover the alarming trend of phishing campaigns using spoofed Calendly invites targeting Google and Meta credentials. Learn about a significant data breach at the University of Pennsylvania linked to unpatched Oracle vulnerabilities. Finally, delve into the intriguing world of AI jailbreaks, where research reveals that syntactic patterns can enable exploits in large language models.

In a gripping discussion, the rise of QR code parking scams across Europe is unveiled, raising eyebrows and caution. A recent Australian case sheds light on the dangerous evil twin WiFi attacks targeting unsuspecting travelers. The conversation takes a serious turn with the ransomware incident shutting down a critical emergency notification system. Meanwhile, vulnerabilities in Microsoft Teams' guest access pose significant risks. Additionally, the launch of hacklore.org sparks debate about the distinction between perceived myths and real-world cybersecurity threats.

Neil Bisson, a retired intelligence officer, shares insights on human intelligence recruitment and building rapport. David Shipley, CEO of Beauceron Security and phishing expert, discusses the rise of AI in social engineering tactics. They explore the psychological vulnerabilities that cyber attackers exploit, comparing phishing to intelligence operations. Listeners gain practical advice on fostering awareness, applying empathy, and recognizing deception in cybersecurity. Ethical considerations in intelligence work are also highlighted, emphasizing the importance of continuous education.

This update dives into a significant data theft affecting U.S. banks linked to a financial tech vendor. The host covers the CLOP group's exploitation of Oracle's vulnerabilities targeting Broadcom. Listeners will learn about the SteelC malware cleverly disguised in Blender 3D models, as well as the Shai-Hulud attack infiltrating NPM packages. The discussion also highlights a sophisticated phishing scam using similar domains to trick Microsoft users. Practical tips are provided to help safeguard against these threats.

A major security breach at Ascensus has US banks on alert, with the ALFV ransomware gang claiming a staggering three terabytes of stolen data. Broadcom is under attack from CLOP via vulnerabilities in Oracle’s system. In a twist, malicious Blender 3D files are now delivering stealthy SteelC malware. The JavaScript ecosystem isn't safe either, as Shai-Hulud compromises 500 NPM packages. Additionally, a deceptive phishing campaign is targeting Microsoft users with look-alike domains.

Checkout.com takes a bold stand by refusing to pay ransom to Shiny Hunters, instead channeling funds into cybersecurity research. The SEC's dismissal of the SolarWinds case sparks a debate on CISO accountability. Meanwhile, the FCC's reversal of cybersecurity mandates raises eyebrows and questions about our national security. The discussion highlights the crucial role of policy in shaping cybersecurity and urges the tech community to get involved in crafting better regulations.