Cybersecurity Today

Cybersecurity Today Month in Review: Iran Conflict Cyber Spillover, IoT Cameras, AI Hacking Tools, and Resilience Planning
In this weekend month-in-review episode, host Jim Love and panelists David Shipley, Laura Payne, Neil Bisson, and Chris "CJ" Johnson discuss cyber and infrastructure impacts tied to the US/Israel–Iran conflict, including reported compromise of traffic camera networks for targeting, Iran's defensive internet shutdown, propaganda via a hacked prayer app, and GPS/AIS spoofing that misdirected ships in the Strait of Hormuz, raising oil and helium supply-chain concerns. They warn of potential Iranian retaliation via DDoS, ransomware, and critical infrastructure attacks (especially water/OT), amplified by insecure IoT and camera vulnerabilities (e.g., Hikvision). The group critiques weakened government cyber capabilities (including CISA turmoil and CVE program risk), highlights AI-enabled attack automation (CyberStrike AI) shrinking time-to-exploit, and stresses practical resilience planning, including protecting AI API keys after an $82,000 billing incident and noting a law-enforcement takedown of LeakBase.
Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Sponsor Message Meter
00:18 Meet the Panel
01:41 MSPs and Security Assumptions
03:36 War and Cyber Spillover
06:52 Iran Internet Shutdown Explained
08:27 GPS Spoofing in Strait
10:32 Retaliation Risks to West
17:02 IoT Cameras as Targets
18:56 What IT Providers Should Do
22:03 Who Should Worry Most
26:18 Regulation and IoT Standards
28:58 Supply Chain and State Actors
31:36 CISA and CVE Turmoil
35:53 Ring Backlash and Big Tech
37:43 OpenAI Alerts and Privacy
39:25 AI Cultural Blind Spots
40:05 Therapy Duty to Report
41:17 Licensing AI Advice
42:16 Data Centers Under Fire
43:59 Continuity Without Claude
45:05 Power Grid Reality Check
46:47 MSPs and AI Dependence
49:58 Hype Versus Security Markets
51:02 CyberStrike AI Tooling
56:37 Nation State Plausible Deniability
59:58 Exploit Speed and Software Debt
01:03:37 Practical Tips and Wrap Up

Wikipedia JavaScript Worm, ICE Contractor Data Leak Claim, and Leak Base Takedown
Wikipedia admins contained a self-propagating JavaScript worm that spread via infected user script files, executing in logged-in editors' browsers and using authenticated sessions to copy itself into other scripts, sometimes affecting global scripts; administrators restricted edits, reverted and suppressed changes, replaced compromised scripts, and continue investigating the originating account. 
A hacktivist group calling itself the Department of Peace claims it leaked records tied to DHS's Office of Industry Partnership involving 6,681 organizations that applied for ICE-related contracts, releasing the dataset via Distributed Denial of Secrets, while DHS has not confirmed the breach or data authenticity. 
Finally, the FBI, Europol, and partners dismantled the Leak Base cybercrime forum, seized its database, conducted arrests and searches, and warned suspects through the forum's channels.
Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Sponsor Message
00:19 Headlines Intro
00:42 Wikipedia Worm Attack
01:19 How The Worm Spread
02:08 Containment And Lessons
02:53 Hacktivists Leak ICE Data
04:47 Leak Base Takedown
06:10 Database Seizure Fallout
07:12 Wrap Up And Weekend Preview
07:30 Sponsor Closing

AI-Driven Warfare, Open-Source Attack Tooling, CISA Shakeups, Healthcare Ransomware, and GPS Jamming Risks
Host David Shipley covers reports that hacked Tehran traffic cameras and an AI-powered targeting system helped a joint U.S.-Israeli operation ("Epic Fury") track and strike Iran's leadership, highlighting the growing role of compromised infrastructure and AI in modern conflict. Researchers also link the open-source toolkit Cyber Strike AI to automated attacks against Fortinet FortiGate devices, compromising over 600 systems across 55 countries and raising concerns about proliferating offensive AI tools. At CISA, CIO Robert Costello resigns amid leadership turmoil and staffing challenges. Healthcare ransomware disruptions include a University of Hawaii Cancer Center breach affecting nearly 1.2 million people and a major attack on the University of Mississippi Medical Center that shut clinics and disrupted Epic EMR access. Finally, GPS/AIS jamming and spoofing in the Middle East threatens shipping safety and global trade.
Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Sponsor Message
00:17 Headlines Overview
00:48 Epic Fury AI Warfare
04:12 Cyber Strike AI Toolkit
07:06 CISA CIO Resignation
09:06 Hawaii Cancer Center Breach
11:27 UMMC Ransomware Shutdown
13:53 GPS Jamming Shipping Risk
16:33 Wrap Up And Sponsor

OpenClaw AI Agent Hijack, CISA Leadership Shakeup, Iran Cyber Campaign, Air-Gap Malware, and Robot Vacuum Flaw
Jim Love covers multiple cybersecurity stories: Oasis Security revealed "ClawJacked," a high-severity OpenClaw AI agent framework flaw caused by missing rate limiting on the local gateway, enabling malicious web pages to brute-force passwords via WebSockets, register a trusted device, and take over agents; OpenClaw patched it within 24 hours and users are urged to update to version 2020 6.2 0.25 and tighten governance for non-human identities. CISA sees a leadership change as acting director Madhu Gottumukkala steps down amid criticism and reports he uploaded sensitive contracting documents to public ChatGPT and canceled key security tool contracts; Nick Anderson becomes acting director. The episode also discusses a coordinated cyber campaign alongside US/Israeli operations against Iran and risks of Iranian retaliation against exposed US critical infrastructure, North Korea's Scarcruft using "Ruby Jumper" to bridge air-gapped networks via USB, and a DJI Romo robot vacuum MQTT flaw that exposed control and camera access across 7,000 devices before being patched.
00:00 Sponsor Message Meter
00:19 Headlines And Intro
00:46 Claw Jacked AI Agents
02:21 CISA Leadership Shakeup
06:02 Cyber Front In Iran War
08:48 North Korea Air Gap Breach
10:06 Robot Vacuum Takeover
13:04 Wrap Up And Thanks

Identity, AI Agents, and the Session Token Time Bomb | Carey Frey (CSO, TELUS) on Cybersecurity Today
In this Cybersecurity Today weekend edition, David Shipley interviews Carey Frey, Chief Security Officer at TELUS, about the evolution of identity security and why it's a growing risk in the age of generative and agentic AI. Frey recounts his career from Canada's Communications Security Establishment to leading TELUS's internal security and managed cybersecurity services, then explains how convenience-driven identity decisions led from PKI's unrealized promise to passwords, bearer/session tokens, and today's widespread session cookie theft. He describes lessons from TELUS's deployment of FIDO2 phishing-resistant tokens, the dangers of long-lived SSO tokens across SaaS ecosystems, and how agentic "auto-browse" could amplify harm via the "lethal trifecta" and ephemeral agents with poor auditability. Frey highlights the Syne/SignNet CISO Identity Handbook and calls for stronger cryptographic roots of trust, proof-based tokens, re-authentication across trust domains, and fine-grained delegation guardrails.
Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Sponsor Message
00:24 Weekend Edition Intro
00:32 Meet Carey Frey
02:07 Carey's Cyber Origin Story
03:47 Telus Security Two Hats
06:22 Identity's Broken Legacy
08:43 Why PKI Didn't Win
11:25 Passkeys Missed Moment
14:10 SSO Tokens Surprise
19:50 Session Theft Reality
23:18 Agentic AI Stakes
24:17 Building Identity Playbook
25:24 Identity Maturity Model
25:49 Fixing OAuth and SAML
27:00 Industry Call to Action
27:37 Where to Find the Handbook
28:06 Not a Vendor Pitch
30:13 Agentic AI Identity Gaps
31:30 Auto Browse Threat Scenario
33:12 Lethal Trifecta Explained
34:31 Ephemeral Agents and Forensics
37:08 Supply Chain Agent Malware
38:20 Crypto Roots of Trust
39:35 Proof Tokens and Reauth
40:17 Delegation Guardrails
42:34 Regulation or Market Forces
44:25 Practical Risk Decisions
46:20 Wrap Up and Next Resources
48:00 Sponsor and Closing Credits