In this episode, the host shares a pre-recorded favorite interview with David Decary-Hetu, a criminologist at the University of Montreal. They discuss the dark web, its technology, and its role in cybercrime. Decary-Hetu explains how the dark web operates, its users, and the dynamics between researchers and law enforcement in tackling cyber threats. Key topics include the economics of illicit markets, the cat-and-mouse game between law enforcement and criminals, the role of cryptocurrencies, and the evolution of cyber threats. The episode offers insights into the social aspects of cybercrime and the measures being taken to combat it.

00:00 Introduction and Sponsor Message
00:52 Understanding the Dark Web
02:16 Interview with David Decary-Hetu
05:10 The Basics of the Dark Web
06:27 Technology Behind the Dark Web
14:49 Law Enforcement Challenges
21:50 Trust and Transactions on the Dark Web
23:45 Recruitment and Structure of Cybercriminals
26:42 Cultural Dynamics in Hacking Communities
27:32 Researching the Impact of Technology on Crime
29:01 Challenges in Policing the Dark Web
30:12 The Role of Social Engineering in Cybercrime
31:18 Law Enforcement Strategies and Conditional Deterrence
32:09 The Evolution of Cybercrime and Cryptocurrency
41:24 Legal and Ethical Considerations in Cybercrime
43:47 Advice for Policymakers and Corporations
48:44 Educational Resources and Conferences
50:57 Conclusion and Final Thoughts

Cybersecurity Today: MongoDB Vulnerability 'Mongo Bleed' Exploited, Rainbow Six Siege Hacked, Trust Wallet Compromise, and GrubHub Crypto Scams

In this episode of Cybersecurity Today, David Shipley covers significant cybersecurity incidents that occurred over the holiday period. The major topics include the 'Mongo Bleed' vulnerability in MongoDB that was disclosed and then publicly exploited on Christmas Day, leading to potential data leaks. Ubisoft's Rainbow Six Siege faced a breach enabling attackers to manipulate in-game functions and distribute billions worth of in-game currency for free. Trust Wallet's browser extension was compromised, resulting in a loss of approximately $7 million in cryptocurrencies. Finally, a phishing scam using a legitimate GrubHub subdomain to promise fake Bitcoin rewards was also discussed. Immediate actions and preventive updates were highlighted for all these incidents.

00:00 Introduction and Sponsor Message
00:48 Mongo Bleed Vulnerability Exploit
04:10 Rainbow Six Siege Breach
08:13 Trust Wallet Extension Hack
10:30 GrubHub Bitcoin Scam
12:02 Conclusion and Sign-Off

This is an interview with former hacker Brian Black. Brian is now on the right side of the battle and bringing his skills to to the fight against hackers. He finds the weaknesses in corporate security so that it can be patched.

This was one of my favourite interviews this year. Listening to what Brian has learned and understanding how we can use that knowledge and experience kept me on the edge of my seat.

Once more I want to thank Meter for making this possible. Visit them at meter.com/cst

Jim takes a break for some R&R during the holidays and shares his favorite podcast episodes from the year. He acknowledges that some listeners might have heard these episodes already, while others may find them new. The podcast's production is supported by Meter, a company providing integrated networking solutions. Additionally, support from listeners through the Buy Me a Coffee program has helped sustain the shows and expand their content offerings. Jim thanks Meter and the listeners, wishing everyone a Merry Christmas and a Happy New Year.

00:00 Introduction and Holiday Plans
00:33 Sponsor Acknowledgment
01:08 Support and Growth
01:55 Final Thoughts and Episode Introduction

Over the holidays we are rerunning some of our favourite episodes. This one first aired this summer and was one of my first conversations with the fascinating head of Operation Shamrock.

We'll be back with regular programming on January 5th.

Global Cybercrime Crackdowns and Rising Threats

This episode of 'Cybersecurity Today' hosted by David Shipley covers significant cybersecurity news. Nigerian police arrested three suspects linked to a Microsoft 365 phishing platform known as Raccoon O365. U.S. prosecutors charged 54 individuals in an ATM malware scheme tied to a Venezuelan criminal organization. Two incident responders pleaded guilty to conducting ransomware attacks while employed to help victims of such attacks. Denmark officially blamed Russia for a cyber attack on a water utility, exacerbating geopolitical tensions. Each segment highlights the intricate and international nature of modern cybercrime and the ongoing challenges in cybersecurity.

00:00 Introduction and Sponsor Message
00:20 Nigerian Police Arrest Phishing Suspects
03:28 US ATM Malware Scheme Uncovered
05:46 Insider Ransomware Attackers Plead Guilty
08:21 Denmark Blames Russia for Cyber Attack
11:08 Conclusion and Holiday Wishes
12:20 Sponsor Message and Closing

Cybersecurity Today brings you a special year-end episode, featuring noteworthy guests Tammy Harper from Flare, Laura Payne from White Tuque, David Shipley from Beauceron Security, and John Pinard, co-host of Project Synapse. This episode delves into the pivotal cybersecurity stories of 2025, including a detailed discussion on MFA phishing attacks, the effectiveness of cybersecurity training, and the troubling trends in ransomware payments. Also covered are the evolving roles of AI in both defending and perpetrating cyber crimes. The guests share their insights, hopes, and concerns for the industry's future, emphasizing the importance of awareness, empathy, and community. Tune in as they reflect on the past year's challenges and successes, and look forward to more resilient and innovative cybersecurity practices in 2026.

00:00 Introduction and Sponsor Message
00:20 Meet the Panelists
01:30 Reflecting on the Year: Achievements and Goals
02:08 Naughty and Nice: Cybersecurity Challenges
03:44 The Rise of Fake Torrents and Piracy
07:07 Ransomware and Data Extortion Trends
18:00 The Importance of Multi-Factor Authentication (MFA)
26:15 The Persistent Threat of Email Phishing
27:24 AI Vulnerabilities and Security Concerns
28:18 The Role of AI in Social Engineering
29:07 The Impact of AI on Cybersecurity
31:15 The Future of AI and Security Measures
34:40 The Human Element in Cybersecurity
39:49 Hopes and Predictions for the Future
45:33 Final Thoughts and Reflections

Cybersecurity Today: Cisco Zero Day Exploited & Maritime Cyber Attack Unfolds

In this episode of Cybersecurity Today, host David Shipley discusses a series of critical cybersecurity incidents, including the exploitation of a zero-day flaw in Cisco email security infrastructure by a China-linked group, a Hollywood-style attack on an Italian ferry involving remote access malware, and a new data theft spree by the ClOP ransomware gang targeting file-sharing servers. Shipley also highlights the broader implications of cybersecurity on physical safety and national security. This episode is brought to you by Meter, a complete networking stack provider for enterprises.

00:00 Introduction and Sponsor Message
00:20 Massive Patch List and Zero-Day Flaw in Cisco
03:41 Latvian Arrested in Italian Ferry Cyberattack
06:31 ClOP Ransomware Gang's New Target
08:54 Conclusion and Upcoming Episodes