Cybersecurity Today: Shadow Leak, SIM Farm Shutdown, Cisco Zero-Day, FBI Warning & Android Advanced Protection
In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity issues. Key topics include the discovery of the 'Shadow Leak' vulnerability in ChatGPT servers by Radware, the dismantling of a massive SIM farm near the United Nations by the US Secret Service, a zero-day vulnerability affecting up to 2 million Cisco devices, an FBI warning about spoofed Internet Crime Complaint Center (IC3) websites, and a reminder about enabling Advanced Protection on Android phones. The episode also includes a shoutout to Jim Love's new audiobook 'Elisa, A Tale of Quantum Kisses,' available on multiple platforms.
00:00 Introduction and Sponsor Message
00:29 Shadow Leak Hits ChatGPT Servers
02:52 Massive SIM Farm Operation Uncovered
04:44 Cisco's Zero-Day Vulnerability
06:04 FBI Warns of Spoofed Crime Reporting Sites
07:07 Android's Advanced Protection Mode
08:00 Conclusion and Call to Action
Episode Transcript
Cybersecurity today is brought to youby Elisa, a Tale of Quantum Kisses.
It's the book by your host, Jim Love.
We have a new audio book and youcan find it on Audible, Kobo, Barnes
and Noble, just about everywhere.
You can go to Audible and you cansearch for Alyssa and Jim Love, or you
can Google that and you'll get a listof places you can get the audio book.
(00:25):
And now back to our regularlyscheduled programming.
Shadow Leak hits chat, GPT Servers.
A sim farm is shut downnear the United Nations.
Cisco's zero day hits 2 million devices.
The FBI Warns of spoofed Crime Reportingsites and Android's Top Protection
(00:46):
needs you to manually activate it.
This is cybersecurity today.
I'm your host, Jim Love.
Security researchers at Radwarehave uncovered a dangerous
server side vulnerability inChatGPT's Deep Research agent.
It's called Shadow Leak, andit's a true zero click exploit.
(01:07):
Attackers don't need youto click on anything.
All it takes is an email with hiddeninstructions, and the AI agent can be
tricked into following them because theflaw runs entirely on Open AI's servers.
It's invisible to traditionalendpoint defenses.
No malware shows up on yourdevice, and there's often no
(01:28):
trace for victims to spot.
David Aviv, the CTO of Radware calledit the quintessential zero click attack
that makes detection very difficult,even for well-protected organizations.
Part of the danger is how itbypasses logging and monitoring.
Since the malicious activity happenswithin the AI's processing pipeline,
(01:53):
standard audit tools may neversee the commands being executed
or the data being siphoned off.
The scale of the risk is huge.
ChatGPT has millions of business usersand many are integrating it directly
into workflows that touch sensitive data.
Researchers warn that onceattackers gain a foothold, they can
(02:16):
quietly siphon information or evenmanipulate how the AI responds.
The message is clear.
Don't rely on the AI provider alone.
Use layered security controls.
Keep human oversight in the loop forcritical tasks and lock down access
wherever you can And particularly inthese early days of AI, until real
(02:40):
security can be worked out, really takea good think of which data you submit
to an AI agent in the cloud to process.
A massive SIM farm operation wasuncovered and dismantled by the
US Secret Service across New York.
Just as world leaders gathered at theUnited Nations, investigators found
(03:04):
more than 300 SIM servers using over100,000 active SIM cards clustered
within 35 miles of the UN building.
These SIM farms racks of SIM cardstied to VoIP gateways can send
or receive massive volumes ofcalls or text messages at scale.
(03:25):
They're used for frauds, spoofing,encrypted comms, or even occasionally to
overwhelm telecom networks . Officialswarned that such a setup could jam or
saturate cell towers, block emergencycommunications like 9 1 1, or create
functional outages in critical zones.
(03:46):
Reminiscent of telecomcollapses during a big crisis.
And because the operation sat so closeto the UN analysts say it could even have
been used for espionage or surveillance,intercepting or manipulating signals
With proximity to high value targets fortelecom operators and defenders sim farms
(04:08):
highlight a growing threat, misuse ofinfrastructure that normally seems benign.
Detection is tricky because thedevice mimics legitimate traffic.
Researchers are now exploring anomalydetection techniques like latency
patterns in cellular signaling as oneway to spot SIM box or SIM farm activity.
(04:30):
But the bottom line, even a smalltelecom infrastructure misused at scale
can turn into a national, or in thiscase, an international security threat.
Cisco has alerted the public thatas many as 2 million devices running
iOS or iOS XE could be affected bya new zero day vulnerability now
(04:55):
actively exploited in the wild.
The flaw tracked as CVE20 25 20352 lies in SNMP.
The simple network management protocol,invulnerable configurations, even low
privileged users, can trigger a denialof service or remote code execution.
(05:18):
Because the exploit abuses, SNMP Astandard tool in almost every
network, it can slip past manytraditional security barriers.
Devices exposed to the internet withSNMP enabled are at highest risk.
Cisco is urging administrators toupdate affected systems immediately.
(05:39):
Disable unused SNMP access andmonitor logs for unusual traffic
or sudden device restarts.
The US Cybersecurity and infrastructureSecurity agency, CISA a has also
added the flaw to its known exploitedvulnerabilities catalog requiring federal
agencies to patch or mitigate quickly.
(06:04):
The FBI has issued a warning aboutcriminals spoofing the Internet Crime
Complaint Center or IC3 website.
These fake portals mimic the FBI'ssite so convincingly that victims
believe they are filing a crimereport when in fact their personal and
financial details are being stolen.
(06:26):
Once entered, that information goesstraight to attackers who can use
it for identity theft or fraud.
These spoofed domains are hostedon bulletproof servers and rotated
frequently, making it nearlyimpossible to take them down or to
know who now holds the stolen data.
(06:47):
The FBI stresses, there is onlyone legitimate IC three portal.
IC three.gov.
People should always type thataddress directly into their browser.
Never click on links, even inemails that appear official.
Okay.
(07:07):
We've done a number of stories aboutpossible attacks on Android phones, and
this is just a reminder that Android has afunction, much like Apple's lockdown mode.
It's the highest level of security, butyou must manually turn it on to enable it.
It's called Advanced Protection, and ithardens the phone against malicious apps,
(07:29):
exploits, and even sophisticated attacks.
The catch is, as we noted,it's not enabled by default.
You find it in your security settings,and right now I know it's available
on Pixel phones, which are alwaysfirst in line for Android upgrades.
Other manufacturers will roll it outon their schedule, so check that.
(07:51):
But with all of the concernsabout mobile exploits, this is
a feature worth remembering andworth enabling if you have it.
That's our show for today.
You could reach me with tips, comments,and even constructive criticism,
And to all of you who havedownloaded the audio book,
Elisa A Tale of Quantum Kisses.
(08:12):
\. Thank you so much.
If you haven't done that,please think about it.
If you wanna support me , it'sone of the best ways to do it.
the book is called Elissa,A Tale of Quantum Kisses.
You can find it as an audiobook, as a print book, as an
electronic book on Kindle, just.
(08:32):
Go to Amazon, go toAudible and type in Jim.
Love Elissa, E-L-I-S-A, or Googlethat and you'll find dozens of
places you could buy the book.
I'm your host, Jim.
Love.
Thanks for listening.
I.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
My Favorite Murder with Karen Kilgariff and Georgia Hardstark
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.