1 00:00:01,304 --> 00:00:05,894 Ernst and Young exposes a four terabyte database to the open internet. 2 00:00:06,329 --> 00:00:11,249 A former L three Harris executive pleads guilty to selling zero 3 00:00:11,249 --> 00:00:13,049 days to a Russian broker. 4 00:00:13,619 --> 00:00:17,819 Chrome is hit by a sophisticated zero day spyware campaign. 5 00:00:17,909 --> 00:00:23,489 And nation state hackers breach US telecom provider ribbon communication. 6 00:00:24,209 --> 00:00:26,219 This is cybersecurity today. 7 00:00:26,459 --> 00:00:28,139 I'm your host, Jim Love. 8 00:00:29,149 --> 00:00:33,139 Even the world's biggest consulting firms can make the simplest of mistakes. 9 00:00:33,589 --> 00:00:38,269 Dutch researchers revealed that Ernst and Young, or EY, one of the big four 10 00:00:38,269 --> 00:00:43,429 accounting giants, accidentally let four terabytes of SQL server backup, 11 00:00:43,639 --> 00:00:48,959 exposed to the open internet unencrypted and filled with sensitive data. 12 00:00:50,569 --> 00:00:54,439 The backup contained API, keys, authentication tokens, 13 00:00:54,439 --> 00:00:56,809 passwords, and user credentials. 14 00:00:57,049 --> 00:01:02,119 Essentially, the master keys to EY systems, neo security. 15 00:01:02,169 --> 00:01:05,379 the firm that discovered the exposure, said it was like finding the blueprint 16 00:01:05,499 --> 00:01:10,479 and the physical keys to a vault with a note saying, free to a good home. 17 00:01:11,649 --> 00:01:15,329 According to the reports, the leak happened because someone trying 18 00:01:15,329 --> 00:01:20,819 to save a little time left a cloud bucket unprotected, one tiny move 19 00:01:21,059 --> 00:01:22,649 that made the database public. 20 00:01:23,149 --> 00:01:28,459 They left it that way for less than five minutes, but automated bots scooped up the 21 00:01:28,459 --> 00:01:31,969 data like this within minutes of exposure. 22 00:01:33,109 --> 00:01:37,279 What they didn't realize is that any data left unencrypted on the 23 00:01:37,279 --> 00:01:41,197 internet for even a few minutes is going to be detected and stolen. 24 00:01:41,920 --> 00:01:45,520 Once notified EYs team acted quickly and fixed the issue, 25 00:01:45,970 --> 00:01:47,410 but the message here is simple. 26 00:01:48,119 --> 00:01:53,279 You can't leave unencrypted data on the internet even for a few minutes. 27 00:01:54,209 --> 00:01:58,079 It's a hard lesson to learn, but one that we can all take away from 28 00:01:58,079 --> 00:02:02,639 this because given the right set of circumstances, almost any one of us 29 00:02:02,729 --> 00:02:04,169 could have made the same mistake. 30 00:02:05,894 --> 00:02:10,154 The former head of a US defense contractor cyber division has pleaded guilty to 31 00:02:10,154 --> 00:02:16,424 selling classified hacking tools to a Russian broker, one that openly advertises 32 00:02:16,424 --> 00:02:19,604 exploits to government clients in Moscow. 33 00:02:20,384 --> 00:02:25,634 Peter Williams, a 39-year-old Australian who ran Trenchant, the cyber operations 34 00:02:25,634 --> 00:02:30,674 unit of L three Harris admitted to stealing and selling national security 35 00:02:30,674 --> 00:02:35,774 focused software that included at least eight zero day exploits, meant 36 00:02:35,864 --> 00:02:39,104 only for the US and its allies. 37 00:02:39,704 --> 00:02:42,224 The Justice Department said that Williams sold these tools for 38 00:02:42,224 --> 00:02:46,994 millions in cryptocurrency and even agreed to provide ongoing support. 39 00:02:48,689 --> 00:02:51,569 The scary part about this, if I read it right, was that Williams even 40 00:02:51,569 --> 00:02:58,139 had a contract for the payment of these quote unquote services, and 41 00:02:58,139 --> 00:03:04,169 ironically or criminally earlier this year, Williams had fired a developer. 42 00:03:04,169 --> 00:03:07,649 He falsely accused of leaking Chrome zero days. 43 00:03:08,954 --> 00:03:12,974 That developer later told one publication I was a scapegoat. 44 00:03:13,274 --> 00:03:14,384 I wasn't guilty. 45 00:03:14,924 --> 00:03:18,704 and I guess that developer's finally been vindicated now that Williams 46 00:03:18,704 --> 00:03:23,779 is under house arrest in Washington DC awaiting sentencing in January, 47 00:03:23,779 --> 00:03:28,204 2026, And it's a reminder that insider threats can come from anywhere. 48 00:03:28,924 --> 00:03:31,444 Even the very top of a company. 49 00:03:33,484 --> 00:03:37,324 Researchers have confirmed a vulnerability that let attackers break out of 50 00:03:37,324 --> 00:03:42,454 Chrome's built in sandbox, and gain deep access to the operating system. 51 00:03:42,904 --> 00:03:50,044 It is listed as CVE 20 25 27 83, described in the US National Vulnerability 52 00:03:50,044 --> 00:03:55,864 Database as an incorrect handle in Chrome's Mojo component on Windows. 53 00:03:56,854 --> 00:04:01,054 Attackers exploited it in espionage campaigns earlier this year. 54 00:04:01,414 --> 00:04:02,494 How dangerous was it? 55 00:04:02,494 --> 00:04:07,144 Well, in some cases, simply visiting a link in Chrome was 56 00:04:07,144 --> 00:04:08,794 enough to trigger the exploit. 57 00:04:09,514 --> 00:04:13,984 It is now patched, so if you're running the latest version You're safe, but 58 00:04:13,984 --> 00:04:16,234 this is part of a much bigger story. 59 00:04:16,864 --> 00:04:23,074 Browsers are now an extremely popular attack surface in cybersecurity, and 60 00:04:23,074 --> 00:04:27,184 with the new AI browsers like Open AI's Atlas and Perplexity Comet, 61 00:04:27,544 --> 00:04:31,924 both are built on the same Chromium foundation, so it's fair to ask whether 62 00:04:31,924 --> 00:04:38,974 they'll be next and if Chrome after years of testing still has holes. 63 00:04:39,343 --> 00:04:43,993 What about brand new AI browsers, rush to market and already 64 00:04:43,993 --> 00:04:46,303 having prompt injection risks? 65 00:04:47,143 --> 00:04:50,833 They may only be at the beginning of what some researchers 66 00:04:50,833 --> 00:04:53,293 call a vulnerability harvest 67 00:04:54,783 --> 00:04:59,313 . I'm a big believer in AI and believe we have to experiment with it, but until 68 00:04:59,313 --> 00:05:03,993 we see some real independent security validation of these browsers, it might be 69 00:05:03,993 --> 00:05:10,053 smart to be cautious or even to keep those AI browsers off your corporate network. 70 00:05:11,373 --> 00:05:15,513 I confess this is not my big area of expertise, and if somebody out 71 00:05:15,513 --> 00:05:19,053 there in the audience has some way we can talk about this at a deeper 72 00:05:19,053 --> 00:05:21,273 level, get in contact with me. 73 00:05:24,118 --> 00:05:27,058 And finally, hackers working for a nation state. 74 00:05:27,498 --> 00:05:32,073 Breached Networks at Ribbon Communications, a US telecom services 75 00:05:32,073 --> 00:05:36,183 provider that connects many of the world's biggest carriers, including 76 00:05:36,183 --> 00:05:39,633 Verizon, BT, and Deutsche Telecom. 77 00:05:40,488 --> 00:05:43,848 According to filings with the US Securities and Exchange Commission, 78 00:05:43,998 --> 00:05:49,878 the breach began in December, 2024 and went undetected for nearly a year. 79 00:05:50,448 --> 00:05:55,338 So far, three smaller customers were reportedly affected, although there's 80 00:05:55,338 --> 00:05:59,418 no sign that government clients or core systems were compromised. 81 00:06:00,618 --> 00:06:04,578 Cybersecurity experts say this fits a growing pattern of espionage 82 00:06:04,578 --> 00:06:09,108 campaigns aimed at the telecom and network infrastructure providers, 83 00:06:09,978 --> 00:06:13,908 the companies that sit at the very heart of global communications. 84 00:06:15,238 --> 00:06:19,468 Pete Reus of Palo Alto Networks told Reuters that attackers target 85 00:06:19,468 --> 00:06:24,208 these firms to establish long-term persistence within their networks 86 00:06:24,358 --> 00:06:28,558 to enable global espionage Ribbons. 87 00:06:28,558 --> 00:06:33,658 Customers include major carriers and government agencies making it a prime 88 00:06:34,048 --> 00:06:38,758 target for these state aligned hackers, especially from China and Russia. 89 00:06:39,843 --> 00:06:42,813 It is a stark reminder that the weakest points in the system 90 00:06:42,993 --> 00:06:44,973 isn't always the end user. 91 00:06:45,363 --> 00:06:49,748 Sometimes it's the service provider that connects to everyone else. 92 00:06:51,382 --> 00:06:52,702 And that's our show for today. 93 00:06:52,942 --> 00:06:56,872 You can reach me with tips, comments, or even some constructive criticism. 94 00:06:57,322 --> 00:07:01,132 Check us out@technewsday.com or.ca. 95 00:07:01,312 --> 00:07:02,962 Use the Contact us page. 96 00:07:03,112 --> 00:07:06,622 If you're watching this on YouTube, just leave a note under the video. 97 00:07:07,342 --> 00:07:08,422 I'm your host, Jim Love. 98 00:07:08,872 --> 00:07:09,862 I'm your host, Jim Love. 99 00:07:10,372 --> 00:07:11,272 Thanks for listening.