Black Hills Information Security

Follow Black Hills Information Security
Share on
Copy link to clipboard

Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.

Black Hills Information Security


    • May 30, 2025 LATEST EPISODE
    • weekly NEW EPISODES
    • 58m AVG DURATION
    • 288 EPISODES


    Search for episodes from Black Hills Information Security with a specific topic:

    Latest episodes from Black Hills Information Security

    Blackmailing A.I. - 2025-05-27

    Play Episode Listen Later May 30, 2025 58:35


    Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — I just want Jorts!05:42 - Blackmailing A.I. - Talkin' Bout [infosec] News 2025-05-2707:01 - Story # 1: Experimental drones developed to neutralize mass shooters, disable weapons11:29 - Story # 2: How a global malware operation was taken down from a federal court in Georgia13:50 - Story # 3: Judge allows Workday AI bias lawsuit to proceed as collective action15:23 - Marker 1719:25 - Story # 4: Anthropic's new AI model turns to blackmail when engineers try to take it offline32:19 - Story # 5: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more34:53 - Story # 6: TikTok videos now push infostealer malware in ClickFix attacks36:57 - Story # 7: Beware, Coinbase users. Crypto thieves are taking fingers now40:56 - Story # 8: Signal now blocks Microsoft Recall screenshots on Windows 1143:16 - Story # 9: Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords44:54 - Story # 10: Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click48:09 - Story # 11: Russian military hackers ‘Fancy Bear' target Western aid supply chains to Ukraine, NSA report says50:13 - Story # 12: Google Gemini AI assistant coming to new cars in 2025, starting with Volvo54:17 - Story # 13: Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales56:55 - Story # 13b: [HOPE_16] International Travel Tips

    WORLDS FIRST CPU Ransomware! - 2025-05-19

    Play Episode Listen Later May 21, 2025 53:26


    Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Twiddle Me This02:04 - WORLDS FIRST CPU Ransomware! - Talkin' Bout [infosec] News 2025-05-1903:10 - Story # 1: Coinbase - Standing Up to Extortionists11:26 - Story # 2: World's first CPU-level ransomware15:09 - Story # 3: New Intel CPU flaws leak sensitive data from privileged memory19:04 - Story # 4: After latest kidnap attempt, crypto types tell crime bosses: Transfers are traceable21:39 - Story # 5: Chinese ‘kill switches' found hidden in US solar farms27:52 - Story # 6: Congress proposes 10-year ban on state AI regulations31:41 - Story # 7: Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data36:02 - Story # 8: European Vulnerability Database Launches Amid US CVE Chaos37:32 - Story # 9: 89 million Steam accounts reportedly leaked. Change your password now.40:06 - Story # 10: Hackers Now Targeting US Retailers After UK Attacks, Google41:11 - Story # 11: How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes43:08 - Story # 11b: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server47:12 - ChickenSec: ‘A Minecraft Movie' Viral TikTok Trend Wreaks Havoc In Theaters51:20 - Story # 12: Education giant Pearson hit by cyberattack exposing customer data

    Inside DragonForce 2025-05-12

    Play Episode Listen Later May 15, 2025 56:15


    Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Crime is bad00:18 - dangerous trend of destroying Chromebooks04:33 - BHIS - Talkin' Bout [infosec] News 2025-05-1205:40 - Story # 1: LockBit Ransomware Hacked, Insider Secrets Exposed06:36 - Story # 1b: https://ransomch.at09:31 - Story # 2: White House Proposes $500 Million Cut to CISA10:35 - Story # 2b: Update to How CISA Shares Cyber-Related Alerts and Notifications18:09 - Story # 3: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks22:28 - Story # 4: Despite ransom payment, PowerSchool hacker now extorting individual school districts26:28 - Story # 5: Tech CEOs warn Senate: Outdated US power grid threatens AI ambitions32:20 - Story # 6: Warning — 19 Billion Compromised Passwords Have Been Published Online34:37 - Story # 7: Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted36:33 - Story # 8: How a new type of AI is helping police skirt facial recognition bans48:38 - Story # 9: Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware51:33 - Story # 10: A Framework to Report AI's Flaws53:42 - Story # 10b: MITRE ATLAS™54:49 - Simply Hot Ones Challenge | LIVE FIRE SPICE

    Scatterd Spider Weaves Another Attack- 2025-05-05

    Play Episode Listen Later May 9, 2025 54:42


    Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Double Coffee05:04 - BHIS - Talkin' Bout [infosec] News 2025-05-0506:05 - Story # 1: Largest bank in the world issues stark security warning about technology that billions use every single day11:15 - Story # 2: M&S cyber-attack linked to hacking group Scattered Spider13:47 - Story # 3: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries20:10 - Story # 4: A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween21:54 - Story # 4b: The one interview question that will protect you from North Korean fake workers23:09 - Story # 5: Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee's Computer, Downloading Confidential Data from Company25:33 - Story # 6: TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered29:19 - Story # 7: Gremlin Stealer: New Stealer on Sale in Underground Forum33:17 - Story # 8: Over 290,000 citizens at risk: CloudSEK uncovers major data breach at Bangalore Water Supply and Sewerage Board34:56 - Story # 9: The Signal Clone the Trump Admin Uses Was Hacked39:58 - Story # 10: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.42:19 - Story # 11: Software dev fortifies his blog with ‘zip bombs' — attacking bots meet their end with explosive data package43:44 - Story # 12: WhatsApp says in-app AI tools will still keep messages secret45:37 - Story # 13: House passes bill to study routers' national security risks49:48 - Simply Hot Ones Challenge (YouTube)

    InfoSec CEO Charged with Installing Malware! – 2025-04-28

    Play Episode Listen Later Apr 30, 2025 60:58


    Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Talking Bout Red Green02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin' Bout [infosec] News 2025-04-2803:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems11:22 - Story # 2: 2025 Data Breach Investigations Report25:05 - Story # 3: The Age of Realtime Deepfake Fraud Is Here29:00 - Story # 4: Whistleblower: DOGE Siphoned NLRB Case Data33:09 - Story # 5: Top employee monitoring app leaks 21 million screenshots on thousands of users36:59 - Story # 6: 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure42:13 - Story # 7: SAP zero-day vulnerability under widespread active exploitation46:29 - Story # 8: FBI: US lost record $16.6 billion to cybercrime in 202447:55 - Story # 8b: FBI Report Doc53:50 - Story # 9: M- Trends 2025 Report

    The CVE Saga - Talkin' Bout [infosec] News 2025-04-21

    Play Episode Listen Later Apr 23, 2025 58:29


    Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — A Monocle and a Glass of Wine05:36 - The CVE Saga - Talkin' Bout [infosec] News 2025-04-2106:43 - Story # 1: US agency extends support for cyber vulnerability database29:08 - Story # 1b: CVE Foundation32:35 - Story # 2: Former cybersecurity agency chief Chris Krebs leaves SentinelOne after Trump targets him in executive order33:57 - Story # 3: 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War37:17 - Story # 4: TA Phone Home: EDR Evasion Testing Reveals Extortion Actor's Toolkit44:57 - Story # 5: The Sophos Annual Threat Report: Cybercrime on Main Street 2025

    Largest Corporate Espionage Case this Century - 2025-04-14

    Play Episode Listen Later Apr 16, 2025 59:49


    Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Trigger Warning00:42 - Trump Vs Chris Krebs | BHIS - Talkin' Bout [infosec] News 2025-04-1401:54 - Story # 1: Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director17:04 - Story # 2: Cybersecurity industry falls silent as Trump turns ire on SentinelOne18:00 - Story # 3: Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges33:13 - Story # 4: Rippling Believe it or Not: How the Largest Corporate Espionage Case this Century Happened41:36 - Story # 5: Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers52:18 - Story # 6: Pentagon to end $5.1 billion in contracts with Accenture, Deloitte, others

    Desperate Times Makes for More Cyber Crimes -2025-04-07

    Play Episode Listen Later Apr 9, 2025 48:31


    Register for upcoming webcasts & summits - https://poweredbybhis.comChapters00:00 - PreShow Banter™ — A Complex Business06:40 - BHIS - Talkin' Bout [infosec] News 2025-04-0707:34 - Story # 1: Oracle quietly admits data breach, days after lawsuit accused it of cover-up12:47 - Story # 2: Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job21:13 - Story # 3: Phishing platform ‘Lucid' behind wave of iOS, Android SMS attacks28:14 - Story # 4: GitHub expands security tools after 39 million secrets leaked in 202437:28 - Story # 5: The 10 Biggest Crypto Hacks in History40:11 - Story # 6: OpenAI tests watermarking for ChatGPT-4o Image Generation model45:44 - Story # 7: National Security Agency chief fired as Trump ousts another top military officer

    The Oracle of Lies! – 2025-03-31

    Play Episode Listen Later Apr 3, 2025 62:45


    00:00 - PreShow Banter™ — The Bed Slinger08:34 - The Oracle of Lies! - BHIS - Talkin' Bout [infosec] News 2025-03-3110:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans32:51 - Story # 4b: Signal is ‘absolutely not suitable' for government use: Former NSA hacker37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack42:27 - Story # 6: Retail giant Sam's Club investigates Clop ransomware breach claims45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion

    Trading in Jock Straps for Jock Hacks – 2025-03-24

    Play Episode Listen Later Mar 26, 2025 58:44


    00:00 - PreShow Banter™ — We're Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin' Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…

    News 2025-03-17 - Malicious Browser Plugins will Destroy us ALL!!!!!

    Play Episode Listen Later Mar 19, 2025 60:41


    00:00 - PreShow Banter™ — Fun Jank Decks05:25 - BHIS - Talkin' Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!!06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension14:37 - Story # 1b: Chrome Web Store is a mess31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages36:17 - Story # 3: China's Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info51:25 - Story # 6: Hackers Take Credit for X Cyberattack54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account

    2025-03-10 — Agent A.I.

    Play Episode Listen Later Mar 12, 2025 64:11


    00:00 - PreShow Banter™ — Agent A.I.07:35 - BHIS - Talkin' Bout [infosec] News 2025-03-1010:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound' security and privacy issues25:33 - Story # 3: X/Twitter is down for a third time today27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices45:37 - Story # 6: Cybercrime's Cobalt Strike Use Plummets 80% Worldwide46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR

    2025-03-03 - Not Talking About Anything

    Play Episode Listen Later Mar 5, 2025 58:41


    00:00 - PreShow Banter™ — Not Talking About Anything04:29 - BHIS - Talkin' Bout [infosec] News 2025-03-0305:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access' To All Your Encrypted Data24:28 - Story # 2: Disney engineer downloaded ‘helpful' AI tool that ended up completely destroying his life34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware43:22 - Story # 4: Dragos's 8th Annual OT Cybersecurity Year in Review Is Now Available45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,' ‘defecting to Russia'

    2025-05-24 - Get Political (With Jake Williams)

    Play Episode Listen Later Feb 26, 2025 62:29


    00:00 - PreShow Banter™ — Get Political05:27 - BHIS - Talkin' Bout [infosec] News 2025-02-2506:07 - Story # 1: Trump 2.0 Brings Cuts to Cyber, Consumer Protections37:57 - Story # 2: OpenAI Uncovers Evidence of A.I.-Powered Chinese Surveillance Tool49:48 - Story # 3: Apple pulls data protection tool after UK government security row55:00 - Story # 4: Judge dismisses Chris Hadnagy lawsuit against DEF CON

    2025-02-17 - Prove That You're Wearing Pants

    Play Episode Listen Later Feb 19, 2025 65:31


     00:00 - PreShow Banter™ — Prove That You're Wearing Pants05:50 - BHIS - Talkin' Bout [infosec] News 2025-05-1706:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don't die laughing08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated' Attack37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever43:14 - Story # 5b: DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone46:59 - Story # 6: Man who SIM-swapped the SEC's X account pleads guilty51:26 - Story # 7: Russia's Sandworm caught snarfing credentials, data from American and Brit orgs53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy's still screwed 

    2025-02-10 - Walking Through Denver

    Play Episode Listen Later Feb 13, 2025 62:47


    00:00 - PreShow Banter™ — Walking Through Denver02:23 - BHIS - Talkin' Bout [infosec] News 2025-02-1004:35 - Story # 1: Ransomware payments declined in 2024 despite massive. well-known hacks05:02 - Story # 1b: 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments14:19 - Story # 2: Critical Cisco ISE bug can let attackers run commands as root16:43 - Story # 3: The Untold Story of a Crypto Crimefighter's Descent Into Nigerian Prison24:18 - Story # 4: IoT's botnet problem is up 500% – three things admins must do now31:49 - Story # 5: WhatsApp identifies dozens of users hacked by Paragon spyware company39:41 - Story # 6: Sri Lanka goes bananas after monkey unplugs nation43:36 - Story # 7: Microsoft Study Finds AI Makes Human Cognition “Atrophied and Unprepared”50:17 - ChickenSec Story #: 1 Here's a Super Bowl riddle: Why are egg prices surging — but not chicken wings?52:21 - Story # 8: DOGE Staffer Previously Fired From Cybersecurity Company for Leaking Secrets58:07 - ChickenSec Story #2: Americans to Eat 1.47 Billion Chicken Wings for Super Bowl LIX

    2025-02-05 - LIVE FROM WWHF DENVER 2025

    Play Episode Listen Later Feb 12, 2025 44:41


    00:00 - PreShow Banter™ — Community Swear Bucket01:40 - BHIS - Talkin' Bout [infosec] News 2025-02-0503:27 - Story # 1: DeepSeek R1 Exposed: Security Flaws in China's AI Model11:25 - Story # 2: Backdoor found in two healthcare patient monitors, linked to IP in China15:21 - Story # 3: Facebook flags Linux topics as ‘cybersecurity threats' — posts and users being blocked20:56 - Story # 4: Here's how Musk's access to Treasury system may impact Social Security, other government payments31:29 - Story # 5: Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections34:34 - Story # 6: Insurance Company Globe Life Notifying 850,000 People of Data Breach36:15 - Story # 10: DeepSeek Fails Researchers' Safety Tests38:35 - Story # 11: Engineering giant Smiths Group discloses security breach

    2025-01-27 - Fake Australian

    Play Episode Listen Later Jan 29, 2025 63:20


    00:00 - PreShow Banter™ — Fake Australian04:17 - BHIS - Talkin' Bout [infosec] News 2025-01-2704:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate' to build up AI in US42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources'47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users' Broad Location54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel59:40 - Story # 8: Researchers say new attack could take down the European power grid

    2025-01-20 - Highest Rated Chalk

    Play Episode Listen Later Jan 22, 2025 64:51


    00:00 - PreShow Banter™ — Highest Rated Chalk04:14 - BHIS - Talkin' Bout [infosec] News 2025-01-2008:53 - Story # 1: Data From 15,000 Fortinet Firewalls Leaked by Hackers14:25 - Story # 2: China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says16:29 - Story # 3: TikTok reportedly plans ‘immediate' Sunday shutdown in the US if it's banned25:47 - Story # 4: FBI forces Chinese malware to delete itself from thousands of US computers35:06 - WWHF Denver36:03 - BSides San Diego37:23 - Security Stadium38:22 - Story # 5: Exchange 2016 and 2019 reach end-of-life status later this year42:45 - Story # 6: Snyk security researcher deploys malicious NPM packages targeting Cursor.com46:17 - Story # 7: New UEFI Secure Boot flaw exposes systems to bootkits, patch now57:34 - Story # 8: Lawsuit: Allstate used GasBuddy and other apps to quietly track driving

    2025-01-13 — An RGB State of Mind

    Play Episode Listen Later Jan 15, 2025 67:54


    00:00:00 - PreShow Banter™ — An RGB State of Mind00:07:20 - BHIS - Talkin' Bout [infosec] News 2025-01-1300:10:24 - Story # 1: A Day in the Life of a Prolific Voice Phishing Crew00:18:39 - Story # 2: Dental group lied through teeth about data breach, fined $350,00000:25:49 - Story # 3: Hacker claims breach of US location tracking company Gravy Analytics00:27:48 - Story # 4: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data00:33:19 - Story # 5: US Cyber Trust Mark launches as the Energy Star of smart home security00:43:08 - Story # 6: Hackers are exploiting a new Ivanti VPN security bug to hack into company networks00:45:09 - Story # 7: Hacker Broke into ‘Path of Exile 2' Admin Account, Hijacked Wave of Characters00:47:36 - Story # 8: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit00:54:47 - Story # 9: Ransomware crew abuses AWS native encryption01:00:41 - Story # 10: Cannabis company Stiiizy says hackers accessed customers' ID documents

    2025-01-06 - Coffee With Wade

    Play Episode Listen Later Jan 9, 2025 64:38


    00:00:00 - PreShow Banter™ — Coffee With Wade Wells00:05:41 - BHIS - Talkin' Bout [infosec] News 2025-01-0600:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances00:13:18 - Things Continued to be ignored in 202500:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy00:48:38 - Story # 9: Meta's AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps' 12 big Chinese bots from a Shanghai showroom, shocks world00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware

    2024-12-16 - ChickenSec News Part 3

    Play Episode Listen Later Dec 18, 2024 70:35


    00:00 - PreShow Banter™ — ChickenSec News Part 312:23 - BHIS - Talkin' Bout [infosec] News 2024-12-1614:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers20:30 - Story # 2: Trump administration wants to go on cyber offensive against China32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks

    2024-12-09 - A Better Mike

    Play Episode Listen Later Dec 11, 2024 64:45


    00:00 - PreShow Banter™ — A Better Mike04:46 - BHIS - Talkin' Bout [infosec] News 2024-12-0905:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans' sensitive personal data42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online

    2024-12-02 - C Squad

    Play Episode Listen Later Dec 4, 2024 72:18


    00:00:00 - PreShow Banter™ — C Squad00:11:03 - BHIS - Talkin' Bout [infosec] News 2024-12-0200:15:43 - Story # 1: Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research00:30:41 - Story # 2: FTC finds that smart-device makers fail to make clear how long their products will be supported00:44:47 - Story # 3: US senators propose law to require bare minimum security standards00:46:35 - Story # 4: Starbucks baristas can't view their schedules after ransomware attack on vendor01:04:26 - Story # 5: Volunteer DEF CON hackers dive into America's leaky water infrastructure01:08:45 - Shameless Plugs

    2024-11-25 - Discordgate

    Play Episode Listen Later Nov 27, 2024 66:22


    00:00:00 - PreShow Banter™ — Discordgate00:09:24 - BHIS - Talkin' Bout [infosec] News 2024-11-2500:10:46 - Story # 1: DOJ says Google must sell Chrome to crack open its search monopoly00:12:08 - Story # 1b: DOJ's staggering proposal would hurt consumers and America's global technological leadership00:19:16 - Story # 2: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access00:24:37 - Story # 3: Palo Alto Networks tackles firewall-busting zero-days with critical patches00:25:46 - Discordgate Follow Up00:26:26 - Story # 4: Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization00:31:08 - Story # 5: Fintech giant Finastra investigates data breach after SFTP hack00:34:01 - Story # 6: CFPB Finalizes Rule on Federal Oversight of Popular Digital Payment Apps to Protect Personal Data, Reduce Fraud, and Stop Illegal “Debanking”00:38:49 - Story # 7: T-Mobile finally managed to thwart a data breach before it occured00:40:22 - Story # 8: D-Link urges users to retire VPN routers impacted by unfixed RCE flaw00:43:07 - Story # 9: US seizes PopeyeTools cybercrime marketplace, charges administrators00:46:19 - Story # 10: Razzlekhan, crypto's most embarrassing rapper, is going to prison00:48:31 - Story # 10b: Netflix has a perfectly timed Razzlekhan doc coming out in December00:50:10 - Story # 11: Microsoft Defender Is Not Enough Anymore—This Malware Gets Around It00:55:11 - Story # 12: Microsoft president asks Trump to “push harder” against Russian hacks00:57:02 - Story # 13: Hackers Breach Andrew Tate's Online ‘University,' Exposing 800,000 Users01:00:36 - Story # 14: 7-Zip affected by dangerous vulnerability: users must update the app manually01:01:31 - Story # 15: Microsoft disrupts ONNX phishing-as-a-service infrastructure01:03:07 - Story # 16: US charges five linked to Scattered Spider cybercrime gang01:04:25 - Plug: Secure Code Summit 2024

    2024-11-18 - Yacht Doc

    Play Episode Listen Later Nov 21, 2024 60:41


    00:00 - PreShow Banter™ — Yacht Doc07:40 - BHIS - Talkin' Bout [infosec] News 2024-11-1808:49 - Story # 1: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit16:02 - Story # 2: CISA Director Jen Easterly to depart agency on January 2019:26 - Story # 3: Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack28:44 - Story # 4: T-Mobile hacked in massive Chinese breach of telecom networks, WSJ reports30:55 - Story # 4b: T-Mobile confirms it was hacked in recent wave of telecom breaches33:03 - Story # 5: An Interview With the Target & Home Depot Hacker40:04 - Story # 6: Hacker gets 10 years in prison for extorting US healthcare provider42:47 - Story # 7: Ransomware fiends boast they've stolen 1.4TB from US pharmacy network44:21 - Story # 8: A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine45:23 - Story # 9: 23andMe cuts 40% of its workforce and discontinues therapeutics division50:38 - Story # 10: FBI, CISA, and NSA reveal most exploited vulnerabilities of 202356:45 - CPTC - Education Through Competition

    2024-11-11 - The Old and The New

    Play Episode Listen Later Nov 15, 2024 60:13


    00:00 - PreShow Banter™ — The Old and The New02:27 - BHIS - Talkin' Bout [infosec] News 2024-11-1103:44 - Story # 1: Mattel pulls thousands of ‘Wicked' dolls off shelves after printing adult website on packaging08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 202516:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada18:26 - Story # 5: Interpol Cybercrime Sweep Takes Down 22,000 IP Addresses, Arrests 4129:47 - Story # 6: Google Cloud to mandate MFA for all users in 202541:30 - Story # 7: Cisco scores a perfect CVSS 10 with critical flaw in its wireless system49:26 - Story # 8: H.I.G. Capital and Thoma Bravo to Acquire CompTIA Brand and Products59:05 - SANS Holiday Hack Challenge™ 2024

    2024-11-04 - The Grey Times

    Play Episode Listen Later Nov 6, 2024 66:32


    00:00:00 - PreShow Banter™ — The Grey Times00:04:33 - BHIS - Talkin' Bout [infosec] News 2024-11-0400:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta's Lawsuit Against CrowdStrike00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info00:30:02 - Story # 4b: ‘We strive to put humanity above all': Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology's Photos app00:50:10 - Story # 7: Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords

    2024-10-28 - Sarsaparilla

    Play Episode Listen Later Oct 30, 2024 67:19


    00:00:00 - PreShow Banter™ — Sarsaparilla00:05:50 - BHIS - Talkin' Bout [infosec] News 2024-10-2800:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI's Promise With Need to Protect Against Risks00:46:25 - Story # 4b: CISA proposes new security requirements to protect govt, personal data00:51:03 - Story # 5: Largest Retail Breach in History: 350 Million “Hot Topic” Customers' Personal & Payment Data Exposed — As a Result of Infostealer Infection00:55:35 - Story # 6: Throne's toilet camera takes pictures of your poop01:04:57 - A Community Support Moment - https://www.crisistextline.org

    2024-10-21 - Logging Con

    Play Episode Listen Later Oct 25, 2024 74:10


    00:00:00 - PreShow Banter™ — Log Con00:11:41 - BHIS - Talkin' Bout [infosec] News 2024-10-2100:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil00:27:12 - Story # 4: Debunking Hype: China Hasn't Broken Military Encryption With Quantum00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers' cloud products00:35:03 - Story # 6: Should We Chat, Too? FAQ00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks00:54:55 - Story # 11: Google's Chrome Browser Starts Disabling uBlock Origin01:01:00 - WWHF Recorvery

    2024-09-30 — Cast of Special Characters

    Play Episode Listen Later Oct 2, 2024 72:52


    00:00:00 - PreShow Banter™ — Cast of Special Characters00:06:37 - BHIS - Talkin' Bout [infosec] News 2024-09-3000:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there's a catch00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek00:27:40 - Story # 2b: ‘I'm a black NAZI!': NC GOP nominee for governor made dozens of disturbing comments on porn forum00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules00:47:01 - Story # 3b: Why Two-Factor Authentication Is So Important - Teen Vogue00:54:04 - Story # 4: Hacker plants false memories in ChatGPT to steal user data in perpetuity01:00:42 - Story # 5: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug01:02:54 - Story # 6: Massive E-Learning Platform Udemy Gave Teachers a Gen AI ‘Opt-Out Window'. It's Already Over.

    2024-09-23 - Plane Talk

    Play Episode Listen Later Sep 26, 2024 61:29


    00:00 - PreShow Banter™ — Plane Talk05:50 - BHIS - Talkin' Bout [infosec] News 2024-09-2306:16 - A SANS Difference Maker Award Finalist09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat24:08 - Story # 2: Recaptcha Phish - John Hammond25:49 - Story # 2b: Clever ‘GitHub Scanner' campaign abusing repos to push malware30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI Training37:40 - Story # 5: Disney ditching Slack after massive July data breach41:42 - Story # 6: FTC exposes massive surveillance of kids, teens by social media giants51:35 - Story # 7: Kaspersky deletes itself, installs UltraAV antivirus without warning

    2024-09-16 - Pour Over News

    Play Episode Listen Later Sep 18, 2024 60:00


    00:00 - PreShow Banter™ — Pour Over News06:01 - BHIS - Talkin' Bout [infosec] News 2024-09-1607:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files15:37 - Story # 2: Snowflake slams ‘more MFA' button again – months after Ticketmaster, Santander breaches21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded Future34:27 - Story # 5: Cyber insurance set for explosive growth40:20 - Story # 6: 23andMe will pay $30 million to settle 2023 data breach lawsuit45:25 - Story # 7: Google faces EU investigation over AI data compliance50:35 - Story # 8: Rogue WHOIS server gives researcher superpowers no one should ever have

    SPECIAL PRESENTATION: Backdoors & Breaches Live

    Play Episode Listen Later Sep 16, 2024 31:23


    00:00 - Introduction01:22 - The Scenario02:50 - First Steps03:48 - Endpoint Analysis Roll04:22 - Logon Scripts Were installed05:09 - I.R. Team Introductions07:17 - Second Step10:32 - Network Threat Hunting Roll11:36 - Third Step15:12 - Anyway Here's Firewall Roll15:43 - Fourth Step18:26 - SIEM Roll19:41 - Fifth Step20:47 - UEBA Roll21:19 - Senario Recap22:20 - Senario Plausibility?25:51 - Wrap-up Takeaways

    2024-09-09 - More Chicken Related Crimes

    Play Episode Listen Later Sep 11, 2024 62:27


    00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China09:23 - BHIS - Talkin' Bout [infosec] News 2024-09-0909:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm's Unsecured Database25:24 - Story # 3: California legislature passes sweeping AI safety bill38:02 - Story # 4: Brain Cipher claims attack on Olympic venue, promises 300 GB data leak41:59 - Story # 5: How Navy chiefs conspired to get themselves illegal warship Wi-Fi42:45 - Story # 5b: After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship49:18 - Story # 6: Researchers say a bug let them add fake pilots to rosters used for TSA checks51:32 - Story # 7: Durex India spilled customers' private order data54:53 - Story # 8: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack

    2024-08-26 - Move to Signal

    Play Episode Listen Later Aug 29, 2024 52:54


    00:00 - PreShow Banter™ — Move to Signal03:47 - BHIS - Talkin' Bout [infosec] News 2024-08-2604:37 - Story # 1: Pavel Durov's Arrest Leaves Telegram Hanging in the Balance11:03 - Story # 1b: Moxie on X.com23:17 - Story # 2: Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules29:39 - Story # 3: Seattle airport ‘possible cyberattack' snarls travel yet again32:42 - Story # 4: Iran named as source of Trump campaign phish, leaks38:53 - Story # 5: Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months44:11 - Story # 6: Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide47:26 - Story # 7: New ‘ALBeast' Misconfiguration Exposes Weakness in AWS Application Load Balancer48:52 - Story # 8: “We will hold them accountable”: General Motors sued for selling customer driving data to third parties

    2024-08-19 Nine Years for Chicken Wings

    Play Episode Listen Later Aug 21, 2024 64:35


    00:00:00 - PreShow Banter™ — Nine Years for Chicken Wings00:08:19 - BHIS - Talkin' Bout [infosec] News 2024-08-1900:09:03 - Story # 1: NationalPublicData.com Hack Exposes a Nation's Data00:18:17 - Story # 1b: National Public Data Published Its Own Passwords00:25:01 - Story # 2: RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks00:26:52 - Story # 3: T-Mobile fined $60 million for failing to stop data breaches00:34:03 - Story # 4: Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments00:45:43 - Story # 5: The US wants to use facial recognition to identify migrant children as they age00:54:16 - Story # 6: Six ransomware gangs behind over 50% of 2024 attacks00:59:56 - Story # 7: US accuses man of being ‘elite' ransomware pioneer they've hunted for years01:01:57 - Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks

    2024-08-12 — Scotty's Pizza (Not Sponsored)

    Play Episode Listen Later Aug 14, 2024 62:49


    00:00 - PreShow Banter™ — Scotty's Pizza (Not Sponsored)03:38 - BHIS - Talkin' Bout [infosec] News 2024-08-1203:59 - Hacker Summer Camp Report 202408:56 - Story # 1: ‘Sinkclose' Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections14:26 - Story # 2: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks29:49 - Story # 3: DEF CON Badge Maker Pulled Off Stage Amid Claims of Non-Payment and Failed Work30:06 - New raspberry pi chip in badge33:31 - Story # 4: Exploit released for Cisco SSM bug allowing admin password changes34:12 - Story # 5: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser38:02 - Story # 6: Intelligence bill would elevate ransomware to a terrorist threat44:36 - Story # 6b: Proposed bill would block large ransomware payments by financial institutions46:26 - Story # 6c: Report shows decreased ransomware payments54:26 - Story # 7: After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude55:12 - Story # 8: CrowdStrike pursuing deal to buy patch management specialist Action157:24 - Story # 9: Microsoft punches back at Delta Air Lines and its legal threats

    2024-08-05 - What's the f_____

    Play Episode Listen Later Aug 6, 2024 63:07


    00:00 - PreShow Banter™ — What's the f___03:34 - BHIS - Talkin' Bout [infosec] News 2024-08-0506:57 - Story # 1: Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails23:57 - Story # 2: Bumble and Hinge allowed stalkers to pinpoint users' locations down to 2 meters, researchers say36:47 - Story # 3: Eavesdropping on HDMI cables can reveal computer screen's content37:43 - Story # 3b Hak5 Screen Crab39:18 - Story # 4: Microsoft says massive Azure outage was caused by DDoS attack43:31 - Story # 5: CrowdStrike says it's not to blame for Delta's days-long outage55:34 - Story # 6: CrowdStrike sued by investors over massive global IT outage

    2024-07-29 - Microsoft Sad Face

    Play Episode Listen Later Jul 31, 2024 60:12


    00:00 - PreShow Banter™ — Microsoft Sad Face02:13 - BHIS - Talkin' Bout [infosec] News 2024-07-2903:08 - Story # 1: Fake CrowdStrike repair manual pushes new infostealer malware15:26 - Story # 1b: 83-year-old man found safe a week after going missing when CrowdStrike outage canceled flight20:39 - Story # 2: Multifactor Authentication Is Not Enough to Protect Cloud Data38:59 - Graphrunner47:19 - Story # 3: Data pilfered from Pentagon IT supplier Leidos57:57 - Story # 4: How a North Korean Fake IT Worker Tried to Infiltrate Us

    2024-07-24 - CrowdStroke Memes

    Play Episode Listen Later Jul 24, 2024 58:45


    00:00 - PreShow Banter™ — CrowdStroke Memes05:59 - BHIS - Talkin' Bout [infosec] News 2024-07-2207:01 - Story # 1: A Windows version from 1992 is saving Southwest's butt right now07:36 - Crowdstrike Global Outage - BHIS - Talkin' Bout [infosec] #News09:48 - Story # 1b: CrowdStrike's faulty update crashed 8.5 million Windows devices, says Microsoft12:13 - Story # 1c: Let's blame the dev who pressed “Deploy”17:23 - Figure 122:14 - Story # 2: DHS Has a DoS Robot to Disable Internet of Things ‘Booby Traps' Inside Homes25:58 - Story # 3: Notorious Hacker Kingpin ‘Tank' Is Finally Going to Prison28:08 - Story # 4: UK Police Arrest Suspect in MGM Ransomware Attack30:49 - Story # 5: Russians plead guilty to involvement in LockBit ransomware attacks33:24 - Story # 6: DHS watchdog rebukes CISA and law enforcement training center for failing to protect data38:32 - Story # 7: Yacht giant MarineMax data breach impacts over 123,000 people40:38 - Story # 8: Sizable Chunk of SEC Charges Against SolarWinds Tossed Out of Court47:14 - Story # 9: The US Supreme Court Kneecapped US Cyber Strategy52:12 - Story # 10: War Thunder does it again, this time with classified documents relating to 3 Russian tanks

    2024-07-22 - Crowdstrike Global Outage

    Play Episode Listen Later Jul 22, 2024 64:20


    The outage of the decade!

    2024-07-18 - Absolute Madmen

    Play Episode Listen Later Jul 18, 2024 63:44


    00:00 - PreShow Banter™ — Absolute Madmen02:28 - BHIS - Talkin' Bout [infosec] News 2024-07-1503:18 - Wi-Fi Forge07:31 - Story # 1: CISA Red Team's Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth22:39 - Story # 2: AT&T says criminals stole phone records of ‘nearly all' customers in new data breach33:35 - Story # 3: FTC study finds ‘dark patterns' used by a majority of subscription apps and websites38:48 - Story # 4: Club Penguin fans breached Disney Confluence server, stole 2.5GB of data41:52 - Story # 5: Heritage Foundation Exec Threatens ‘Gay Furry Hackers' in Unhinged Texts47:51 - Story # 6: German Navy to replace aging 8-inch floppy drives with an emulated solution for its anti-submarine frigates50:14 - Story # 7: 1.4 GB NSA Data Leaked Online – Email Address, Phone Number & Gov Classified Data Exposed53:56 - Story # 8: Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages

    2024-07-08 – A Bunch of Lunatics

    Play Episode Listen Later Jul 10, 2024 68:08


    00:00 - PreShow Banter™ — A Bunch of Lunatics05:09 - BHIS - Talkin' Bout [infosec] News 2024-07-0808:41 - Story # 1: Europol takes down 593 Cobalt Strike servers used by cybercriminals09:54 - Story # 1b: National Crime Agency leads international operation to degrade illegal versions of Cobalt Strike15:17 - Story # 2: ‘RockYou2024': Nearly 10 billion passwords leaked online22:12 - Story # 3: Ticketmaster Breach: ShinyHunters Leak 440K Taylor Swift Eras Tour Ticket Data24:20 - Story # 3b: Hackers reverse-engineer Ticketmaster's barcode system to unlock resales on other platforms27:41 - Story # 4: US Supreme Court ruling will likely cause cyber regulation chaos39:39 - Story # 5: California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition41:13 - Story # 5b: Senator Scott Wiener43:45 - Story # 6: OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report53:10 - Story # 7: Microsoft's Midnight Blizzard source code breach also impacted federal agencies55:27 - Story # 8: Japan's Government Finally Stops Using Floppy Disks57:48 - Story # 9: This smart toilet paper monitor tells you when you need a new roll58:50 - Story # 10: Twilio says hackers identified cell phone numbers of two-factor app Authy users

    2024-07-01 - Ice Cream Season

    Play Episode Listen Later Jul 3, 2024 60:29


    00:00 - PreShow Banter™ — Ice Cream Season07:22 - BHIS - Talkin' Bout [infosec] News 2024-07-0107:48 - Story # 1: TeamViewer's corporate network was breached in alleged APT hack09:11 - Story # 1b: TeeamViewer Security Update – June 28, 2024, 12:10 PM CEST16:33 - Story # 2: Supreme Court orders new look at Texas, Florida social media laws21:32 - Story # 3: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems24:52 - Story # 4: CISA: Most critical open source projects not using memory safe code40:03 - Story # 5: Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released42:35 - Story # 6: South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs49:24 - Story # 7: Drone As First Responder Programs Are Swarming Across the United States55:22 - GRC Rapid Fire

    2024-06-24 - Life is a Highway

    Play Episode Listen Later Jun 26, 2024 62:52


    00:00 - PreShow Banter™ — Life is a Highway04:28 - BHIS - Talkin' Bout [infosec] News 2024-06-2405:30 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions14:18 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA24:30 - Story # 3: CDK suffered another data breach as it was attempting to recover35:08 - Story # 4: LockBit claims the hack of the US Federal Reserve40:00 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers45:36 - Story # 6: That PowerShell ‘fix' for your root cert ‘problem' is a malware loader in disguise 51:13 - Story # 7: US sanctions Kaspersky Lab executives, board members over ‘cooperation' with Russia 53:23 - Story # 7b: Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks

    2024-06-17 - Recall Gets Recalled

    Play Episode Listen Later Jun 19, 2024 61:38


    00:00 - PreShow Banter™ — Hungry Hungry Hipaa03:39 - BHIS - Talkin' Bout [infosec] News 2024-06-17 05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability16:27 - Story # 2: Microsoft's all-knowing Recall AI feature is being delayed25:34 - Story # 3: Here's how Apple's AI model tries to keep your data private32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord35:28 - Story # 5: Pure Storage confirms data breach after Snowflake account hack38:44 - Story # 6: Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says 

    2024-6-13 - Recall Disaster, Ransomware and Drone Police

    Play Episode Listen Later Jun 13, 2024 63:02


    00:00 - PreShow Banter™ — Louie is Live04:53 - BHIS - Talkin' Bout [infosec] News 2024-06-1007:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion18:39 - Story # 2: Stealing everything you've ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts41:34 - Story # 4: The Age of the Drone Police Is Here52:07 - Story # 5: London hospitals declare emergency following ransomware attack54:45 - Story # 6: Former Senior Executive and Former Sales Manager Convicted of Selling Data on Millions of U.S. Consumers to Perpetrators of Mail Fraud Schemes56:40 - Story # 7: FBI Kicks Hackers In The Teeth With Free 7,000 Ransomware Key Giveaway57:32 - Story # 8: FCC OKs pilot to bolster school, library cybersecurity 

    2024-06-2024 - RVs, Hackers and Poison.

    Play Episode Listen Later Jun 6, 2024 68:40


    00:00:00 - PreShow Banter™ — In an RV down by the dumpster 00:07:39 - BHIS - Talkin' Bout [infosec] News 2024-06-03 00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online 00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection 00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions 00:13:42 - Story # 1d: Snowflake Denies Responsibility for Ticketmaster, Santander Breaches 00:21:21 - Story # 2: Chinese hackers hide on military and govt networks for 6 years 00:29:17 - Story # 3: Federal agency warns critical Linux vulnerability being actively exploited 00:34:19 - Story # 4: US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:39:19 - Story # 4b: How the FBI's fake cell phone company put criminals into real jail cells 00:43:48 - Story # 5: Exploit released for maximum severity Fortinet RCE bug, patch now 00:46:09 - Story # 6: Enforcement Alert: Drinking Water Systems to Address Cybersecurity Vulnerabilities 00:54:44 - Story # 6b: Hackers attempt to poison Florida city's water supply near Super Bowl 01:03:32 - Story # 7: GPT-4o's Chinese token-training data is polluted by spam and porn websites 

    2024-05-23 - Sneaky AI Policies, Two Year Linux Backdoor and Good Ol' Fraud!

    Play Episode Listen Later May 23, 2024 66:06


    00:00 - PreShow Banter™ — Antichafing Training.04:31 - BHIS - Talkin' Bout [infosec] News 2024-05-2007:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea43:55 - Story # 4: FCC might require telecoms to report on securing internet's BGP technology52:45 - Story # 5: Slack under attack over sneaky AI training policy

    2024-05-16 - Hackers Target Children, FBI Surveillance and RSA Cookies?

    Play Episode Listen Later May 16, 2024 57:56


    00:00 - PreShow Banter™ — World Class RSA Cookies04:49 - BHIS - Talkin' Bout [infosec] News 2024-05-1406:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach18:48 - Story # 2: Okta's security chief on the company's own cyberattack and how the ‘battleground' has shifted43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills52:26 - Story # 4b: The Anxious Generation53:46 - Story # 5:Hackers are now targeting the children of corporate executives in elaborate ransomware attacks

    Claim Black Hills Information Security

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel