Black Hills Information Security

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — The Problem With Extensions03:10 - Lawmakers want to Ban VPNs – BHIS - Talkin' Bout [infosec] News 2025-12-0103:47 - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)12:05 - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing21:19 - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update25:49 - Story # 4: ‘Slop Evader' Lets You Surf the Web Like It's 202237:08 - Story # 5: China's Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says39:10 - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now42:39 - Story # 6: Meta is earning a fortune on a deluge of fraudulent ads, documents show50:23 - Story # 7: Meta had a 17-strike policy for sex trafficking, former safety leader claims52:41 - Story # 8: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Stressed about lithium batteries04:59 - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-17-2405:57 - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub11:19 - Story # 2: CrowdStrike catches insider feeding information to hackers15:50 - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages22:17 - Story # 4: NetApp sues former CTO for alleged data breach26:49 - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers36:05 - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now37:11 - Story # 6b: Cloudflare outage on November 18, 202541:43 - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt46:35 - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System51:10 - Story # 10: Microsoft to integrate Sysmon directly into Windows 11, Server 202556:41 - Story # 9: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00:00 - PreShow Banter™ — The Way the Community Rumbles00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin' Bout [infosec] News 2025-11-1700:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations00:18:06 - Eric & Whitney's “Podcast” [webcast] on training your own LLM00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People's Meetings and Taking Notes by Hand00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies00:37:35 - Story # 4: Google is easing up on Android's new sideloading restrictions!00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats00:44:58 - Story # 5b: Hackers are saving Google's abandoned Nest thermostats with open-source firmware00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs01:00:40 - Story # 7: Teens are Hacking School Systems. Let's Teach Them to Protect Communities Instead01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign01:14:58 - Discord CTF Winners

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Chapters00:00 - PreShow Banter™ — Humans are Done03:04 - Louvre's video security password was ‘Louvre' – BHIS - Talkin' Bout [infosec] News 2025-11-1005:11 - Story # 1: I Tried the Robot That's Coming to Live With You. It's Still Part Human.15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell25:14 - Story # 3: The Louvre's video security password was reportedly ‘Louvre'29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools56:37 - BHIS Webcast – X-Typhoon - Not your Father's China with John Strand

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Musical Views of the Universe04:05 - – BHIS - Talkin' Bout [infosec] News 2025-11-0304:39 - Story # 1: Ransomware profits drop as victims stop paying hackers06:22 - Chart since 201916:06 - Story # 2: More than a million people every week show suicidal intent when chatting with ChatGPT, OpenAI estimates33:02 - Story # 3: 10M people watched a YouTuber shim a lock; the lock company sued him. Bad idea.41:18 - Story # 4: ‘Dangerous' YouTube videos struck down for bypassing Windows 11 account setup [Update: Restored]47:13 - Story # 5: Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says51:08 - Story # 6: Microsoft: DNS outage impacts Azure and Microsoft 365 services54:33 - Story # 7: EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure55:22 - Stordy # 8: Black Hat Europe 2025 Arsenal: 8 AI Security Tools Transforming Cybersecurity

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comThe BHIS crew breaks down the latest cybersecurity stories making waves — from data breaches and malware campaigns to privacy issues, exploit trends, and tech policy shake-ups. Join our panel of security pros for expert analysis, sharp humor, and practical insights you can actually use. Whether it's social engineering, AI-powered attacks, or bizarre security headlines, we dig into what matters most for defenders and curious minds alike. Stay informed, entertained, and one step ahead in the ever-changing world of infosec.00:00:00 - PreShow Banter™ — The Cost of War.xyz00:03:42 - The AI Browser Wars - BHIS - Talkin' Bout [infosec] News 2025-10-2700:04:04 - Story # 1: Smart bed owners experience AWS outage nightmare as they're left sweating and stuck in upright position00:10:49 - Story # 2: Robots May Replace 600,000 Human Employees at Amazon00:14:40 - Story # 3: Meet Mico, Microsoft's AI version of Clippy00:20:59 - Story # 4: Exploitation of Windows Server Update Services Remote Code Execution Vulnerability00:26:31 - Story # 5: Ex-L3Harris executive accused of selling trade secrets to Russia00:31:29 - Story # 6: Introducing ChatGPT Atlas00:43:34 - Story # 7: ‘Phased Out'—Google Confirms Bad News For 3 Billion Chrome Users00:52:26 - Story # 8: The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn01:00:16 - Story # 9: KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00:00 - PreShow Banter™ — AWS Snow Day Party00:11:31 - Online Book Store Takes Down Half of the Internet - BHIS - Talkin' Bout [infosec] News 2025-10-2000:12:12 - Story # 1: F5 says hackers stole undisclosed BIG-IP flaws, source code00:35:11 - Story # 2: Newsom signs age verification law, siding with tech giants over Hollywood00:48:39 - Story # 3: Researchers find a startlingly cheap way to steal your secrets from space00:55:04 - Story # 4: Jeff Bezos Has a Plan to Curb AI's Carbon Footprint: Send Data Centers to Space01:02:22 - Story # 5: SolarWinds Security Chief reflects on the Russian hack that exposed US government agencies

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — A Real Podcast03:15 - Hackers claim Discord breach exposed data of 5.5 million users – BHIS - Talkin' Bout [infosec] News 2025-10-1305:44 - Story # 1: CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code24:27 - Story # 2: Hackers claim Discord breach exposed data of 5.5 million users36:52 - Story # 3: Velociraptor leveraged in ransomware attacks46:47 - Story # 4: Huntress Threat Advisory: Widespread SonicWall SSLVPN Compromise54:48 - CTF Challenge

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — A little radiation never hurt anybody.03:07 - BHIS - Talkin' Bout [infosec] News 2025-09-2903:29 - Story # 1: As many as 2 million Cisco devices affected by actively exploited 0-day19:07 - Story # 2: Viral call-recording app Neon goes dark after exposing users' phone numbers, call recordings, and transcripts | TechCrunch24:25 - Story # 3: AI Darwin Awards Show AI's Biggest Problem Is Human29:32 - Story # 4: Nikon revokes all C2PA image authenticity certificates after major vulnerability exposed34:14 - Story # 5: ‘You'll never need to work again': Criminals offer reporter money to hack BBC38:18 - Story # 6: Cybersecurity Training Programs Don't Prevent Employees from Falling for Phishing Scams46:48 - Mini CTF Walkthrough56:03 - Story # 7: U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Unnatural European Fridges03:34 - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin' Bout [infosec] News 2025-09-2204:14 - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens21:32 - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages40:50 - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence51:41 - Story # 3: Verified Steam game steals streamer's cancer treatment donations57:16 - Story # 4: Heathrow warns of second day of disruption after cyber-attack

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Enter Dark John03:15 - Kerberoasting Goes to Washington – BHIS - Talkin' Bout [infosec] News 2025-09-1503:49 - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”12:46 - Story # 2: How an Attacker's Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations32:42 - Story # 3: Some JLR suppliers ‘face bankruptcy' due to hack crisis41:30 - Story # 4: AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns46:07 - Story # 5: All your vulns are belong to us! CISA wants to maintain gov control of CVE program49:55 - Story # 6: Qantas penalizes executives for July cyberattack51:15 - Story # 7: America's second largest egg producer breached, claim hackers54:55 - Story # 8: Undocumented Radios Found in Solar-Powered Devices

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — If I Were French04:35 - Anthropic 1.5 Billion © Settlement - BHIS - Talkin' Bout [infosec] News 2025-09-0805:48 - Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up08:40 - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement23:58 - This Company Turns Dashcams into ‘Virtual CCTV Cameras.' Then Hackers Got In33:38 - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps40:07 - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack44:27 - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack46:38 - Update on Mandiant Drift and Salesloft Application Investigations51:04 - M&S hackers claim to be behind Jaguar Land Rover cyber attack51:55 - New TP-Link zero-day surfaces as CISA warns other flaws are exploited54:52 - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy57:58 - Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — It's 8ft skeleton season.02:18 - BHIS - Talkin' Bout [infosec] News 2025-09-0203:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets'13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we're working through it.'20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 202522:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-842425:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI35:20 - Story # 12: They weren't lovin' it - hacker cracks McDonald's security in quest for free nuggets, and it was apparently not too tricky39:29 - Identify the birds you see or hear with Merlin Bird ID40:04 - Story # 13: Detecting and countering misuse of AI: August 202551:31 - Story # 14: I'm a Stanford student. A Chinese agent tried to recruit me as a spy

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Canadian Chicken02:01 - The AI Bubble BHIS - Talkin' Bout [infosec] News 2025-08-2502:23 - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers09:27 - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years12:43 - Story # 3: Developer jailed for taking down employer's network with kill switch malware16:33 - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet20:42 - The Utopia Chronicles23:20 - Story # 5: “Unstoppable Power Surges”: China's Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic28:47 - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says41:21 - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes43:41 - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won't Tell You46:33 - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices49:24 - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions53:12 - Story # 11: Cybersecurity training doesn't work: time wasted with no impact, study finds59:07 - ChickenSec: Artificial Intelligence: The other AI

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — The gif that keeps on giffing01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin' Bout [infosec] News 2025-08-1802:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say10:22 - Story # 3: How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks24:51 - Story # 8: LAPD Eyes ‘GeoSpy', an AI Tool That Can Geolocate Photos in Seconds29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild48:13 - Story # 14: Plex warns users to patch security vulnerability immediately50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Wading Through Woods06:06 - DEF CON RECAP - Talkin' Bout [infosec] News 2025-08-1109:16 - Story # 1: It's time to acknowledge HTTP/1.1 is insecure12:36 - Story # 2: Research reveals possible privacy gaps in Apple Intelligence's data handling17:51 - Story # 3: Federal court filing system hit in sweeping hack21:09 - Story # 4: Cisco discloses data breach impacting Cisco.com user accounts32:17 - Story # 5: Google says its AI-based bug hunter found 20 security vulnerabilities34:20 - Story # 6: Automate security reviews with Claude Code39:01 - Story # 7: Flipper Zero ‘DarkWeb' Firmware Bypasses Rolling Code Security on Major Vehicle Brands44:44 - Story # 7b: OnStar assists CHP in stopping fleeing SUV with toddler inside47:12 - Story # 7c: That viral video of a ‘deactivated' Tesla Cybertruck is a fake49:37 - Story # 8: LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code50:53 - Story # 9: Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools53:08 - Story # 10: A Single Poisoned Document Could Leak ‘Secret' Data Via ChatGPT58:10 - Story # 11: Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00:00 - PreShow Banter™ — Stop Asking Wade if he's in Vegas00:02:16 - Perplexity Uses Stealth Crawlers to Evade No-Crawl Directives – 2025-08-0400:11:25 - Story # 1: Insurance won't cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security00:18:40 - Story # 2: States Enact Safe Harbor Laws that Provide Affirmative Defenses in Data Breach Litigation00:26:45 - Story # 3: Hackers Destroy Aeroflot's IT Infrastructure, Causing Over 42 Flight Cancellations00:34:18 - Story # 4: Attackers exploit link-wrapping services to steal Microsoft 365 logins00:40:09 - Story # 5: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons00:42:18 - Wade's plugin recommendation00:44:39 - Story # 6: Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives00:51:11 - Story # 7: After Backlash, ChatGPT Removes Option to Have Private Chats Indexed by Google00:55:21 - AI 202701:01:01 - What's Ralph been up to?

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — National Chicken Wing Day04:16 - BHIS - Talkin' Bout [infosec] News 2025-07-2805:30 - Story # 1: Bad vibes: How an AI agent coded its way to disaster08:40 - Story # 1b: Replit goes rogue, deletes entire database.15:44 - Story # 2: A major AI training data set contains millions of examples of personal data26:05 - Story # 3: Women Dating Safety App ‘Tea' Breached, Users' IDs Posted to 4chan33:19 - Story # 4:A Startup is Selling Data Hacked from Peoples' Computers to Debt Collectors40:28 - Story # 5: Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers49:46 - Story # 6: Businesses banned from paying hackers' ransoms to target cybercrime57:38 - SharePoint Follow Up

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — PaintBallers03:55 - BHIS - Talkin' Bout [infosec] News 2025-07-2104:21 - Story # 1: Microsoft 0-day Mass Exploitation09:39 - Story # 2: Replit AI went rogue, deleted a company's entire database, then hid it and lied about it13:15 - Story # 3: ‘All US forces must now assume their networks are compromised' after Salt Typhoon breach18:08 - Story # 4: After FBI Warning, Alaska Airlines Grounded; Salt Typhoon Suspected20:45 - Story # 5: FBI Cybersecurity Breach Led to Murders of Informants in El Chapo Case21:54 - Story # 5b: FBI's Report29:57 - Story # 6: Google fixes actively exploited sandbox escape zero day in Chrome31:30 - Story # 7: Exploited Wing file transfer bug risks ‘total server compromise,' CISA warns32:33 - Story # 8: CitrixBleed 2 situation update — everybody already got owned33:01 - Story # 9: At Least 750 US Hospitals Faced Disruptions During Last Year's CrowdStrike Outage, Study Finds46:14 - Story # 10: Amazon Ring Doorbell May 28 Mass Hacking Claim Goes Viral48:56 - jdbgmgr.exe virus hoax51:52 - Story # 11: HPE warns of hardcoded passwords in Aruba access points

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Traditional Finger00:21 - BHIS - Talkin' Bout [infosec] News 2025-07-1401:29 - Story # 1: ‘123456' password exposed chats for 64 million McDonald's job chatbot applications22:12 - Story # 2: Employee gets $920 for credentials used in $140 million bank heist33:50 - Story # 3: Microsoft laying off about 9,000 employees in latest round of cuts37:21 - Story # 5: Scammy YouTube Ads46:31 - Story # 6: New ServiceNow flaw lets attackers enumerate restricted data

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Pre Stream Appropriate03:39 - N. Korean Remote Workers are at it Again! – BHIS - Talkin' Bout [infosec] News 2025-07-0705:41 - Story # 1: Fortune 500 Cyber Spending Pays Off: Large Enterprise Risk Falls 33% Despite Rising Threats20:01 - Story # 2: Jasper Sleet: North Korean remote IT workers' evolving tactics to infiltrate organizations25:49 - Story # 2b: Engineer caught juggling multiple startup jobs is a cautionary tale of ‘extreme' hustle culture, experts say34:47 - Story # 3: Taking SHELLTER: a commercial evasion framework abused in- the- wild42:15 - Story # 3b: Statement Regarding Recent Misuse of Shellter Elite and Elastic Security Labs' Handling46:58 - Story # 4: Ingram Micro outage caused by SafePay ransomware attack49:45 - Story # 5: Germany asks Google, Apple to remove DeepSeek AI from app stores53:13 - Story # 6: This Call of Duty game just hit Xbox Game Pass, but it's infested with RCE hackers — I'd take cover and avoid playing until there's a fix

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comChapters:00:00 - PreShow Banter™ — Names on Cups01:39 - Year of the [European Union] Linux Desktop Finally Arrives? | BHIS - Talkin' Bout [infosec] News 2025-06-3003:34 - Story # 1: You should probably delete any sensitive screenshots you have in your phone right now.10:55 - Story # 2: Ongoing Campaign Abuses Microsoft 365's Direct Send to Deliver Phishing Emails14:07 - Story # 3: The year of the European Union Linux desktop may finally arrive24:46 - Story # 4: Restricted data once again leaked on War Thunder forums27:04 - Story # 5: Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky' Document Practices31:47 - Story # 6: French police reportedly arrest suspected BreachForums administrators34:22 - Story # 7: Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages39:41 - Story # 8: CitrixBleed 2: Electric Boogaloo — CVE-2025–577742:16 - Story # 9: Millions of Brother Printers Hit by Critical, Unpatchable Bug47:05 - Story # 10: Canada orders China's Hikvision to close Canadian operations50:13 - Story # 11: US House bans WhatsApp on staff devices over security concerns53:17 - ChickenSec: Chickens are becoming 3rd most popular pet: Tractor Supply CEO56:34 - Story # 12: Norway Dam Hacked, Valve Opened But No Danger58:11 - Review your calendar invites!

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Explaining the Muppets03:09 - Iran Shuts Down It's Own Internet- BHIS - Talkin' Bout [infosec] News 2025-06-2304:52 - Story # 1: Iran's government says it shut down internet to protect against cyberattacks20:20 - Story # 2: Iranian bank linked to revolutionary guard hit by ‘cyber attack'22:11 - Story # 3: Hackers switch to targeting U.S. insurance companies23:32 - Story # 3b: Statement: Erie Insurance Information Security Incident (June 23)33:33 - Story # 4: No, the 16 billion credentials leak is not a new data breach43:23 - Story # 5: ‘Water Curse' Targets Infosec Pros via Poisoned GitHub Repositories47:09 - Story # 6: CISA Reveals ‘Pattern' of Ransomware Attacks Against SimpleHelp RMM48:49 - Story # 7: Report Links Los Pollos and RichAds to Malware Traffic Operations58:29 - Story # 8: Minnesota lawmaker's alleged killer had list of data broker websites in car, FBI says

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Government Linux04:16 - Denmark is Done with Teams! - Talkin' Bout [infosec] News 2025-06-1605:02 - Story # 1: ‘We're done with Teams': German state hits uninstall on Microsoft17:34 - Story # 1b: Denmark Wants to Dump Microsoft Software for Linux, LibreOffice18:14 - Story # 2: Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot25:50 - Story # 3: Fog ransomware attacks use employee monitoring tool to break into business networks30:25 - Story # 4: Expired Discord Invites Hijacked for Stealthy Malware Attacks34:00 - Story # 5: SmartAttack uses smartwatches to steal data from air-gapped systems40:25 - Story # 6: Mirai Botnets Exploiting Wazuh Security Platform Vulnerability44:47 - Story # 7: Google Cloud and Cloudflare hit by widespread service outages48:04 - Story # 8: UNFI cyberattack shuts down network and leaves Whole Foods and others in limbo50:34 - Story # 9: New SharePoint Phishing Attacks Using Lick Deceptive Techniques51:08 - Story # 10: US-backed Israeli company's spyware used to target European journalists, Citizen Lab finds53:32 - Story # 11: Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Time to Bake05:12 - Chatbot Tells Addict to Take Drugs - Talkin' Bout [infosec] News 2025-05-0606:08 - Story # 1: Meta and Yandex are de-anonymizing Android users' web browsing identifiers12:55 - Story # 2: Therapy Chatbot Tells Recovering Addict to Have a Little Meth as a Treat16:11 - Story # 3: The Cost of a Call: From Voice Phishing to Data Extortion26:56 - Story # 4: Questions Swirl Around ConnectWise Flaw Used in Attacks27:40 - Story # 4b: ConnectWise email35:28 - Story # 5: Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI39:27 - Story # 6: Misconfigured HMIs Expose US Water Systems to Anyone With a Browser52:20 - Story # 7: Fact Sheet: President Donald J. Trump Reprioritizes Cybersecurity Efforts to Protect America

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — natural MSG05:31 - Victoria's Secrets are Compromised - Talkin' Bout [infosec] News 2025-06-0206:31 - Story # 1: Authors Are Accidentally Leaving AI Prompts In their Novels08:36 - Story # 1b: This Latest AI Book Debacle Is A Disturbing Part Of A Growing Trend09:41 - Story # 2: Developer Builds Tool That Scrapes YouTube Comments, Uses AI to Predict Where Users Live10:48 - Story # 2b: AI-powered OSINT tool profiles YouTube users, raising privacy concerns15:55 - Story # 2c: Researchers Dump 2 Billion Scraped Discord Messages Online20:28 - Story # 3: Vending-Bench: A Benchmark for Long-Term Coherence of Autonomous Agents21:02 - Story # 3b: An AI Goes Insane, Emails FBI Over $2 (YouTube)26:55 - Story # 4: The UK will totally replace two-thirds of junior civil servants with AI chatbots, says the chatbot27:27 - Story # 4b: Reeves confirms 15% cut to Civil Service running costs29:29 - Story # 5: ConnectWise Breached, ScreenConnect Customers Targeted31:28 - LOLRMM - a curated list of Remote Monitoring and Management (RMM) tools that could potentially be abused by threat actors.35:34 - Story # 6: New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers36:19 - Story # 7: US intelligence employee arrested for alleged double-dealing of classified info40:12 - Story # 8: Victoria's Secret takes down website after security incident45:43 - Story # 9: Microsoft and CrowdStrike partner to link hacking group names46:59 - Story # 10: Zscaler Acquisition of Red Canary49:57 - Story # 11: Most of CISA's senior leaders are leaving the agency51:22 - Story # 12: Telegram announces partnership with Musk's xAI51:32 - Story # 13: Google warns of Vietnam-based hackers using bogus AI video generators to spread malware

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — I just want Jorts!05:42 - Blackmailing A.I. - Talkin' Bout [infosec] News 2025-05-2707:01 - Story # 1: Experimental drones developed to neutralize mass shooters, disable weapons11:29 - Story # 2: How a global malware operation was taken down from a federal court in Georgia13:50 - Story # 3: Judge allows Workday AI bias lawsuit to proceed as collective action15:23 - Marker 1719:25 - Story # 4: Anthropic's new AI model turns to blackmail when engineers try to take it offline32:19 - Story # 5: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more34:53 - Story # 6: TikTok videos now push infostealer malware in ClickFix attacks36:57 - Story # 7: Beware, Coinbase users. Crypto thieves are taking fingers now40:56 - Story # 8: Signal now blocks Microsoft Recall screenshots on Windows 1143:16 - Story # 9: Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords44:54 - Story # 10: Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click48:09 - Story # 11: Russian military hackers ‘Fancy Bear' target Western aid supply chains to Ukraine, NSA report says50:13 - Story # 12: Google Gemini AI assistant coming to new cars in 2025, starting with Volvo54:17 - Story # 13: Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales56:55 - Story # 13b: [HOPE_16] International Travel Tips

Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Twiddle Me This02:04 - WORLDS FIRST CPU Ransomware! - Talkin' Bout [infosec] News 2025-05-1903:10 - Story # 1: Coinbase - Standing Up to Extortionists11:26 - Story # 2: World's first CPU-level ransomware15:09 - Story # 3: New Intel CPU flaws leak sensitive data from privileged memory19:04 - Story # 4: After latest kidnap attempt, crypto types tell crime bosses: Transfers are traceable21:39 - Story # 5: Chinese ‘kill switches' found hidden in US solar farms27:52 - Story # 6: Congress proposes 10-year ban on state AI regulations31:41 - Story # 7: Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data36:02 - Story # 8: European Vulnerability Database Launches Amid US CVE Chaos37:32 - Story # 9: 89 million Steam accounts reportedly leaked. Change your password now.40:06 - Story # 10: Hackers Now Targeting US Retailers After UK Attacks, Google41:11 - Story # 11: How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes43:08 - Story # 11b: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server47:12 - ChickenSec: ‘A Minecraft Movie' Viral TikTok Trend Wreaks Havoc In Theaters51:20 - Story # 12: Education giant Pearson hit by cyberattack exposing customer data

Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Crime is bad00:18 - dangerous trend of destroying Chromebooks04:33 - BHIS - Talkin' Bout [infosec] News 2025-05-1205:40 - Story # 1: LockBit Ransomware Hacked, Insider Secrets Exposed06:36 - Story # 1b: https://ransomch.at09:31 - Story # 2: White House Proposes $500 Million Cut to CISA10:35 - Story # 2b: Update to How CISA Shares Cyber-Related Alerts and Notifications18:09 - Story # 3: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks22:28 - Story # 4: Despite ransom payment, PowerSchool hacker now extorting individual school districts26:28 - Story # 5: Tech CEOs warn Senate: Outdated US power grid threatens AI ambitions32:20 - Story # 6: Warning — 19 Billion Compromised Passwords Have Been Published Online34:37 - Story # 7: Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted36:33 - Story # 8: How a new type of AI is helping police skirt facial recognition bans48:38 - Story # 9: Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware51:33 - Story # 10: A Framework to Report AI's Flaws53:42 - Story # 10b: MITRE ATLAS™54:49 - Simply Hot Ones Challenge | LIVE FIRE SPICE

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Double Coffee05:04 - BHIS - Talkin' Bout [infosec] News 2025-05-0506:05 - Story # 1: Largest bank in the world issues stark security warning about technology that billions use every single day11:15 - Story # 2: M&S cyber-attack linked to hacking group Scattered Spider13:47 - Story # 3: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries20:10 - Story # 4: A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween21:54 - Story # 4b: The one interview question that will protect you from North Korean fake workers23:09 - Story # 5: Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee's Computer, Downloading Confidential Data from Company25:33 - Story # 6: TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered29:19 - Story # 7: Gremlin Stealer: New Stealer on Sale in Underground Forum33:17 - Story # 8: Over 290,000 citizens at risk: CloudSEK uncovers major data breach at Bangalore Water Supply and Sewerage Board34:56 - Story # 9: The Signal Clone the Trump Admin Uses Was Hacked39:58 - Story # 10: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.42:19 - Story # 11: Software dev fortifies his blog with ‘zip bombs' — attacking bots meet their end with explosive data package43:44 - Story # 12: WhatsApp says in-app AI tools will still keep messages secret45:37 - Story # 13: House passes bill to study routers' national security risks49:48 - Simply Hot Ones Challenge (YouTube)

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Talking Bout Red Green02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin' Bout [infosec] News 2025-04-2803:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems11:22 - Story # 2: 2025 Data Breach Investigations Report25:05 - Story # 3: The Age of Realtime Deepfake Fraud Is Here29:00 - Story # 4: Whistleblower: DOGE Siphoned NLRB Case Data33:09 - Story # 5: Top employee monitoring app leaks 21 million screenshots on thousands of users36:59 - Story # 6: 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure42:13 - Story # 7: SAP zero-day vulnerability under widespread active exploitation46:29 - Story # 8: FBI: US lost record $16.6 billion to cybercrime in 202447:55 - Story # 8b: FBI Report Doc53:50 - Story # 9: M- Trends 2025 Report

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — A Monocle and a Glass of Wine05:36 - The CVE Saga - Talkin' Bout [infosec] News 2025-04-2106:43 - Story # 1: US agency extends support for cyber vulnerability database29:08 - Story # 1b: CVE Foundation32:35 - Story # 2: Former cybersecurity agency chief Chris Krebs leaves SentinelOne after Trump targets him in executive order33:57 - Story # 3: 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War37:17 - Story # 4: TA Phone Home: EDR Evasion Testing Reveals Extortion Actor's Toolkit44:57 - Story # 5: The Sophos Annual Threat Report: Cybercrime on Main Street 2025

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Trigger Warning00:42 - Trump Vs Chris Krebs | BHIS - Talkin' Bout [infosec] News 2025-04-1401:54 - Story # 1: Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director17:04 - Story # 2: Cybersecurity industry falls silent as Trump turns ire on SentinelOne18:00 - Story # 3: Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges33:13 - Story # 4: Rippling Believe it or Not: How the Largest Corporate Espionage Case this Century Happened41:36 - Story # 5: Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers52:18 - Story # 6: Pentagon to end $5.1 billion in contracts with Accenture, Deloitte, others

Register for upcoming webcasts & summits - https://poweredbybhis.comChapters00:00 - PreShow Banter™ — A Complex Business06:40 - BHIS - Talkin' Bout [infosec] News 2025-04-0707:34 - Story # 1: Oracle quietly admits data breach, days after lawsuit accused it of cover-up12:47 - Story # 2: Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job21:13 - Story # 3: Phishing platform ‘Lucid' behind wave of iOS, Android SMS attacks28:14 - Story # 4: GitHub expands security tools after 39 million secrets leaked in 202437:28 - Story # 5: The 10 Biggest Crypto Hacks in History40:11 - Story # 6: OpenAI tests watermarking for ChatGPT-4o Image Generation model45:44 - Story # 7: National Security Agency chief fired as Trump ousts another top military officer

00:00 - PreShow Banter™ — The Bed Slinger08:34 - The Oracle of Lies! - BHIS - Talkin' Bout [infosec] News 2025-03-3110:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans32:51 - Story # 4b: Signal is ‘absolutely not suitable' for government use: Former NSA hacker37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack42:27 - Story # 6: Retail giant Sam's Club investigates Clop ransomware breach claims45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion

00:00 - PreShow Banter™ — We're Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin' Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…

00:00 - PreShow Banter™ — Fun Jank Decks05:25 - BHIS - Talkin' Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!!06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension14:37 - Story # 1b: Chrome Web Store is a mess31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages36:17 - Story # 3: China's Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info51:25 - Story # 6: Hackers Take Credit for X Cyberattack54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account

00:00 - PreShow Banter™ — Agent A.I.07:35 - BHIS - Talkin' Bout [infosec] News 2025-03-1010:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound' security and privacy issues25:33 - Story # 3: X/Twitter is down for a third time today27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices45:37 - Story # 6: Cybercrime's Cobalt Strike Use Plummets 80% Worldwide46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR

00:00 - PreShow Banter™ — Not Talking About Anything04:29 - BHIS - Talkin' Bout [infosec] News 2025-03-0305:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access' To All Your Encrypted Data24:28 - Story # 2: Disney engineer downloaded ‘helpful' AI tool that ended up completely destroying his life34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware43:22 - Story # 4: Dragos's 8th Annual OT Cybersecurity Year in Review Is Now Available45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,' ‘defecting to Russia'

00:00 - PreShow Banter™ — Get Political05:27 - BHIS - Talkin' Bout [infosec] News 2025-02-2506:07 - Story # 1: Trump 2.0 Brings Cuts to Cyber, Consumer Protections37:57 - Story # 2: OpenAI Uncovers Evidence of A.I.-Powered Chinese Surveillance Tool49:48 - Story # 3: Apple pulls data protection tool after UK government security row55:00 - Story # 4: Judge dismisses Chris Hadnagy lawsuit against DEF CON

 00:00 - PreShow Banter™ — Prove That You're Wearing Pants05:50 - BHIS - Talkin' Bout [infosec] News 2025-05-1706:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don't die laughing08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated' Attack37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever43:14 - Story # 5b: DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone46:59 - Story # 6: Man who SIM-swapped the SEC's X account pleads guilty51:26 - Story # 7: Russia's Sandworm caught snarfing credentials, data from American and Brit orgs53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy's still screwed 

00:00 - PreShow Banter™ — Walking Through Denver02:23 - BHIS - Talkin' Bout [infosec] News 2025-02-1004:35 - Story # 1: Ransomware payments declined in 2024 despite massive. well-known hacks05:02 - Story # 1b: 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments14:19 - Story # 2: Critical Cisco ISE bug can let attackers run commands as root16:43 - Story # 3: The Untold Story of a Crypto Crimefighter's Descent Into Nigerian Prison24:18 - Story # 4: IoT's botnet problem is up 500% – three things admins must do now31:49 - Story # 5: WhatsApp identifies dozens of users hacked by Paragon spyware company39:41 - Story # 6: Sri Lanka goes bananas after monkey unplugs nation43:36 - Story # 7: Microsoft Study Finds AI Makes Human Cognition “Atrophied and Unprepared”50:17 - ChickenSec Story #: 1 Here's a Super Bowl riddle: Why are egg prices surging — but not chicken wings?52:21 - Story # 8: DOGE Staffer Previously Fired From Cybersecurity Company for Leaking Secrets58:07 - ChickenSec Story #2: Americans to Eat 1.47 Billion Chicken Wings for Super Bowl LIX

00:00 - PreShow Banter™ — Community Swear Bucket01:40 - BHIS - Talkin' Bout [infosec] News 2025-02-0503:27 - Story # 1: DeepSeek R1 Exposed: Security Flaws in China's AI Model11:25 - Story # 2: Backdoor found in two healthcare patient monitors, linked to IP in China15:21 - Story # 3: Facebook flags Linux topics as ‘cybersecurity threats' — posts and users being blocked20:56 - Story # 4: Here's how Musk's access to Treasury system may impact Social Security, other government payments31:29 - Story # 5: Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections34:34 - Story # 6: Insurance Company Globe Life Notifying 850,000 People of Data Breach36:15 - Story # 10: DeepSeek Fails Researchers' Safety Tests38:35 - Story # 11: Engineering giant Smiths Group discloses security breach

00:00 - PreShow Banter™ — Fake Australian04:17 - BHIS - Talkin' Bout [infosec] News 2025-01-2704:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate' to build up AI in US42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources'47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users' Broad Location54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel59:40 - Story # 8: Researchers say new attack could take down the European power grid

00:00 - PreShow Banter™ — Highest Rated Chalk04:14 - BHIS - Talkin' Bout [infosec] News 2025-01-2008:53 - Story # 1: Data From 15,000 Fortinet Firewalls Leaked by Hackers14:25 - Story # 2: China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says16:29 - Story # 3: TikTok reportedly plans ‘immediate' Sunday shutdown in the US if it's banned25:47 - Story # 4: FBI forces Chinese malware to delete itself from thousands of US computers35:06 - WWHF Denver36:03 - BSides San Diego37:23 - Security Stadium38:22 - Story # 5: Exchange 2016 and 2019 reach end-of-life status later this year42:45 - Story # 6: Snyk security researcher deploys malicious NPM packages targeting Cursor.com46:17 - Story # 7: New UEFI Secure Boot flaw exposes systems to bootkits, patch now57:34 - Story # 8: Lawsuit: Allstate used GasBuddy and other apps to quietly track driving

00:00:00 - PreShow Banter™ — An RGB State of Mind00:07:20 - BHIS - Talkin' Bout [infosec] News 2025-01-1300:10:24 - Story # 1: A Day in the Life of a Prolific Voice Phishing Crew00:18:39 - Story # 2: Dental group lied through teeth about data breach, fined $350,00000:25:49 - Story # 3: Hacker claims breach of US location tracking company Gravy Analytics00:27:48 - Story # 4: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data00:33:19 - Story # 5: US Cyber Trust Mark launches as the Energy Star of smart home security00:43:08 - Story # 6: Hackers are exploiting a new Ivanti VPN security bug to hack into company networks00:45:09 - Story # 7: Hacker Broke into ‘Path of Exile 2' Admin Account, Hijacked Wave of Characters00:47:36 - Story # 8: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit00:54:47 - Story # 9: Ransomware crew abuses AWS native encryption01:00:41 - Story # 10: Cannabis company Stiiizy says hackers accessed customers' ID documents

00:00:00 - PreShow Banter™ — Coffee With Wade Wells00:05:41 - BHIS - Talkin' Bout [infosec] News 2025-01-0600:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances00:13:18 - Things Continued to be ignored in 202500:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy00:48:38 - Story # 9: Meta's AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps' 12 big Chinese bots from a Shanghai showroom, shocks world00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware

00:00 - PreShow Banter™ — ChickenSec News Part 312:23 - BHIS - Talkin' Bout [infosec] News 2024-12-1614:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers20:30 - Story # 2: Trump administration wants to go on cyber offensive against China32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks

00:00 - PreShow Banter™ — A Better Mike04:46 - BHIS - Talkin' Bout [infosec] News 2024-12-0905:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans' sensitive personal data42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online