Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.
Black Hills Information Security
Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — I just want Jorts!05:42 - Blackmailing A.I. - Talkin' Bout [infosec] News 2025-05-2707:01 - Story # 1: Experimental drones developed to neutralize mass shooters, disable weapons11:29 - Story # 2: How a global malware operation was taken down from a federal court in Georgia13:50 - Story # 3: Judge allows Workday AI bias lawsuit to proceed as collective action15:23 - Marker 1719:25 - Story # 4: Anthropic's new AI model turns to blackmail when engineers try to take it offline32:19 - Story # 5: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more34:53 - Story # 6: TikTok videos now push infostealer malware in ClickFix attacks36:57 - Story # 7: Beware, Coinbase users. Crypto thieves are taking fingers now40:56 - Story # 8: Signal now blocks Microsoft Recall screenshots on Windows 1143:16 - Story # 9: Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords44:54 - Story # 10: Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click48:09 - Story # 11: Russian military hackers ‘Fancy Bear' target Western aid supply chains to Ukraine, NSA report says50:13 - Story # 12: Google Gemini AI assistant coming to new cars in 2025, starting with Volvo54:17 - Story # 13: Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales56:55 - Story # 13b: [HOPE_16] International Travel Tips
Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Twiddle Me This02:04 - WORLDS FIRST CPU Ransomware! - Talkin' Bout [infosec] News 2025-05-1903:10 - Story # 1: Coinbase - Standing Up to Extortionists11:26 - Story # 2: World's first CPU-level ransomware15:09 - Story # 3: New Intel CPU flaws leak sensitive data from privileged memory19:04 - Story # 4: After latest kidnap attempt, crypto types tell crime bosses: Transfers are traceable21:39 - Story # 5: Chinese ‘kill switches' found hidden in US solar farms27:52 - Story # 6: Congress proposes 10-year ban on state AI regulations31:41 - Story # 7: Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data36:02 - Story # 8: European Vulnerability Database Launches Amid US CVE Chaos37:32 - Story # 9: 89 million Steam accounts reportedly leaked. Change your password now.40:06 - Story # 10: Hackers Now Targeting US Retailers After UK Attacks, Google41:11 - Story # 11: How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes43:08 - Story # 11b: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server47:12 - ChickenSec: ‘A Minecraft Movie' Viral TikTok Trend Wreaks Havoc In Theaters51:20 - Story # 12: Education giant Pearson hit by cyberattack exposing customer data
Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Crime is bad00:18 - dangerous trend of destroying Chromebooks04:33 - BHIS - Talkin' Bout [infosec] News 2025-05-1205:40 - Story # 1: LockBit Ransomware Hacked, Insider Secrets Exposed06:36 - Story # 1b: https://ransomch.at09:31 - Story # 2: White House Proposes $500 Million Cut to CISA10:35 - Story # 2b: Update to How CISA Shares Cyber-Related Alerts and Notifications18:09 - Story # 3: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks22:28 - Story # 4: Despite ransom payment, PowerSchool hacker now extorting individual school districts26:28 - Story # 5: Tech CEOs warn Senate: Outdated US power grid threatens AI ambitions32:20 - Story # 6: Warning — 19 Billion Compromised Passwords Have Been Published Online34:37 - Story # 7: Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted36:33 - Story # 8: How a new type of AI is helping police skirt facial recognition bans48:38 - Story # 9: Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware51:33 - Story # 10: A Framework to Report AI's Flaws53:42 - Story # 10b: MITRE ATLAS™54:49 - Simply Hot Ones Challenge | LIVE FIRE SPICE
Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Double Coffee05:04 - BHIS - Talkin' Bout [infosec] News 2025-05-0506:05 - Story # 1: Largest bank in the world issues stark security warning about technology that billions use every single day11:15 - Story # 2: M&S cyber-attack linked to hacking group Scattered Spider13:47 - Story # 3: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries20:10 - Story # 4: A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween21:54 - Story # 4b: The one interview question that will protect you from North Korean fake workers23:09 - Story # 5: Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee's Computer, Downloading Confidential Data from Company25:33 - Story # 6: TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered29:19 - Story # 7: Gremlin Stealer: New Stealer on Sale in Underground Forum33:17 - Story # 8: Over 290,000 citizens at risk: CloudSEK uncovers major data breach at Bangalore Water Supply and Sewerage Board34:56 - Story # 9: The Signal Clone the Trump Admin Uses Was Hacked39:58 - Story # 10: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.42:19 - Story # 11: Software dev fortifies his blog with ‘zip bombs' — attacking bots meet their end with explosive data package43:44 - Story # 12: WhatsApp says in-app AI tools will still keep messages secret45:37 - Story # 13: House passes bill to study routers' national security risks49:48 - Simply Hot Ones Challenge (YouTube)
Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Talking Bout Red Green02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin' Bout [infosec] News 2025-04-2803:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems11:22 - Story # 2: 2025 Data Breach Investigations Report25:05 - Story # 3: The Age of Realtime Deepfake Fraud Is Here29:00 - Story # 4: Whistleblower: DOGE Siphoned NLRB Case Data33:09 - Story # 5: Top employee monitoring app leaks 21 million screenshots on thousands of users36:59 - Story # 6: 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure42:13 - Story # 7: SAP zero-day vulnerability under widespread active exploitation46:29 - Story # 8: FBI: US lost record $16.6 billion to cybercrime in 202447:55 - Story # 8b: FBI Report Doc53:50 - Story # 9: M- Trends 2025 Report
Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — A Monocle and a Glass of Wine05:36 - The CVE Saga - Talkin' Bout [infosec] News 2025-04-2106:43 - Story # 1: US agency extends support for cyber vulnerability database29:08 - Story # 1b: CVE Foundation32:35 - Story # 2: Former cybersecurity agency chief Chris Krebs leaves SentinelOne after Trump targets him in executive order33:57 - Story # 3: 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War37:17 - Story # 4: TA Phone Home: EDR Evasion Testing Reveals Extortion Actor's Toolkit44:57 - Story # 5: The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Trigger Warning00:42 - Trump Vs Chris Krebs | BHIS - Talkin' Bout [infosec] News 2025-04-1401:54 - Story # 1: Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director17:04 - Story # 2: Cybersecurity industry falls silent as Trump turns ire on SentinelOne18:00 - Story # 3: Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges33:13 - Story # 4: Rippling Believe it or Not: How the Largest Corporate Espionage Case this Century Happened41:36 - Story # 5: Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers52:18 - Story # 6: Pentagon to end $5.1 billion in contracts with Accenture, Deloitte, others
Register for upcoming webcasts & summits - https://poweredbybhis.comChapters00:00 - PreShow Banter™ — A Complex Business06:40 - BHIS - Talkin' Bout [infosec] News 2025-04-0707:34 - Story # 1: Oracle quietly admits data breach, days after lawsuit accused it of cover-up12:47 - Story # 2: Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job21:13 - Story # 3: Phishing platform ‘Lucid' behind wave of iOS, Android SMS attacks28:14 - Story # 4: GitHub expands security tools after 39 million secrets leaked in 202437:28 - Story # 5: The 10 Biggest Crypto Hacks in History40:11 - Story # 6: OpenAI tests watermarking for ChatGPT-4o Image Generation model45:44 - Story # 7: National Security Agency chief fired as Trump ousts another top military officer
00:00 - PreShow Banter™ — The Bed Slinger08:34 - The Oracle of Lies! - BHIS - Talkin' Bout [infosec] News 2025-03-3110:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans32:51 - Story # 4b: Signal is ‘absolutely not suitable' for government use: Former NSA hacker37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack42:27 - Story # 6: Retail giant Sam's Club investigates Clop ransomware breach claims45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion
00:00 - PreShow Banter™ — We're Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin' Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…
00:00 - PreShow Banter™ — Fun Jank Decks05:25 - BHIS - Talkin' Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!!06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension14:37 - Story # 1b: Chrome Web Store is a mess31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages36:17 - Story # 3: China's Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info51:25 - Story # 6: Hackers Take Credit for X Cyberattack54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account
00:00 - PreShow Banter™ — Agent A.I.07:35 - BHIS - Talkin' Bout [infosec] News 2025-03-1010:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound' security and privacy issues25:33 - Story # 3: X/Twitter is down for a third time today27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices45:37 - Story # 6: Cybercrime's Cobalt Strike Use Plummets 80% Worldwide46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR
00:00 - PreShow Banter™ — Not Talking About Anything04:29 - BHIS - Talkin' Bout [infosec] News 2025-03-0305:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access' To All Your Encrypted Data24:28 - Story # 2: Disney engineer downloaded ‘helpful' AI tool that ended up completely destroying his life34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware43:22 - Story # 4: Dragos's 8th Annual OT Cybersecurity Year in Review Is Now Available45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,' ‘defecting to Russia'
00:00 - PreShow Banter™ — Get Political05:27 - BHIS - Talkin' Bout [infosec] News 2025-02-2506:07 - Story # 1: Trump 2.0 Brings Cuts to Cyber, Consumer Protections37:57 - Story # 2: OpenAI Uncovers Evidence of A.I.-Powered Chinese Surveillance Tool49:48 - Story # 3: Apple pulls data protection tool after UK government security row55:00 - Story # 4: Judge dismisses Chris Hadnagy lawsuit against DEF CON
00:00 - PreShow Banter™ — Prove That You're Wearing Pants05:50 - BHIS - Talkin' Bout [infosec] News 2025-05-1706:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don't die laughing08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated' Attack37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever43:14 - Story # 5b: DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone46:59 - Story # 6: Man who SIM-swapped the SEC's X account pleads guilty51:26 - Story # 7: Russia's Sandworm caught snarfing credentials, data from American and Brit orgs53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy's still screwed
00:00 - PreShow Banter™ — Walking Through Denver02:23 - BHIS - Talkin' Bout [infosec] News 2025-02-1004:35 - Story # 1: Ransomware payments declined in 2024 despite massive. well-known hacks05:02 - Story # 1b: 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments14:19 - Story # 2: Critical Cisco ISE bug can let attackers run commands as root16:43 - Story # 3: The Untold Story of a Crypto Crimefighter's Descent Into Nigerian Prison24:18 - Story # 4: IoT's botnet problem is up 500% – three things admins must do now31:49 - Story # 5: WhatsApp identifies dozens of users hacked by Paragon spyware company39:41 - Story # 6: Sri Lanka goes bananas after monkey unplugs nation43:36 - Story # 7: Microsoft Study Finds AI Makes Human Cognition “Atrophied and Unprepared”50:17 - ChickenSec Story #: 1 Here's a Super Bowl riddle: Why are egg prices surging — but not chicken wings?52:21 - Story # 8: DOGE Staffer Previously Fired From Cybersecurity Company for Leaking Secrets58:07 - ChickenSec Story #2: Americans to Eat 1.47 Billion Chicken Wings for Super Bowl LIX
00:00 - PreShow Banter™ — Community Swear Bucket01:40 - BHIS - Talkin' Bout [infosec] News 2025-02-0503:27 - Story # 1: DeepSeek R1 Exposed: Security Flaws in China's AI Model11:25 - Story # 2: Backdoor found in two healthcare patient monitors, linked to IP in China15:21 - Story # 3: Facebook flags Linux topics as ‘cybersecurity threats' — posts and users being blocked20:56 - Story # 4: Here's how Musk's access to Treasury system may impact Social Security, other government payments31:29 - Story # 5: Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections34:34 - Story # 6: Insurance Company Globe Life Notifying 850,000 People of Data Breach36:15 - Story # 10: DeepSeek Fails Researchers' Safety Tests38:35 - Story # 11: Engineering giant Smiths Group discloses security breach
00:00 - PreShow Banter™ — Fake Australian04:17 - BHIS - Talkin' Bout [infosec] News 2025-01-2704:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate' to build up AI in US42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources'47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users' Broad Location54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel59:40 - Story # 8: Researchers say new attack could take down the European power grid
00:00 - PreShow Banter™ — Highest Rated Chalk04:14 - BHIS - Talkin' Bout [infosec] News 2025-01-2008:53 - Story # 1: Data From 15,000 Fortinet Firewalls Leaked by Hackers14:25 - Story # 2: China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says16:29 - Story # 3: TikTok reportedly plans ‘immediate' Sunday shutdown in the US if it's banned25:47 - Story # 4: FBI forces Chinese malware to delete itself from thousands of US computers35:06 - WWHF Denver36:03 - BSides San Diego37:23 - Security Stadium38:22 - Story # 5: Exchange 2016 and 2019 reach end-of-life status later this year42:45 - Story # 6: Snyk security researcher deploys malicious NPM packages targeting Cursor.com46:17 - Story # 7: New UEFI Secure Boot flaw exposes systems to bootkits, patch now57:34 - Story # 8: Lawsuit: Allstate used GasBuddy and other apps to quietly track driving
00:00:00 - PreShow Banter™ — An RGB State of Mind00:07:20 - BHIS - Talkin' Bout [infosec] News 2025-01-1300:10:24 - Story # 1: A Day in the Life of a Prolific Voice Phishing Crew00:18:39 - Story # 2: Dental group lied through teeth about data breach, fined $350,00000:25:49 - Story # 3: Hacker claims breach of US location tracking company Gravy Analytics00:27:48 - Story # 4: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data00:33:19 - Story # 5: US Cyber Trust Mark launches as the Energy Star of smart home security00:43:08 - Story # 6: Hackers are exploiting a new Ivanti VPN security bug to hack into company networks00:45:09 - Story # 7: Hacker Broke into ‘Path of Exile 2' Admin Account, Hijacked Wave of Characters00:47:36 - Story # 8: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit00:54:47 - Story # 9: Ransomware crew abuses AWS native encryption01:00:41 - Story # 10: Cannabis company Stiiizy says hackers accessed customers' ID documents
00:00:00 - PreShow Banter™ — Coffee With Wade Wells00:05:41 - BHIS - Talkin' Bout [infosec] News 2025-01-0600:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances00:13:18 - Things Continued to be ignored in 202500:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy00:48:38 - Story # 9: Meta's AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps' 12 big Chinese bots from a Shanghai showroom, shocks world00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware
00:00 - PreShow Banter™ — ChickenSec News Part 312:23 - BHIS - Talkin' Bout [infosec] News 2024-12-1614:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers20:30 - Story # 2: Trump administration wants to go on cyber offensive against China32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks
00:00 - PreShow Banter™ — A Better Mike04:46 - BHIS - Talkin' Bout [infosec] News 2024-12-0905:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans' sensitive personal data42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online
00:00:00 - PreShow Banter™ — C Squad00:11:03 - BHIS - Talkin' Bout [infosec] News 2024-12-0200:15:43 - Story # 1: Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research00:30:41 - Story # 2: FTC finds that smart-device makers fail to make clear how long their products will be supported00:44:47 - Story # 3: US senators propose law to require bare minimum security standards00:46:35 - Story # 4: Starbucks baristas can't view their schedules after ransomware attack on vendor01:04:26 - Story # 5: Volunteer DEF CON hackers dive into America's leaky water infrastructure01:08:45 - Shameless Plugs
00:00:00 - PreShow Banter™ — Discordgate00:09:24 - BHIS - Talkin' Bout [infosec] News 2024-11-2500:10:46 - Story # 1: DOJ says Google must sell Chrome to crack open its search monopoly00:12:08 - Story # 1b: DOJ's staggering proposal would hurt consumers and America's global technological leadership00:19:16 - Story # 2: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access00:24:37 - Story # 3: Palo Alto Networks tackles firewall-busting zero-days with critical patches00:25:46 - Discordgate Follow Up00:26:26 - Story # 4: Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization00:31:08 - Story # 5: Fintech giant Finastra investigates data breach after SFTP hack00:34:01 - Story # 6: CFPB Finalizes Rule on Federal Oversight of Popular Digital Payment Apps to Protect Personal Data, Reduce Fraud, and Stop Illegal “Debanking”00:38:49 - Story # 7: T-Mobile finally managed to thwart a data breach before it occured00:40:22 - Story # 8: D-Link urges users to retire VPN routers impacted by unfixed RCE flaw00:43:07 - Story # 9: US seizes PopeyeTools cybercrime marketplace, charges administrators00:46:19 - Story # 10: Razzlekhan, crypto's most embarrassing rapper, is going to prison00:48:31 - Story # 10b: Netflix has a perfectly timed Razzlekhan doc coming out in December00:50:10 - Story # 11: Microsoft Defender Is Not Enough Anymore—This Malware Gets Around It00:55:11 - Story # 12: Microsoft president asks Trump to “push harder” against Russian hacks00:57:02 - Story # 13: Hackers Breach Andrew Tate's Online ‘University,' Exposing 800,000 Users01:00:36 - Story # 14: 7-Zip affected by dangerous vulnerability: users must update the app manually01:01:31 - Story # 15: Microsoft disrupts ONNX phishing-as-a-service infrastructure01:03:07 - Story # 16: US charges five linked to Scattered Spider cybercrime gang01:04:25 - Plug: Secure Code Summit 2024
00:00 - PreShow Banter™ — Yacht Doc07:40 - BHIS - Talkin' Bout [infosec] News 2024-11-1808:49 - Story # 1: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit16:02 - Story # 2: CISA Director Jen Easterly to depart agency on January 2019:26 - Story # 3: Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack28:44 - Story # 4: T-Mobile hacked in massive Chinese breach of telecom networks, WSJ reports30:55 - Story # 4b: T-Mobile confirms it was hacked in recent wave of telecom breaches33:03 - Story # 5: An Interview With the Target & Home Depot Hacker40:04 - Story # 6: Hacker gets 10 years in prison for extorting US healthcare provider42:47 - Story # 7: Ransomware fiends boast they've stolen 1.4TB from US pharmacy network44:21 - Story # 8: A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine45:23 - Story # 9: 23andMe cuts 40% of its workforce and discontinues therapeutics division50:38 - Story # 10: FBI, CISA, and NSA reveal most exploited vulnerabilities of 202356:45 - CPTC - Education Through Competition
00:00 - PreShow Banter™ — The Old and The New02:27 - BHIS - Talkin' Bout [infosec] News 2024-11-1103:44 - Story # 1: Mattel pulls thousands of ‘Wicked' dolls off shelves after printing adult website on packaging08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 202516:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada18:26 - Story # 5: Interpol Cybercrime Sweep Takes Down 22,000 IP Addresses, Arrests 4129:47 - Story # 6: Google Cloud to mandate MFA for all users in 202541:30 - Story # 7: Cisco scores a perfect CVSS 10 with critical flaw in its wireless system49:26 - Story # 8: H.I.G. Capital and Thoma Bravo to Acquire CompTIA Brand and Products59:05 - SANS Holiday Hack Challenge™ 2024
00:00:00 - PreShow Banter™ — The Grey Times00:04:33 - BHIS - Talkin' Bout [infosec] News 2024-11-0400:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta's Lawsuit Against CrowdStrike00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info00:30:02 - Story # 4b: ‘We strive to put humanity above all': Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology's Photos app00:50:10 - Story # 7: Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords
00:00:00 - PreShow Banter™ — Sarsaparilla00:05:50 - BHIS - Talkin' Bout [infosec] News 2024-10-2800:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI's Promise With Need to Protect Against Risks00:46:25 - Story # 4b: CISA proposes new security requirements to protect govt, personal data00:51:03 - Story # 5: Largest Retail Breach in History: 350 Million “Hot Topic” Customers' Personal & Payment Data Exposed — As a Result of Infostealer Infection00:55:35 - Story # 6: Throne's toilet camera takes pictures of your poop01:04:57 - A Community Support Moment - https://www.crisistextline.org
00:00:00 - PreShow Banter™ — Log Con00:11:41 - BHIS - Talkin' Bout [infosec] News 2024-10-2100:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil00:27:12 - Story # 4: Debunking Hype: China Hasn't Broken Military Encryption With Quantum00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers' cloud products00:35:03 - Story # 6: Should We Chat, Too? FAQ00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks00:54:55 - Story # 11: Google's Chrome Browser Starts Disabling uBlock Origin01:01:00 - WWHF Recorvery
00:00:00 - PreShow Banter™ — Cast of Special Characters00:06:37 - BHIS - Talkin' Bout [infosec] News 2024-09-3000:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there's a catch00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek00:27:40 - Story # 2b: ‘I'm a black NAZI!': NC GOP nominee for governor made dozens of disturbing comments on porn forum00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules00:47:01 - Story # 3b: Why Two-Factor Authentication Is So Important - Teen Vogue00:54:04 - Story # 4: Hacker plants false memories in ChatGPT to steal user data in perpetuity01:00:42 - Story # 5: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug01:02:54 - Story # 6: Massive E-Learning Platform Udemy Gave Teachers a Gen AI ‘Opt-Out Window'. It's Already Over.
00:00 - PreShow Banter™ — Plane Talk05:50 - BHIS - Talkin' Bout [infosec] News 2024-09-2306:16 - A SANS Difference Maker Award Finalist09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat24:08 - Story # 2: Recaptcha Phish - John Hammond25:49 - Story # 2b: Clever ‘GitHub Scanner' campaign abusing repos to push malware30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI Training37:40 - Story # 5: Disney ditching Slack after massive July data breach41:42 - Story # 6: FTC exposes massive surveillance of kids, teens by social media giants51:35 - Story # 7: Kaspersky deletes itself, installs UltraAV antivirus without warning
00:00 - PreShow Banter™ — Pour Over News06:01 - BHIS - Talkin' Bout [infosec] News 2024-09-1607:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files15:37 - Story # 2: Snowflake slams ‘more MFA' button again – months after Ticketmaster, Santander breaches21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded Future34:27 - Story # 5: Cyber insurance set for explosive growth40:20 - Story # 6: 23andMe will pay $30 million to settle 2023 data breach lawsuit45:25 - Story # 7: Google faces EU investigation over AI data compliance50:35 - Story # 8: Rogue WHOIS server gives researcher superpowers no one should ever have
00:00 - Introduction01:22 - The Scenario02:50 - First Steps03:48 - Endpoint Analysis Roll04:22 - Logon Scripts Were installed05:09 - I.R. Team Introductions07:17 - Second Step10:32 - Network Threat Hunting Roll11:36 - Third Step15:12 - Anyway Here's Firewall Roll15:43 - Fourth Step18:26 - SIEM Roll19:41 - Fifth Step20:47 - UEBA Roll21:19 - Senario Recap22:20 - Senario Plausibility?25:51 - Wrap-up Takeaways
00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China09:23 - BHIS - Talkin' Bout [infosec] News 2024-09-0909:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm's Unsecured Database25:24 - Story # 3: California legislature passes sweeping AI safety bill38:02 - Story # 4: Brain Cipher claims attack on Olympic venue, promises 300 GB data leak41:59 - Story # 5: How Navy chiefs conspired to get themselves illegal warship Wi-Fi42:45 - Story # 5b: After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship49:18 - Story # 6: Researchers say a bug let them add fake pilots to rosters used for TSA checks51:32 - Story # 7: Durex India spilled customers' private order data54:53 - Story # 8: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack
00:00 - PreShow Banter™ — Move to Signal03:47 - BHIS - Talkin' Bout [infosec] News 2024-08-2604:37 - Story # 1: Pavel Durov's Arrest Leaves Telegram Hanging in the Balance11:03 - Story # 1b: Moxie on X.com23:17 - Story # 2: Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules29:39 - Story # 3: Seattle airport ‘possible cyberattack' snarls travel yet again32:42 - Story # 4: Iran named as source of Trump campaign phish, leaks38:53 - Story # 5: Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months44:11 - Story # 6: Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide47:26 - Story # 7: New ‘ALBeast' Misconfiguration Exposes Weakness in AWS Application Load Balancer48:52 - Story # 8: “We will hold them accountable”: General Motors sued for selling customer driving data to third parties
00:00:00 - PreShow Banter™ — Nine Years for Chicken Wings00:08:19 - BHIS - Talkin' Bout [infosec] News 2024-08-1900:09:03 - Story # 1: NationalPublicData.com Hack Exposes a Nation's Data00:18:17 - Story # 1b: National Public Data Published Its Own Passwords00:25:01 - Story # 2: RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks00:26:52 - Story # 3: T-Mobile fined $60 million for failing to stop data breaches00:34:03 - Story # 4: Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments00:45:43 - Story # 5: The US wants to use facial recognition to identify migrant children as they age00:54:16 - Story # 6: Six ransomware gangs behind over 50% of 2024 attacks00:59:56 - Story # 7: US accuses man of being ‘elite' ransomware pioneer they've hunted for years01:01:57 - Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks
00:00 - PreShow Banter™ — Scotty's Pizza (Not Sponsored)03:38 - BHIS - Talkin' Bout [infosec] News 2024-08-1203:59 - Hacker Summer Camp Report 202408:56 - Story # 1: ‘Sinkclose' Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections14:26 - Story # 2: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks29:49 - Story # 3: DEF CON Badge Maker Pulled Off Stage Amid Claims of Non-Payment and Failed Work30:06 - New raspberry pi chip in badge33:31 - Story # 4: Exploit released for Cisco SSM bug allowing admin password changes34:12 - Story # 5: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser38:02 - Story # 6: Intelligence bill would elevate ransomware to a terrorist threat44:36 - Story # 6b: Proposed bill would block large ransomware payments by financial institutions46:26 - Story # 6c: Report shows decreased ransomware payments54:26 - Story # 7: After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude55:12 - Story # 8: CrowdStrike pursuing deal to buy patch management specialist Action157:24 - Story # 9: Microsoft punches back at Delta Air Lines and its legal threats
00:00 - PreShow Banter™ — What's the f___03:34 - BHIS - Talkin' Bout [infosec] News 2024-08-0506:57 - Story # 1: Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails23:57 - Story # 2: Bumble and Hinge allowed stalkers to pinpoint users' locations down to 2 meters, researchers say36:47 - Story # 3: Eavesdropping on HDMI cables can reveal computer screen's content37:43 - Story # 3b Hak5 Screen Crab39:18 - Story # 4: Microsoft says massive Azure outage was caused by DDoS attack43:31 - Story # 5: CrowdStrike says it's not to blame for Delta's days-long outage55:34 - Story # 6: CrowdStrike sued by investors over massive global IT outage
00:00 - PreShow Banter™ — Microsoft Sad Face02:13 - BHIS - Talkin' Bout [infosec] News 2024-07-2903:08 - Story # 1: Fake CrowdStrike repair manual pushes new infostealer malware15:26 - Story # 1b: 83-year-old man found safe a week after going missing when CrowdStrike outage canceled flight20:39 - Story # 2: Multifactor Authentication Is Not Enough to Protect Cloud Data38:59 - Graphrunner47:19 - Story # 3: Data pilfered from Pentagon IT supplier Leidos57:57 - Story # 4: How a North Korean Fake IT Worker Tried to Infiltrate Us
00:00 - PreShow Banter™ — CrowdStroke Memes05:59 - BHIS - Talkin' Bout [infosec] News 2024-07-2207:01 - Story # 1: A Windows version from 1992 is saving Southwest's butt right now07:36 - Crowdstrike Global Outage - BHIS - Talkin' Bout [infosec] #News09:48 - Story # 1b: CrowdStrike's faulty update crashed 8.5 million Windows devices, says Microsoft12:13 - Story # 1c: Let's blame the dev who pressed “Deploy”17:23 - Figure 122:14 - Story # 2: DHS Has a DoS Robot to Disable Internet of Things ‘Booby Traps' Inside Homes25:58 - Story # 3: Notorious Hacker Kingpin ‘Tank' Is Finally Going to Prison28:08 - Story # 4: UK Police Arrest Suspect in MGM Ransomware Attack30:49 - Story # 5: Russians plead guilty to involvement in LockBit ransomware attacks33:24 - Story # 6: DHS watchdog rebukes CISA and law enforcement training center for failing to protect data38:32 - Story # 7: Yacht giant MarineMax data breach impacts over 123,000 people40:38 - Story # 8: Sizable Chunk of SEC Charges Against SolarWinds Tossed Out of Court47:14 - Story # 9: The US Supreme Court Kneecapped US Cyber Strategy52:12 - Story # 10: War Thunder does it again, this time with classified documents relating to 3 Russian tanks
00:00 - PreShow Banter™ — Absolute Madmen02:28 - BHIS - Talkin' Bout [infosec] News 2024-07-1503:18 - Wi-Fi Forge07:31 - Story # 1: CISA Red Team's Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth22:39 - Story # 2: AT&T says criminals stole phone records of ‘nearly all' customers in new data breach33:35 - Story # 3: FTC study finds ‘dark patterns' used by a majority of subscription apps and websites38:48 - Story # 4: Club Penguin fans breached Disney Confluence server, stole 2.5GB of data41:52 - Story # 5: Heritage Foundation Exec Threatens ‘Gay Furry Hackers' in Unhinged Texts47:51 - Story # 6: German Navy to replace aging 8-inch floppy drives with an emulated solution for its anti-submarine frigates50:14 - Story # 7: 1.4 GB NSA Data Leaked Online – Email Address, Phone Number & Gov Classified Data Exposed53:56 - Story # 8: Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages
00:00 - PreShow Banter™ — A Bunch of Lunatics05:09 - BHIS - Talkin' Bout [infosec] News 2024-07-0808:41 - Story # 1: Europol takes down 593 Cobalt Strike servers used by cybercriminals09:54 - Story # 1b: National Crime Agency leads international operation to degrade illegal versions of Cobalt Strike15:17 - Story # 2: ‘RockYou2024': Nearly 10 billion passwords leaked online22:12 - Story # 3: Ticketmaster Breach: ShinyHunters Leak 440K Taylor Swift Eras Tour Ticket Data24:20 - Story # 3b: Hackers reverse-engineer Ticketmaster's barcode system to unlock resales on other platforms27:41 - Story # 4: US Supreme Court ruling will likely cause cyber regulation chaos39:39 - Story # 5: California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition41:13 - Story # 5b: Senator Scott Wiener43:45 - Story # 6: OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report53:10 - Story # 7: Microsoft's Midnight Blizzard source code breach also impacted federal agencies55:27 - Story # 8: Japan's Government Finally Stops Using Floppy Disks57:48 - Story # 9: This smart toilet paper monitor tells you when you need a new roll58:50 - Story # 10: Twilio says hackers identified cell phone numbers of two-factor app Authy users
00:00 - PreShow Banter™ — Ice Cream Season07:22 - BHIS - Talkin' Bout [infosec] News 2024-07-0107:48 - Story # 1: TeamViewer's corporate network was breached in alleged APT hack09:11 - Story # 1b: TeeamViewer Security Update – June 28, 2024, 12:10 PM CEST16:33 - Story # 2: Supreme Court orders new look at Texas, Florida social media laws21:32 - Story # 3: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems24:52 - Story # 4: CISA: Most critical open source projects not using memory safe code40:03 - Story # 5: Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released42:35 - Story # 6: South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs49:24 - Story # 7: Drone As First Responder Programs Are Swarming Across the United States55:22 - GRC Rapid Fire
00:00 - PreShow Banter™ — Life is a Highway04:28 - BHIS - Talkin' Bout [infosec] News 2024-06-2405:30 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions14:18 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA24:30 - Story # 3: CDK suffered another data breach as it was attempting to recover35:08 - Story # 4: LockBit claims the hack of the US Federal Reserve40:00 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers45:36 - Story # 6: That PowerShell ‘fix' for your root cert ‘problem' is a malware loader in disguise 51:13 - Story # 7: US sanctions Kaspersky Lab executives, board members over ‘cooperation' with Russia 53:23 - Story # 7b: Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks
00:00 - PreShow Banter™ — Hungry Hungry Hipaa03:39 - BHIS - Talkin' Bout [infosec] News 2024-06-17 05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability16:27 - Story # 2: Microsoft's all-knowing Recall AI feature is being delayed25:34 - Story # 3: Here's how Apple's AI model tries to keep your data private32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord35:28 - Story # 5: Pure Storage confirms data breach after Snowflake account hack38:44 - Story # 6: Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says
00:00 - PreShow Banter™ — Louie is Live04:53 - BHIS - Talkin' Bout [infosec] News 2024-06-1007:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion18:39 - Story # 2: Stealing everything you've ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts41:34 - Story # 4: The Age of the Drone Police Is Here52:07 - Story # 5: London hospitals declare emergency following ransomware attack54:45 - Story # 6: Former Senior Executive and Former Sales Manager Convicted of Selling Data on Millions of U.S. Consumers to Perpetrators of Mail Fraud Schemes56:40 - Story # 7: FBI Kicks Hackers In The Teeth With Free 7,000 Ransomware Key Giveaway57:32 - Story # 8: FCC OKs pilot to bolster school, library cybersecurity
00:00:00 - PreShow Banter™ — In an RV down by the dumpster 00:07:39 - BHIS - Talkin' Bout [infosec] News 2024-06-03 00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online 00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection 00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions 00:13:42 - Story # 1d: Snowflake Denies Responsibility for Ticketmaster, Santander Breaches 00:21:21 - Story # 2: Chinese hackers hide on military and govt networks for 6 years 00:29:17 - Story # 3: Federal agency warns critical Linux vulnerability being actively exploited 00:34:19 - Story # 4: US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:39:19 - Story # 4b: How the FBI's fake cell phone company put criminals into real jail cells 00:43:48 - Story # 5: Exploit released for maximum severity Fortinet RCE bug, patch now 00:46:09 - Story # 6: Enforcement Alert: Drinking Water Systems to Address Cybersecurity Vulnerabilities 00:54:44 - Story # 6b: Hackers attempt to poison Florida city's water supply near Super Bowl 01:03:32 - Story # 7: GPT-4o's Chinese token-training data is polluted by spam and porn websites
00:00 - PreShow Banter™ — Antichafing Training.04:31 - BHIS - Talkin' Bout [infosec] News 2024-05-2007:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea43:55 - Story # 4: FCC might require telecoms to report on securing internet's BGP technology52:45 - Story # 5: Slack under attack over sneaky AI training policy
00:00 - PreShow Banter™ — World Class RSA Cookies04:49 - BHIS - Talkin' Bout [infosec] News 2024-05-1406:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach18:48 - Story # 2: Okta's security chief on the company's own cyberattack and how the ‘battleground' has shifted43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills52:26 - Story # 4b: The Anxious Generation53:46 - Story # 5:Hackers are now targeting the children of corporate executives in elaborate ransomware attacks