![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
20 episodes
![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
Talkin' About [Infosec] News, Powered by Black Hills Information Security Black Hills Information Security
-
- News
Download and listen to our weekly infosec podcast where we discuss the latest attacks, breaches, and how they happened and why. We’re a team of penetration testers (ethical hackers) and friends that love how new technology can be broken and made to do things it was never intended to do.
-
2024-06-17 - Recall Gets Recalled
00:00 - PreShow Banter™ — Hungry Hungry Hipaa03:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-17 05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability16:27 - Story # 2: Microsoft’s all-knowing Recall AI feature is being delayed25:34 - Story # 3: Here’s how Apple’s AI model tries to keep your data private32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord35:28 - Story # 5: Pure Storage confirms data breach after Snowflake account hack38:44 - Story # 6: Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says
-
2024-6-13 - Recall Disaster, Ransomware and Drone Police
00:00 - PreShow Banter™ — Louie is Live04:53 - BHIS - Talkin’ Bout [infosec] News 2024-06-1007:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion18:39 - Story # 2: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts41:34 - Story # 4: The Age of the Drone Police Is Here52:07 - Story # 5: London hospitals declare emergency following ransomware attack54:45 - Story # 6: Former Senior Executive and Former Sales Manager Convicted of Selling Data on Millions of U.S. Consumers to Perpetrators of Mail Fraud Schemes56:40 - Story # 7: FBI Kicks Hackers In The Teeth With Free 7,000 Ransomware Key Giveaway57:32 - Story # 8: FCC OKs pilot to bolster school, library cybersecurity
-
2024-06-2024 - RVs, Hackers and Poison.
00:00:00 - PreShow Banter™ — In an RV down by the dumpster 00:07:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-03 00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online 00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection 00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions 00:13:42 - Story # 1d: Snowflake Denies Responsibility for Ticketmaster, Santander Breaches 00:21:21 - Story # 2: Chinese hackers hide on military and govt networks for 6 years 00:29:17 - Story # 3: Federal agency warns critical Linux vulnerability being actively exploited 00:34:19 - Story # 4: US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:39:19 - Story # 4b: How the FBI’s fake cell phone company put criminals into real jail cells 00:43:48 - Story # 5: Exploit released for maximum severity Fortinet RCE bug, patch now 00:46:09 - Story # 6: Enforcement Alert: Drinking Water Systems to Address Cybersecurity Vulnerabilities 00:54:44 - Story # 6b: Hackers attempt to poison Florida city’s water supply near Super Bowl 01:03:32 - Story # 7: GPT-4o’s Chinese token-training data is polluted by spam and porn websites
-
2024-05-23 - Sneaky AI Policies, Two Year Linux Backdoor and Good Ol' Fraud!
00:00 - PreShow Banter™ — Antichafing Training.04:31 - BHIS - Talkin’ Bout [infosec] News 2024-05-2007:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea43:55 - Story # 4: FCC might require telecoms to report on securing internet’s BGP technology52:45 - Story # 5: Slack under attack over sneaky AI training policy
-
2024-05-16 - Hackers Target Children, FBI Surveillance and RSA Cookies?
00:00 - PreShow Banter™ — World Class RSA Cookies04:49 - BHIS - Talkin’ Bout [infosec] News 2024-05-1406:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach18:48 - Story # 2: Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills52:26 - Story # 4b: The Anxious Generation53:46 - Story # 5:Hackers are now targeting the children of corporate executives in elaborate ransomware attacks
-
2024-05-07 - LastPass Goes Independent, Hacker Sentenced, Vulnerabilities Among us.
00:00 - PreShow Banter™ — RSA Power Moves08:14 - BHIS - Talkin’ Bout [infosec] News 2024-05-0609:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR15:04 - Story # 2: A recent security incident involving Dropbox Sign20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability42:07 - Story # 6: LastPass goes independent over a year after serious breaches50:16 - Cyber Security Basics for Muggles & Minions with Ashley and Chris50:40 - Story # 7: Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million54:12 - Story # 8: Lockbit’s seized site comes alive to tease new police announcements56:27 - Story # 9: Systemd v256 Introduces run0: A Safer Alternative to sudo