Talkin' About [Infosec] News, Powered by Black Hills Information Security Black Hills Information Security
-
- News
Download and listen to our weekly infosec podcast where we discuss the latest attacks, breaches, and how they happened and why. We’re a team of penetration testers (ethical hackers) and friends that love how new technology can be broken and made to do things it was never intended to do.
-
2024-04-17 - SoCal Man Arrested, EPA Leaks, Net Neutrality returns?
00:00 - PreShow Banter™ — Retro Actions 04:48 - BHIS - Talkin’ Bout [infosec] News 2024-04-15 07:05 - Story # 1: FCC to vote on net neutrality rules on April 25 18:52 - Story # 2: “All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass 23:40 - Story # 2b: Delinea has cloud security incident in Thycotic Secret Server gaff 28:23 - Story # 3: CISA Releases Malware Next-Gen Analysis System for Public Use 40:36 - Story # 4: Hacker Leaks 8.5M U.S. Environmental Protection Agency (EPA) Contact Data 45:55 - Story # 5: SoCal Man Arrested on Federal Charges Alleging He Schemed to Advertise and Sell ‘Hive’ Computer Intrusion Malware
-
2024-04-10 - Vigilante Hackers, Data Sharing, Cybersecurity Taken Over by Computers?
00:00 - PreShow Banter™ — BHIS Bees Corp® 04:08 - The FUTURE IS…… Kickstarter 05:29 - BHIS - Talkin’ Bout [infosec] News 2024-04-08 06:03 - Story # 1: New draft bipartisan US federal privacy bill unveiled 11:03 - Story # 2: How To Opt Out Of GM Sharing Your Driving Data With Insurance Companies 13:04 - Story # 2b: Request a Consumer Disclosure Report 14:25 - Story # 3: Hackers Hijacked Notepad++ Plugin To Execute Malicious Code 29:19 - Story # 4: A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask 46:15 - Story # 5: It’s Time to Hand Cybersecurity Over to the Computers
-
2024-04-03 - Zippers, Jokes & Data Breaches
00:00 - PreShow Banter™ — Zippers, Jokes, & Lawyers (Not to be confused with the song "Lawyers, Guns and Money")02:59 - BHIS - Talkin’ Bout [infosec] News 2024-04-0103:57 - Story # 1: New Darcula phishing service targets iPhone users via iMessage11:57 - Story # 2: Recent ‘MFA Bombing’ Attacks Targeting Apple Users17:22 - Story # 3: Thousands of phones and routers swept into proxy service, unbeknownst to users22:11 - Story # 4: Digital signs around Brookline are collecting data from your phone as you walk by26:57 - Story # 5: Backdoor found in widely used Linux utility targets encrypted SSH connections28:22 - Story # 5b: XZ Outbreak diagram37:32 - Story # 6: Vans warns customers of data breach40:00 - Story # 7: Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers50:32 - Story # 8: Criminals Are Weaponizing Child Abuse Imagery to Ban Discord Servers56:41 - Story # 9: International car theft tool seized in Australia, sparking police warning58:14 - Story # 9b: Investigation into electronic device at Utah high school raises larger concerns for police
-
2024-5-03-27 - Social Media Ban, Sold Data and Splunk w/ Graham Helton
00:00 - PreShow Banter™ — “Allegedly”03:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-2508:00 - Story # 1: Cisco Completes Acquisition of Splunk10:47 - Story # 2: General Motors Quits Sharing Driving Behavior With Data Brokers15:27 - Story # 3: Ron DeSantis signs bill requiring parental consent for kids under 16 to hold social media accounts24:34 - Story # 4: House passes bill to prevent the sale of personal data to foreign adversaries28:19 - Story # 5: Unsaflok - vulnerability impacts over 3 million hotel doors33:57 - Story # 6: Canada revisits decision to ban Flipper Zero36:57 - Story # 7: Truck-to-truck worm could infect – and disrupt – entire US commercial fleet42:59 - Story # 8: Cybercriminals Beta Test New Attack to Bypass AI Security46:31 - Story # 9: Russians will no longer be able to access Microsoft cloud services, business intelligence tools50:36 - Story # 10: New ‘Loop DoS’ Attack Impacts Hundreds of Thousands of Systems55:05 - Story # 11: New surveillance video of man catching a flight without ticket
-
2024-03-20 - New Arms Again w/ Jay Beale of InGuardians
Brought to you by Antisyphon Training — https://www.antisyphontraining.com (https://www.antisyphontraining.com)00:00:00 - PreShow Banter™ — New Arms Again00:03:24 - BHIS - Talkin’ Bout [infosec] News 2024-03-1800:04:54 - Story # 1: NIST Releases Version 2.0 of Landmark Cybersecurity Framework00:10:50 - Story # 2: The FCC has finally decreed that 25Mbps and 3Mbps are not ‘broadband’ speed00:14:33 - Story # 3: Welcome to the 2024 Threat Detection Report00:33:40 - Story # 4: NSA Releases Top Ten Cloud Security Mitigation Strategies00:47:33 - Story # 5: US government agencies demand fixable ice cream machines00:53:14 - Story # 6: Homeland Security is testing AI to help with immigration, trafficking investigations, and disaster relief01:03:19 - Story # 7: Feds seize $1.4 million of tech support scam proceeds with the help of crypto firm
-
2024-03-13 - International Hacking Co. Featuring: Josh Mason
00:00 - PreShow Banter™ — Death to Clippy05:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-11 – Featuring Josh Mason06:58 - Story # 1: Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol, and sex13:43 - Story # 2: Top US cybersecurity agency hacked and forced to take some systems offline23:39 - Story # 3: Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’30:27 - Story # 4: FBI’s 2023 Internet Crime Report38:18 - Story # 5: QNAP warns of critical auth bypass flaw in its NAS devices50:42 - Story # 6: Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies