Talkin' About [Infosec] News, Powered by Black Hills Information Security

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Canadian Chicken02:01 - The AI Bubble BHIS - Talkin’ Bout [infosec] News 2025-08-2502:23 - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers09:27 - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years12:43 - Story # 3: Developer jailed for taking down employer’s network with kill switch malware16:33 - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet20:42 - The Utopia Chronicles23:20 - Story # 5: “Unstoppable Power Surges”: China’s Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic28:47 - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says41:21 - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes43:41 - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won’t Tell You46:33 - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices49:24 - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions53:12 - Story # 11: Cybersecurity training doesn’t work: time wasted with no impact, study finds59:07 - ChickenSec: Artificial Intelligence: The other AI

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — The gif that keeps on giffing01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin’ Bout [infosec] News 2025-08-1802:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say10:22 - Story # 3: How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks24:51 - Story # 8: LAPD Eyes ‘GeoSpy’, an AI Tool That Can Geolocate Photos in Seconds29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild48:13 - Story # 14: Plex warns users to patch security vulnerability immediately50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Wading Through Woods06:06 - DEF CON RECAP - Talkin’ Bout [infosec] News 2025-08-1109:16 - Story # 1: It’s time to acknowledge HTTP/1.1 is insecure12:36 - Story # 2: Research reveals possible privacy gaps in Apple Intelligence’s data handling17:51 - Story # 3: Federal court filing system hit in sweeping hack21:09 - Story # 4: Cisco discloses data breach impacting Cisco.com user accounts32:17 - Story # 5: Google says its AI-based bug hunter found 20 security vulnerabilities34:20 - Story # 6: Automate security reviews with Claude Code39:01 - Story # 7: Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands44:44 - Story # 7b: OnStar assists CHP in stopping fleeing SUV with toddler inside47:12 - Story # 7c: That viral video of a ‘deactivated’ Tesla Cybertruck is a fake49:37 - Story # 8: LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code50:53 - Story # 9: Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools53:08 - Story # 10: A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT58:10 - Story # 11: Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00:00 - PreShow Banter™ — Stop Asking Wade if he’s in Vegas00:02:16 - Perplexity Uses Stealth Crawlers to Evade No-Crawl Directives – 2025-08-0400:11:25 - Story # 1: Insurance won’t cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security00:18:40 - Story # 2: States Enact Safe Harbor Laws that Provide Affirmative Defenses in Data Breach Litigation00:26:45 - Story # 3: Hackers Destroy Aeroflot’s IT Infrastructure, Causing Over 42 Flight Cancellations00:34:18 - Story # 4: Attackers exploit link-wrapping services to steal Microsoft 365 logins00:40:09 - Story # 5: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons00:42:18 - Wade’s plugin recommendation00:44:39 - Story # 6: Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives00:51:11 - Story # 7: After Backlash, ChatGPT Removes Option to Have Private Chats Indexed by Google00:55:21 - AI 202701:01:01 - What’s Ralph been up to?

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — National Chicken Wing Day04:16 - BHIS - Talkin’ Bout [infosec] News 2025-07-2805:30 - Story # 1: Bad vibes: How an AI agent coded its way to disaster08:40 - Story # 1b: Replit goes rogue, deletes entire database.15:44 - Story # 2: A major AI training data set contains millions of examples of personal data26:05 - Story # 3: Women Dating Safety App ‘Tea’ Breached, Users’ IDs Posted to 4chan33:19 - Story # 4:A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors40:28 - Story # 5: Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers49:46 - Story # 6: Businesses banned from paying hackers’ ransoms to target cybercrime57:38 - SharePoint Follow Up

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — PaintBallers03:55 - BHIS - Talkin’ Bout [infosec] News 2025-07-2104:21 - Story # 1: Microsoft 0-day Mass Exploitation09:39 - Story # 2: Replit AI went rogue, deleted a company’s entire database, then hid it and lied about it13:15 - Story # 3: ‘All US forces must now assume their networks are compromised’ after Salt Typhoon breach18:08 - Story # 4: After FBI Warning, Alaska Airlines Grounded; Salt Typhoon Suspected20:45 - Story # 5: FBI Cybersecurity Breach Led to Murders of Informants in El Chapo Case21:54 - Story # 5b: FBI’s Report29:57 - Story # 6: Google fixes actively exploited sandbox escape zero day in Chrome31:30 - Story # 7: Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns32:33 - Story # 8: CitrixBleed 2 situation update — everybody already got owned33:01 - Story # 9: At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds46:14 - Story # 10: Amazon Ring Doorbell May 28 Mass Hacking Claim Goes Viral48:56 - jdbgmgr.exe virus hoax51:52 - Story # 11: HPE warns of hardcoded passwords in Aruba access points

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Traditional Finger00:21 - BHIS - Talkin’ Bout [infosec] News 2025-07-1401:29 - Story # 1: ‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications22:12 - Story # 2: Employee gets $920 for credentials used in $140 million bank heist33:50 - Story # 3: Microsoft laying off about 9,000 employees in latest round of cuts37:21 - Story # 5: Scammy YouTube Ads46:31 - Story # 6: New ServiceNow flaw lets attackers enumerate restricted data

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Pre Stream Appropriate03:39 - N. Korean Remote Workers are at it Again! – BHIS - Talkin’ Bout [infosec] News 2025-07-0705:41 - Story # 1: Fortune 500 Cyber Spending Pays Off: Large Enterprise Risk Falls 33% Despite Rising Threats20:01 - Story # 2: Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations25:49 - Story # 2b: Engineer caught juggling multiple startup jobs is a cautionary tale of ‘extreme’ hustle culture, experts say34:47 - Story # 3: Taking SHELLTER: a commercial evasion framework abused in- the- wild42:15 - Story # 3b: Statement Regarding Recent Misuse of Shellter Elite and Elastic Security Labs’ Handling46:58 - Story # 4: Ingram Micro outage caused by SafePay ransomware attack49:45 - Story # 5: Germany asks Google, Apple to remove DeepSeek AI from app stores53:13 - Story # 6: This Call of Duty game just hit Xbox Game Pass, but it’s infested with RCE hackers — I’d take cover and avoid playing until there’s a fix

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comChapters:00:00 - PreShow Banter™ — Names on Cups01:39 - Year of the [European Union] Linux Desktop Finally Arrives? | BHIS - Talkin’ Bout [infosec] News 2025-06-3003:34 - Story # 1: You should probably delete any sensitive screenshots you have in your phone right now.10:55 - Story # 2: Ongoing Campaign Abuses Microsoft 365’s Direct Send to Deliver Phishing Emails14:07 - Story # 3: The year of the European Union Linux desktop may finally arrive24:46 - Story # 4: Restricted data once again leaked on War Thunder forums27:04 - Story # 5: Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices31:47 - Story # 6: French police reportedly arrest suspected BreachForums administrators34:22 - Story # 7: Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages39:41 - Story # 8: CitrixBleed 2: Electric Boogaloo — CVE-2025–577742:16 - Story # 9: Millions of Brother Printers Hit by Critical, Unpatchable Bug47:05 - Story # 10: Canada orders China’s Hikvision to close Canadian operations50:13 - Story # 11: US House bans WhatsApp on staff devices over security concerns53:17 - ChickenSec: Chickens are becoming 3rd most popular pet: Tractor Supply CEO56:34 - Story # 12: Norway Dam Hacked, Valve Opened But No Danger58:11 - Review your calendar invites!

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Explaining the Muppets03:09 - Iran Shuts Down It's Own Internet- BHIS - Talkin’ Bout [infosec] News 2025-06-2304:52 - Story # 1: Iran’s government says it shut down internet to protect against cyberattacks20:20 - Story # 2: Iranian bank linked to revolutionary guard hit by ‘cyber attack’22:11 - Story # 3: Hackers switch to targeting U.S. insurance companies23:32 - Story # 3b: Statement: Erie Insurance Information Security Incident (June 23)33:33 - Story # 4: No, the 16 billion credentials leak is not a new data breach43:23 - Story # 5: ‘Water Curse’ Targets Infosec Pros via Poisoned GitHub Repositories47:09 - Story # 6: CISA Reveals ‘Pattern’ of Ransomware Attacks Against SimpleHelp RMM48:49 - Story # 7: Report Links Los Pollos and RichAds to Malware Traffic Operations58:29 - Story # 8: Minnesota lawmaker’s alleged killer had list of data broker websites in car, FBI says