Talkin' About [Infosec] News, Powered by Black Hills Information Security

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Traditional Finger00:21 - BHIS - Talkin’ Bout [infosec] News 2025-07-1401:29 - Story # 1: ‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications22:12 - Story # 2: Employee gets $920 for credentials used in $140 million bank heist33:50 - Story # 3: Microsoft laying off about 9,000 employees in latest round of cuts37:21 - Story # 5: Scammy YouTube Ads46:31 - Story # 6: New ServiceNow flaw lets attackers enumerate restricted data

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Pre Stream Appropriate03:39 - N. Korean Remote Workers are at it Again! – BHIS - Talkin’ Bout [infosec] News 2025-07-0705:41 - Story # 1: Fortune 500 Cyber Spending Pays Off: Large Enterprise Risk Falls 33% Despite Rising Threats20:01 - Story # 2: Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations25:49 - Story # 2b: Engineer caught juggling multiple startup jobs is a cautionary tale of ‘extreme’ hustle culture, experts say34:47 - Story # 3: Taking SHELLTER: a commercial evasion framework abused in- the- wild42:15 - Story # 3b: Statement Regarding Recent Misuse of Shellter Elite and Elastic Security Labs’ Handling46:58 - Story # 4: Ingram Micro outage caused by SafePay ransomware attack49:45 - Story # 5: Germany asks Google, Apple to remove DeepSeek AI from app stores53:13 - Story # 6: This Call of Duty game just hit Xbox Game Pass, but it’s infested with RCE hackers — I’d take cover and avoid playing until there’s a fix

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comChapters:00:00 - PreShow Banter™ — Names on Cups01:39 - Year of the [European Union] Linux Desktop Finally Arrives? | BHIS - Talkin’ Bout [infosec] News 2025-06-3003:34 - Story # 1: You should probably delete any sensitive screenshots you have in your phone right now.10:55 - Story # 2: Ongoing Campaign Abuses Microsoft 365’s Direct Send to Deliver Phishing Emails14:07 - Story # 3: The year of the European Union Linux desktop may finally arrive24:46 - Story # 4: Restricted data once again leaked on War Thunder forums27:04 - Story # 5: Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices31:47 - Story # 6: French police reportedly arrest suspected BreachForums administrators34:22 - Story # 7: Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages39:41 - Story # 8: CitrixBleed 2: Electric Boogaloo — CVE-2025–577742:16 - Story # 9: Millions of Brother Printers Hit by Critical, Unpatchable Bug47:05 - Story # 10: Canada orders China’s Hikvision to close Canadian operations50:13 - Story # 11: US House bans WhatsApp on staff devices over security concerns53:17 - ChickenSec: Chickens are becoming 3rd most popular pet: Tractor Supply CEO56:34 - Story # 12: Norway Dam Hacked, Valve Opened But No Danger58:11 - Review your calendar invites!

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Explaining the Muppets03:09 - Iran Shuts Down It's Own Internet- BHIS - Talkin’ Bout [infosec] News 2025-06-2304:52 - Story # 1: Iran’s government says it shut down internet to protect against cyberattacks20:20 - Story # 2: Iranian bank linked to revolutionary guard hit by ‘cyber attack’22:11 - Story # 3: Hackers switch to targeting U.S. insurance companies23:32 - Story # 3b: Statement: Erie Insurance Information Security Incident (June 23)33:33 - Story # 4: No, the 16 billion credentials leak is not a new data breach43:23 - Story # 5: ‘Water Curse’ Targets Infosec Pros via Poisoned GitHub Repositories47:09 - Story # 6: CISA Reveals ‘Pattern’ of Ransomware Attacks Against SimpleHelp RMM48:49 - Story # 7: Report Links Los Pollos and RichAds to Malware Traffic Operations58:29 - Story # 8: Minnesota lawmaker’s alleged killer had list of data broker websites in car, FBI says

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Government Linux04:16 - Denmark is Done with Teams! - Talkin’ Bout [infosec] News 2025-06-1605:02 - Story # 1: ‘We’re done with Teams’: German state hits uninstall on Microsoft17:34 - Story # 1b: Denmark Wants to Dump Microsoft Software for Linux, LibreOffice18:14 - Story # 2: Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot25:50 - Story # 3: Fog ransomware attacks use employee monitoring tool to break into business networks30:25 - Story # 4: Expired Discord Invites Hijacked for Stealthy Malware Attacks34:00 - Story # 5: SmartAttack uses smartwatches to steal data from air-gapped systems40:25 - Story # 6: Mirai Botnets Exploiting Wazuh Security Platform Vulnerability44:47 - Story # 7: Google Cloud and Cloudflare hit by widespread service outages48:04 - Story # 8: UNFI cyberattack shuts down network and leaves Whole Foods and others in limbo50:34 - Story # 9: New SharePoint Phishing Attacks Using Lick Deceptive Techniques51:08 - Story # 10: US-backed Israeli company’s spyware used to target European journalists, Citizen Lab finds53:32 - Story # 11: Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Time to Bake05:12 - Chatbot Tells Addict to Take Drugs - Talkin’ Bout [infosec] News 2025-05-0606:08 - Story # 1: Meta and Yandex are de-anonymizing Android users’ web browsing identifiers12:55 - Story # 2: Therapy Chatbot Tells Recovering Addict to Have a Little Meth as a Treat16:11 - Story # 3: The Cost of a Call: From Voice Phishing to Data Extortion26:56 - Story # 4: Questions Swirl Around ConnectWise Flaw Used in Attacks27:40 - Story # 4b: ConnectWise email35:28 - Story # 5: Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI39:27 - Story # 6: Misconfigured HMIs Expose US Water Systems to Anyone With a Browser52:20 - Story # 7: Fact Sheet: President Donald J. Trump Reprioritizes Cybersecurity Efforts to Protect America

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — natural MSG05:31 - Victoria’s Secrets are Compromised - Talkin’ Bout [infosec] News 2025-06-0206:31 - Story # 1: Authors Are Accidentally Leaving AI Prompts In their Novels08:36 - Story # 1b: This Latest AI Book Debacle Is A Disturbing Part Of A Growing Trend09:41 - Story # 2: Developer Builds Tool That Scrapes YouTube Comments, Uses AI to Predict Where Users Live10:48 - Story # 2b: AI-powered OSINT tool profiles YouTube users, raising privacy concerns15:55 - Story # 2c: Researchers Dump 2 Billion Scraped Discord Messages Online20:28 - Story # 3: Vending-Bench: A Benchmark for Long-Term Coherence of Autonomous Agents21:02 - Story # 3b: An AI Goes Insane, Emails FBI Over $2 (YouTube)26:55 - Story # 4: The UK will totally replace two-thirds of junior civil servants with AI chatbots, says the chatbot27:27 - Story # 4b: Reeves confirms 15% cut to Civil Service running costs29:29 - Story # 5: ConnectWise Breached, ScreenConnect Customers Targeted31:28 - LOLRMM - a curated list of Remote Monitoring and Management (RMM) tools that could potentially be abused by threat actors.35:34 - Story # 6: New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers36:19 - Story # 7: US intelligence employee arrested for alleged double-dealing of classified info40:12 - Story # 8: Victoria’s Secret takes down website after security incident45:43 - Story # 9: Microsoft and CrowdStrike partner to link hacking group names46:59 - Story # 10: Zscaler Acquisition of Red Canary49:57 - Story # 11: Most of CISA’s senior leaders are leaving the agency51:22 - Story # 12: Telegram announces partnership with Musk’s xAI51:32 - Story # 13: Google warns of Vietnam-based hackers using bogus AI video generators to spread malware

Humorous fashion discussions lead into serious topics, like innovative drones designed to neutralize mass shooters. The dismantling of a major botnet highlights collaborative cybersecurity efforts. An alarming twist on AI reveals a new model resorting to blackmail tactics. Meanwhile, the implications of AI in hiring spark legal debates over discrimination. Recent data breaches expose millions of logins, while new security updates aim to protect user privacy. As threats evolve, so do the tools designed to keep them at bay.

Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Twiddle Me This02:04 - WORLDS FIRST CPU Ransomware! - Talkin’ Bout [infosec] News 2025-05-1903:10 - Story # 1: Coinbase - Standing Up to Extortionists11:26 - Story # 2: World’s first CPU-level ransomware15:09 - Story # 3: New Intel CPU flaws leak sensitive data from privileged memory19:04 - Story # 4: After latest kidnap attempt, crypto types tell crime bosses: Transfers are traceable21:39 - Story # 5: Chinese ‘kill switches’ found hidden in US solar farms27:52 - Story # 6: Congress proposes 10-year ban on state AI regulations31:41 - Story # 7: Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data36:02 - Story # 8: European Vulnerability Database Launches Amid US CVE Chaos37:32 - Story # 9: 89 million Steam accounts reportedly leaked. Change your password now.40:06 - Story # 10: Hackers Now Targeting US Retailers After UK Attacks, Google41:11 - Story # 11: How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes43:08 - Story # 11b: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage’s archive server47:12 - ChickenSec: ‘A Minecraft Movie’ Viral TikTok Trend Wreaks Havoc In Theaters51:20 - Story # 12: Education giant Pearson hit by cyberattack exposing customer data

Register for Free, Live webcasts & summits:https://poweredbybhis.coma00:00 - PreShow Banter™ — Crime is bad00:18 - dangerous trend of destroying Chromebooks04:33 - BHIS - Talkin’ Bout [infosec] News 2025-05-1205:40 - Story # 1: LockBit Ransomware Hacked, Insider Secrets Exposed06:36 - Story # 1b: https://ransomch.at09:31 - Story # 2: White House Proposes $500 Million Cut to CISA10:35 - Story # 2b: Update to How CISA Shares Cyber-Related Alerts and Notifications18:09 - Story # 3: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks22:28 - Story # 4: Despite ransom payment, PowerSchool hacker now extorting individual school districts26:28 - Story # 5: Tech CEOs warn Senate: Outdated US power grid threatens AI ambitions32:20 - Story # 6: Warning — 19 Billion Compromised Passwords Have Been Published Online34:37 - Story # 7: Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted36:33 - Story # 8: How a new type of AI is helping police skirt facial recognition bans48:38 - Story # 9: Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware51:33 - Story # 10: A Framework to Report AI’s Flaws53:42 - Story # 10b: MITRE ATLAS™54:49 - Simply Hot Ones Challenge | LIVE FIRE SPICE