Talkin' About [Infosec] News, Powered by Black Hills Information Security

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — Double Coffee05:04 - BHIS - Talkin’ Bout [infosec] News 2025-05-0506:05 - Story # 1: Largest bank in the world issues stark security warning about technology that billions use every single day11:15 - Story # 2: M&S cyber-attack linked to hacking group Scattered Spider13:47 - Story # 3: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries20:10 - Story # 4: A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween21:54 - Story # 4b: The one interview question that will protect you from North Korean fake workers23:09 - Story # 5: Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee’s Computer, Downloading Confidential Data from Company25:33 - Story # 6: TerraStealerV2 and TerraLogger: Golden Chickens’ New Malware Families Discovered29:19 - Story # 7: Gremlin Stealer: New Stealer on Sale in Underground Forum33:17 - Story # 8: Over 290,000 citizens at risk: CloudSEK uncovers major data breach at Bangalore Water Supply and Sewerage Board34:56 - Story # 9: The Signal Clone the Trump Admin Uses Was Hacked39:58 - Story # 10: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.42:19 - Story # 11: Software dev fortifies his blog with ‘zip bombs’ — attacking bots meet their end with explosive data package43:44 - Story # 12: WhatsApp says in-app AI tools will still keep messages secret45:37 - Story # 13: House passes bill to study routers’ national security risks49:48 - Simply Hot Ones Challenge (YouTube)

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Talking Bout Red Green02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin’ Bout [infosec] News 2025-04-2803:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems11:22 - Story # 2: 2025 Data Breach Investigations Report25:05 - Story # 3: The Age of Realtime Deepfake Fraud Is Here29:00 - Story # 4: Whistleblower: DOGE Siphoned NLRB Case Data33:09 - Story # 5: Top employee monitoring app leaks 21 million screenshots on thousands of users36:59 - Story # 6: 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure42:13 - Story # 7: SAP zero-day vulnerability under widespread active exploitation46:29 - Story # 8: FBI: US lost record $16.6 billion to cybercrime in 202447:55 - Story # 8b: FBI Report Doc53:50 - Story # 9: M- Trends 2025 Report

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — A Monocle and a Glass of Wine05:36 - The CVE Saga - Talkin’ Bout [infosec] News 2025-04-2106:43 - Story # 1: US agency extends support for cyber vulnerability database29:08 - Story # 1b: CVE Foundation32:35 - Story # 2: Former cybersecurity agency chief Chris Krebs leaves SentinelOne after Trump targets him in executive order33:57 - Story # 3: 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War37:17 - Story # 4: TA Phone Home: EDR Evasion Testing Reveals Extortion Actor’s Toolkit44:57 - Story # 5: The Sophos Annual Threat Report: Cybercrime on Main Street 2025

Register for upcoming webcasts & summits - https://poweredbybhis.com00:00 - PreShow Banter™ — Trigger Warning00:42 - Trump Vs Chris Krebs | BHIS - Talkin’ Bout [infosec] News 2025-04-1401:54 - Story # 1: Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director17:04 - Story # 2: Cybersecurity industry falls silent as Trump turns ire on SentinelOne18:00 - Story # 3: Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges33:13 - Story # 4: Rippling Believe it or Not: How the Largest Corporate Espionage Case this Century Happened41:36 - Story # 5: Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers52:18 - Story # 6: Pentagon to end $5.1 billion in contracts with Accenture, Deloitte, others

Register for upcoming webcasts & summits - https://poweredbybhis.comChapters00:00 - PreShow Banter™ — A Complex Business06:40 - BHIS - Talkin’ Bout [infosec] News 2025-04-0707:34 - Story # 1: Oracle quietly admits data breach, days after lawsuit accused it of cover-up12:47 - Story # 2: Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job21:13 - Story # 3: Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attacks28:14 - Story # 4: GitHub expands security tools after 39 million secrets leaked in 202437:28 - Story # 5: The 10 Biggest Crypto Hacks in History40:11 - Story # 6: OpenAI tests watermarking for ChatGPT-4o Image Generation model45:44 - Story # 7: National Security Agency chief fired as Trump ousts another top military officer

00:00 - PreShow Banter™ — The Bed Slinger08:34 - The Oracle of Lies! - BHIS - Talkin’ Bout [infosec] News 2025-03-3110:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans32:51 - Story # 4b: Signal is ‘absolutely not suitable’ for government use: Former NSA hacker37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack42:27 - Story # 6: Retail giant Sam’s Club investigates Clop ransomware breach claims45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion

00:00 - PreShow Banter™ — We’re Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin’ Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…

00:00 - PreShow Banter™ — Fun Jank Decks05:25 - BHIS - Talkin’ Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!!06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension14:37 - Story # 1b: Chrome Web Store is a mess31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages36:17 - Story # 3: China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info51:25 - Story # 6: Hackers Take Credit for X Cyberattack54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account

00:00 - PreShow Banter™ — Agent A.I.07:35 - BHIS - Talkin’ Bout [infosec] News 2025-03-1010:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound’ security and privacy issues25:33 - Story # 3: X/Twitter is down for a third time today27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices45:37 - Story # 6: Cybercrime’s Cobalt Strike Use Plummets 80% Worldwide46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR

00:00 - PreShow Banter™ — Not Talking About Anything04:29 - BHIS - Talkin’ Bout [infosec] News 2025-03-0305:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access’ To All Your Encrypted Data24:28 - Story # 2: Disney engineer downloaded ‘helpful’ AI tool that ended up completely destroying his life34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware43:22 - Story # 4: Dragos’s 8th Annual OT Cybersecurity Year in Review Is Now Available45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’