Talkin' Bout [Infosec] News

00:00 – PreShow Banter™ — Inflatable Turkey00:15 – BHIS – Talkin’ Bout [infosec] News 2022-11-2802:34 – Story # 1: Musk recruits engineers for “Twitter 2.0”https://arstechnica.com/tech-policy/2022/11/musk-recruits-engineers-for-twitter-2-0-after-mass-layoffs-and-resignations/06:28 – Story # 2: Security […] The post Talkin’ About Infosec News – 11/30/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Inflatable Turkey (00:15) - BHIS - Talkin' Bout [infosec] News 2022-11-28 (02:34) - Story # 1: Musk recruits engineers for “Twitter 2.0” (06:28) - Story # 2: Security experts are laying Mastodon's flaws bare (15:01) - Story # 3: 5.4 million Twitter users' stolen data leaked online — more shared privately (18:23) - Story # 4: 34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware (19:48) - Story # 5: Sonder confirms data breach, documents and other PII potentially compromised (27:49) - Story # 6: Why Medibank should have paid the hackers (30:43) - Story # 7: Hackers are locking out Mars Stealer operators from their own servers (33:42) - Story # 8: Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s network (40:09) - Story # 9: Over 1,600 Docker Hub Repositories Were Found to Hide Malware (46:25) - Story # 10: New Windows Server updates cause domain controller freezes, restarts (53:39) - Story # 11: Making Cobalt Strike harder for threat actors to abuse

00:00 – BHIS – Talkin’ Bout [infosec] News 2022-11-1402:26 – Story # 1: Hackers Dump Australian Health Records Online After Insurer Refuses to Pay Ransom– https://gizmodo.com/hackers-health-info-online-medibank-pay-onion-dark-web-184976074210:04 – Story # 2: TransUnion […] The post Talkin’ About Infosec News – 11/16/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-11-14 (02:26) - Story # 1: Hackers Dump Australian Health Records Online After Insurer Refuses to Pay Ransom (10:04) - Story # 2: TransUnion LLC Confirms Recent Data Breach with State Attorney General’s Office (18:08) - Story # 3: Russian LockBit ransomware operator arrested in Canada (22:58) - Story # 4: The downfall of FTX's Sam Bankman-Fried sends shockwaves through the crypto world (32:10) - Story # 4b: Coinsec Podcast. coinsecpodcast.com (40:23) - Story # 5: Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days (42:12) - Story # 6: Elon Musk is putting Twitter at risk of billions in fines, warns company lawyer (51:12) - Story # 7: https://infosec.exchange/explore (55:04) - Story # 8: Microsoft Windows Sysmon Elevation of Privilege Vulnerability (55:30) - Story # 8b: https://twitter.com/filip_dragovic/status/1590104354727436290

00:00 – PreShow Banter™ — A is for All Team00:33 – BHIS – Talkin’ Bout [infosec] News 2022-11-0703:56 – Story # 1: Musk to cut half of Twitter jobs and […] The post Talkin’ About Infosec News – 11/11/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — A is for All Team (00:33) - BHIS - Talkin' Bout [infosec] News 2022-11-07 (03:56) - Story # 1: Musk to cut half of Twitter jobs and end remote work for the rest, report says (18:56) - Story # 2: Dropbox Data Breach Another Multifactor Fail (19:43) - Story # 2b: Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories (24:24) - Story # 3: Hundreds of U.S. news sites push malware in supply-chain attack (28:38) - Story # 4: New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data (32:23) - Story # 5: A cyberattack blocked the trains in DenmarkSecurity Affairs (40:52) - Story # 6: Facebook probably has your phone number, even if you never shared it. Now it has a secret tool to let you delete it. (45:19) - Story # 7: China is likely stockpiling and deploying vulnerabilities, says Microsoft (48:44) - Story # 8: Hackers selling access to 576 corporate networks for $4 million

00:00 – PreShow Banter™ — Spook Show00:58 – BHIS – Talkin’ Bout [infosec] News 2022-10-3104:00 – Story # 1: OpenSSL warns of critical security vulnerability with upcoming patch– https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/04:42 – Story […] The post Talkin’ About Infosec News – 11/1/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Spook Show (00:58) - BHIS - Talkin' Bout [infosec] News 2022-10-31 (04:00) - Story # 1: OpenSSL warns of critical security vulnerability with upcoming patch (04:42) - Story # 1b: Notes on OpenSSL remote memory corruption (12:28) - Story # 2: GitHub Bug Exposed Repositories to Hijacking (16:20) - Story # 3: Gartner Identifies the Top 10 Strategic Technology Trends for 2023 (25:54) - Story # 4: Former U.K. Prime Minister Liz Truss’ Phone Allegedly Hacked By Kremlin Spies: Report (34:45) - Story # 5: New Azov data wiper tries to frame researchers and BleepingComputer

00:00 – PreShow Banter™ — Best WWHF Ever!00:31 – BHIS – Talkin’ Bout [infosec] News 2022-10-1704:55 – Story # 1: The Verge: Cybersecurity Week 2022– https://www.theverge.com/23365380/cybersecurity-week-series-phishing-encryption-device-security07:02 – Story # 2: Google […] The post Talkin’ About Infosec News – 10/17/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Best WWHF Ever! (00:31) - BHIS - Talkin' Bout [infosec] News 2022-10-17 (04:55) - Story # 1: The Verge: Cybersecurity Week 2022 (07:02) - Story # 2: Google Cybersecurity Action Team Threat Horizons Report #4 Is Out! (23:34) - Story # 3: Caffeine service lets anyone launch Microsoft 365 phishing attacks (28:05) - Story # 4: AirTags in Checked Baggage (31:55) - Story # 5: International crackdown on West-African financial crime rings (36:50) - Story # 6: Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack (38:17) - Story # 6b: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race (56:08) - Story # 6c: Brave New War: The Next Stage of Terrorism and the End of Globalization (58:18) - Bear Vs Bear Breaking News

00:00 – PreShow Banter™ — Dumpster Fire Friends03:07 – PreShow Banter™ — WHHF Deadwood – https://wildwesthackinfest.com/deadwood/ 03:48 – BHIS – Talkin’ Bout [infosec] News 2022-10-0307:37 – Story # 1: High-severity […] The post Talkin’ About Infosec News – 10/17/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Dumpster Fire Friends (03:07) - PreShow Banter™ — WHHF Deadwood (03:48) - BHIS - Talkin’ Bout [infosec] News 2022-10-03 (07:37) - Story # 1: High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers (19:30) - Story # 2: Stealthy hackers target military and weapons contractors in recent attack (25:52) - Story # 3: Putin grants Russian citizenship to Edward Snowden (29:09) - Story # 4: What the Securing Open Source Software Act does and what it misses (38:17) - Story # 4b: SecBSD Team (40:43) - Story # 5: New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons

02:28 – Story # 1: American Airlines Breach Exposes Customer and Staff Information– https://www.infosecurity-magazine.com/news/american-airlines-breach-customer/18:59 – Story # 2: London police arrest, charge teen hacking suspect but won’t confirm GTA 6, Uber […] The post Talkin’ About Infosec News – 10/5/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-09-26 (02:28) - Story # 1: American Airlines Breach Exposes Customer and Staff Information (18:59) - Story # 2: London police arrest, charge teen hacking suspect but won’t confirm GTA 6, Uber links (25:32) - Story # 3: LockBit ransomware builder leaked online by “angry developer” (30:11) - Story # 4: Malwarebytes blocks Google, YouTube as malware (32:14) - Story # 5: AdGuard’s new ad blocker struggles with Google’s Manifest v3 rules (37:29) - Story # 6: Adware on Google Play and Apple Store installed 13 million times (41:18) - Story # 7: Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data (50:55) - Story # 8: SIM Swapper Abducted, Beaten, Held for $200k Ransom

The post Talkin’ About Infosec News – 9/22/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Special Operations Gig (00:28) - BHIS - Talkin' Bout [infosec] News 2022-09-19 (02:45) - Story # 1: Uber Security Update (04:26) - Story # 1b: A teen hacked Uber and announced it in the company Slack. Employees thought it was a joke (30:01) - Story # 2: White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets (35:34) - Story # 3: GTA 6 source code and videos leaked after Rockstar Games hack (44:40) - Story # 4: Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs (47:47) - Story # 5: LockBit 3.0 Ransomware Victim: First bounty payout $50,000

The post Talkin’ About Infosec News – 9/13/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Forbidden Snacks (02:41) - BHIS - Talkin' Bout [infosec] News 2022-09-12 (04:54) - Story # 1: China Accuses US of 'Tens of Thousands' of Cyberattacks (12:13) - Story # 2: Hackers Honeytrap Russian Troops Into Sharing Location, Base Bombed: Report (18:33) - Story # 3: Inside Fog Data Science, the Secretive Company Selling Mass Surveillance to Local Police (44:13) - Story # 4: Ireland fines Instagram a record $400 mln over children's data (46:29) - Story # 5: FBI, Secret Service join Kentucky investigation into $4 million cybercrime theft (50:12) - Story # 6: New Ransomware Group BianLian Activity Exploding (51:41) - Story # 6b: https://canarytokens.org/generate#

The post Talkin’ About Infosec News – 9/9/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Accidental Furry Hoodies (02:19) - BHIS - Talkin' Bout [infosec] News 2022-08-29 (04:37) - Story # 1: Plex breach exposes usernames, emails, and encrypted passwords (09:06) - Story # 2: LastPass Breach (18:33) - Story # 3: DoorDash data breach exposes customer details (22:47) - Story # 4: Greek gas operator refuses to negotiate with ransomware group after attack (25:01) - Story # 5: Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies (35:46) - Story # 6: Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers (42:16) - Story # 7: Google opens up its experimental AI chatbot for public testing (45:22) - Story # 8: Microsoft finds critical hole in operating system that for once isn't Windows (46:56) - Story # 9: VMware confirms Carbon Black causes BSODs, boot loops on Windows (56:01) - Story # 10: Nato investigates hacker sale of missile firm data