Talkin' Bout [Infosec] News

ORIGINALLY AIRED ON MAY 16, 2022 Articles discussed in this episode: 00:56 – Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors – https://threatpost.com/microsofts-may-patch-tuesday-updates-cause-windows-ad-authentication-errors/179631/ 08:56 – Update rings for Windows 10 and later policy in Intune – https://docs.microsoft.com/en-us/mem/intune/protect/windows-10-update-rings 09:06 – Infosec Weather Report With Bud Patches – 12:26 – FBI, CISA, and NSA warn […] The post Talkin’ About Infosec News – 5/16/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-05-16 (01:02) - Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors (09:17) - Update rings for Windows 10 and later policy in Intune (09:31) - Infosec Weather Report With Bud Patches (12:26) - FBI, CISA, and NSA warn of hackers increasingly targeting MSPs (17:57) - Ransomware has gone down because sanctions against Russia are making life harder for attackers (27:55) - Conti Ransomware Attack Spurs State of Emergency in Costa Rica (31:19) - BPFDoor — an active Chinese global surveillance tool (38:55) - Lincoln College to Close Permanently After Ransomware Attack (43:47) - Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) (53:20) - Malware Can Be Loaded Even Onto Phones That Are Turned Off, Researchers Show

ORIGINALLY AIRED ON MAY 9, 2022 Articles discussed in this episode: 00:00 – Bud Patches Reporting 02:27 – BHIS – Talkin’ Bout [infosec] News 2022-05-09 03:47 – Story # 1 […] The post Talkin’ About Infosec News – 5/9/2022 appeared first on Black Hills Information Security. (00:00) - Bud Patches Reporting (02:27) - BHIS - Talkin' Bout [infosec] News 2022-05-09 (03:47) - Story # 1 - CISA Shields Up (09:44) - Story # 2 - Critical BIG-IP Remote Code Execution Vulnerability (29:25) - Story # 3 - Colonial Pipeline faces nearly $1m fine (38:02) - Story # 4 - Another Set of Joker Trojan-Laced Android Apps Resurfaces on Google Play Store (45:15) - Story # 5 – FBI: Rise in Business Email-based Attacks is a $43B Headache

ORIGINALLY AIRED ON APRIL 25, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Broken Twitter Finger 01:38 – ISO – Talkin’ Bout [infosec] News 2022-04-26 03:08 – […] The post Talkin’ About Infosec News – 4/25/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Broken Twitter Finger (01:57) - Talkin' Bout [infosec] News 2022-04-26 (03:23) - Elon Buys Twitter (09:28) - Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code (16:14) - Threat actors exploited more zero-day vulnerabilities in 2021 (27:12) - FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware (41:18) - Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability (45:22) - New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices (51:52) - The War in Ukraine – Everyone Could Help. Volunteer centre “Palyanycia”, Zaporizhzhya (53:24) - Antisyphon Training on Twitch

ORIGINALLY AIRED ON APRIL 18, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-04-18 02:05 – Current Activity | CISA | https://www.cisa.gov/uscert/ncas/current-activity 02:58 – CISA orders agencies to fix actively exploited VMware, Chrome bugs | https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-fix-actively-exploited-vmware-chrome-bugs/ 08:45 – Russian invasion of Ukraine exposes cybersecurity threat to commercial satellites | […] The post Talkin’ About Infosec News – 4/25/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-04-18 (02:09) - Current Activity | CISA (03:04) - CISA orders agencies to fix actively exploited VMware, Chrome bugs (08:46) - Russian invasion of Ukraine exposes cybersecurity threat to commercial satellites (11:06) - Leaked documents show notorious ransomware group has an HR department, performance reviews and an ‘employee of the month’ (15:48) - Hacking forum taken offline and UK suspect arrested (19:35) - GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens (23:55) - AWS API Keys Token - Canary Tokens (25:36) - First Malware Targeting AWS Lambda Serverless Platform Discovered (27:05) - Make phishing great again. VSTO office files are the new macro nightmare? (33:49) - my university financial hardship PHISHING exercise... (36:01) - 25% Of Workers Lost Their Jobs In The Past 12 Months After Making Cybersecurity Mistakes (46:49) - Elon Musk Believes Twitter Algorithm Should Be Open-Source

ORIGINALLY AIRED ON APRIL 11, 2022 Articles discussed in this episode: The US Navy had cybersecurity wrong. Expect change. – https://www.c4isrnet.com/digital-show-dailies/navy-league/2022/04/05/us-navy-had-cybersecurity-wrong-expect-change/ Hackers have found a clever new way to steal your Microsoft 365 credentials. – https://www.techradar.com/news/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials Exclusive: Senior EU officials were targeted with Israeli spyware. – https://www.reuters.com/technology/exclusive-senior-eu-officials-were-targeted-with-israeli-spyware-sources-2022-04-11/ Snap-on discloses data breach claimed by Conti ransomware […] The post Talkin’ About Infosec News – 4/12/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-02-11 (02:21) - The US Navy had cybersecurity wrong. Expect change. (17:23) - Hackers have found a clever new way to steal your Microsoft 365 credentials (21:17) - Exclusive: Senior EU officials were targeted with Israeli spyware (28:40) - Snap-on discloses data breach claimed by Conti ransomware gang (37:26) - Bearded Barbie hackers catfish high ranking Israeli officials (44:02) - Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) (47:47) - WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers (55:09) - Ukrainians use 'Find My iPhone' to see where Russians took their stolen Apple devices

ORIGINALLY AIRED ON APRIL 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Blame it on the Intern 06:24 – Spring Time for Java – https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework 09:10 – GitLab for Account Access – https://www.bleepingcomputer.com/news/security/critical-gitlab-vulnerability-lets-attackers-take-over-accounts/ 10:33 – No Passwords for Okta – https://www.bleepingcomputer.com/news/security/sitel-on-okta-breach-spreadsheet-did-not-contain-passwords/ 11:11 – Legacy Networks for Okta – https://therecord.media/sitel-blames-okta-breach-on-legacy-network-from-acquisition/ 12:40 – […] The post Talkin’ About Infosec News – 4/6/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Blame it on the Intern (06:24) - Spring Time for Java (09:10) - GitLab for Account Access (10:33) - No Passwords for Okta (11:11) - Legacy Networks for OKta - https://therecord.media/sitel-blames-okta-breach-on-legacy-network-from-acquisition/ (12:40) - Lawsuit for Ubiquity (17:01) - MITRE ATT&CK for EDMs (21:17) - Breach for Mailchimp (30:54) - 15 Characters for John (40:17) - Data Requests for Apple (46:52) - Drones for Ukraine

ORIGINALLY AIRED ON MARCH 28, 2022 Articles discussed in this episode: 01:42 – Suspected Okta hackers arrested by British police – https://www.reuters.com/world/uk/british-police-say-seven-people-arrested-after-okta-hack-2022-03-24/ 11:16 – A Closer Look at the LAPSUS$ Data Extortion Group – https://krebsonsecurity.com/2022/03/a-closer-look-at-the-lapsus-data-extortion-group/ 14:04 – Anonymous Starts ‘Huge’ Data Dump That Will ‘Blow Russia Away,’ Leaks Rostproekt Emails – https://www.ibtimes.com/anonymous-starts-huge-data-dump-will-blow-russia-away-leaks-rostproekt-emails-3452789 22:28 – Most […] The post Talkin’ About Infosec News – 3/31/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-03-28 (01:42) - Suspected Okta hackers arrested by British police (11:16) - A Closer Look at the LAPSUS$ Data Extortion Group (14:04) - Anonymous Starts 'Huge' Data Dump That Will 'Blow Russia Away,' Leaks Rostproekt Emails (22:28) - Most Severe’ Cyberattack Since Russian Invasion Crashes Ukraine Internet Provider (27:53) - Man linked to multi-million dollar ransomware attacks gets 66 months in prison for online fraud (34:17) - Greece’s national postal service restoring systems after ransomware attack (37:02) - FCC puts Kaspersky on security threat list, says it poses “unacceptable risk” (42:07) - We blocked North Korea's Chrome exploit, says Google (43:43) - North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets (47:08) - New Variant of Chinese Gimmick Malware Targeting macOS Users (49:57) - Hackers remotely start, unlock Honda Civics with $300 tech (55:08) - https://flipperzero.one/

ORIGINALLY AIRED ON MARCH 22, 2022 Articles discussed in this episode: 00:00 – BHIS – 2022-03-22 Special Newscast –Okta and Microsoft — Everything’s not burning down 10:27 – https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/okta 13:29 – https://github.com/elastic/detection-rules/tree/main/rules/integrations/okta 18:20 – https://www.dsolutionsgroup.com/pci-dss-password-requirements/ 27:44 – https://twitter.com/BushidoToken/status/1506338850557337603 The post Talkin’ About Infosec News – 3/30/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - 2022-03-22 Special Newscast –Okta and Microsoft — Everything's not burning down (10:27) - https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/okta (13:29) - https://github.com/elastic/detection-rules/tree/main/rules/integrations/okta (18:20) - https://www.dsolutionsgroup.com/pci-dss-password-requirements/#:~:text=According%20to%20PCI%20DSS%2C%20employees,bare%20minimum%20for%20password%20security (27:44) - https://twitter.com/BushidoToken/status/1506338850557337603

ORIGINALLY AIRED ON MARCH 21, 2022 Articles discussed in this episode: 03:27 – Netflix to clamp down on password sharing – https://about.netflix.com/en/news/paying-to-share-netflix-outside-your-household 10:15 – Ransomeware is still a thing 12:31 – Ransomeware Tell-All – https://www.zdnet.com/article/hit-by-ransomware-or-paid-a-ransom-now-some-companies-will-have-to-tell-the-government/ 24:01 – Microsoft Defender tags Office Updates as ransomware – https://www.bleepingcomputer.com/news/security/microsoft-defender-tags-office-updates-as-ransomware-activity/ 31:01 – Microsft Double Patch Tuesday – https://www.bleepingcomputer.com/news/microsoft/windows-zero-day-flaw-giving-admin-rights-gets-unofficial-patch-again/ 32:28 […] The post Talkin’ About Infosec News – 3/29/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-03-21 (03:27) - Netflix to clamp down on password sharing (10:15) - Ransomeware is still a thing (12:31) - Ransomeware Tell-All (24:01) - Microsoft Defender tags Office Updates as ransomware (31:01) - Microsft Double Patch Tuesday (32:28) - BitB attack (39:44) - Women make up just 24% of the cyber workforce

ORIGINALLY AIRED ON MARCH 7, 2022 Articles discussed in this episode: 00:08:57 – Hacker Group Anonymous and Others Targeting Russian Data – https://www.websiteplanet.com/blog/cyberwarfare-ukraine-anonymous/ The post Talkin’ About Infosec News – Special Ukraine Edition – 3/10/2022 appeared first on Black Hills Information Security. (00:00) - Start (08:57) - Hacker Group Anonymous and Others Targeting Russian Data