Talkin' Bout [Infosec] News

ORIGINALLY AIRED ON FEBRUARY 28, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Off-Brand Trickx 00:43 – BHIS – Talkin’ Bout [infosec] News 2022-02-28 02:40 – BHIS Anti-Vigilante PSA 04:17 – Biden has been presented with options for massive cyberattacks against Russia – https://www.nbcnews.com/politics/national-security/biden-presented-options-massive-cyberattacks-russia-rcna17558?mc_cid=e57638ad42 09:46 – Russia has been preparing to have […] The post Talkin’ About Infosec News – 3/4/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Off-Brand Trickx (00:43) - BHIS - Talkin' Bout [infosec] News 2022-02-28 (02:40) - BHIS Anti-Vigilante PSA (04:17) - Biden has been presented with options for massive cyberattacks against Russia (09:46) - Russia has been preparing to have its internet cut off (12:45) - Conti ransomware gang chats leaked by pro-Ukraine member (14:43) - 'Hundreds of computers' in Ukraine hit with wiper malware as conflict continues (18:04) - NVIDIA Hit By Major Cyberattack That May Have ‘Completely Compromised’ Parts of Its Business (22:28) - A SWIFT discussion ( no article ) (28:59) - Russia started blocking Tor (32:28) - Elon Musk pledges to send Starlink terminals to Ukraine (36:10) - Insurance giant AON hit by a cyberattack over the weekend (46:02) - People & orgs providing FREE cyber services to Ukrainians (52:39) - Threatbutt Internet Hacking Attack Attribution Map

ORIGINALLY AIRED ON FEBRUARY 21, 2022 Articles discussed in this episode: 02:36 – Story # 1: Massive cyberattack takes Ukraine military, big bank websites offline – https://www.theregister.com/2022/02/15/ukraine_cyberattack/ 04:26 – Story # 2: The Elite Hackers of the FSB – https://interaktiv.br.de/elite-hacker-fsb/en/index.html 07:47 – Story # 3: Exclusive: FBI Braces for Russian Cyber Attacks in US as […] The post Talkin’ About Infosec News – 3/1/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-02-21 (02:36) - Story # 1: Massive cyberattack takes Ukraine military, big bank websites offline (04:26) - Story # 2: The Elite Hackers of the FSB (07:47) - Story # 3: Exclusive: FBI Braces for Russian Cyber Attacks in US as Ukraine Tensions Rise (18:22) - Story # 4: Microsoft Defender will soon block Windows password theft (22:28) - Story # 5: Dad takes down town's internet by mistake to get his kids offline (28:50) - Story # 6: Akamai acquires Linode for $900M (34:49) - Story # 7: Microsoft eyeing deal to buy cybersecurity firm Mandiant -Bloomberg (40:00) - Story # 8: If the Cloud Is More Secure, Then Why Is Everything Still Broken? (44:40) - Story # 9: Never, Ever, Ever Use Pixelation for Redacting Text

ORIGINALLY AIRED ON FEBRUARY 7, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — I’m a Rocket Mail 01:21 – BHIS – Talkin’ Bout [infosec] News 2022-02-07 02:18 – Story # 1: Be Careful When Sharing Data in Photos – https://twitter.com/amateuradam/status/1490394034900197388 03:44 – Story # 2: China-Linked Group Attacked Taiwanese Financial Firms for […] The post Talkin’ About Infosec News – 2/11/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — I'm a Rocket Mail (01:21) - BHIS - Talkin' Bout [infosec] News 2022-02-07 (02:18) - Story # 1: Be Careful When Sharing Data in Photos (03:44) - Story # 2: China-Linked Group Attacked Taiwanese Financial Firms for 18 Months (20:56) - Story # 3: Microsoft to block internet macros by default in five Office applications (28:11) - Story # 4: Apple's Privacy Measures to Cost Facebook $10 Billion in 2022 (47:27) - Noisy browser plugin (51:15) - Cool Leather Jackets

ORIGINALLY AIRED ON JANUARY 31, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Legions of the Undead 01:26 – BHIS – Talkin’ Bout [infosec] News 2022-01-31 04:06 – Story # 1: Hacktivists say they hacked Belarus rail system to stop Russian military buildup – https://arstechnica.com/information-technology/2022/01/hactivists-say-they-hacked-belarus-rail-system-to-stop-russian-military-buildup/ 08:46 – Story # 2: Ukrainian government […] The post Talkin’ About Infosec News – 2/4/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Legions of the Undead (01:26) - BHIS - Talkin' Bout [infosec] News 2022-01-31 (04:06) - Story # 1: Hactivists say they hacked Belarus rail system to stop Russian military buildup (08:46) - Story # 2: Ukrainian government calls out false flag operation in recent data wiping attack (11:18) - Story # 3: Ukrainian cyber defense in need of upgrades as tensions rise (17:32) - Story # 4: DoD weapons testers to assess cybersecurity of GPS satellites, ground system and user equipment (24:50) - Story # 5: FBI Reportedly Considered Buying NSO Spyware (28:02) - Story # 6: Hacking the Apple Webcam (again) (30:36) - Story # 7: Microsoft Teams users can now chat with any Teams user outside their organization (34:11) - Story # 7b: https://twitter.com/rucam365/status/1487861808081915906 (38:15) - Story # 8: Lazarus hackers use Windows Update to deploy malware (41:38) - Story # 9: Elon Musk Tried To Pay A Teen Thousands Of Dollars To Stop Tracking His Plane (45:36) - Story # 10: 1.5M US bank cards have been hacked: NordVPN (51:15) - Story # 11: 2FA app with 10,000 Google Play downloads loaded well-known banking trojan (54:50) - Story # 12: Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

ORIGINALLY AIRED ON JANUARY 24, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — The Monkey Dance 00:25 – BHIS – Talkin’ Bout [infosec] News 2022-01-24 01:49 – Story # 1: New Log4j attacks target SolarWinds, ZyXEL devices – https://therecord.media/new-log4j-attacks-target-solarwinds-zyxel-devices/ 08:18 – Story # 2: New MoonBounce UEFI bootkit can’t be removed by […] The post Talkin’ About Infosec News – 1/27/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — The Monkey Dance (00:25) - BHIS - Talkin' Bout [infosec] News 2022-01-24 (01:49) - Story # 1: New Log4j attacks target SolarWinds, ZyXEL devices (08:18) - Story # 2: New MoonBounce UEFI bootkit can’t be removed by replacing the hard drive (13:18) - Story # 3: Crypto.com finally confirms major hack, says it lost $34 million (15:53) - Story # 3b: Coinbase Hack (21:47) - Story # 4: Hackers From North Korea Stole Millions Of Dollars From Cryptocurrency Startups All Across The World (26:42) - Story # 5: Mixed Messages: Busting Box’s MFA Methods (35:06) - Story # 6: School District reports a 334% hike in cybersecurity insurance costs (38:42) - Story # 7: Europol takes down VPNLab, a service used by ransomware gangs (42:12) - Story # 8: Why this threat intelligence expert believes cyberattacks aren’t Ukraine’s biggest concern

ORIGINALLY AIRED ON JANUARY 17, 2022 Articles discussed in this episode: 0:00:00 – PreShow Banter™ — Whose Ears Are Buring? 0:01:06 – BHIS – Talkin’ Bout [infosec] News 2022-01-17 0:02:27 – Story # 1: Russia takes down REvil hacking group at U.S. request – https://www.reuters.com/technology/russia-arrests-dismantles-revil-hacking-group-us-request-report-2022-01-14/ 0:07:00 – Story # 2: White House: Arrested Russian hacker […] The post Talkin’ About Infosec News – 1/21/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Who's Ears Are Buring? (01:06) - BHIS - Talkin' Bout [infosec] News 2022-01-17 (02:27) - Story # 1: Russia takes down REvil hacking group at U.S. request (07:00) - Story # 2: White House: Arrested Russian hacker was behind Colonial Pipeline attack (09:29) - Story # 3: Hotel chain switches to Chrome OS to recover from ransomware attack (15:22) - Story # 4: QNAP issues ransomware warning to users (19:56) - Story # 5: Backdoor RAT for Windows, macOS, and Linux went undetected until now (24:50) - Story # 6: Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time (30:02) - Story # 7: New macOS vulnerability, “powerdir,” could lead to unauthorized user data access (35:26) - Story # 8: Revealed: UK Gov’t Plans Publicity Blitz to Undermine Privacy of Your Chats (36:52) - Story # 9: Apple under fire for iPhone encryption technology – Telegraph.co.uk (44:14) - Story # 10: Scammers put fake QR codes on parking meters to intercept parkers’ payments (50:38) - Story # 11: Chrome will limit access to private networks, citing security reasons (54:57) - Story # 12: Cyberattack causes Albuquerque Public Schools to cancel classes Thursday (01:03:15) - Talkin Bout Keyboards

ORIGINALLY AIRED ON JANUARY 10, 2022 Articles discussed in this episode: 01:58 – Story # 1: WordPress Core Vulnerabilities – https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/#close 11:32 – Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites – https://therecord.media/card-stealing-code-found-on-more-than-100-sothebys-luxury-real-estate-sites/ 14:55 – Story # 3: France hits Facebook & Google with $210 million in fines – https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/ […] The post Talkin’ About Infosec News – 1/14/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-01-10 (01:58) - Story # 1: WordPress Core Vulnerabilities (11:32) - Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites (14:55) - Story # 3: France hits Facebook & Google with $210 million in fines (22:14) - Story # 4: Pwn2Own, ShmooCon security conferences postponed due to COVID-19 surge (24:48) - Story # 5: BREAKING! Cyber Threat Map (27:21) - Story # 6: Open source developer corrupts widely-used libraries (34:38) - Story # 7: FTC warns companies to remediate Log4j security vulnerability (39:58) - Story # 8: Trojanized dnSpy app drops malware cocktail (45:33) - Story # 9: Norton 360 Cryptominer (55:56) - Hot Takes and Sadness

ORIGINALLY AIRED ON JANUARY 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Who’s Job Is It Anyway? 00:20 – BHIS – Talkin’ Bout [infosec] News 2022-01-04 01:58 – Story # 1: iLOBleed Rootkit – https://thehackernews.com/2021/12/new-ilobleed-rootkit-targeting-hp.html 08:39 – Story # 2: Firmware attack can drop persistent malware in hidden SSD area – https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/ […] The post Talkin’ About Infosec News – 1/7/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Who's Job Is It Anyway? (00:20) - BHIS - Talkin' Bout [infosec] News 2022-01-04 (01:58) - Story # 1: iLOBleed Rootkit (08:39) - Story # 2: Firmware attack can drop persistent malware in hidden SSD area (17:35) - Story # 3: OverWatch Exposes AQUATIC PANDA (21:38) - Story # 4: Experts warn against storing passwords in Chrome (42:16) - –Official Report: Not Responsible for the Information Super Highway

This is a special joint webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand.  In this webcast, we cover the recent wave of attacks we are seeing, and we cover some of the history that got us to where we are. Consider this to […] The post Webcast: New Wave of Ransomware Attacks: How did this happen? appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON DECEMBER 20, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — Getting Nerdy With It 04:18 – BHIS – Talkin’ Bout [infosec] News 2021-12-20 – The Final Broadcast … of 2021 05:34 – Story # 1: Apple releases Android app to find rogue AirTags – https://therecord.media/apple-releases-android-app-to-find-malicious-airtags/ 18:24 – Story # […] The post Talkin’ About Infosec News – 12/22/2021 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Getting Nerdy With It (04:18) - BHIS - Talkin' Bout [infosec] News 2021-12-20 – The Final Broadcast ... of 2021 (05:34) - Story # 1: Apple releases Android app to find rogue AirTags - https://therecord.media/apple-releases-android-app-to-find-malicious-airtags/ (18:24) - Story # 2: A Summary of Sorts - The Tale of 2021 (21:40) - Story # 3: Kronos hit with ransomware - https://www.zdnet.com/article/hr-platform-kronos-brought-down-by-ransomware-attack-ukg-warns-of-data-breach/ (22:19) - Story # 4: 300,000 MikroTik Devices Found Vulnerable - https://thehackernews.com/2021/12/over-300000-mikrotik-devices-found.html (26:51) - Story # 5: WordPress Sites Under Cyberattack - https://thehackernews.com/2021/12/16-million-wordpress-sites-under.html (28:45) - Story # 6: Firefox password leak via Windows Cloud Clipboard - https://therecord.media/firefox-fixes-password-leak-via-windows-cloud-clipboard-feature/ (36:33) - Story # 7: Android Application Testing Using Windows 11 - https://sensepost.com/blog/2021/android-application-testing-using-windows-11-and-windows-subsystem-for-android/ (37:43) - Story # 8: Verizon overrides users’ opt-out - https://arstechnica.com/information-technology/2021/12/verizon-ignored-users-previous-opt-outs-in-latest-push-to-scan-web-browsing/ (43:15) - Story # 9: Volvo cyber security breach - https://www.media.volvocars.com/global/en-gb/media/pressreleases/292817/notice-of-cyber-security-breach-by-third-party-1