Talkin' Bout [Infosec] News

ORIGINALLY AIRED ON AUGUST 23, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — A Case of the Mondays 04:14 – Talkin’ Bout [InfoSec] News 2021-08-23 05:24 – Story # 1: https://www.scmagazine.com/analysis/vulnerability-management/as-fortinet-spars-with-rapid7-what-can-everyone-else-learn-about-disclosure 09:03 – Story # 2: https://www.bleepingcomputer.com/news/security/atandt-denies-data-breach-after-hacker-auctions-70-million-user-database/ 14:50 – Story # 3: https://www.nytimes.com/2021/08/20/world/asia/afghanistan-facebook.html 21:01 – Story # 4: https://wgme.com/news/local/rural-sewage-plants-hit-by-ransomware-attacks-in-maine 31:23 – Story # 5: https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html 41:39 – Story # 6: https://cyberworkx.in/2021/08/22/mozi-botnet-uses-web-traffic-for-infecting-victims/ 42:10 – Story # 6b: https://www.bleepingcomputer.com/news/security/cisco-won-t-fix-zero-day-rce-vulnerability-in-end-of-life-vpn-routers/ 51:27 – Story # 7: https://twitter.com/j0nh4t/status/1429049506021138437 Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 3,795 other subscribers Email Address (00:00) - PreShow Banter™ — A Case of the Mondays (04:14) - Talkin' Bout [InfoSec] News 2021-08-23 (05:24) - Story # 1: https://www.scmagazine.com/analysis/vulnerability-management/as-fortinet-spars-with-rapid7-what-can-everyone-else-learn-about-disclosure (09:03) - Story # 2: https://www.bleepingcomputer.com/news/security/atandt-denies-data-breach-after-hacker-auctions-70-million-user-database/ (14:50) - Story # 3: https://www.nytimes.com/2021/08/20/world/asia/afghanistan-facebook.html (21:01) - Story # 4: https://wgme.com/news/local/rural-sewage-plants-hit-by-ransomware-attacks-in-maine (31:23) - Story # 5: https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html (41:39) - Story # 6: https://cyberworkx.in/2021/08/22/mozi-botnet-uses-web-traffic-for-infecting-victims/ (42:09) - Story # 6b: https://www.bleepingcomputer.com/news/security/cisco-won-t-fix-zero-day-rce-vulnerability-in-end-of-life-vpn-routers/ (51:27) - Story # 7: https://twitter.com/j0nh4t/status/1429049506021138437

ORIGINALLY AIRED ON AUGUST 16, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-16 01:34 – Story # 1: https://youtu.be/WqD-ATqw3js 05:50 – Story # 2: https://cyberworkx.in/2021/08/11/accenture-data-is-on-darkweb-ransomware-group-threatens-to-release-it-for-public/ 09:54 – Story # 3: https://www.vice.com/en/article/akg8wg/tmobile-investigating-customer-data-breach-100-million 13:37 – Story # 4: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-the-general-availability-of-windows-365/ba-p/2595481 17:00 – Story # 4b: https://www.theverge.com/2021/8/4/22609090/microsoft-365-free-trials-cloud-pcs-demand-trials 19:56 – Story # 5: https://cyberworkx.in/2021/08/09/hacker-exploiting-authentication-bypass-bug-on-millions-of-routers/ 33:19 – Story # 6: https://techcrunch.com/2021/08/02/amazon-credit-palm-biometrics/ 40:52 – Story # 7: https://www.pcgamer.com/discord-malware-persistence-sophos-report/ 44:09 – Story # 8: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/ 46:48 – Story # 9: https://portswigger.net/daily-swig/black-hat-usa-http-2-flaws-expose-organizations-to-fresh-wave-of-request-smuggling-attacks Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, (00:00) - BHIS | Talkin' Bout News 2021-08-16 (01:34) - Story # 1: https://youtu.be/WqD-ATqw3js (05:50) - Story # 2: https://cyberworkx.in/2021/08/11/accenture-data-is-on-darkweb-ransomware-group-threatens-to-release-it-for-public/ (09:54) - Story # 4 https://www.vice.com/en/article/akg8wg/tmobile-investigating-customer-data-breach-100-million (13:37) - Story # 5: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-the-general-availability-of-windows-365/ba-p/2595481 (17:00) - Story # 5b: https://www.theverge.com/2021/8/4/22609090/microsoft-365-free-trials-cloud-pcs-demand-trials (19:56) - Story # 6: https://cyberworkx.in/2021/08/09/hacker-exploiting-authentication-bypass-bug-on-millions-of-routers/ (33:19) - Story # 7: https://techcrunch.com/2021/08/02/amazon-credit-palm-biometrics/ (40:52) - Story # 8: https://www.pcgamer.com/discord-malware-persistence-sophos-report/ (44:09) - Story # 9: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/ (46:48) - Story # 10: https://portswigger.net/daily-swig/black-hat-usa-http-2-flaws-expose-organizations-to-fresh-wave-of-request-smuggling-attacks

Originally Aired on August 10, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-10 — The Ransomware Intro 03:18 – Story # 1: https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life 15:58 – Story # 2: https://www.securityweek.com/details-emerge-iranian-railroad-cyberattack 32:34 – Story # 3: https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/ 36:19 – Story # 4: https://www.raccoonvalleyradio.com/2021/08/02/men-file-lawsuit-against-dallas-county-sheriff/ 44:22 – Story # 5: https://therecord.media/disgruntled-ransomware-affiliate-leaks-the-conti-gangs-technical-manuals/ 52:20 – Story # 6: https://therecord.media/motherboard-vendor-gigabyte-hit-by-ransomexx-ransomware-gang/ Awareness Con Playlist * https://www.youtube.com/playlist?list=PLqz80p7f6dFuuqMCqdhCKCmhCtg88BPz6 The Ransomeware Song – Forrest Brazeal – Used With Permission * https://youtu.be/d2dsI8NvdCU (Thanks to BHIS Discord user @toekneewhyknot for the recommendation) Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 3,768 other subscribers Email Address

Originally Aired on August 10, 2021 Articles discussed in this episode: https://youtu.be/JTPa1rGq7qk 00:00 - BHIS | Talkin’ Bout News 2021-08-10 — The Ransomware Intro 03:18 - Story # 1: https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life 15:58 - Story # 2: https://www.securityweek.com/details-emerge-iranian-railroad-cyberattack 32:34 - Story # 3: https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/ 36:19 - Story # 4: https://www.raccoonvalleyradio.com/2021/08/02/men-file-lawsuit-against-dallas-county-sheriff/ 44:22 - Story # 5: https://therecord.media/disgruntled-ransomware-affiliate-leaks-the-conti-gangs-technical-manuals/ 52:20 - Story # 6: https://therecord.media/motherboard-vendor-gigabyte-hit-by-ransomexx-ransomware-gang/ Awareness Con Playlist https://www.youtube.com/playlist?list=PLqz80p7f6dFuuqMCqdhCKCmhCtg88BPz6 The Ransomeware Song - Forrest Brazeal - Used With Permission https://youtu.be/d2dsI8NvdCU (Thanks to BHIS Discord user @toekneewhyknot for the recommendation)

Originally Aired on August 2, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-02 — Gold Foil Hats 05:18 – Story # 1: https://hothardware.com/news/microsoft-printnightmare-hack-grants-windows-admin-privileges 10:40 – Story # 2: https://www.wsj.com/articles/amazon-hit-with-record-eu-privacy-fine-11627646144 28:43 – LINK : Social Zombies – https://vimeo.com/6307559 31:54 – LINK: The Great Hack – https://youtu.be/iX8GxLP1FHo 32:24 – Story # 3: https://thehackernews.com/2021/08/solarmarker-infostealer-malware-once.html 43:58 – Story # 4: https://www.nytimes.com/2021/07/31/opinion/sunday/russia-ransomware-hacking.html 54:33 – [Post]Show Banter™ – Goldfoil Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 3,719 other subscribers Email Address Subscribe (00:00) - BHIS | Talkin' Bout News 2021-08-03 — Gold Foil Hats (05:18) - Story # 1: https://hothardware.com/news/microsoft-printnightmare-hack-grants-windows-admin-privileges (10:40) - Story # 2: https://www.wsj.com/articles/amazon-hit-with-record-eu-privacy-fine-11627646144 (28:43) - LINK : Social Zombies - https://vimeo.com/6307559 (31:54) - LINK: The Great Hack – https://youtu.be/iX8GxLP1FHo (32:24) - Story # 3: https://thehackernews.com/2021/08/solarmarker-infostealer-malware-once.html (43:58) - Story # 4: https://www.nytimes.com/2021/07/31/opinion/sunday/russia-ransomware-hacking.html (54:33) - [Post]Show Banter™ - Goldfoil

ORIGINALLY AIRED ON JULY 26, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-26 03:54 – Story # 1: https://cyberworkx.in/2021/07/24/new-windows-attack-petitpotam-forces-windows-hosts-to-share-ntlm-hashes/ 18:53 – Story # 2: https://thehackernews.com/2021/07/how-to-mitigate-microsoft-windows-10-11.html 30:26 – Story # 3: https://cyberworkx.in/2021/07/23/kaseya-received-the-universal-decryptor-for-revil-ransomware-attack/ 51:48 – Random Crap

Originally Aired on July 26, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-26 03:54 – Story # 1: https://cyberworkx.in/2021/07/24/new-windows-attack-petitpotam-forces-windows-hosts-to-share-ntlm-hashes/ 18:53 – Story # 2: https://thehackernews.com/2021/07/how-to-mitigate-microsoft-windows-10-11.html 30:26 – Story # 3: https://cyberworkx.in/2021/07/23/kaseya-received-the-universal-decryptor-for-revil-ransomware-attack/ 51:48 – Random Crap Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 3,696 other subscribers Email Address Subscribe

We’ve been having a problem with people that want to play with Security Onion or RITA at home. If a home router does not have a mirror port it can be difficult to try cool/free network monitoring tools. Sure, one could buy another router that has those features. But it is far easier to not do that. So, people don’t. Time goes on and they never get to play with the free enterprise-level cool tools at work or at home. However, there are a couple of ways to set up full network monitoring at home. No taps, no mirrored ports, no expensive/obscure devices to buy. In fact, the more basic and crappy the wireless router/switch is, the better these techniques work. So, in this Black Hills Information Security (BHIS) webcast, we will give you a super easy and hacky way to get open-source enterprise network monitoring up and running at home in no time flat. Recorded • 2021-04-15 Join the BHIS Community Discord: https://discord.gg/bhis 00:00 – FEATURE PRESENTATION: No SPAN Port? No Tap? No Problem! 06:00 – Mental Blocks 10:52 – Solution to Mental Blocks 16:26 – ARP Cache Poisoning 33:26 – Step One: Ubuntu 34:36 – Step Two: RITA/Zeek/Mongo 36:45 – Step Three: Install Bettercap 38:09 – Step Four: Start Bettercap 39:52 – Step Five: Advanced – arp-spoof 45:46 – Success! 47:08 – RITA: Import & Analyze 49:42 – RITA: Beacons 52:35 – What Now? 58:29 – QnA [Post]Show Job Hunting – https://youtu. (00:00) - FEATURE PRESENTATION: No SPAN Port? No Tap? No Problem! (06:00) - Mental Blocks (09:41) - LINK : https://wildwesthackinfest.com/antisyphon//soc-core-skills-john-strand/ (10:49) - Solution to Mental Blocks (16:13) - ARP Cache Poisoning (33:06) - Step One: Ubuntu (34:15) - Step Two: RITA/Zeek/Mongo (36:19) - Step Three: Install Bettercap (37:42) - Step Four: Start Bettercap (39:25) - Step Five: Advanced > arp-spoof (45:16) - Success! (46:38) - RITA: Import & Analyze (49:09) - RITA: Beacons (52:01) - What Now? (57:47) - QnA

Originally Aired on July 19, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-19 02:18 – Story # 1: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm 13:15 – Story # 2: https://threatpost.com/attackers-target-florida-condo-collapse-victims/167917/ 16:00 – Story # 3: https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ 34:41 – Story # 4: https://thehackernews.com/2021/07/turns-out-that-low-risk-ios-wi-fi.html 42:36 – Story # 5: https://thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html 53:13 – [Post]Show Banter™ — Can’t Get Lumber Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 3,639 other subscribers Email Address Subscribe (00:00) - BHIS | Talkin' Bout News 2021-07-20 (02:18) - Story # 1: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm (13:15) - Story # 2: https://threatpost.com/attackers-target-florida-condo-collapse-victims/167917/ (16:00) - Story # 3: https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ (34:41) - Story # 4: https://thehackernews.com/2021/07/turns-out-that-low-risk-ios-wi-fi.html (42:36) - Story # 5: https://thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html (53:13) - [Post]Show Banter™ — Can't Get Lumber

Originally Aired on July 12, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-12 01:56 – Story # 1: https://www.bleepingcomputer.com/news/security/biden-asks-putin-to-crack-down-on-russian-based-ransomware-gangs/ 03:09 – Russia’s R.A.R.E. Program 03:54 – Story # 2: https://www.securityweek.com/solarwinds-confirms-new-zero-day-flaw-under-attack 05:33 – Story # 3: https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html 08:44 – Story # 4: https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html 11:53 – Story # 5: https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/ 15:31 – Story # 6: https://www.microsoft.com/security/blog/2021/07/12/microsoft-to-acquire-riskiq-to-strengthen-cybersecurity-of-digital-transformation-and-hybrid-work/ 18:42 – Story # 7: https://threatpost.com/lazarus-engineers-malicious-docs/167647/ 29:02 – Story # 8: https://www.bleepingcomputer.com/news/security/insurance-giant-cna-reports-data-breach-after-ransomware-attack/ 35:21 – Story # 9: https://thehackernews.com/2021/07/critical-flaws-reported-in-philips-vue.html 46:19 – Story # 10: https://www.bleepingcomputer.com/news/security/fashion-retailer-guess-discloses-data-breach-after-ransomware-attack/ 48:16 – Story # 11: https://www.securityweek.com/morgan-stanley-hit-accellion-hack-through-third-party-vendor 49:37 – PDF Doc Details: https://www.doj.nh. (00:00) - BHIS | Talkin' Bout News 2021-07-12 (01:56) - Story # 1: https://www.bleepingcomputer.com/news/security/biden-asks-putin-to-crack-down-on-russian-based-ransomware-gangs/ (03:09) - Russia's R.A.R.E. Program (Fan Graphic) (03:54) - Story # 2: https://www.securityweek.com/solarwinds-confirms-new-zero-day-flaw-under-attack (05:33) - Story # 3: https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html (08:44) - Story # 4: https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html (11:53) - Story # 5: https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/ (15:31) - Story # 6: https://www.microsoft.com/security/blog/2021/07/12/microsoft-to-acquire-riskiq-to-strengthen-cybersecurity-of-digital-transformation-and-hybrid-work/ (18:42) - Story # 7: https://threatpost.com/lazarus-engineers-malicious-docs/167647/ (29:02) - Story # 8: https://www.bleepingcomputer.com/news/security/insurance-giant-cna-reports-data-breach-after-ransomware-attack/ (35:21) - Story # 9: https://thehackernews.com/2021/07/critical-flaws-reported-in-philips-vue.html (46:19) - Story # 10: https://www.bleepingcomputer.com/news/security/fashion-retailer-guess-discloses-data-breach-after-ransomware-attack/ (48:16) - Story # 11: https://www.securityweek.com/morgan-stanley-hit-accellion-hack-through-third-party-vendor (49:37) - PDF Doc Details: https://www.doj.nh.gov/consumer/security-breaches/documents/morgan-stanley-20210702.pdf