Talkin' Bout [Infosec] News

 00:00 - PreShow Banter™ — Death to Clippy05:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-11 – Featuring Josh Mason06:58 - Story # 1: Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol, and sex13:43 - Story # 2: Top US cybersecurity agency hacked and forced to take some systems offline23:39 - Story # 3: Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’30:27 - Story # 4: FBI’s 2023 Internet Crime Report38:18 - Story # 5: QNAP warns of critical auth bypass flaw in its NAS devices50:42 - Story # 6: Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies (00:00) - PreShow Banter™ — Death to Clippy (05:18) - BHIS - Talkin' Bout [infosec] News 2024-03-11 – Featuring Josh Mason (06:58) - Story # 1: Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol and sex (13:43) - Story # 2: Top US cybersecurity agency hacked and forced to take some systems offline (23:39) - Story # 3: Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’ (30:27) - Story # 4: FBI's 2023 Internet Crime Report (38:18) - Story # 5: QNAP warns of critical auth bypass flaw in its NAS devices (50:42) - Story # 6: Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies

A weekly Podcast with BHIS and Friends. stories. We discuss notable Infosec, and infosec-adjacent news stories. Brought to you by: Black Hills Information Securityhttps://www.blackhillsinfosec.com/Antisyphon Traininghttps://www.antisyphontraining.com/Story # 1: Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concernhttps://www.whitehouse.gov/briefing-r...Story # 2: A leaky database spilled 2FA codes for the world’s tech giantshttps://techcrunch.com/2024/02/29/lea...Story # 3: eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operationhttps://www.darkreading.com/applicati...23:36 - LokiHakanin's related Post / sean-reilly-techopssec_8000-domains-of-tru...  Story # 4: Ivanti Connect Secure hackers hide in plain sight, evading protectionshttps://www.cybersecuritydive.com/new...Story # 5: Over 100,000 Infected Repos Found on GitHubhttps://apiiro.com/blog/malicious-cod...Story # 6: Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warnshttps://arstechnica.com/security/2024... (00:00) - PreShow Banter™ — Adopting Cats (00:43) - BHIS - Talkin' Bout [infosec] News 2024-03-04 (01:40) - Story # 1: Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (08:56) - Story # 2: A leaky database spilled 2FA codes for the world’s tech giants (20:14) - Story # 3: eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation (22:37) - LokiHakanin's related Post (31:37) - Story # 4: Ivanti Connect Secure hackers hide in plain sight, evading protections (39:44) - Story # 5: Over 100,000 Infected Repos Found on GitHub (48:44) - Story # 6: Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns

Story #1: Mr. Cooper leak exposes over two million customersStory #2: ConnectWise ScreenConnect attacks deliver malwareStory #3: LockBit Infrastructure Seized by US, UK PoliceStory #4: US health tech giant Change Healthcare hit by cyberattackStory #5: The reported leak of Chinese hacking documents supports experts’ warnings about how compromised the US could be (00:00) - PreShow Banter™ — It's a Wii Match (05:22) - BHIS - Talkin' Bout [infosec] News 2024-02-26 (07:10) - Story # 1: Mr. Cooper leak exposes over two million customers (17:42) - Story # 2: ConnectWise ScreenConnect attacks deliver malware (27:49) - Story # 3: LockBit Infrastructure Seized by US, UK Police (34:17) - Story # 4: US health tech giant Change Healthcare hit by cyberattack (39:43) - Story # 5: The reported leak of Chinese hacking documents supports experts' warnings about how compromised the US could be (53:24) - Story # 6: Vending machine error reveals secret face image database of college students

The post Talkin’ About Infosec News – 2/20/24 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 2/14/2024 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Fashion in Oregon (01:51) - BHIS - Talkin' Bout [infosec] News 2024-02-12 (08:54) - Story # 1: Ivanti devices hit by wave of exploits for latest security hole (31:53) - Story # 2: Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data (43:15) - Story # 3: Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros (54:13) - Story # 4: Feds Want to Ban the World’s Cutest Hacking Device. Experts Say It's a ‘Scapegoat’

The post Talkin’ About Infosec News – 2/6/24 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — 5 Min Webcasts (04:29) - BHIS - Talkin' Bout [infosec] News 2024-02-05 (09:06) - Story # 1: Thanksgiving 2023 security incident (22:09) - Story # 2: AnyDesk Incident Response 5-2-2024 (34:14) - Story # 3: Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ (50:13) - Story # 4: All federal civilian agencies ordered to disconnect at-risk Ivanti products by Friday

The podcast discusses various topics, including attending a race with sports cars, the Trace Labs Search Party CTF event, technical issues during the show, reliance on coffee and caffeine, the recent hacking incident involving SEC's Twitter account, Showdan search engine, Tesla hacking, and the NSA's data buying practices.

The post Talkin’ About Infosec News – 1/24/2024 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — There's More Than Swim Meets (01:21) - BHIS - Talkin' Bout [infosec] News 2024-01-22 (05:21) - Story # 1 : Florida bill banning youth from social media moves forward (14:19) - Story # 2 : Microsoft network breached through password-spraying by Russia-state hackers (21:38) - Story # 3 : This new data poisoning tool lets artists fight back against generative AI (28:50) - Story # 4: Top 3 Priorities for CISOs in 2024 (41:37) - Story # 5 : Inside the Massive Naz.API Credential Stuffing List (48:09) - Story # 6 : Jamf discovers new malware disguised as popular macOS apps

The post Talkin’ About Infosec News – 1/16/2024 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Book-It Steak Dinners (05:25) - BHIS - Talkin' Bout [infosec] News 2024-01-15 (08:01) - Most Offensive Con - (08:16) - Story # 1: Linux devices are under attack by a never-before-seen worm (21:09) - Story # 2: Hacker spins up 1 million virtual servers to illegally mine crypto (25:47) - Story # 3: Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks (29:33) - Podcast Self-Awareness (32:14) - Story # 4: Hospital IT help desks targeted by sophisticated social engineering schemes

The post Talkin’ About Infosec News – 1/10/24 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Welcome to 2025 (03:36) - BHIS - Talkin' Bout [infosec] News 2024-01-08 (05:30) - Story # 1: Law firm that handles data breaches was hit by data breach (10:36) - Story # 2: Fred Hutch patients get blackmail emails after cyberattack (17:55) - Story # 3: Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords (19:56) - Story # 3b: Privacy Harms – Daniel Solove (21:20) - Story # 4: 23andMe tells victims it’s their fault that their data was breached (33:12) - Story # 5: Hacked Mandiant X Account Abused for Cryptocurrency Theft (37:38) - Story # 6: Merck $1.4 Billion Cyberhack Settlement Ends ‘Warlike’ Act Claim (45:27) - Story # 7: Volkswagen is adding ChatGPT to its infotainment system (51:02) - Story # 8: US nuke reactor lab hit by 'gay furry hackers' demanding cat-human mutants