Talkin' About [Infosec] News, Powered by Black Hills Information Security

00:00:00 - PreShow Banter™ — Coffee With Wade Wells00:05:41 - BHIS - Talkin’ Bout [infosec] News 2025-01-0600:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances00:13:18 - Things Continued to be ignored in 202500:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy00:48:38 - Story # 9: Meta’s AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps’ 12 big Chinese bots from a Shanghai showroom, shocks world00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware

00:00 - PreShow Banter™ — ChickenSec News Part 312:23 - BHIS - Talkin’ Bout [infosec] News 2024-12-1614:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers20:30 - Story # 2: Trump administration wants to go on cyber offensive against China32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks

00:00 - PreShow Banter™ — A Better Mike04:46 - BHIS - Talkin’ Bout [infosec] News 2024-12-0905:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online

00:00:00 - PreShow Banter™ — C Squad00:11:03 - BHIS - Talkin’ Bout [infosec] News 2024-12-0200:15:43 - Story # 1: Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research00:30:41 - Story # 2: FTC finds that smart-device makers fail to make clear how long their products will be supported00:44:47 - Story # 3: US senators propose law to require bare minimum security standards00:46:35 - Story # 4: Starbucks baristas can’t view their schedules after ransomware attack on vendor01:04:26 - Story # 5: Volunteer DEF CON hackers dive into America’s leaky water infrastructure01:08:45 - Shameless Plugs

00:00:00 - PreShow Banter™ — Discordgate00:09:24 - BHIS - Talkin’ Bout [infosec] News 2024-11-2500:10:46 - Story # 1: DOJ says Google must sell Chrome to crack open its search monopoly00:12:08 - Story # 1b: DOJ’s staggering proposal would hurt consumers and America’s global technological leadership00:19:16 - Story # 2: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access00:24:37 - Story # 3: Palo Alto Networks tackles firewall-busting zero-days with critical patches00:25:46 - Discordgate Follow Up00:26:26 - Story # 4: Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization00:31:08 - Story # 5: Fintech giant Finastra investigates data breach after SFTP hack00:34:01 - Story # 6: CFPB Finalizes Rule on Federal Oversight of Popular Digital Payment Apps to Protect Personal Data, Reduce Fraud, and Stop Illegal “Debanking”00:38:49 - Story # 7: T-Mobile finally managed to thwart a data breach before it occured00:40:22 - Story # 8: D-Link urges users to retire VPN routers impacted by unfixed RCE flaw00:43:07 - Story # 9: US seizes PopeyeTools cybercrime marketplace, charges administrators00:46:19 - Story # 10: Razzlekhan, crypto’s most embarrassing rapper, is going to prison00:48:31 - Story # 10b: Netflix has a perfectly timed Razzlekhan doc coming out in December00:50:10 - Story # 11: Microsoft Defender Is Not Enough Anymore—This Malware Gets Around It00:55:11 - Story # 12: Microsoft president asks Trump to “push harder” against Russian hacks00:57:02 - Story # 13: Hackers Breach Andrew Tate’s Online ‘University,’ Exposing 800,000 Users01:00:36 - Story # 14: 7-Zip affected by dangerous vulnerability: users must update the app manually01:01:31 - Story # 15: Microsoft disrupts ONNX phishing-as-a-service infrastructure01:03:07 - Story # 16: US charges five linked to Scattered Spider cybercrime gang01:04:25 - Plug: Secure Code Summit 2024

00:00 - PreShow Banter™ — Yacht Doc07:40 - BHIS - Talkin’ Bout [infosec] News 2024-11-1808:49 - Story # 1: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit16:02 - Story # 2: CISA Director Jen Easterly to depart agency on January 2019:26 - Story # 3: Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack28:44 - Story # 4: T-Mobile hacked in massive Chinese breach of telecom networks, WSJ reports30:55 - Story # 4b: T-Mobile confirms it was hacked in recent wave of telecom breaches33:03 - Story # 5: An Interview With the Target & Home Depot Hacker40:04 - Story # 6: Hacker gets 10 years in prison for extorting US healthcare provider42:47 - Story # 7: Ransomware fiends boast they’ve stolen 1.4TB from US pharmacy network44:21 - Story # 8: A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine45:23 - Story # 9: 23andMe cuts 40% of its workforce and discontinues therapeutics division50:38 - Story # 10: FBI, CISA, and NSA reveal most exploited vulnerabilities of 202356:45 - CPTC - Education Through Competition

00:00 - PreShow Banter™ — The Old and The New02:27 - BHIS - Talkin’ Bout [infosec] News 2024-11-1103:44 - Story # 1: Mattel pulls thousands of ‘Wicked’ dolls off shelves after printing adult website on packaging08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 202516:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada18:26 - Story # 5: Interpol Cybercrime Sweep Takes Down 22,000 IP Addresses, Arrests 4129:47 - Story # 6: Google Cloud to mandate MFA for all users in 202541:30 - Story # 7: Cisco scores a perfect CVSS 10 with critical flaw in its wireless system49:26 - Story # 8: H.I.G. Capital and Thoma Bravo to Acquire CompTIA Brand and Products59:05 - SANS Holiday Hack Challenge™ 2024

00:00:00 - PreShow Banter™ — The Grey Times00:04:33 - BHIS - Talkin’ Bout [infosec] News 2024-11-0400:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta’s Lawsuit Against CrowdStrike00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info00:30:02 - Story # 4b: ‘We strive to put humanity above all’: Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology’s Photos app00:50:10 - Story # 7: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords

00:00:00 - PreShow Banter™ — Sarsaparilla00:05:50 - BHIS - Talkin’ Bout [infosec] News 2024-10-2800:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks00:46:25 - Story # 4b: CISA proposes new security requirements to protect govt, personal data00:51:03 - Story # 5: Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection00:55:35 - Story # 6: Throne’s toilet camera takes pictures of your poop01:04:57 - A Community Support Moment - https://www.crisistextline.org

00:00:00 - PreShow Banter™ — Log Con00:11:41 - BHIS - Talkin’ Bout [infosec] News 2024-10-2100:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil00:27:12 - Story # 4: Debunking Hype: China Hasn’t Broken Military Encryption With Quantum00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers’ cloud products00:35:03 - Story # 6: Should We Chat, Too? FAQ00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks00:54:55 - Story # 11: Google’s Chrome Browser Starts Disabling uBlock Origin01:01:00 - WWHF Recorvery

00:00:00 - PreShow Banter™ — Cast of Special Characters00:06:37 - BHIS - Talkin’ Bout [infosec] News 2024-09-3000:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there’s a catch00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek00:27:40 - Story # 2b: ‘I’m a black NAZI!’: NC GOP nominee for governor made dozens of disturbing comments on porn forum00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules00:47:01 - Story # 3b: Why Two-Factor Authentication Is So Important - Teen Vogue00:54:04 - Story # 4: Hacker plants false memories in ChatGPT to steal user data in perpetuity01:00:42 - Story # 5: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug01:02:54 - Story # 6: Massive E-Learning Platform Udemy Gave Teachers a Gen AI ‘Opt-Out Window’. It’s Already Over.

00:00 - PreShow Banter™ — Plane Talk05:50 - BHIS - Talkin’ Bout [infosec] News 2024-09-2306:16 - A SANS Difference Maker Award Finalist09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat24:08 - Story # 2: Recaptcha Phish - John Hammond25:49 - Story # 2b: Clever ‘GitHub Scanner’ campaign abusing repos to push malware30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI Training37:40 - Story # 5: Disney ditching Slack after massive July data breach41:42 - Story # 6: FTC exposes massive surveillance of kids, teens by social media giants51:35 - Story # 7: Kaspersky deletes itself, installs UltraAV antivirus without warning

00:00 - PreShow Banter™ — Pour Over News06:01 - BHIS - Talkin’ Bout [infosec] News 2024-09-1607:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files15:37 - Story # 2: Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded Future34:27 - Story # 5: Cyber insurance set for explosive growth40:20 - Story # 6: 23andMe will pay $30 million to settle 2023 data breach lawsuit45:25 - Story # 7: Google faces EU investigation over AI data compliance50:35 - Story # 8: Rogue WHOIS server gives researcher superpowers no one should ever have

00:00 - Introduction01:22 - The Scenario02:50 - First Steps03:48 - Endpoint Analysis Roll04:22 - Logon Scripts Were installed05:09 - I.R. Team Introductions07:17 - Second Step10:32 - Network Threat Hunting Roll11:36 - Third Step15:12 - Anyway Here’s Firewall Roll15:43 - Fourth Step18:26 - SIEM Roll19:41 - Fifth Step20:47 - UEBA Roll21:19 - Senario Recap22:20 - Senario Plausibility?25:51 - Wrap-up Takeaways

00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China09:23 - BHIS - Talkin’ Bout [infosec] News 2024-09-0909:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database25:24 - Story # 3: California legislature passes sweeping AI safety bill38:02 - Story # 4: Brain Cipher claims attack on Olympic venue, promises 300 GB data leak41:59 - Story # 5: How Navy chiefs conspired to get themselves illegal warship Wi-Fi42:45 - Story # 5b: After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship49:18 - Story # 6: Researchers say a bug let them add fake pilots to rosters used for TSA checks51:32 - Story # 7: Durex India spilled customers’ private order data54:53 - Story # 8: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack

00:00 - PreShow Banter™ — Move to Signal03:47 - BHIS - Talkin’ Bout [infosec] News 2024-08-2604:37 - Story # 1: Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance11:03 - Story # 1b: Moxie on X.com23:17 - Story # 2: Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules29:39 - Story # 3: Seattle airport ‘possible cyberattack’ snarls travel yet again32:42 - Story # 4: Iran named as source of Trump campaign phish, leaks38:53 - Story # 5: Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months44:11 - Story # 6: Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide47:26 - Story # 7: New ‘ALBeast’ Misconfiguration Exposes Weakness in AWS Application Load Balancer48:52 - Story # 8: “We will hold them accountable”: General Motors sued for selling customer driving data to third parties

00:00:00 - PreShow Banter™ — Nine Years for Chicken Wings00:08:19 - BHIS - Talkin’ Bout [infosec] News 2024-08-1900:09:03 - Story # 1: NationalPublicData.com Hack Exposes a Nation’s Data00:18:17 - Story # 1b: National Public Data Published Its Own Passwords00:25:01 - Story # 2: RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks00:26:52 - Story # 3: T-Mobile fined $60 million for failing to stop data breaches00:34:03 - Story # 4: Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments00:45:43 - Story # 5: The US wants to use facial recognition to identify migrant children as they age00:54:16 - Story # 6: Six ransomware gangs behind over 50% of 2024 attacks00:59:56 - Story # 7: US accuses man of being ‘elite’ ransomware pioneer they’ve hunted for years01:01:57 - Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World’s Deadliest Crooks

00:00 - PreShow Banter™ — Scotty’s Pizza (Not Sponsored)03:38 - BHIS - Talkin’ Bout [infosec] News 2024-08-1203:59 - Hacker Summer Camp Report 202408:56 - Story # 1: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections14:26 - Story # 2: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks29:49 - Story # 3: DEF CON Badge Maker Pulled Off Stage Amid Claims of Non-Payment and Failed Work30:06 - New raspberry pi chip in badge33:31 - Story # 4: Exploit released for Cisco SSM bug allowing admin password changes34:12 - Story # 5: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser38:02 - Story # 6: Intelligence bill would elevate ransomware to a terrorist threat44:36 - Story # 6b: Proposed bill would block large ransomware payments by financial institutions46:26 - Story # 6c: Report shows decreased ransomware payments54:26 - Story # 7: After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude55:12 - Story # 8: CrowdStrike pursuing deal to buy patch management specialist Action157:24 - Story # 9: Microsoft punches back at Delta Air Lines and its legal threats

00:00 - PreShow Banter™ — What’s the f___03:34 - BHIS - Talkin’ Bout [infosec] News 2024-08-0506:57 - Story # 1: Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails23:57 - Story # 2: Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say36:47 - Story # 3: Eavesdropping on HDMI cables can reveal computer screen’s content37:43 - Story # 3b Hak5 Screen Crab39:18 - Story # 4: Microsoft says massive Azure outage was caused by DDoS attack43:31 - Story # 5: CrowdStrike says it’s not to blame for Delta’s days-long outage55:34 - Story # 6: CrowdStrike sued by investors over massive global IT outage

00:00 - PreShow Banter™ — Microsoft Sad Face02:13 - BHIS - Talkin’ Bout [infosec] News 2024-07-2903:08 - Story # 1: Fake CrowdStrike repair manual pushes new infostealer malware15:26 - Story # 1b: 83-year-old man found safe a week after going missing when CrowdStrike outage canceled flight20:39 - Story # 2: Multifactor Authentication Is Not Enough to Protect Cloud Data38:59 - Graphrunner47:19 - Story # 3: Data pilfered from Pentagon IT supplier Leidos57:57 - Story # 4: How a North Korean Fake IT Worker Tried to Infiltrate Us