00:00 - PreShow Banter™ — The Old and The New02:27 - BHIS - Talkin’ Bout [infosec] News 2024-11-1103:44 - Story # 1: Mattel pulls thousands of ‘Wicked’ dolls off shelves after printing adult website on packaging08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 202516:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada18:26 - Story # 5: Interpol Cybercrime...

00:00:00 - PreShow Banter™ — The Grey Times00:04:33 - BHIS - Talkin’ Bout [infosec] News 2024-11-0400:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta’s Lawsuit Against CrowdStrike00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware00:22:59 - Story # 3b: How a series of opsec failures led US...

00:00:00 - PreShow Banter™ — Sarsaparilla00:05:50 - BHIS - Talkin’ Bout [infosec] News 2024-10-2800:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect...

00:00:00 - PreShow Banter™ — Log Con00:11:41 - BHIS - Talkin’ Bout [infosec] News 2024-10-2100:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil00:27:12 - Story # 4: Debunking Hype: China Hasn’t Broken...

00:00:00 - PreShow Banter™ — Cast of Special Characters00:06:37 - BHIS - Talkin’ Bout [infosec] News 2024-09-3000:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there’s a catch00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek00:27:40 - Story # 2b: ‘I’m a black NAZI!’: NC GOP nominee for governor made dozens of disturbing comments on porn forum00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules00:47:01 -...

00:00 - PreShow Banter™ — Plane Talk05:50 - BHIS - Talkin’ Bout [infosec] News 2024-09-2306:16 - A SANS Difference Maker Award Finalist09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat24:08 - Story # 2: Recaptcha Phish - John Hammond25:49 - Story # 2b: Clever ‘GitHub Scanner’ campaign abusing repos to push malware30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI...

00:00 - PreShow Banter™ — Pour Over News06:01 - BHIS - Talkin’ Bout [infosec] News 2024-09-1607:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files15:37 - Story # 2: Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded...

00:00 - Introduction01:22 - The Scenario02:50 - First Steps03:48 - Endpoint Analysis Roll04:22 - Logon Scripts Were installed05:09 - I.R. Team Introductions07:17 - Second Step10:32 - Network Threat Hunting Roll11:36 - Third Step15:12 - Anyway Here’s Firewall Roll15:43 - Fourth Step18:26 - SIEM Roll19:41 - Fifth Step20:47 - UEBA Roll21:19 - Senario Recap22:20 - Senario Plausibility?25:51 - Wrap-up Takeaways

00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China09:23 - BHIS - Talkin’ Bout [infosec] News 2024-09-0909:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database25:24 - Story # 3: California legislature passes sweeping AI safety bill38:02 - Story # 4: Brain...

00:00 - PreShow Banter™ — Move to Signal03:47 - BHIS - Talkin’ Bout [infosec] News 2024-08-2604:37 - Story # 1: Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance11:03 - Story # 1b: Moxie on X.com23:17 - Story # 2: Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules29:39 - Story # 3: Seattle airport ‘possible cyberattack’ snarls travel yet again32:42 - Story # 4: Iran named as source of Trump campaign phish, leaks38:53 - Story # 5: Man who hacked Hawaii state registry...

00:00:00 - PreShow Banter™ — Nine Years for Chicken Wings00:08:19 - BHIS - Talkin’ Bout [infosec] News 2024-08-1900:09:03 - Story # 1: NationalPublicData.com Hack Exposes a Nation’s Data00:18:17 - Story # 1b: National Public Data Published Its Own Passwords00:25:01 - Story # 2: RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks00:26:52 - Story # 3: T-Mobile fined $60 million for failing to stop data breaches00:34:03 - Story # 4: Massive Cyber Attack On AWS Targets 230...

00:00 - PreShow Banter™ — Scotty’s Pizza (Not Sponsored)03:38 - BHIS - Talkin’ Bout [infosec] News 2024-08-1203:59 - Hacker Summer Camp Report 202408:56 - Story # 1: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections14:26 - Story # 2: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks29:49 - Story # 3: DEF CON Badge Maker Pulled Off Stage Amid Claims of Non-Payment and Failed Work30:06...

00:00 - PreShow Banter™ — What’s the f___03:34 - BHIS - Talkin’ Bout [infosec] News 2024-08-0506:57 - Story # 1: Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails23:57 - Story # 2: Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say36:47 - Story # 3: Eavesdropping on HDMI cables can reveal computer screen’s content37:43 - Story # 3b Hak5 Screen Crab39:18 - Story # 4: Microsoft says massive Azure outage was caused...

00:00 - PreShow Banter™ — Microsoft Sad Face02:13 - BHIS - Talkin’ Bout [infosec] News 2024-07-2903:08 - Story # 1: Fake CrowdStrike repair manual pushes new infostealer malware15:26 - Story # 1b: 83-year-old man found safe a week after going missing when CrowdStrike outage canceled flight20:39 - Story # 2: Multifactor Authentication Is Not Enough to Protect Cloud Data38:59 - Graphrunner47:19 - Story # 3: Data pilfered from Pentagon IT supplier Leidos57:57 - Story # 4: How a North Korean Fake...

00:00 - PreShow Banter™ — CrowdStroke Memes05:59 - BHIS - Talkin’ Bout [infosec] News 2024-07-2207:01 - Story # 1: A Windows version from 1992 is saving Southwest’s butt right now07:36 - Crowdstrike Global Outage - BHIS - Talkin’ Bout [infosec] #News09:48 - Story # 1b: CrowdStrike’s faulty update crashed 8.5 million Windows devices, says Microsoft12:13 - Story # 1c: Let’s blame the dev who pressed “Deploy”17:23 - Figure 122:14 - Story # 2: DHS Has a DoS Robot to Disable Internet of Things...

The outage of the decade!

00:00 - PreShow Banter™ — Absolute Madmen02:28 - BHIS - Talkin’ Bout [infosec] News 2024-07-1503:18 - Wi-Fi Forge07:31 - Story # 1: CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth22:39 - Story # 2: AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach33:35 - Story # 3: FTC study finds ‘dark patterns’ used by a majority of subscription apps and websites38:48 - Story # 4: Club...

00:00 - PreShow Banter™ — A Bunch of Lunatics05:09 - BHIS - Talkin’ Bout [infosec] News 2024-07-0808:41 - Story # 1: Europol takes down 593 Cobalt Strike servers used by cybercriminals09:54 - Story # 1b: National Crime Agency leads international operation to degrade illegal versions of Cobalt Strike15:17 - Story # 2: ‘RockYou2024’: Nearly 10 billion passwords leaked online22:12 - Story # 3: Ticketmaster Breach: ShinyHunters Leak 440K Taylor Swift Eras Tour Ticket Data24:20 - Story # 3b:...

00:00 - PreShow Banter™ — Ice Cream Season07:22 - BHIS - Talkin’ Bout [infosec] News 2024-07-0107:48 - Story # 1: TeamViewer’s corporate network was breached in alleged APT hack09:11 - Story # 1b: TeeamViewer Security Update – June 28, 2024, 12:10 PM CEST16:33 - Story # 2: Supreme Court orders new look at Texas, Florida social media laws21:32 - Story # 3: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems24:52 - Story # 4: CISA: Most critical open source projects not using...

00:00 - PreShow Banter™ — Life is a Highway04:28 - BHIS - Talkin’ Bout [infosec] News 2024-06-2405:30 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions14:18 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA24:30 - Story # 3: CDK suffered another data breach as it was attempting to recover35:08 - Story # 4: LockBit claims the hack of the US Federal Reserve40:00 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting...

00:00 - PreShow Banter™ — Hungry Hungry Hipaa03:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-17 05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability16:27 - Story # 2: Microsoft’s all-knowing Recall AI feature is being delayed25:34 - Story # 3: Here’s how Apple’s AI model tries to keep your data private32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord35:28 - Story # 5: Pure Storage...

00:00 - PreShow Banter™ — Louie is Live04:53 - BHIS - Talkin’ Bout [infosec] News 2024-06-1007:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion18:39 - Story # 2: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts41:34 - Story # 4: The Age of the Drone Police Is Here52:07 -...

00:00:00 - PreShow Banter™ — In an RV down by the dumpster 00:07:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-03 00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online 00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection 00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions 00:13:42 - Story # 1d: Snowflake Denies Responsibility...

00:00 - PreShow Banter™ — Antichafing Training.04:31 - BHIS - Talkin’ Bout [infosec] News 2024-05-2007:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea43:55 - Story # 4: FCC might require telecoms to report on securing...