Episodes
00:00 - PreShow Banter™ — World Class RSA Cookies04:49 - BHIS - Talkin’ Bout [infosec] News 2024-05-1406:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach18:48 - Story # 2: Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills52:26 - Story # 4b:...
Published 05/16/24
00:00 - PreShow Banter™ — RSA Power Moves08:14 - BHIS - Talkin’ Bout [infosec] News 2024-05-0609:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR15:04 - Story # 2: A recent security incident involving Dropbox Sign20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability42:07 - Story # 6:...
Published 05/08/24
00:00 - BHIS - Talkin’ Bout [infosec] News 2024-04-29 02:33 - Story # 1: Cyber Hygiene Helps Organizations Mitigate Ransomware-Related Vulnerabilities 10:38 - Story # 2: ‘Admin’ and ‘12345’ banned from being used as passwords in UK crackdown on cyber attacks 16:34 - Story # 3: Maximum severity Flowmon bug has a public exploit, patch now 21:06 - Story # 3b: CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon 22:45 - Story # 4:GitHub comments abused to push malware via Microsoft...
Published 05/01/24
00:00 - PreShow Banter™ — A Parent Process 03:01 - BHIS - Talkin’ Bout [infosec] News 2024-04-22 04:13 - Story # 1: Exploit code for Palo Alto Networks zero-day now public 07:44 - Story # 1b: (Timeline) Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) 23:22 - Story # 2: MGM says FTC can’t possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time 31:37 - Story # 3: MITRE was breached through Ivanti...
Published 04/24/24
00:00 - PreShow Banter™ — Retro Actions 04:48 - BHIS - Talkin’ Bout [infosec] News 2024-04-15 07:05 - Story # 1: FCC to vote on net neutrality rules on April 25 18:52 - Story # 2: “All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass 23:40 - Story # 2b: Delinea has cloud security incident in Thycotic Secret Server gaff 28:23 - Story # 3: CISA Releases Malware Next-Gen Analysis System for Public Use 40:36 - Story # 4: Hacker Leaks 8.5M U.S. Environmental Protection...
Published 04/17/24
00:00 - PreShow Banter™ — BHIS Bees Corp® 04:08 - The FUTURE IS…… Kickstarter 05:29 - BHIS - Talkin’ Bout [infosec] News 2024-04-08 06:03 - Story # 1: New draft bipartisan US federal privacy bill unveiled 11:03 - Story # 2: How To Opt Out Of GM Sharing Your Driving Data With Insurance Companies 13:04 - Story # 2b: Request a Consumer Disclosure Report 14:25 - Story # 3: Hackers Hijacked Notepad++ Plugin To Execute Malicious Code 29:19 - Story # 4: A Vigilante Hacker Took Down North Korea’s...
Published 04/10/24
00:00 - PreShow Banter™ — Zippers, Jokes, & Lawyers (Not to be confused with the song "Lawyers, Guns and Money")02:59 - BHIS - Talkin’ Bout [infosec] News 2024-04-0103:57 - Story # 1: New Darcula phishing service targets iPhone users via iMessage11:57 - Story # 2: Recent ‘MFA Bombing’ Attacks Targeting Apple Users17:22 - Story # 3: Thousands of phones and routers swept into proxy service, unbeknownst to users22:11 - Story # 4: Digital signs around Brookline are collecting data from your...
Published 04/03/24
00:00 - PreShow Banter™ — “Allegedly”03:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-2508:00 - Story # 1: Cisco Completes Acquisition of Splunk10:47 - Story # 2: General Motors Quits Sharing Driving Behavior With Data Brokers15:27 - Story # 3: Ron DeSantis signs bill requiring parental consent for kids under 16 to hold social media accounts24:34 - Story # 4: House passes bill to prevent the sale of personal data to foreign adversaries28:19 - Story # 5: Unsaflok - vulnerability impacts over...
Published 03/27/24
Brought to you by Antisyphon Training — https://www.antisyphontraining.com (https://www.antisyphontraining.com)00:00:00 - PreShow Banter™ — New Arms Again00:03:24 - BHIS - Talkin’ Bout [infosec] News 2024-03-1800:04:54 - Story # 1: NIST Releases Version 2.0 of Landmark Cybersecurity Framework00:10:50 - Story # 2: The FCC has finally decreed that 25Mbps and 3Mbps are not ‘broadband’ speed00:14:33 - Story # 3: Welcome to the 2024 Threat Detection Report00:33:40 - Story # 4: NSA Releases Top Ten...
Published 03/20/24
00:00 - PreShow Banter™ — Death to Clippy05:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-11 – Featuring Josh Mason06:58 - Story # 1: Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol, and sex13:43 - Story # 2: Top US cybersecurity agency hacked and forced to take some systems offline23:39 - Story # 3: Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’30:27 - Story # 4: FBI’s 2023 Internet...
Published 03/13/24
A weekly Podcast with BHIS and Friends. stories. We discuss notable Infosec, and infosec-adjacent news stories. Brought to you by: Black Hills Information Securityhttps://www.blackhillsinfosec.com/Antisyphon Traininghttps://www.antisyphontraining.com/Story # 1: Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concernhttps://www.whitehouse.gov/briefing-r...Story # 2: A leaky database spilled 2FA codes for...
Published 03/06/24
Story #1: Mr. Cooper leak exposes over two million customersStory #2: ConnectWise ScreenConnect attacks deliver malwareStory #3: LockBit Infrastructure Seized by US, UK PoliceStory #4: US health tech giant Change Healthcare hit by cyberattackStory #5: The reported leak of Chinese hacking documents supports experts’ warnings about how compromised the US could be
Published 03/01/24
The post Talkin’ About Infosec News – 2/20/24 appeared first on Black Hills Information Security.
Published 02/20/24
The post Talkin’ About Infosec News – 2/14/2024 appeared first on Black Hills Information Security.
Published 02/14/24
Brought to you by Antisyphon Training — https://www.antisyphontraining.com
Published 12/15/23