Explorez tous les épisodes du podcast Talkin' Bout [Infosec] News
| Titre | Date | Durée | |
|---|---|---|---|
| Denmark is Done with Teams! - 2025-06-16 | 18 Jun 2025 | 00:56:19 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — Government Linux 04:16 - Denmark is Done with Teams! - Talkin’ Bout [infosec] News 2025-06-16 05:02 - Story # 1: ‘We’re done with Teams’: German state hits uninstall on Microsoft 17:34 - Story # 1b: Denmark Wants to Dump Microsoft Software for Linux, LibreOffice 18:14 - Story # 2: Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot 25:50 - Story # 3: Fog ransomware attacks use employee monitoring tool to break into business networks 30:25 - Story # 4: Expired Discord Invites Hijacked for Stealthy Malware Attacks 34:00 - Story # 5: SmartAttack uses smartwatches to steal data from air-gapped systems 40:25 - Story # 6: Mirai Botnets Exploiting Wazuh Security Platform Vulnerability 44:47 - Story # 7: Google Cloud and Cloudflare hit by widespread service outages 48:04 - Story # 8: UNFI cyberattack shuts down network and leaves Whole Foods and others in limbo 50:34 - Story # 9: New SharePoint Phishing Attacks Using Lick Deceptive Techniques 51:08 - Story # 10: US-backed Israeli company’s spyware used to target European journalists, Citizen Lab finds 53:32 - Story # 11: Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud | |||
| Chatbot Tells Addict to Take Drugs - 2025-06-09 | 12 Jun 2025 | 01:00:21 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — Time to Bake 05:12 - Chatbot Tells Addict to Take Drugs - Talkin’ Bout [infosec] News 2025-05-06 06:08 - Story # 1: Meta and Yandex are de-anonymizing Android users’ web browsing identifiers 12:55 - Story # 2: Therapy Chatbot Tells Recovering Addict to Have a Little Meth as a Treat 16:11 - Story # 3: The Cost of a Call: From Voice Phishing to Data Extortion 26:56 - Story # 4: Questions Swirl Around ConnectWise Flaw Used in Attacks 27:40 - Story # 4b: ConnectWise email 35:28 - Story # 5: Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI 39:27 - Story # 6: Misconfigured HMIs Expose US Water Systems to Anyone With a Browser 52:20 - Story # 7: Fact Sheet: President Donald J. Trump Reprioritizes Cybersecurity Efforts to Protect America | |||
| Desperate Times Makes for More Cyber Crimes -2025-04-07 | 09 Apr 2025 | 00:48:31 | |
Register for upcoming webcasts & summits - Chapters 00:00 - PreShow Banter™ — A Complex Business 06:40 - BHIS - Talkin’ Bout [infosec] News 2025-04-07 07:34 - Story # 1: Oracle quietly admits data breach, days after lawsuit accused it of cover-up 12:47 - Story # 2: Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job 21:13 - Story # 3: Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attacks 28:14 - Story # 4: GitHub expands security tools after 39 million secrets leaked in 2024 37:28 - Story # 5: The 10 Biggest Crypto Hacks in History 40:11 - Story # 6: OpenAI tests watermarking for ChatGPT-4o Image Generation model 45:44 - Story # 7: National Security Agency chief fired as Trump ousts another top military officer | |||
| The Oracle of Lies! – 2025-03-31 | 03 Apr 2025 | 01:02:45 | |
00:00 - PreShow Banter™ — The Bed Slinger 08:34 - The Oracle of Lies! - BHIS - Talkin’ Bout [infosec] News 2025-03-31 10:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service 20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List 26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account 29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans 32:51 - Story # 4b: Signal is ‘absolutely not suitable’ for government use: Former NSA hacker 37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack 42:27 - Story # 6: Retail giant Sam’s Club investigates Clop ransomware breach claims 45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker 46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems 48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs 53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments 56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion | |||
| Trading in Jock Straps for Jock Hacks – 2025-03-24 | 26 Mar 2025 | 00:58:44 | |
00:00 - PreShow Banter™ — We’re Not Ready For the Finger Thing 01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin’ Bout [infosec] News 2025-03-24 03:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack 07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together 14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records 19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization 25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content 29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts 35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy 38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 28 44:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre 52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach 54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance 56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen… | |||
| News 2025-03-17 - Malicious Browser Plugins will Destroy us ALL!!!!! | 19 Mar 2025 | 01:00:41 | |
00:00 - PreShow Banter™ — Fun Jank Decks 05:25 - BHIS - Talkin’ Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!! 06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension 14:37 - Story # 1b: Chrome Web Store is a mess 31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages 36:17 - Story # 3: China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days 44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data 49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info 51:25 - Story # 6: Hackers Take Credit for X Cyberattack 54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account | |||
| 2025-03-10 — Agent A.I. | 12 Mar 2025 | 01:04:11 | |
00:00 - PreShow Banter™ — Agent A.I. 07:35 - BHIS - Talkin’ Bout [infosec] News 2025-03-10 10:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more 15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound’ security and privacy issues 25:33 - Story # 3: X/Twitter is down for a third time today 27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go 33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices 45:37 - Story # 6: Cybercrime’s Cobalt Strike Use Plummets 80% Worldwide 46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags 55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR | |||
| 2025-03-03 - Not Talking About Anything | 05 Mar 2025 | 00:58:41 | |
00:00 - PreShow Banter™ — Not Talking About Anything 04:29 - BHIS - Talkin’ Bout [infosec] News 2025-03-03 05:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access’ To All Your Encrypted Data 24:28 - Story # 2: Disney engineer downloaded ‘helpful’ AI tool that ended up completely destroying his life 34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware 43:22 - Story # 4: Dragos’s 8th Annual OT Cybersecurity Year in Review Is Now Available 45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats 55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say 57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’ | |||
| 2025-05-24 - Get Political (With Jake Williams) | 26 Feb 2025 | 01:02:29 | |
00:00 - PreShow Banter™ — Get Political 05:27 - BHIS - Talkin’ Bout [infosec] News 2025-02-25 06:07 - Story # 1: Trump 2.0 Brings Cuts to Cyber, Consumer Protections 37:57 - Story # 2: OpenAI Uncovers Evidence of A.I.-Powered Chinese Surveillance Tool 49:48 - Story # 3: Apple pulls data protection tool after UK government security row 55:00 - Story # 4: Judge dismisses Chris Hadnagy lawsuit against DEF CON | |||
| 2025-02-17 - Prove That You're Wearing Pants | 19 Feb 2025 | 01:05:31 | |
00:00 - PreShow Banter™ — Prove That You’re Wearing Pants 05:50 - BHIS - Talkin’ Bout [infosec] News 2025-05-17 06:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January 07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don’t die laughing 08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List 16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account 18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation 20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says 36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack 37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever 43:14 - Story # 5b: DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone 46:59 - Story # 6: Man who SIM-swapped the SEC’s X account pleads guilty 51:26 - Story # 7: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs 53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed
| |||
| 2025-02-10 - Walking Through Denver | 13 Feb 2025 | 01:02:47 | |
00:00 - PreShow Banter™ — Walking Through Denver 02:23 - BHIS - Talkin’ Bout [infosec] News 2025-02-10 04:35 - Story # 1: Ransomware payments declined in 2024 despite massive. well-known hacks 05:02 - Story # 1b: 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments 14:19 - Story # 2: Critical Cisco ISE bug can let attackers run commands as root 16:43 - Story # 3: The Untold Story of a Crypto Crimefighter’s Descent Into Nigerian Prison 24:18 - Story # 4: IoT’s botnet problem is up 500% – three things admins must do now 31:49 - Story # 5: WhatsApp identifies dozens of users hacked by Paragon spyware company 39:41 - Story # 6: Sri Lanka goes bananas after monkey unplugs nation 43:36 - Story # 7: Microsoft Study Finds AI Makes Human Cognition “Atrophied and Unprepared” 50:17 - ChickenSec Story #: 1 Here’s a Super Bowl riddle: Why are egg prices surging — but not chicken wings? 52:21 - Story # 8: DOGE Staffer Previously Fired From Cybersecurity Company for Leaking Secrets 58:07 - ChickenSec Story #2: Americans to Eat 1.47 Billion Chicken Wings for Super Bowl LIX | |||
| 2025-02-05 - LIVE FROM WWHF DENVER 2025 | 12 Feb 2025 | 00:44:41 | |
00:00 - PreShow Banter™ — Community Swear Bucket 01:40 - BHIS - Talkin’ Bout [infosec] News 2025-02-05 03:27 - Story # 1: DeepSeek R1 Exposed: Security Flaws in China’s AI Model 11:25 - Story # 2: Backdoor found in two healthcare patient monitors, linked to IP in China 15:21 - Story # 3: Facebook flags Linux topics as ‘cybersecurity threats’ — posts and users being blocked 20:56 - Story # 4: Here’s how Musk’s access to Treasury system may impact Social Security, other government payments 31:29 - Story # 5: Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections 34:34 - Story # 6: Insurance Company Globe Life Notifying 850,000 People of Data Breach 36:15 - Story # 10: DeepSeek Fails Researchers’ Safety Tests 38:35 - Story # 11: Engineering giant Smiths Group discloses security breach | |||
| Victoria’s Secrets are Compromised - 2025-06-02 | 05 Jun 2025 | 00:54:35 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — natural MSG 05:31 - Victoria’s Secrets are Compromised - Talkin’ Bout [infosec] News 2025-06-02 06:31 - Story # 1: Authors Are Accidentally Leaving AI Prompts In their Novels 08:36 - Story # 1b: This Latest AI Book Debacle Is A Disturbing Part Of A Growing Trend 09:41 - Story # 2: Developer Builds Tool That Scrapes YouTube Comments, Uses AI to Predict Where Users Live 10:48 - Story # 2b: AI-powered OSINT tool profiles YouTube users, raising privacy concerns 15:55 - Story # 2c: Researchers Dump 2 Billion Scraped Discord Messages Online 20:28 - Story # 3: Vending-Bench: A Benchmark for Long-Term Coherence of Autonomous Agents 21:02 - Story # 3b: An AI Goes Insane, Emails FBI Over $2 (YouTube) 26:55 - Story # 4: The UK will totally replace two-thirds of junior civil servants with AI chatbots, says the chatbot 27:27 - Story # 4b: Reeves confirms 15% cut to Civil Service running costs 29:29 - Story # 5: ConnectWise Breached, ScreenConnect Customers Targeted 31:28 - LOLRMM - a curated list of Remote Monitoring and Management (RMM) tools that could potentially be abused by threat actors. 35:34 - Story # 6: New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers 36:19 - Story # 7: US intelligence employee arrested for alleged double-dealing of classified info 40:12 - Story # 8: Victoria’s Secret takes down website after security incident 45:43 - Story # 9: Microsoft and CrowdStrike partner to link hacking group names 46:59 - Story # 10: Zscaler Acquisition of Red Canary 49:57 - Story # 11: Most of CISA’s senior leaders are leaving the agency 51:22 - Story # 12: Telegram announces partnership with Musk’s xAI 51:32 - Story # 13: Google warns of Vietnam-based hackers using bogus AI video generators to spread malware | |||
| Blackmailing A.I. - 2025-05-27 | 30 May 2025 | 00:58:35 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — I just want Jorts! 05:42 - Blackmailing A.I. - Talkin’ Bout [infosec] News 2025-05-27 07:01 - Story # 1: Experimental drones developed to neutralize mass shooters, disable weapons 11:29 - Story # 2: How a global malware operation was taken down from a federal court in Georgia 13:50 - Story # 3: Judge allows Workday AI bias lawsuit to proceed as collective action 15:23 - Marker 17 19:25 - Story # 4: Anthropic’s new AI model turns to blackmail when engineers try to take it offline 32:19 - Story # 5: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more 34:53 - Story # 6: TikTok videos now push infostealer malware in ClickFix attacks 36:57 - Story # 7: Beware, Coinbase users. Crypto thieves are taking fingers now 40:56 - Story # 8: Signal now blocks Microsoft Recall screenshots on Windows 11 43:16 - Story # 9: Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords 44:54 - Story # 10: Google Chrome’s Built-in Manager Lets Users Update Breached Passwords with One Click 48:09 - Story # 11: Russian military hackers ‘Fancy Bear’ target Western aid supply chains to Ukraine, NSA report says 50:13 - Story # 12: Google Gemini AI assistant coming to new cars in 2025, starting with Volvo 54:17 - Story # 13: Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales 56:55 - Story # 13b: [HOPE_16] International Travel Tips | |||
| WORLDS FIRST CPU Ransomware! - 2025-05-19 | 21 May 2025 | 00:53:26 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.coma 00:00 - PreShow Banter™ — Twiddle Me This 02:04 - WORLDS FIRST CPU Ransomware! - Talkin’ Bout [infosec] News 2025-05-19 03:10 - Story # 1: Coinbase - Standing Up to Extortionists 11:26 - Story # 2: World’s first CPU-level ransomware 15:09 - Story # 3: New Intel CPU flaws leak sensitive data from privileged memory 19:04 - Story # 4: After latest kidnap attempt, crypto types tell crime bosses: Transfers are traceable 21:39 - Story # 5: Chinese ‘kill switches’ found hidden in US solar farms 27:52 - Story # 6: Congress proposes 10-year ban on state AI regulations 31:41 - Story # 7: Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data 36:02 - Story # 8: European Vulnerability Database Launches Amid US CVE Chaos 37:32 - Story # 9: 89 million Steam accounts reportedly leaked. Change your password now. 40:06 - Story # 10: Hackers Now Targeting US Retailers After UK Attacks, Google 41:11 - Story # 11: How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes 43:08 - Story # 11b: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage’s archive server 47:12 - ChickenSec: ‘A Minecraft Movie’ Viral TikTok Trend Wreaks Havoc In Theaters 51:20 - Story # 12: Education giant Pearson hit by cyberattack exposing customer data | |||
| Inside DragonForce 2025-05-12 | 15 May 2025 | 00:56:15 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.coma 00:00 - PreShow Banter™ — Crime is bad 00:18 - dangerous trend of destroying Chromebooks 04:33 - BHIS - Talkin’ Bout [infosec] News 2025-05-12 05:40 - Story # 1: LockBit Ransomware Hacked, Insider Secrets Exposed 06:36 - Story # 1b: https://ransomch.at 09:31 - Story # 2: White House Proposes $500 Million Cut to CISA 10:35 - Story # 2b: Update to How CISA Shares Cyber-Related Alerts and Notifications 18:09 - Story # 3: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks 22:28 - Story # 4: Despite ransom payment, PowerSchool hacker now extorting individual school districts 26:28 - Story # 5: Tech CEOs warn Senate: Outdated US power grid threatens AI ambitions 32:20 - Story # 6: Warning — 19 Billion Compromised Passwords Have Been Published Online 34:37 - Story # 7: Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted 36:33 - Story # 8: How a new type of AI is helping police skirt facial recognition bans 48:38 - Story # 9: Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware 51:33 - Story # 10: A Framework to Report AI’s Flaws 53:42 - Story # 10b: MITRE ATLAS™ 54:49 - Simply Hot Ones Challenge | LIVE FIRE SPICE | |||
| Scatterd Spider Weaves Another Attack- 2025-05-05 | 09 May 2025 | 00:54:42 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — Double Coffee 05:04 - BHIS - Talkin’ Bout [infosec] News 2025-05-05 06:05 - Story # 1: Largest bank in the world issues stark security warning about technology that billions use every single day 11:15 - Story # 2: M&S cyber-attack linked to hacking group Scattered Spider 13:47 - Story # 3: Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries 20:10 - Story # 4: A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween 21:54 - Story # 4b: The one interview question that will protect you from North Korean fake workers 23:09 - Story # 5: Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee’s Computer, Downloading Confidential Data from Company 25:33 - Story # 6: TerraStealerV2 and TerraLogger: Golden Chickens’ New Malware Families Discovered 29:19 - Story # 7: Gremlin Stealer: New Stealer on Sale in Underground Forum 33:17 - Story # 8: Over 290,000 citizens at risk: CloudSEK uncovers major data breach at Bangalore Water Supply and Sewerage Board 34:56 - Story # 9: The Signal Clone the Trump Admin Uses Was Hacked 39:58 - Story # 10: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. 42:19 - Story # 11: Software dev fortifies his blog with ‘zip bombs’ — attacking bots meet their end with explosive data package 43:44 - Story # 12: WhatsApp says in-app AI tools will still keep messages secret 45:37 - Story # 13: House passes bill to study routers’ national security risks 49:48 - Simply Hot Ones Challenge (YouTube) | |||
| InfoSec CEO Charged with Installing Malware! – 2025-04-28 | 30 Apr 2025 | 01:00:58 | |
Register for upcoming webcasts & summits - https://poweredbybhis.com 00:00 - PreShow Banter™ — Talking Bout Red Green 02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin’ Bout [infosec] News 2025-04-28 03:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems 11:22 - Story # 2: 2025 Data Breach Investigations Report 25:05 - Story # 3: The Age of Realtime Deepfake Fraud Is Here 29:00 - Story # 4: Whistleblower: DOGE Siphoned NLRB Case Data 33:09 - Story # 5: Top employee monitoring app leaks 21 million screenshots on thousands of users 36:59 - Story # 6: 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure 42:13 - Story # 7: SAP zero-day vulnerability under widespread active exploitation 46:29 - Story # 8: FBI: US lost record $16.6 billion to cybercrime in 2024 47:55 - Story # 8b: FBI Report Doc 53:50 - Story # 9: M- Trends 2025 Report | |||
| The CVE Saga - Talkin’ Bout [infosec] News 2025-04-21 | 23 Apr 2025 | 00:58:29 | |
Register for upcoming webcasts & summits - https://poweredbybhis.com 00:00 - PreShow Banter™ — A Monocle and a Glass of Wine 05:36 - The CVE Saga - Talkin’ Bout [infosec] News 2025-04-21 06:43 - Story # 1: US agency extends support for cyber vulnerability database 29:08 - Story # 1b: CVE Foundation 32:35 - Story # 2: Former cybersecurity agency chief Chris Krebs leaves SentinelOne after Trump targets him in executive order 33:57 - Story # 3: 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War 37:17 - Story # 4: TA Phone Home: EDR Evasion Testing Reveals Extortion Actor’s Toolkit 44:57 - Story # 5: The Sophos Annual Threat Report: Cybercrime on Main Street 2025 | |||
| Largest Corporate Espionage Case this Century - 2025-04-14 | 16 Apr 2025 | 00:59:49 | |
Register for upcoming webcasts & summits - https://poweredbybhis.com 00:00 - PreShow Banter™ — Trigger Warning 00:42 - Trump Vs Chris Krebs | BHIS - Talkin’ Bout [infosec] News 2025-04-14 01:54 - Story # 1: Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director 17:04 - Story # 2: Cybersecurity industry falls silent as Trump turns ire on SentinelOne 18:00 - Story # 3: Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges 33:13 - Story # 4: Rippling Believe it or Not: How the Largest Corporate Espionage Case this Century Happened 41:36 - Story # 5: Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers 52:18 - Story # 6: Pentagon to end $5.1 billion in contracts with Accenture, Deloitte, others | |||
| Lawmakers Want to Ban VPNs - 2025-12-01 | 04 Dec 2025 | 01:02:46 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — The Problem With Extensions 03:10 - Lawmakers want to Ban VPNs – BHIS - Talkin’ Bout [infosec] News 2025-12-01 03:47 - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem) 12:05 - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They’re Doing 21:19 - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update 25:49 - Story # 4: ‘Slop Evader’ Lets You Surf the Web Like It’s 2022 37:08 - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says 39:10 - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now 42:39 - Story # 6: Meta is earning a fortune on a deluge of fraudulent ads, documents show 50:23 - Story # 7: Meta had a 17-strike policy for sex trafficking, former safety leader claims 52:41 - Story # 8: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison | |||
| Shai-Hulud malware leaks secrets on GitHub – 2025-17-24 | 26 Nov 2025 | 01:05:00 | |
???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Stressed about lithium batteries 04:59 - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin’ Bout [infosec] News 2025-17-24 05:57 - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub 11:19 - Story # 2: CrowdStrike catches insider feeding information to hackers 15:50 - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages 22:17 - Story # 4: NetApp sues former CTO for alleged data breach 26:49 - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers 36:05 - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now 37:11 - Story # 6b: Cloudflare outage on November 18, 2025 41:43 - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt 46:35 - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System 51:10 - Story # 10: Microsoft to integrate Sysmon directly into Windows 11, Server 2025 56:41 - Story # 9: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist | |||
| Kerberoasting Goes to Washington – 2025-09-15 | 20 Sep 2025 | 01:02:58 | |
???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Enter Dark John 03:15 - Kerberoasting Goes to Washington – BHIS - Talkin’ Bout [infosec] News 2025-09-15 03:49 - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” 12:46 - Story # 2: How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations 32:42 - Story # 3: Some JLR suppliers ‘face bankruptcy’ due to hack crisis 41:30 - Story # 4: AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns 46:07 - Story # 5: All your vulns are belong to us! CISA wants to maintain gov control of CVE program 49:55 - Story # 6: Qantas penalizes executives for July cyberattack 51:15 - Story # 7: America’s second largest egg producer breached, claim hackers 54:55 - Story # 8: Undocumented Radios Found in Solar-Powered Devices | |||
| Anthropic 1.5 Billion © Settlement - 2025-09-08 | 10 Sep 2025 | 00:59:54 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — If I Were French 04:35 - Anthropic 1.5 Billion © Settlement - BHIS - Talkin’ Bout [infosec] News 2025-09-08 05:48 - Hackers Threaten to Submit Artists’ Data to AI Models If Art Site Doesn’t Pay Up 08:40 - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement 23:58 - This Company Turns Dashcams into ‘Virtual CCTV Cameras.’ Then Hackers Got In 33:38 - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps 40:07 - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack 44:27 - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack 46:38 - Update on Mandiant Drift and Salesloft Application Investigations 51:04 - M&S hackers claim to be behind Jaguar Land Rover cyber attack 51:55 - New TP-Link zero-day surfaces as CISA warns other flaws are exploited 54:52 - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy 57:58 - Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions | |||
| Chinese agent tried to recruit Stanford Student - 2025-09-02 | 06 Sep 2025 | 00:56:13 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — It’s 8ft skeleton season. 02:18 - BHIS - Talkin’ Bout [infosec] News 2025-09-02 03:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks 07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ 13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling 17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K 19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’ 20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025 22:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 25:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research 30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception 32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people 34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI 35:20 - Story # 12: They weren’t lovin’ it - hacker cracks McDonald’s security in quest for free nuggets, and it was apparently not too tricky 39:29 - Identify the birds you see or hear with Merlin Bird ID 40:04 - Story # 13: Detecting and countering misuse of AI: August 2025 51:31 - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy | |||
| The Impending AI Bubble 2025-08-25 | 30 Aug 2025 | 01:04:00 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Canadian Chicken 02:01 - The AI Bubble BHIS - Talkin’ Bout [infosec] News 2025-08-25 02:23 - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers 09:27 - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years 12:43 - Story # 3: Developer jailed for taking down employer’s network with kill switch malware 16:33 - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet 20:42 - The Utopia Chronicles 23:20 - Story # 5: “Unstoppable Power Surges”: China’s Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic 28:47 - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says 41:21 - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes 43:41 - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won’t Tell You 46:33 - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices 49:24 - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions 53:12 - Story # 11: Cybersecurity training doesn’t work: time wasted with no impact, study finds 59:07 - ChickenSec: Artificial Intelligence: The other AI | |||
| Cyberattack Bricks Speed Cameras – 2025-08-18 | 20 Aug 2025 | 00:58:10 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — The gif that keeps on giffing 01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin’ Bout [infosec] News 2025-08-18 02:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny 07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say 10:22 - Story # 3: How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes 12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software 13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities 19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely 23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks 24:51 - Story # 8: LAPD Eyes ‘GeoSpy’, an AI Tool That Can Geolocate Photos in Seconds 29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people 34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum 35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived 40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/” 46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild 48:13 - Story # 14: Plex warns users to patch security vulnerability immediately 50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm | |||
| DEF CON RECAP – 2025-08-11 | 14 Aug 2025 | 00:59:54 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Wading Through Woods 06:06 - DEF CON RECAP - Talkin’ Bout [infosec] News 2025-08-11 09:16 - Story # 1: It’s time to acknowledge HTTP/1.1 is insecure 12:36 - Story # 2: Research reveals possible privacy gaps in Apple Intelligence’s data handling 17:51 - Story # 3: Federal court filing system hit in sweeping hack 21:09 - Story # 4: Cisco discloses data breach impacting Cisco.com user accounts 32:17 - Story # 5: Google says its AI-based bug hunter found 20 security vulnerabilities 34:20 - Story # 6: Automate security reviews with Claude Code 39:01 - Story # 7: Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands 44:44 - Story # 7b: OnStar assists CHP in stopping fleeing SUV with toddler inside 47:12 - Story # 7c: That viral video of a ‘deactivated’ Tesla Cybertruck is a fake 49:37 - Story # 8: LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code 50:53 - Story # 9: Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools 53:08 - Story # 10: A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT 58:10 - Story # 11: Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks | |||
| Perplexity Stealth Crawlers Evade No-Crawl Directives - 2025-08-04 | 07 Aug 2025 | 01:03:06 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00:00 - PreShow Banter™ — Stop Asking Wade if he’s in Vegas 00:02:16 - Perplexity Uses Stealth Crawlers to Evade No-Crawl Directives – 2025-08-04 00:11:25 - Story # 1: Insurance won’t cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security 00:18:40 - Story # 2: States Enact Safe Harbor Laws that Provide Affirmative Defenses in Data Breach Litigation 00:26:45 - Story # 3: Hackers Destroy Aeroflot’s IT Infrastructure, Causing Over 42 Flight Cancellations 00:34:18 - Story # 4: Attackers exploit link-wrapping services to steal Microsoft 365 logins 00:40:09 - Story # 5: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons 00:42:18 - Wade’s plugin recommendation 00:44:39 - Story # 6: Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives 00:51:11 - Story # 7: After Backlash, ChatGPT Removes Option to Have Private Chats Indexed by Google 00:55:21 - AI 2027 01:01:01 - What’s Ralph been up to? | |||
| UK Bans Ransomware Payments - 2025-07-28 | 01 Aug 2025 | 01:02:15 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — National Chicken Wing Day 04:16 - BHIS - Talkin’ Bout [infosec] News 2025-07-28 05:30 - Story # 1: Bad vibes: How an AI agent coded its way to disaster 08:40 - Story # 1b: Replit goes rogue, deletes entire database. 15:44 - Story # 2: A major AI training data set contains millions of examples of personal data 26:05 - Story # 3: Women Dating Safety App ‘Tea’ Breached, Users’ IDs Posted to 4chan 33:19 - Story # 4:A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors 40:28 - Story # 5: Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers 49:46 - Story # 6: Businesses banned from paying hackers’ ransoms to target cybercrime 57:38 - SharePoint Follow Up | |||
| Microsoft's OverSharePoint 0-Day Exploit – 2025-07-21 | 23 Jul 2025 | 01:04:15 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — PaintBallers 03:55 - BHIS - Talkin’ Bout [infosec] News 2025-07-21 04:21 - Story # 1: Microsoft 0-day Mass Exploitation 09:39 - Story # 2: Replit AI went rogue, deleted a company’s entire database, then hid it and lied about it 13:15 - Story # 3: ‘All US forces must now assume their networks are compromised’ after Salt Typhoon breach 18:08 - Story # 4: After FBI Warning, Alaska Airlines Grounded; Salt Typhoon Suspected 20:45 - Story # 5: FBI Cybersecurity Breach Led to Murders of Informants in El Chapo Case 21:54 - Story # 5b: FBI’s Report 29:57 - Story # 6: Google fixes actively exploited sandbox escape zero day in Chrome 31:30 - Story # 7: Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns 32:33 - Story # 8: CitrixBleed 2 situation update — everybody already got owned 33:01 - Story # 9: At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds 46:14 - Story # 10: Amazon Ring Doorbell May 28 Mass Hacking Claim Goes Viral 48:56 - jdbgmgr.exe virus hoax 51:52 - Story # 11: HPE warns of hardcoded passwords in Aruba access points | |||
| McDonald’s Over 64 Million Exposed Job Applicants - 2025-07-14 | 16 Jul 2025 | 00:55:06 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Traditional Finger 00:21 - BHIS - Talkin’ Bout [infosec] News 2025-07-14 01:29 - Story # 1: ‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications 22:12 - Story # 2: Employee gets $920 for credentials used in $140 million bank heist 33:50 - Story # 3: Microsoft laying off about 9,000 employees in latest round of cuts 37:21 - Story # 5: Scammy YouTube Ads 46:31 - Story # 6: New ServiceNow flaw lets attackers enumerate restricted data | |||
| A.I. Transcription Startup Was Just A Guy Taking Notes- 2025-11-17 | 21 Nov 2025 | 01:16:33 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00:00 - PreShow Banter™ — The Way the Community Rumbles 00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin’ Bout [infosec] News 2025-11-17 00:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations 00:18:06 - Eric & Whitney’s “Podcast” [webcast] on training your own LLM 00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand 00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies 00:37:35 - Story # 4: Google is easing up on Android’s new sideloading restrictions! 00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats 00:44:58 - Story # 5b: Hackers are saving Google’s abandoned Nest thermostats with open-source firmware 00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs 01:00:40 - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead 01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign 01:14:58 - Discord CTF Winners | |||
| North Korean Remote Workers are at it Again! – BHIS - Talkin' Bout [infosec] News 2025-07-07 | 09 Jul 2025 | 00:55:59 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Pre Stream Appropriate 03:39 - N. Korean Remote Workers are at it Again! – BHIS - Talkin’ Bout [infosec] News 2025-07-07 05:41 - Story # 1: Fortune 500 Cyber Spending Pays Off: Large Enterprise Risk Falls 33% Despite Rising Threats 20:01 - Story # 2: Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations 25:49 - Story # 2b: Engineer caught juggling multiple startup jobs is a cautionary tale of ‘extreme’ hustle culture, experts say 34:47 - Story # 3: Taking SHELLTER: a commercial evasion framework abused in- the- wild 42:15 - Story # 3b: Statement Regarding Recent Misuse of Shellter Elite and Elastic Security Labs’ Handling 46:58 - Story # 4: Ingram Micro outage caused by SafePay ransomware attack 49:45 - Story # 5: Germany asks Google, Apple to remove DeepSeek AI from app stores 53:13 - Story # 6: This Call of Duty game just hit Xbox Game Pass, but it’s infested with RCE hackers — I’d take cover and avoid playing until there’s a fix | |||
| Year of the [European Union] Linux Desktop Finally Arrives? | BHIS - Talkin' Bout [infosec] News 2025-06-30 | 04 Jul 2025 | 00:59:25 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Chapters: 00:00 - PreShow Banter™ — Names on Cups 01:39 - Year of the [European Union] Linux Desktop Finally Arrives? | BHIS - Talkin’ Bout [infosec] News 2025-06-30 03:34 - Story # 1: You should probably delete any sensitive screenshots you have in your phone right now. 10:55 - Story # 2: Ongoing Campaign Abuses Microsoft 365’s Direct Send to Deliver Phishing Emails 14:07 - Story # 3: The year of the European Union Linux desktop may finally arrive 24:46 - Story # 4: Restricted data once again leaked on War Thunder forums 27:04 - Story # 5: Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices 31:47 - Story # 6: French police reportedly arrest suspected BreachForums administrators 34:22 - Story # 7: Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages 39:41 - Story # 8: CitrixBleed 2: Electric Boogaloo — CVE-2025–5777 42:16 - Story # 9: Millions of Brother Printers Hit by Critical, Unpatchable Bug 47:05 - Story # 10: Canada orders China’s Hikvision to close Canadian operations 50:13 - Story # 11: US House bans WhatsApp on staff devices over security concerns 53:17 - ChickenSec: Chickens are becoming 3rd most popular pet: Tractor Supply CEO 56:34 - Story # 12: Norway Dam Hacked, Valve Opened But No Danger 58:11 - Review your calendar invites! | |||
| Iran Shuts Down It's Own Internet - 2025-06-23 | 26 Jun 2025 | 01:05:55 | |
Register for Free, Live webcasts & summits: https://poweredbybhis.com 00:00 - PreShow Banter™ — Explaining the Muppets 03:09 - Iran Shuts Down It's Own Internet- BHIS - Talkin’ Bout [infosec] News 2025-06-23 04:52 - Story # 1: Iran’s government says it shut down internet to protect against cyberattacks 20:20 - Story # 2: Iranian bank linked to revolutionary guard hit by ‘cyber attack’ 22:11 - Story # 3: Hackers switch to targeting U.S. insurance companies 23:32 - Story # 3b: Statement: Erie Insurance Information Security Incident (June 23) 33:33 - Story # 4: No, the 16 billion credentials leak is not a new data breach 43:23 - Story # 5: ‘Water Curse’ Targets Infosec Pros via Poisoned GitHub Repositories 47:09 - Story # 6: CISA Reveals ‘Pattern’ of Ransomware Attacks Against SimpleHelp RMM 48:49 - Story # 7: Report Links Los Pollos and RichAds to Malware Traffic Operations 58:29 - Story # 8: Minnesota lawmaker’s alleged killer had list of data broker websites in car, FBI says | |||
| 2025-01-27 - Fake Australian | 29 Jan 2025 | 01:03:20 | |
00:00 - PreShow Banter™ — Fake Australian 04:17 - BHIS - Talkin’ Bout [infosec] News 2025-01-27 04:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss 30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate’ to build up AI in US 42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations 43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources’ 47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack 50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach 53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users’ Broad Location 54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel 59:40 - Story # 8: Researchers say new attack could take down the European power grid | |||
| 2025-01-20 - Highest Rated Chalk | 22 Jan 2025 | 01:04:51 | |
00:00 - PreShow Banter™ — Highest Rated Chalk 04:14 - BHIS - Talkin’ Bout [infosec] News 2025-01-20 08:53 - Story # 1: Data From 15,000 Fortinet Firewalls Leaked by Hackers 14:25 - Story # 2: China’s Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says 16:29 - Story # 3: TikTok reportedly plans ‘immediate’ Sunday shutdown in the US if it’s banned 25:47 - Story # 4: FBI forces Chinese malware to delete itself from thousands of US computers 35:06 - WWHF Denver 36:03 - BSides San Diego 37:23 - Security Stadium 38:22 - Story # 5: Exchange 2016 and 2019 reach end-of-life status later this year 42:45 - Story # 6: Snyk security researcher deploys malicious NPM packages targeting Cursor.com 46:17 - Story # 7: New UEFI Secure Boot flaw exposes systems to bootkits, patch now 57:34 - Story # 8: Lawsuit: Allstate used GasBuddy and other apps to quietly track driving | |||
| 2025-01-13 — An RGB State of Mind | 15 Jan 2025 | 01:07:54 | |
00:00:00 - PreShow Banter™ — An RGB State of Mind 00:07:20 - BHIS - Talkin’ Bout [infosec] News 2025-01-13 00:10:24 - Story # 1: A Day in the Life of a Prolific Voice Phishing Crew 00:18:39 - Story # 2: Dental group lied through teeth about data breach, fined $350,000 00:25:49 - Story # 3: Hacker claims breach of US location tracking company Gravy Analytics 00:27:48 - Story # 4: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data 00:33:19 - Story # 5: US Cyber Trust Mark launches as the Energy Star of smart home security 00:43:08 - Story # 6: Hackers are exploiting a new Ivanti VPN security bug to hack into company networks 00:45:09 - Story # 7: Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters 00:47:36 - Story # 8: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit 00:54:47 - Story # 9: Ransomware crew abuses AWS native encryption 01:00:41 - Story # 10: Cannabis company Stiiizy says hackers accessed customers’ ID documents | |||
| 2025-01-06 - Coffee With Wade | 09 Jan 2025 | 01:04:38 | |
00:00:00 - PreShow Banter™ — Coffee With Wade Wells 00:05:41 - BHIS - Talkin’ Bout [infosec] News 2025-01-06 00:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances 00:13:18 - Things Continued to be ignored in 2025 00:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again 00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes 00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year 00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach 00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court 00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions 00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy 00:48:38 - Story # 9: Meta’s AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook 00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations 00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps’ 12 big Chinese bots from a Shanghai showroom, shocks world 00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks 00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence 01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware | |||
| 2024-12-16 - ChickenSec News Part 3 | 18 Dec 2024 | 01:10:35 | |
00:00 - PreShow Banter™ — ChickenSec News Part 3 12:23 - BHIS - Talkin’ Bout [infosec] News 2024-12-16 14:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers 20:30 - Story # 2: Trump administration wants to go on cyber offensive against China 32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations 43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance 52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network 56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users 58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks | |||
| 2024-12-09 - A Better Mike | 11 Dec 2024 | 01:04:45 | |
00:00 - PreShow Banter™ — A Better Mike 04:46 - BHIS - Talkin’ Bout [infosec] News 2024-12-09 05:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts 23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data 42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack 46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online | |||
| 2024-12-02 - C Squad | 04 Dec 2024 | 01:12:18 | |
00:00:00 - PreShow Banter™ — C Squad 00:11:03 - BHIS - Talkin’ Bout [infosec] News 2024-12-02 00:15:43 - Story # 1: Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research 00:30:41 - Story # 2: FTC finds that smart-device makers fail to make clear how long their products will be supported 00:44:47 - Story # 3: US senators propose law to require bare minimum security standards 00:46:35 - Story # 4: Starbucks baristas can’t view their schedules after ransomware attack on vendor 01:04:26 - Story # 5: Volunteer DEF CON hackers dive into America’s leaky water infrastructure 01:08:45 - Shameless Plugs | |||
| Louvre’s Video Security Password Was ‘Louvre’ 2025-11-10 | 13 Nov 2025 | 00:58:56 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Chapters 00:00 - PreShow Banter™ — Humans are Done 03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-10 05:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human. 15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell 25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’ 29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers 32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities 40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools 56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand | |||
| Ransomware Victims Stop Paying Hackers – 2025-11-03 | 06 Nov 2025 | 01:03:33 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Musical Views of the Universe 04:05 - – BHIS - Talkin’ Bout [infosec] News 2025-11-03 04:39 - Story # 1: Ransomware profits drop as victims stop paying hackers 06:22 - Chart since 2019 16:06 - Story # 2: More than a million people every week show suicidal intent when chatting with ChatGPT, OpenAI estimates 33:02 - Story # 3: 10M people watched a YouTuber shim a lock; the lock company sued him. Bad idea. 41:18 - Story # 4: ‘Dangerous’ YouTube videos struck down for bypassing Windows 11 account setup [Update: Restored] 47:13 - Story # 5: Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says 51:08 - Story # 6: Microsoft: DNS outage impacts Azure and Microsoft 365 services 54:33 - Story # 7: EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure 55:22 - Stordy # 8: Black Hat Europe 2025 Arsenal: 8 AI Security Tools Transforming Cybersecurity | |||
| The AI Browser Wars - 2025-10-27 | 31 Oct 2025 | 01:01:09 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com The BHIS crew breaks down the latest cybersecurity stories making waves — from data breaches and malware campaigns to privacy issues, exploit trends, and tech policy shake-ups. Join our panel of security pros for expert analysis, sharp humor, and practical insights you can actually use. Whether it’s social engineering, AI-powered attacks, or bizarre security headlines, we dig into what matters most for defenders and curious minds alike. Stay informed, entertained, and one step ahead in the ever-changing world of infosec. 00:00:00 - PreShow Banter™ — The Cost of War.xyz 00:03:42 - The AI Browser Wars - BHIS - Talkin’ Bout [infosec] News 2025-10-27 00:04:04 - Story # 1: Smart bed owners experience AWS outage nightmare as they’re left sweating and stuck in upright position 00:10:49 - Story # 2: Robots May Replace 600,000 Human Employees at Amazon 00:14:40 - Story # 3: Meet Mico, Microsoft’s AI version of Clippy 00:20:59 - Story # 4: Exploitation of Windows Server Update Services Remote Code Execution Vulnerability 00:26:31 - Story # 5: Ex-L3Harris executive accused of selling trade secrets to Russia 00:31:29 - Story # 6: Introducing ChatGPT Atlas 00:43:34 - Story # 7: ‘Phased Out’—Google Confirms Bad News For 3 Billion Chrome Users 00:52:26 - Story # 8: The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn 01:00:16 - Story # 9: KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed | |||
| Online Book Store Takes Down Half the Internet - BHIS - Talkin' Bout [infosec] News 2025-10-20 | 24 Oct 2025 | 01:08:01 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00:00 - PreShow Banter™ — AWS Snow Day Party 00:11:31 - Online Book Store Takes Down Half of the Internet - BHIS - Talkin’ Bout [infosec] News 2025-10-20 00:12:12 - Story # 1: F5 says hackers stole undisclosed BIG-IP flaws, source code 00:35:11 - Story # 2: Newsom signs age verification law, siding with tech giants over Hollywood 00:48:39 - Story # 3: Researchers find a startlingly cheap way to steal your secrets from space 00:55:04 - Story # 4: Jeff Bezos Has a Plan to Curb AI’s Carbon Footprint: Send Data Centers to Space 01:02:22 - Story # 5: SolarWinds Security Chief reflects on the Russian hack that exposed US government agencies | |||
| Hackers claim Discord breach exposed data of 5.5 million users - 2025-10-13 | 18 Oct 2025 | 00:58:37 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — A Real Podcast 03:15 - Hackers claim Discord breach exposed data of 5.5 million users – BHIS - Talkin' Bout [infosec] News 2025-10-13 05:44 - Story # 1: CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code 24:27 - Story # 2: Hackers claim Discord breach exposed data of 5.5 million users 36:52 - Story # 3: Velociraptor leveraged in ransomware attacks 46:47 - Story # 4: Huntress Threat Advisory: Widespread SonicWall SSLVPN Compromise 54:48 - CTF Challenge | |||
| 2 Million Cisco Devices Targeted by Exploited 0-Day – 2025-09-29 | 02 Oct 2025 | 01:01:29 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — A little radiation never hurt anybody. 03:07 - BHIS - Talkin’ Bout [infosec] News 2025-09-29 03:29 - Story # 1: As many as 2 million Cisco devices affected by actively exploited 0-day 19:07 - Story # 2: Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts | TechCrunch 24:25 - Story # 3: AI Darwin Awards Show AI’s Biggest Problem Is Human 29:32 - Story # 4: Nikon revokes all C2PA image authenticity certificates after major vulnerability exposed 34:14 - Story # 5: ‘You’ll never need to work again’: Criminals offer reporter money to hack BBC 38:18 - Story # 6: Cybersecurity Training Programs Don’t Prevent Employees from Falling for Phishing Scams 46:48 - Mini CTF Walkthrough 56:03 - Story # 7: U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area | |||
| Dirk-Jan Mollema Walks Us Through the Entra ID Cross-Tenant Vulnerability Discovery– 2025-09-22 | 25 Sep 2025 | 01:00:18 | |
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Unnatural European Fridges 03:34 - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin’ Bout [infosec] News 2025-09-22 04:14 - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens 21:32 - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages 40:50 - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence 51:41 - Story # 3: Verified Steam game steals streamer’s cancer treatment donations 57:16 - Story # 4: Heathrow warns of second day of disruption after cyber-attack | |||