🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat

A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.

Chapters
00:00 - PreShow Banter™ — Industry Leaders
02:34 - A Live Stream From inside Lazarus Group – 2025-12-08
04:24 - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
08:58 - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
20:37 - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
26:44 - Story # 4: Apple refuses to pre-install government app on iPhones in India
37:42 - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
44:55 - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
57:53 - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

• (00:00) - 00:00 - PreShow Banter™ — Industry Leaders
• (02:34) - A Live Stream From inside Lazarus Group – 2025-12-08
• (04:24) - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
• (08:57) - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
• (20:37) - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
• (26:44) - Story # 4: Apple refuses to pre-install government app on iPhones in India
• (37:41) - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
• (44:55) - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
• (57:52) - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

Chapters

• (00:00) - PreShow Banter™ — The Problem With Extensions
• (03:10) - Lawmakers Want to Ban VPNs – BHIS - Talkin' Bout [infosec] News 2025-12-01
• (03:47) - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
• (12:05) - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
• (21:18) - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
• (25:48) - Story # 4: 'Slop Evader' Lets You Surf the Web Like It’s 2022
• (37:07) - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
• (39:10) - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
• (42:38) - Story # 7: Meta is earning a fortune on a deluge of fraudulent ads, documents show
• (50:22) - Story # 8: Meta had a 17-strike policy for sex trafficking, former safety leader claims
• (52:40) - Story # 9: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Unnatural European Fridges

03:34 - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin’ Bout [infosec] News 2025-09-22

04:14 - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens

21:32 - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages

40:50 - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence

51:41 - Story # 3: Verified Steam game steals streamer’s cancer treatment donations

57:16 - Story # 4: Heathrow warns of second day of disruption after cyber-attack

• (00:00) - PreShow Banter™ — Unnatural European Fridges
• (03:07) - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin' Bout [infosec] News 2025-09-22
• (03:45) - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
• (20:09) - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages
• (38:51) - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence
• (49:28) - Story # 3: Verified Steam game steals streamer's cancer treatment donations
• (54:51) - Story # 4: Heathrow warns of second day of disruption after cyber-attack

The post Talkin’ About Infosec News – 11/22/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — A clean-shaven galaxy, a long time away.
• (07:50) - BHIS - Talkin' Bout [infosec] News 2023-11-20
• (09:53) - Story # 1: Ransomware gang files complaint with SEC complaining victim didn’t promptly announce breach
• (12:36) - Story # 1b: AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)
• (17:04) - Story # 1c : Services in North Carolina town unavailable after ransomware attack
• (18:13) - Story # 1d: WHISTLEBLOWER AWARD PROCEEDING
• (20:32) - Story # 2: Taylor Swift Fans Spring Into Action After Singer’s Hotel Location Leaks
• (26:01) - Story # 3: Recognizing fake news now a required subject in California schools
• (35:34) - Story # 4: Hackers breach healthcare orgs via ScreenConnect remote access
• (37:07) - Story # 4b: Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
• (42:59) - Story # 5: Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
• (47:19) - Story # 6: US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea
• (50:32) - Story # 7: Ignite News: Augment your EDR with deception tactics to catch adversaries early
• (59:54) - Snake Oil? Summit 2023

The post Talkin’ About Infosec News – 11/13/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Tinder Skills Endorsements
• (01:38) - BHIS - Talkin' Bout [infosec] News 2023-11-13
• (02:42) - Story # 1: Boeing data published by Lockbit hacking gang
• (03:57) - Story # 2: Google, Meta, Discord, and more team up to fight child abuse online
• (28:06) - Story # 3: Data broker’s “staggering” sale of sensitive info exposed in unsealed FTC filing
• (39:37) - Story # 4: Maine government says data breach affects 1.3 million people
• (44:40) - Story # 1 REPRISE: Boeing data published by Lockbit hacking gang
• (50:52) - Story # 5: Inside Denmark’s hell week as critical infrastructure orgs faced cyberattacks

The post Talkin’ About Infosec News – 11/10/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — The Jerky Experience
• (03:40) - BHIS - Talkin' Bout [infosec] News 2023-11-06
• (04:34) - Story # 1: Okta hit by third-party data breach exposing employee information
• (07:03) - Story # 1b: Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop
• (13:13) - Story # 2: Boeing confirms cyberattack, global services disrupted
• (14:34) - Story # 3: Four dozen countries declare they won’t pay ransomware ransoms
• (15:26) - Story # 4: https://www.healthcareinfosecurity.com/feds-levy-first-ever-hipaa-fine-for-ransomware-data-breach-a-23448
• (27:08) - Story # 5: “This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard
• (30:52) - Story # 6: 3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
• (32:03) - Story # 7: Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
• (33:28) - Story # 7b: Cisco IOS XE CVE-2023-20198: Deep Dive and POC
• (42:38) - Story # 8: SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack

The post Talkin’ About Infosec News – 11/09/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Costume Party
• (02:04) - BHIS - Talkin' Bout [infosec] News 2023-10-30
• (03:24) - Story # 1: Okta cybersecurity breach wipes out more than $2 billion in market cap
• (18:43) - Story # 2: Boeing assessing Lockbit hacking gang threat of sensitive data leak
• (26:09) - Story # 3: The AI-Generated Child Abuse Nightmare Is Here
• (41:37) - Story # 4: MGM Resorts hackers 'one of the most dangerous financial criminal groups’

The post Talkin’ About Infosec News – 11/4/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Pre-Con-Crud
• (01:49) - BHIS - Talkin' Bout [infosec] News 2023-10-23
• (04:33) - WWHF 2023 recap
• (12:20) - Story # 1: Mysterious APT compromises Asian government's secure USBs
• (16:13) - Story # 2: CIA exposed to potential intelligence interception due to X's URL bug
• (20:02) - Story # 3: EPA withdraws cyber audit requirement for water systems
• (22:54) - Story # 3b: Florida Water Treatment Plant Hit With Cyber Attack
• (27:00) - Story # 4: Thousands of remote IT workers sent wages to North Korea to help fund weapons program, FBI says
• (33:10) - Story # 5: Okta says its support system was breached using stolen credentials
• (37:13) - Story # 6: Casio discloses data breach impacting customers in 149 countries
• (41:44) - Story # 7: Ragnar Locker ransomware’s dark web extortion sites seized by police
• (44:02) - Story # 7b: Ragnar Locker ransomware developer arrested in France
• (46:54) - Story # 8: Flipper Zero can be used to crash iPhones running iOS 17, but there's a way to foil the attack
• (50:42) - Story # 9: U.S. Government Releases Popular Phishing Technique Used by Hackers
• (53:39) - Story # 10: Selfie-scraper, Clearview AI, wins appeal against UK privacy sanction

The post Talkin’ About Infosec News – 10/10/23 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Canadian Bacon Day
• (04:35) - BHIS - Talkin' Bout [infosec] News 2023-10-09
• (06:19) - Story # 1: NSA and CISA reveal top 10 cybersecurity misconfigurations
• (13:35) - Story # 1b: NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
• (21:21) - Story # 2: QR codes in emails? Watch out - it could be part of a 'Quishing' scam
• (25:07) - Story # 2b: https://github.com/jocephus/QuellR
• (28:16) - Story # 2c: https://twitter.com/vmyths/status/1212201412068818944
• (30:47) - Story # 3: New Marvin attack revives 25-year-old decryption flaw in RSA
• (35:59) - Story # 4: Bounty offered for secret NSA seeds behind NIST elliptic curves algo
• (38:01) - Story # 5: Rules of engagement issued to hacktivists after chaos
• (01:02:55) - PROGRAMMING NOTE – WWHF2023

The post Talkin’ About Infosec News – 10/9/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — The Scented Podcast
• (04:42) - BHIS - Talkin' Bout [infosec] News 2023-10-02
• (07:24) - Story # 1: Google assigns new maximum rated CVE to libwebp bug exploited in attacks
• (24:13) - Story # 2: Progress warns of maximum severity WS_FTP Server vulnerability
• (31:16) - Story # 3: Sony PlayStation Hack: What We Know So Far About the LAPSUS$ Cyberattack
• (36:10) - Story # 4: City of Fort Lauderdale loses $1.2 million in phishing scam, police in Florida say
• (41:42) - Story # 5: FCC announces plans to reinstate net neutrality
• (52:32) - Story # 6: [New research] Do longer passwords protect you from compromise?

The post Special Segment – Cyber Security Career Advice – 9/28/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ Segment Special – Cyber Security Career Advice
• (00:26) - Q :Entry Level Cybersecurity equals Mid-Level I.T. ?
• (08:05) - Q: How do I get started, I'm new in the Cyber Security Industry?
• (09:37) - Q: What Degree(s) do you recommend for Cyber Security / Infosec?
• (16:07) - Q: How did Chris Traynor join Black Hills Information Security?
• (18:58) - LINK– Pancake Con Chris Traynor Talk - https://youtube.com/watch?v=tMgDSb5_mKs
• (20:13) - LINK - BHIS Discord - https://discord.gg/bhis
• (23:35) - LINK - Chicago meetups : https://burbsec.com
• (25:53) - LINK: YouTube– Acess Granted Webcast – https://youtube.com/live/oaTEK9Feo5s

The post Talkin’ About Infosec News – 9/25/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Poop Shoots and Chocolate Bunnies
• (02:33) - BHIS - Talkin' Bout [infosec] News 2023-09-25
• (07:15) - Story # 1: Cisco to Acquire Splunk
• (08:15) - CISCO RSA Plane https://assets-cdn.workingnotworking.com/a1w71r9as47v5iap49d6u2md0dfr
• (09:21) - Jack Rhysider on Splunk https://twitter.com/JackRhysider/status/1704986407415038213
• (18:09) - Story # 2: Youth hacking ring at the center of cybercrime spree
• (26:45) - Story # 3: T-Mobile users say other people’s account information is appearing in their app
• (30:11) - Story # 4: Okta: Caesars, MGM hacked in social engineering campaign
• (35:40) - Story # 5: Data breach reveals distressing info: People who order pineapple on pizza
• (39:28) - Story # 6: National Student Clearinghouse data breach impacts 890 schools
• (46:16) - Story # 7: Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack

The post Talkin’ About Infosec News – 9/18/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Billionare Traps & Dump Lists
• (05:11) - BHIS - Talkin' Bout [infosec] News 2023-09-18
• (07:28) - Story # 1: Statement on MGM Resorts International
• (12:06) - Story # 1b: Okta & MGM sitting in a tree
• (14:53) - Story # 1c: Okta Agent Involved in MGM Resorts Breach, Attackers Claim
• (20:26) - Story # 1d: Social Engineering: How It Works, Examples & Prevention
• (26:49) - Story # 1e: Lina Khan Got Stuck in the Fallout of the MGM Hack at Las Vegas
• (44:09) - Story # 2: F-35 goes missing near North Charleston; pilot hospitalized after ejecting
• (48:38) - Story # 3: Pirated Software Likely Cause of Airbus Breach
• (53:48) - (K)night (I)ndustries (T)esla (T)hree opens parking garage gate

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Enter Dark John

03:15 - Kerberoasting Goes to Washington – BHIS - Talkin’ Bout [infosec] News 2025-09-15

03:49 - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

12:46 - Story # 2: How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations

32:42 - Story # 3: Some JLR suppliers ‘face bankruptcy’ due to hack crisis

41:30 - Story # 4: AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

46:07 - Story # 5: All your vulns are belong to us! CISA wants to maintain gov control of CVE program

49:55 - Story # 6: Qantas penalizes executives for July cyberattack

51:15 - Story # 7: America’s second largest egg producer breached, claim hackers

54:55 - Story # 8: Undocumented Radios Found in Solar-Powered Devices

• (00:00) - PreShow Banter™ — Enter Dark John
• (03:14) - Kerberoasting Goes to Washington – BHIS - Talkin' Bout [infosec] News 2025-09-15
• (03:49) - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”
• (12:46) - Story # 2: How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations
• (32:41) - Story # 3: Some JLR suppliers 'face bankruptcy' due to hack crisis
• (41:29) - Story # 4: AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
• (46:06) - Story # 5: All your vulns are belong to us! CISA wants to maintain gov control of CVE program
• (49:54) - Story # 6: Qantas penalizes executives for July cyberattack
• (51:14) - Story # 7: America’s second largest egg producer breached, claim hackers
• (54:55) - Story # 8: Undocumented Radios Found in Solar-Powered Devices

The post Talkin’ About Infosec News – 9/11/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Felling Trees 504
• (02:03) - Talkin' Bout [infosec] News 2023-09-11
• (05:51) - 22nd Anniversary of the 9-11 Tragedy
• (10:35) - Story # 1: AT&T Customers Doxed Themselves En Masse In Reply-All Nightmare
• (15:47) - Story # 1b: Senate email system crashes amid avalanche of reply-alls to security test
• (18:09) - Story # 2: Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
• (23:47) - Story # 2b: BLASTPASS NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
• (29:16) - Story # 3: Apple finally admits the CSAM scanning flaw we all pointed out
• (33:32) - Story # 4: Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
• (38:57) - Story # 4b: Microsoft finally explains cause of Azure breach: An engineer’s account was hacked
• (51:16) - Story # 5: FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown — FBI
• (52:24) - Story # 5b: Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI
• (57:49) - https://github.com/alephdata/aleph

• (00:00) - PreShow Banter™ — Deep Disruptions
• (04:01) - BHIS - Talkin' Bout [infosec] News 2023-08-28
• (05:43) - Story # 1: Exclusive: Cybersecurity firm SentinelOne explores sale -sources
• (13:28) - Story # 2: WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April
• (20:17) - Story # 3: NIST Publishes Draft Post-Quantum Cryptography Standards
• (23:29) - Story # 4: Mysterious Cyberattack Shuts Down Yet More Telescopes For Weeks
• (29:31) - Story # 5: Danish cloud host says customers ‘lost all data’ after ransomware attack
• (35:04) - Story # 6: Lapsus$: Court finds teenagers carried out hacking spree
• (35:45) - Story # 6b: GTA 6 Hacker Found To Be Teen With Amazon Fire Stick In Small Town Hotel Room
• (44:36) - Story # 7: New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now

• (00:00) - PreShow Banter™ — Overarching Hot Takes
• (01:27) - BHIS - Talkin' Bout [infosec] News 2023-08-21
• (04:30) - Story # 1: Hackers red-teaming A.I. are ‘breaking stuff left and right,’ but don’t expect quick fixes from DefCon: ‘There are no good guardrails’
• (06:18) - Story # 1b: What happens when thousands of hackers try to break AI chatbots
• (08:46) - Story # 2: US lawmaker says FBI notified him of email breach linked to Microsoft cloud hack
• (11:18) - Story # 3: Elon Musk's army of inactive followers paints a bleak picture of X as a whole
• (12:42) - Story # 3b: Elon Musk’s Shadow Rule
• (18:45) - Story # 4: Haggling With Hackers: Surprising Lessons From 50 Negotiations With Ransomware Gangs
• (23:42) - Story # 5: WinRAR flaw lets hackers run programs when you open RAR archives
• (27:55) - Story # 6: CISA, experts warn of Citrix vulnerabilities being exploited by hackers
• (29:44) - Story # 7: Ongoing Duo outage causes Azure Auth authentication errors
• (30:38) - Story # 8: Phishing campaign steals accounts for Zimbra email servers worlwide
• (35:48) - Story # 9: WD refused to answer our questions about its self-wiping SanDisk SSDs
• (38:35) - Story # 9b: Backblaze Drive Stats for Q2 2023
• (42:07) - Story # 10: NYC Bans TikTok on City Devices
• (55:38) - Story # 11: IMAX Still Runs on PalmPilot Operating System
• (57:25) - Story # 12: Major LinkedIn Account Takeover Campaign Underway

• (00:00) - PreShow Banter™ — Messed With Your Head
• (05:25) - Story # 1: Chinese Malware Could Cut Power To U.S. Military Bases, Businesses And Homes, Report Claims
• (18:14) - Story # 2: US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’
• (18:39) - Story # 2b: US senator victim-blames Microsoft for Chinese hack
• (19:08) - Story # 2c: https://www.wyden.senate.gov/imo/media/doc/
• (27:27) - Story # 3: Russian court jails cyber security executive for 14 years in treason case
• (33:47) - Story # 4: Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
• (47:29) - Story # 5: SEC now requires companies to disclose cyberattacks in 4 days
• (48:19) - Story # 5b: SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies
• (57:55) - Take Joe's Class https://www.theosintion.com/courses/

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00 - PreShow Banter™ — If I Were French

04:35 - Anthropic 1.5 Billion © Settlement - BHIS - Talkin’ Bout [infosec] News 2025-09-08

05:48 - Hackers Threaten to Submit Artists’ Data to AI Models If Art Site Doesn’t Pay Up

08:40 - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement

23:58 - This Company Turns Dashcams into ‘Virtual CCTV Cameras.’ Then Hackers Got In

33:38 - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps

40:07 - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack

44:27 - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack

46:38 - Update on Mandiant Drift and Salesloft Application Investigations

51:04 - M&S hackers claim to be behind Jaguar Land Rover cyber attack

51:55 - New TP-Link zero-day surfaces as CISA warns other flaws are exploited

54:52 - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy

57:58 - Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions

• (00:00) - PreShow Banter™ — If I Were French
• (04:35) - Anthropic 1.5 Billion © Settlement - BHIS - Talkin' Bout [infosec] News 2025-09-08
• (05:47) - Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up
• (08:40) - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement
• (23:57) - This Company Turns Dashcams into ‘Virtual CCTV Cameras.’ Then Hackers Got In
• (33:38) - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps
• (40:07) - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack
• (44:26) - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack
• (46:37) - Update on Mandiant Drift and Salesloft Application Investigations
• (51:03) - M&S hackers claim to be behind Jaguar Land Rover cyber attack
• (51:54) - New TP-Link zero-day surfaces as CISA warns other flaws are exploited
• (54:52) - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy
• (57:57) - Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions

The post Talkin’ About Infosec News – 6/9/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Pick Your Crap
• (02:01) - BHIS - Talkin' Bout [infosec] News 2023-06-05
• (02:35) - Story # 1: International Underwear Model and Insurrectionist Was Just Sentenced to 32 Months in Prison
• (05:39) - Story # 2: Mass exploitation of critical MOVEit flaw is ransacking orgs big and small
• (07:46) - Story # 2b: https://github.com/AhmetPayaslioglu/YaraRules
• (14:11) - Story # 2c: Critical Vulnerability in Progress MOVEit Transfer: Technical Analysis and Recommendations
• (42:31) - Story # 3: Millions of PC Motherboards Were Sold With a Firmware Backdoor
• (44:01) - Story # 3b: Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards
• (46:31) - Story # 4: Cyberweapon manufacturers plot to stay on the right side of US
• (54:16) - Story # 5: Hackers steal around $170,000 after compromising Steve Aoki's Twitter account

The post Talkin’ About Infosec News – 5/26/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — The Power of PreShow Banter™
• (02:19) - BHIS - Talkin' Bout [infosec] News 2023-05-22
• (04:40) - Story # 1: Meta slapped with record $1.3 billion EU fine over data privacy
• (09:23) - Story # 2: Toyota Discloses Decade-Long Data Leak Exposing 2.15M Customers' Data
• (11:58) - Story # 3: Microsoft is scanning the inside of password-protected zip files for malware
• (21:53) - Story # 4: ChatGPT chief says artificial intelligence should be regulated by a US or global agency
• (28:38) - Story # 5: 15million Bug Bounty - LayerZero Labs
• (33:38) - Story # 6: Dish Network likely paid ransom after recent ransomware attack
• (38:13) - Story # 7: New ZIP domains spark debate among cybersecurity experts
• (41:09) - Story # 7b: https://twitter.com/_JohnHammond/status/1657427727425626113
• (43:56) - Story # 8: Apple Bans Employees From Using ChatGPT Amid Its Own AI Efforts
• (52:21) - Story # 9: TikTok sues Montana over controversial state ban

The post Talkin’ About Infosec News – 5/17/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Hardcore Mountain J-Biking
• (02:37) - BHIS - Talkin' Bout [infosec] News 2023-05-15
• (03:37) - Story # 1: Discord discloses data breach after support agent got hacked
• (12:12) - Story # 2: Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
• (13:02) - Story # 2b: Deconstructing a Cybersecurity Event
• (29:02) - Story # 3: How Apple catches leakers: From color changes to comma placement
• (31:32) - Story # 3b: The ingenious way ‘Star Trek Beyond’ is making sure its script doesn’t leak online
• (34:34) - Story # 3c: Genius hid a Morse code message in song lyrics to prove Google was copying them
• (40:17) - Story # 4: How one of Vladimir Putin’s most prized hacking units got pwned by the FBI
• (43:03) - Story # 4b: Hunting Russian Intelligence “Snake” Malware
• (51:26) - Story # 4c: Microsoft recommended driver block rules
• (55:50) - Story # 4d: Bypassing PatchGuard 3
• (58:15) - Story # 5: The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services

The post Talkin’ About Infosec News – 5/11/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Notes about Music
• (01:19) - BHIS - Talkin' Bout [infosec] News 2023-05-08
• (01:59) - Story # 1: China’s hackers outnumber FBI cyber staff ‘at least 50 to 1,’ Wray tells Congress
• (06:57) - Story # 2: Drone goggles maker claims firmware sabotaged to ‘brick’ devices
• (12:27) - Story # 3: Twitter says a 'security incident' led to private Circle tweets becoming public
• (13:46) - Story # 4: Billy Corgan Paid Off Hacker to Prevent ATUM Leak
• (21:15) - Story # 5: New Atomic macOS info-stealing malware targets 50 crypto wallets
• (39:35) - Story # 5b ChatGPT maker OpenAI lost about $540 million last year
• (47:51) - Story # 6: QR codes used in fake parking tickets, surveys to steal your money

The post Talkin’ About Infosec News – 5/5/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Swords in San Francisco
• (01:32) - BHIS - Talkin' Bout [infosec] News 2023- 04-24
• (04:00) - Story # 1: Pentagon Leaks: What's the Damage?
• (13:09) - Story # 2: Hacker Group Names Are Now Absurdly Out of Control
• (21:15) - Story # 3: 3CX Breach Was a Double Supply Chain Compromise
• (38:31) - Story # 4: What’s more prevalent than juice jacking? Fake public WiFi networks, says researcher
• (45:23) - Story # 5: Hundreds of Southwest Airlines flights are delayed after FAA lifts nationwide ground stop
• (49:06) - Story # 6: European air traffic control confirms website 'under attack' by pro-Russia hackers
• (50:56) - Story # 7: APC warns of critical unauthenticated RCE flaws in UPS software
• (53:16) - Story # 8: ‘AuKill’ EDR killer malware abuses Process Explorer driver

The post Talkin’ About Infosec News – 4/18/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Hardest to Handle
• (02:41) - BHIS - Talkin' Bout [infosec] News 2023-04-17
• (04:22) - Story # 1: Actually, Charging Your Phone in a Public USB Port Is Fine
• (16:04) - Story # 2: Israeli Irrigation Water Controllers & Postal Service Breached
• (16:48) - Story # 2b: Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not.
• (27:30) - Story # 2c: Ridley turns a horrific true story involving Hurricane Katrina into a scripted drama
• (29:13) - Story # 3: 3CX blames North Korea for supply chain mass-hack
• (35:09) - Story # 4: FBI arrests 21-year-old Air National Guardsman suspected of leaking classified documents
• (53:59) - Story # 5: Montana lawmakers vote to completely ban TikTok in the state

The post Talkin’ About Infosec News – 4/11/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Canada Man
• (03:49) - BHIS - Talkin' Bout [infosec] News 2023-04-10
• (05:10) - Story # 1: IRS-authorized eFile.com tax return software caught serving JS malware
• (11:52) - Story # 2: Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme
• (19:45) - Story # 3: Two-Fifths of IT Pros Told to Keep Breaches Quiet
• (27:27) - Story # 4: Samsung reportedly leaked its own secrets through ChatGPT
• (30:16) - Story # 4b: Introducing Microsoft Security Copilot: Empowering defenders at the speed of AI
• (32:07) - Story # 5: Tesla workers shared images from car cameras, including “scenes of intimacy”
• (47:37) - HBS News Hour
• (52:01) - Story # 6: KFC, Pizza Hut owner discloses data breach after ransomware attack

The post Talkin’ About Infosec News – 4/5/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Jazzy Saxophone
• (01:13) - BHIS - Talkin' Bout [infosec] News 2023-04-03
• (02:40) - Story # 1: He Would Still Be Here': Man Dies by Suicide After Talking with AI Chatbot, Widow Says
• (08:45) - Story # 1b: Elon Musk, Steve Wozniak Join AI Experts In Pushing To 'Pause Giant AI Experiments'
• (14:51) - Story # 2: S.686 - RESTRICT Act
• (26:01) - Story # 3: Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons
• (29:27) - Story # 4: 3CX thought supply chain attack was a false positive
• (35:46) - Story # 5: Twitter takes its algorithm ‘open-source,’ as Elon Musk promised
• (39:40) - Story # 6: 20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
• (44:16) - Story # 7: Hacker Agrees to Return $197 Million Stolen from Euler Finance
• (47:46) - Story # 8: India-based cybergang busted for selling fake KFC franchises
• (51:50) - Story # 8b: https://twitter.com/cyberabadpolice
• (52:42) - Story # 8c: https://www.cyberabadpolice.gov.in
• (56:07) - Story # 9: Meta wants EU users to apply for permission to opt out of data collection

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00 - PreShow Banter™ — It’s 8ft skeleton season.

02:18 - BHIS - Talkin’ Bout [infosec] News 2025-09-02

03:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks

07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K

19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’

20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025

22:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424

25:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research

30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people

34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI

35:20 - Story # 12: They weren’t lovin’ it - hacker cracks McDonald’s security in quest for free nuggets, and it was apparently not too tricky

39:29 - Identify the birds you see or hear with Merlin Bird ID

40:04 - Story # 13: Detecting and countering misuse of AI: August 2025

51:31 - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

• (00:00) - PreShow Banter™ — It’s 8ft skeleton season.
• (02:17) - BHIS - Talkin' Bout [infosec] News 2025-09-02
• (03:07) - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
• (07:35) - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’
• (13:46) - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
• (17:44) - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K
• (19:39) - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’
• (20:56) - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
• (22:43) - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424
• (25:19) - Story # 8: First known AI-powered ransomware uncovered by ESET Research
• (30:00) - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception
• (32:05) - Story # 10: TransUnion suffers data breach impacting over 4.4 million people
• (34:16) - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI
• (35:20) - Story # 12: They weren't lovin' it - hacker cracks McDonald's security in quest for free nuggets, and it was apparently not too tricky
• (39:29) - Identify the birds you see or hear with Merlin Bird ID
• (40:03) - Story # 13: Detecting and countering misuse of AI: August 2025
• (51:31) - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

The post Talkin’ About Infosec News – 4/3/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Always Checking For Leaks
• (02:56) - BHIS - Talkin' Bout [infosec] News 2023-03-27
• (04:31) - Story # 1: Data breach leak site BreachForums shuts down
• (12:06) - Story # 2: Ralph's personal cybercrime story
• (21:43) - Story # 3: North Korean hackers using Chrome extensions to steal Gmail emails
• (31:13) - Story # 4: Gordon Moore, Intel Co-Founder, Dies at 94
• (32:37) - Story # 4b: Beloved hacking veteran Kelly ‘Aloria’ Lum passes away at 41
• (32:59) - Story # 5: Twitter Says Parts of Its Source Code Were Leaked Online
• (37:00) - Story # 6: AI image of Pope Francis in a puffer jacket fooled the internet and experts fear there’s worse to come
• (41:07) - Story # 6b: Samsung’s Moon Shots Force Us to Ask How Much AI Is Too Much
• (44:00) - Story # 7:New MacStealer macOS malware steals passwords from iCloud Keychain
• (45:22) - Story # 8: Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023
• (49:39) - Story # 9: Ferrari discloses data breach after receiving ransom demand
• (52:03) - Story # 10: How hackers took over Linus Tech Tips

00:00 – PreShow Banter™ — Tossing Money at Problems00:58 – BHIS – Talkin’ Bout [infosec] News 2023-03-1301:41 – Story # 1: Silicon Valley Bank collapse: Treasury, Fed, and FDIC announce […]

The post Talkin’ About Infosec News – 3/16/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Tossing Money at Problems
• (00:58) - BHIS - Talkin' Bout [infosec] News 2023-03-13
• (01:41) - Story # 1: Silicon Valley Bank collapse: Treasury, Fed and FDIC announce steps to ensure deposits will be paid in full
• (17:23) - Story # 1b: Silicon Valley Bank exec was Lehman Brothers CFO prior to 2008 collapse
• (21:21) - Story # 2: FBI investigates data breach impacting U.S. House members and staff
• (30:33) - Story # 3: Acronis downplays intrusion after 12GB trove leaks online
• (34:40) - Story # 4: Acer confirms breach after 160GB of data for sale on hacking forum
• (51:26) - Story # 5: The privacy loophole in your doorbell
• (57:28) - Spearfish General Store

THIS IS A TEST

The post Talkin’ About Infosec News – 3/8/2023 (v2) appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Lil NAS
• (06:52) - BHIS - Talkin' Bout [infosec] News 2023-03-06
• (08:13) - Story # 1: LastPass says employee’s home computer was hacked and corporate vault taken
• (28:32) - Story # 2: An Uncomfortable Reality: Occupational Hazards Associated with Thought Leadership in CTI
• (35:18) - Story # 3: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy
• (45:17) - Story # 4: Roku Doesn’t Support IPv6 and It Might Be a Big Deal
• (51:05) - Story # 5: Secret crawlspace cryptomine discovered in routine inspection of MA high school
• (57:18) - Story # 6: ATM thieves use glue and 'tap' function to drain accounts at Chase Bank

00:00 – PreShow Banter™ — Lil NAS06:52 – BHIS – Talkin’ Bout [infosec] News 2023-03-0608:13 – Story # 1: LastPass says employee’s home computer was hacked and corporate vault takenhttps://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/28:32 […]

The post Talkin’ About Infosec News – 3/8/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Lil NAS
• (06:52) - BHIS - Talkin' Bout [infosec] News 2023-03-06
• (08:13) - Story # 1: LastPass says employee’s home computer was hacked and corporate vault taken
• (28:32) - Story # 2: An Uncomfortable Reality: Occupational Hazards Associated with Thought Leadership in CTI
• (35:18) - Story # 3: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy
• (45:17) - Story # 4: Roku Doesn’t Support IPv6 and It Might Be a Big Deal
• (51:05) - Story # 5: Secret crawlspace cryptomine discovered in routine inspection of MA high school
• (57:18) - Story # 6: ATM thieves use glue and 'tap' function to drain accounts at Chase Bank

Story # 1: A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Lifehttps://www.wsj.com/articles/apple-iphone-security-theft-passcode-data-privacya-basic-iphone-feature-helps-criminals-steal-your-digital-life-cbf14b1a Story # 1b: Apple’s iPhone Passcode Problem: Thieves Can Ruin Your Entire Digital Life in Minutes […]

The post Talkin’ About Infosec News – 3/3/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Farm Raised Artificial Intelligence
• (04:01) - BHIS - Talkin' Bout [infosec] News 2023-02-27
• (05:09) - Story # 1: A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life
• (18:52) - Story # 2: Sensitive US military emails spill online
• (27:55) - Story # 3: Fruit giant Dole suffers ransomware attack impacting operations
• (33:01) - Story # 4: Well-hidden Mac cryptomining malware found in pirate copies of Final Cut Pro; expect more
• (37:30) - Story # 5: AI Helps Crack NIST-Recommended Post-Quantum Encryption Algorithm
• (40:38) - Story # 6: Snapchat launches ChatGPT integration, warns to not share your secrets
• (43:28) - Story # 7: How I Broke Into a Bank Account With an AI-Generated Voice
• (47:55) - Story # 8: Firms Who Pay Ransom Subsidise 10 New Attacks: Report
• (53:51) - Story # 9: Valve set a trap to catch and ban 40,000 Dota 2 cheaters

00:00 – PreShow Banter™ — Pop Tart Pizza04:15 – BHIS – Talkin’ Bout [infosec] News 2023-02-2005:39 – Story # 1: Employee data from a major cybersecurity firm posted for sale […]

The post Talkin’ About Infosec News – 2/22/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Pop Tart Pizza
• (04:15) - BHIS - Talkin' Bout [infosec] News 2023-02-20
• (05:39) - Story # 1: Employee data from a major cybersecurity firm posted for sale on a hacker forum
• (13:43) - Story # 2: FBI is investigating a cybersecurity incident on its network
• (16:44) - Story # 3: GoDaddy: Hackers stole source code, installed malware in multi-year breach
• (21:44) - Story # 4: Hyundai, Kia pushing updates so you can’t just steal their cars with USB cables
• (30:21) - Story # 5: Eurostar forces 'password resets' — then fails and locks users out
• (33:37) - Story # 6: Hacker Uncovers How to Turn Traffic Lights Green With Flipper Zero
• (39:30) - Story # 7: Namecheap denies system breach after email service used to spread phishing scams
• (43:11) - Story # 8: Official: Twitter will now charge for SMS two-factor authentication
• (48:24) - Story # 9: Software suite of Israeli security firm Cellebrite leaks online
• (51:22) - Story # 10: The US Air Force may have shot down an Amateur Radio Pico Balloon over Canada
• (55:48) - Story # 11: ChatGPT Is Ingesting Corporate Secrets

00:00 – PreShow Banter™ — Scalping Valentine’s Day Reservations04:13 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:52 – Story # 1: 5 Chinese companies and a research institute blacklisted by […]

The post Talkin’ About Infosec News – 2/17/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Scalping Valentine's Day Reservations
• (04:13) - BHIS - Talkin' Bout [infosec] News 2023-06-23
• (05:52) - Story # 1: 5 Chinese companies and a research institute blacklisted by U.S. over spy balloon program
• (12:00) - Story # 2: We had a security incident. Here’s what we know.
• (15:19) - Ean Reports Live!
• (21:44) - Story # 3: NameCheap's email hacked to send Metamask, DHL phishing emails
• (26:49) - Story # 4: Top mobile finance app Money Lover has some worrying security flaws
• (31:24) - Story # 5: Ukraine war: Elon Musk's SpaceX firm bars Kyiv from using Starlink tech for drone control
• (36:58) - Story # 6: NATO websites hacked, including that of the Headquarters of Special Operations Forces
• (38:58) - Story # 7: Khinshtein said that hackers acting in the interests of the Russian Federation should be released from liability
• (40:52) - Story # 8 NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
• (43:29) - Story # 9: Americans don't understand what companies can do with their personal data—and that's a problem
• (45:15) - Story # 9b: AMERICANS CAN’T CONSENT TO COMPANIES’ USE OF THEIR DATA
• (54:33) - Story # 10: Pentagon Staffers Found Installing Dating Apps, Games on Government Phones
• (57:34) - Story # 10b: Management Advisory: The DoD’s Use of Mobile Applications (Report No. DODIG-2023-041)
• (58:14) - Story # 11: When Facebook came for your battery, feudal security failed

00:00 – PreShow Banter™ — We’ve got nothing to say03:07 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:56 – Story # 1: Cybercrime job ads on the dark web pay […]

The post Talkin’ About Infosec News – 2/13/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — We've got nothing to say
• (03:07) - BHIS - Talkin' Bout [infosec] News 2023-06-23
• (05:56) - Story # 1: Cybercrime job ads on the dark web pay up to $20k per month
• (10:52) - Story # 2: Discrepancies Discovered in Vulnerability Severity Ratings
• (25:27) - Story # 3: GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
• (28:48) - Story # 4: Ex-Ubiquiti worker pleads guilty to data theft, extortion, and smear plot
• (34:47) - Story # 5: North Korean hackers stole research data in two-month-long breach
• (42:19) - Story # 6: Hacker Group Releases 128GB Of Data Showing Russia's 'Wide-Ranging' Illegal Surveillance Of Citizens

00:00 – PreShow Banter™ — Woke Up Like This03:20 – BHIS – Talkin’ Bout [infosec] News 2023-01-3005:04 – Story # 1: GoTo says hackers stole customers’ backups and encryption keyhttps://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key/09:48 […]

The post Talkin’ About Infosec News – 2/3/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Woke Up Like This
• (03:20) - BHIS - Talkin' Bout [infosec] News 2023-01-30
• (05:04) - Story # 1: GoTo says hackers stole customers' backups and encryption key
• (09:48) - Story # 2: T-Mobile hacked to steal data of 37 million accounts in API data breach
• (11:29) - Story # 3: Appliance makers sad that 50% of customers won’t connect smart appliances
• (23:11) - Story # 4: More Ransomware Victims Are Refusing to Pay Hackers
• (25:34) - Story # 5: DOJ, FBI hack Hive Network, save US$130 mln from crypto ransomware attacks
• (27:27) - Story # 6: Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
• (29:35) - Story # 7: Pet fish commits credit card fraud on owner using a Nintendo Switch
• (34:15) - Story # 8: how to completely own an airline in 3 easy steps
• (38:43) - Story # 9: Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack
• (46:43) - Story # 10: The semiconductor monopoly: How one Dutch company has a stranglehold over the global chip industry
• (55:59) - Story # 11: Swipe right on our new credit card tokens!

00:00 – PreShow Banter™ — Wade’s Googly Eyes00:41 – BHIS – Talkin’ Bout [infosec] News 2023-01-2301:26 – Story # 1: BIG TECH LAYOFFS. LAYOFFS! DOOM! RECESSION!

The post Talkin’ About Infosec News – 1/25/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Wade's Googly Eyes
• (00:41) - BHIS - Talkin' Bout [infosec] News 2023-01-23
• (01:26) - Story # 1: BIG TECH LAYOFFS. LAYOFFS! DOOM! RECESSION!

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00 - PreShow Banter™ — Canadian Chicken

02:01 - The AI Bubble BHIS - Talkin’ Bout [infosec] News 2025-08-25

02:23 - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers

09:27 - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years

12:43 - Story # 3: Developer jailed for taking down employer’s network with kill switch malware

16:33 - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet

20:42 - The Utopia Chronicles

23:20 - Story # 5: “Unstoppable Power Surges”: China’s Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic

28:47 - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says

41:21 - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes

43:41 - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won’t Tell You

46:33 - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

49:24 - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions

53:12 - Story # 11: Cybersecurity training doesn’t work: time wasted with no impact, study finds

59:07 - ChickenSec: Artificial Intelligence: The other AI

• (00:00) - PreShow Banter™ — Canadian Chicken
• (02:01) - The AI Bubble BHIS - Talkin' Bout [infosec] News 2025-08-25
• (02:23) - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers
• (09:27) - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years
• (12:42) - Story # 3: Developer jailed for taking down employer's network with kill switch malware
• (16:33) - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet
• (20:41) - The Utopia Chronicles
• (23:20) - Story # 5: “Unstoppable Power Surges”: China’s Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic
• (28:46) - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says
• (41:21) - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes
• (43:41) - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won’t Tell You
• (46:33) - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
• (49:24) - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions
• (53:12) - Story # 11: Cybersecurity training doesn’t work: time wasted with no impact, study finds
• (59:06) - ChickenSec: Artificial Intelligence: The other AI

00:00 – PreShow Banter™ — Ralph’s Guide to Satellite Bands 04:33 – BHIS – Talkin’ Bout [infosec] News 2023-01-16 05:25 – Story # 1: Microsoft’s new AI can simulate anyone’s […]

The post Talkin’ About Infosec News – 1/17/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Ralph’s Guide to Satellite Bands
• (04:33) - BHIS - Talkin' Bout [infosec] News 2023-01-16
• (05:25) - Story # 1: Microsoft’s new AI can simulate anyone’s voice with 3 seconds of audio
• (13:29) - Story # 2: Russian Hackers Tried to Break Into the U.S.'s Top Nuclear Labs: Report
• (16:42) - Story # 3: CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
• (26:59) - Story # 4: How a single developer dropped AWS costs by 90%, then disappeared
• (36:46) - Story # 5: A Widespread Logic Controller Flaw Raises the Specter of Stuxnet
• (48:38) - Story # 6: Meta sues “scraping-for-hire” service that sells user data to law enforcement

00:00 – PreShow Banter™ — Twitch Airways International00:59 – BHIS – Talkin’ Bout [infosec] News 2023-01-1003:56 – Story # 1: How ChatGPT could become a hacker’s friendhttps://betanews.com/2023/01/05/how-chatgpt-could-become-a-hackers-friend/14:05 – Story # […]

The post Talkin’ About Infosec News – 1/12/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Twitch Airways International
• (00:59) - BHIS - Talkin' Bout [infosec] News 2023-01-10
• (03:56) - Story # 1: How ChatGPT could become a hacker's friend
• (14:05) - Story # 2: Cybersecurity experts gaze into the 2023 crystal ball and see good, bad, ugly
• (16:40) - Story # 3: Chick-Fil-A and other Breaches to snack on
• (31:01) - Story # 4: Identity Thieves Bypassed Experian Security to View Credit Reports
• (36:29) - Story # 5: CircleCI security alert: Rotate any secrets stored in CircleCI (Updated Jan 7)
• (40:45) - Story # 6: Air France and KLM notify customers of account hacks
• (43:27) - Story # 7: Guardian offices closed until 23 January due to ongoing fallout from suspected ransomware attack

00:00 – PreShow Banter™ — Seven People00:51 – BHIS – Talkin’ Bout [infosec] News 2023-01-0201:37 – Story # 1: LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolenhttps://www.theverge.com/2022/12/28/23529547/lastpass-vault-breach-disclosure-encryption-cybersecurity-rebuttal32:22 – […]

The post Talkin’ About Infosec News – 1/3/2023 appeared first on Black Hills Information Security.

• (00:00) - PreShow Banter™ — Seven People
• (00:51) - BHIS - Talkin' Bout [infosec] News 2023-01-02
• (01:37) - Story # 1: LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
• (32:22) - Story # 2: Southwest Airlines’ post-Christmas meltdown thanks to ‘outdated IT’ systems, poor scheduling
• (42:18) - Story # 3: McGraw Hill's S3 buckets exposed 100,000 students' grades
• (47:59) - Story # 4: Okta confirms another breach after hackers steal source code