Talkin' About [Infosec] News, Powered by Black Hills Information Security

00:00 - PreShow Banter™ — Yacht Doc

07:40 - BHIS - Talkin’ Bout [infosec] News 2024-11-18

08:49 - Story # 1: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit

16:02 - Story # 2: CISA Director Jen Easterly to depart agency on January 20

19:26 - Story # 3: Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

28:44 - Story # 4: T-Mobile hacked in massive Chinese breach of telecom networks, WSJ reports

30:55 - Story # 4b: T-Mobile confirms it was hacked in recent wave of telecom breaches

33:03 - Story # 5: An Interview With the Target & Home Depot Hacker

40:04 - Story # 6: Hacker gets 10 years in prison for extorting US healthcare provider

42:47 - Story # 7: Ransomware fiends boast they’ve stolen 1.4TB from US pharmacy network

44:21 - Story # 8: A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

45:23 - Story # 9: 23andMe cuts 40% of its workforce and discontinues therapeutics division

50:38 - Story # 10: FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023

56:45 - CPTC - Education Through Competition

00:00 - PreShow Banter™ — The Old and The New

02:27 - BHIS - Talkin’ Bout [infosec] News 2024-11-11

03:44 - Story # 1: Mattel pulls thousands of ‘Wicked’ dolls off shelves after printing adult website on packaging

08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus

11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 2025

16:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada

18:26 - Story # 5: Interpol Cybercrime Sweep Takes Down 22,000 IP Addresses, Arrests 41

29:47 - Story # 6: Google Cloud to mandate MFA for all users in 2025

41:30 - Story # 7: Cisco scores a perfect CVSS 10 with critical flaw in its wireless system

49:26 - Story # 8: H.I.G. Capital and Thoma Bravo to Acquire CompTIA Brand and Products

59:05 - SANS Holiday Hack Challenge™ 2024

00:00:00 - PreShow Banter™ — The Grey Times

00:04:33 - BHIS - Talkin’ Bout [infosec] News 2024-11-04

00:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta’s Lawsuit Against CrowdStrike

00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways

00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware

00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware

00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

00:30:02 - Story # 4b: ‘We strive to put humanity above all’: Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy

00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative

00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology’s Photos app

00:50:10 - Story # 7: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices

00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch

01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords

00:00:00 - PreShow Banter™ — Sarsaparilla

00:05:50 - BHIS - Talkin’ Bout [infosec] News 2024-10-28

00:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions

00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs

00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem

00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks

00:46:25 - Story # 4b: CISA proposes new security requirements to protect govt, personal data

00:51:03 - Story # 5: Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection

00:55:35 - Story # 6: Throne’s toilet camera takes pictures of your poop

01:04:57 - A Community Support Moment - https://www.crisistextline.org

00:00:00 - PreShow Banter™ — Log Con

00:11:41 - BHIS - Talkin’ Bout [infosec] News 2024-10-21

00:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk

00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users

00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio

00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil

00:27:12 - Story # 4: Debunking Hype: China Hasn’t Broken Military Encryption With Quantum

00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers’ cloud products

00:35:03 - Story # 6: Should We Chat, Too? FAQ

00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections

00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online

00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs

00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera

00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks

00:54:55 - Story # 11: Google’s Chrome Browser Starts Disabling uBlock Origin

01:01:00 - WWHF Recorvery

00:00:00 - PreShow Banter™ — Cast of Special Characters

00:06:37 - BHIS - Talkin’ Bout [infosec] News 2024-09-30

00:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there’s a catch

00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek

00:27:40 - Story # 2b: ‘I’m a black NAZI!’: NC GOP nominee for governor made dozens of disturbing comments on porn forum

00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules

00:47:01 - Story # 3b: Why Two-Factor Authentication Is So Important - Teen Vogue

00:54:04 - Story # 4: Hacker plants false memories in ChatGPT to steal user data in perpetuity

01:00:42 - Story # 5: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

01:02:54 - Story # 6: Massive E-Learning Platform Udemy Gave Teachers a Gen AI ‘Opt-Out Window’. It’s Already Over.

00:00 - PreShow Banter™ — Plane Talk

05:50 - BHIS - Talkin’ Bout [infosec] News 2024-09-23

06:16 - A SANS Difference Maker Award Finalist

09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat

24:08 - Story # 2: Recaptcha Phish - John Hammond

25:49 - Story # 2b: Clever ‘GitHub Scanner’ campaign abusing repos to push malware

30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign

35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI Training

37:40 - Story # 5: Disney ditching Slack after massive July data breach

41:42 - Story # 6: FTC exposes massive surveillance of kids, teens by social media giants

51:35 - Story # 7: Kaspersky deletes itself, installs UltraAV antivirus without warning

00:00 - PreShow Banter™ — Pour Over News

06:01 - BHIS - Talkin’ Bout [infosec] News 2024-09-16

07:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files

15:37 - Story # 2: Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches

21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison

28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded Future

34:27 - Story # 5: Cyber insurance set for explosive growth

40:20 - Story # 6: 23andMe will pay $30 million to settle 2023 data breach lawsuit

45:25 - Story # 7: Google faces EU investigation over AI data compliance

50:35 - Story # 8: Rogue WHOIS server gives researcher superpowers no one should ever have

00:00 - Introduction

01:22 - The Scenario

02:50 - First Steps

03:48 - Endpoint Analysis Roll

04:22 - Logon Scripts Were installed

05:09 - I.R. Team Introductions

07:17 - Second Step

10:32 - Network Threat Hunting Roll

11:36 - Third Step

15:12 - Anyway Here’s Firewall Roll

15:43 - Fourth Step

18:26 - SIEM Roll

19:41 - Fifth Step

20:47 - UEBA Roll

21:19 - Senario Recap

22:20 - Senario Plausibility?

25:51 - Wrap-up Takeaways

00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes

05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China

09:23 - BHIS - Talkin’ Bout [infosec] News 2024-09-09

09:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

25:24 - Story # 3: California legislature passes sweeping AI safety bill

38:02 - Story # 4: Brain Cipher claims attack on Olympic venue, promises 300 GB data leak

41:59 - Story # 5: How Navy chiefs conspired to get themselves illegal warship Wi-Fi

42:45 - Story # 5b: After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship

49:18 - Story # 6: Researchers say a bug let them add fake pilots to rosters used for TSA checks

51:32 - Story # 7: Durex India spilled customers’ private order data

54:53 - Story # 8: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack