00:00 - PreShow Banter™ — The Bed Slinger

08:34 - The Oracle of Lies! - BHIS - Talkin’ Bout [infosec] News 2025-03-31

10:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service

20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List

26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account

29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans

32:51 - Story # 4b: Signal is ‘absolutely not suitable’ for government use: Former NSA hacker

37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack

42:27 - Story # 6: Retail giant Sam’s Club investigates Clop ransomware breach claims

45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker

46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems

48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs

53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments

56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion

00:00 - PreShow Banter™ — We’re Not Ready For the Finger Thing

01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin’ Bout [infosec] News 2025-03-24

03:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack

07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together

14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records

19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization

25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content

29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts

35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy

38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 28

44:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre

52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach

54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance

56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…

00:00 - PreShow Banter™ — Fun Jank Decks

05:25 - BHIS - Talkin’ Bout [infosec] News 2025-03-17 - Malicious browser plugins will destroy us ALL!!!!!

06:35 - Story # 1: Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension

14:37 - Story # 1b: Chrome Web Store is a mess

31:14 - Story # 2: Lazarus Strikes npm Again with New Wave of Malicious Packages

36:17 - Story # 3: China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days

44:44 - Story # 4: Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data

49:31 - Story # 5: Second biggest bank in US hit by major data breach stealing social security numbers and other personal info

51:25 - Story # 6: Hackers Take Credit for X Cyberattack

54:32 - Story # 7: Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account

00:00 - PreShow Banter™ — Agent A.I.

07:35 - BHIS - Talkin’ Bout [infosec] News 2025-03-10

10:47 - Story # 1: 12 Chinese hackers charged with US Treasury breach — and much, much more

15:25 - Story # 2: Signal President Meredith Whittaker calls out agentic AI as having ‘profound’ security and privacy issues

25:33 - Story # 3: X/Twitter is down for a third time today

27:33 - Story # 4: Developer sabotaged ex-employer with kill switch activated when he was let go

33:37 - Story # 5: Undocumented commands found in Bluetooth chip used by a billion devices

45:37 - Story # 6: Cybercrime’s Cobalt Strike Use Plummets 80% Worldwide

46:19 - Story # 7: Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags

55:01 - Story # 8: Ransomware gang encrypted network from a webcam to bypass EDR

00:00 - PreShow Banter™ — Not Talking About Anything

04:29 - BHIS - Talkin’ Bout [infosec] News 2025-03-03

05:42 - Story # 1: FBI Warns iPhone, Android Users—We Want ‘Lawful Access’ To All Your Encrypted Data

24:28 - Story # 2: Disney engineer downloaded ‘helpful’ AI tool that ended up completely destroying his life

34:28 - Story # 3: Have I Been Pwned adds 284M accounts stolen by infostealer malware

43:22 - Story # 4: Dragos’s 8th Annual OT Cybersecurity Year in Review Is Now Available

45:53 - Story # 5: Trump administration retreats in fight against Russian cyber threats

55:19 - Story # 5b: Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say

57:33 - Story # 6: Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’

00:00 - PreShow Banter™ — Get Political

05:27 - BHIS - Talkin’ Bout [infosec] News 2025-02-25

06:07 - Story # 1: Trump 2.0 Brings Cuts to Cyber, Consumer Protections

37:57 - Story # 2: OpenAI Uncovers Evidence of A.I.-Powered Chinese Surveillance Tool

49:48 - Story # 3: Apple pulls data protection tool after UK government security row

55:00 - Story # 4: Judge dismisses Chris Hadnagy lawsuit against DEF CON

00:00 - PreShow Banter™ — Prove That You’re Wearing Pants

05:50 - BHIS - Talkin’ Bout [infosec] News 2025-05-17

06:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January

07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don’t die laughing

08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List

16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account

18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says

36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack

37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever

43:14 - Story # 5b: DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone

46:59 - Story # 6: Man who SIM-swapped the SEC’s X account pleads guilty

51:26 - Story # 7: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs

53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

00:00 - PreShow Banter™ — Walking Through Denver

02:23 - BHIS - Talkin’ Bout [infosec] News 2025-02-10

04:35 - Story # 1: Ransomware payments declined in 2024 despite massive. well-known hacks

05:02 - Story # 1b: 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments

14:19 - Story # 2: Critical Cisco ISE bug can let attackers run commands as root

16:43 - Story # 3: The Untold Story of a Crypto Crimefighter’s Descent Into Nigerian Prison

24:18 - Story # 4: IoT’s botnet problem is up 500% – three things admins must do now

31:49 - Story # 5: WhatsApp identifies dozens of users hacked by Paragon spyware company

39:41 - Story # 6: Sri Lanka goes bananas after monkey unplugs nation

43:36 - Story # 7: Microsoft Study Finds AI Makes Human Cognition “Atrophied and Unprepared”

50:17 - ChickenSec Story #: 1 Here’s a Super Bowl riddle: Why are egg prices surging — but not chicken wings?

52:21 - Story # 8: DOGE Staffer Previously Fired From Cybersecurity Company for Leaking Secrets

58:07 - ChickenSec Story #2: Americans to Eat 1.47 Billion Chicken Wings for Super Bowl LIX

00:00 - PreShow Banter™ — Community Swear Bucket

01:40 - BHIS - Talkin’ Bout [infosec] News 2025-02-05

03:27 - Story # 1: DeepSeek R1 Exposed: Security Flaws in China’s AI Model

11:25 - Story # 2: Backdoor found in two healthcare patient monitors, linked to IP in China

15:21 - Story # 3: Facebook flags Linux topics as ‘cybersecurity threats’ — posts and users being blocked

20:56 - Story # 4: Here’s how Musk’s access to Treasury system may impact Social Security, other government payments

31:29 - Story # 5: Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

34:34 - Story # 6: Insurance Company Globe Life Notifying 850,000 People of Data Breach

36:15 - Story # 10: DeepSeek Fails Researchers’ Safety Tests

38:35 - Story # 11: Engineering giant Smiths Group discloses security breach

00:00 - PreShow Banter™ — Fake Australian

04:17 - BHIS - Talkin’ Bout [infosec] News 2025-01-27

04:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss

30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate’ to build up AI in US

42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations

43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources’

47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack

50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach

53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users’ Broad Location

54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel

59:40 - Story # 8: Researchers say new attack could take down the European power grid