Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — The Problem With Extensions

03:10 - Lawmakers Want to Ban VPNs – BHIS - Talkin’ Bout [infosec] News 2025-12-01

03:47 - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
https://labs.watchtowr.com/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem/

12:05 - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They’re Doing
https://www.eff.org/deeplinks/2025/11/lawmakers-want-ban-vpns-and-they-have-no-idea-what-theyre-doing

21:19 - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
https://hackread.com/7-zip-vulnerability-public-exploit-manual-update/

25:49 - Story # 4: ‘Slop Evader’ Lets You Surf the Web Like It’s 2022
https://www.404media.co/slop-evader-browser-extension-pre-generative-ai-search-filter/

37:08 - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
https://www.kyivpost.com/post/64814

39:10 - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
https://www.forbes.com/sites/zakdoffman/2025/11/30/apple-update-warning-for-all-iphone-17-16-and-15-users-act-now/

42:39 - Story # 6: Meta is earning a fortune on a deluge of fraudulent ads, documents show
https://www.reuters.com/investigations/meta-is-earning-fortune-deluge-fraudulent-ads-documents-show-2025-11-06/

50:23 - Story # 7: Meta had a 17-strike policy for sex trafficking, former safety leader claims
https://www.theverge.com/news/827658/meta-17-strike-policy-sex-trafficking-testimony-lawsuit

52:41 - Story # 8: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
https://www.bleepingcomputer.com/news/security/man-behind-in-flight-evil-twin-wifi-attacks-gets-7-years-in-prison/

Brought to you by:

🔗 Black Hills Information Security
https://www.blackhillsinfosec.com/
🔗 Antisyphon Training
https://www.antisyphontraining.com/

• (00:00) - PreShow Banter™ — The Problem With Extensions

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Stressed about lithium batteries

04:59 - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin’ Bout [infosec] News 2025-11-24

05:57 - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

11:19 - Story # 2: CrowdStrike catches insider feeding information to hackers

15:50 - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages

22:17 - Story # 4: NetApp sues former CTO for alleged data breach

26:49 - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers

36:05 - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now

37:11 - Story # 6b: Cloudflare outage on November 18, 2025

41:43 - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

46:35 - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System

51:10 - Story # 10: Microsoft to integrate Sysmon directly into Windows 11, Server 2025

56:41 - Story # 9: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

• (00:00) - PreShow Banter™ — Stressed about lithium batteries

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — The Way the Community Rumbles

00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin’ Bout [infosec] News 2025-11-17

00:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations

00:18:06 - Eric & Whitney’s “Podcast” [webcast] on training your own LLM

00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand

00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

00:37:35 - Story # 4: Google is easing up on Android’s new sideloading restrictions!

00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats

00:44:58 - Story # 5b: Hackers are saving Google’s abandoned Nest thermostats with open-source firmware

00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs

01:00:40 - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead

01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign

01:14:58 - Discord CTF Winners

• (00:00) - PreShow Banter™ — The Way the Community Rumbles

Register for FREE Infosec Webcasts, Anti-casts & Summits –

Chapters

00:00 - PreShow Banter™ — Humans are Done

03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-10

05:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.

15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell

25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’

29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers

32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities

40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools

56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand

• (00:00) - PreShow Banter™ — Humans are Done

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Musical Views of the Universe

04:05 - – BHIS - Talkin’ Bout [infosec] News 2025-11-03

04:39 - Story # 1: Ransomware profits drop as victims stop paying hackers

06:22 - Chart since 2019

16:06 - Story # 2: More than a million people every week show suicidal intent when chatting with ChatGPT, OpenAI estimates

33:02 - Story # 3: 10M people watched a YouTuber shim a lock; the lock company sued him. Bad idea.

41:18 - Story # 4: ‘Dangerous’ YouTube videos struck down for bypassing Windows 11 account setup [Update: Restored]

47:13 - Story # 5: Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says

51:08 - Story # 6: Microsoft: DNS outage impacts Azure and Microsoft 365 services

54:33 - Story # 7: EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure

55:22 - Stordy # 8: Black Hat Europe 2025 Arsenal: 8 AI Security Tools Transforming Cybersecurity

• (00:00) - PreShow Banter™ — Musical Views of the Universe

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

The BHIS crew breaks down the latest cybersecurity stories making waves — from data breaches and malware campaigns to privacy issues, exploit trends, and tech policy shake-ups. Join our panel of security pros for expert analysis, sharp humor, and practical insights you can actually use. Whether it’s social engineering, AI-powered attacks, or bizarre security headlines, we dig into what matters most for defenders and curious minds alike. Stay informed, entertained, and one step ahead in the ever-changing world of infosec.

00:00:00 - PreShow Banter™ — The Cost of War.xyz

00:03:42 - The AI Browser Wars - BHIS - Talkin’ Bout [infosec] News 2025-10-27

00:04:04 - Story # 1: Smart bed owners experience AWS outage nightmare as they’re left sweating and stuck in upright position

00:10:49 - Story # 2: Robots May Replace 600,000 Human Employees at Amazon

00:14:40 - Story # 3: Meet Mico, Microsoft’s AI version of Clippy

00:20:59 - Story # 4: Exploitation of Windows Server Update Services Remote Code Execution Vulnerability

00:26:31 - Story # 5: Ex-L3Harris executive accused of selling trade secrets to Russia

00:31:29 - Story # 6: Introducing ChatGPT Atlas

00:43:34 - Story # 7: ‘Phased Out’—Google Confirms Bad News For 3 Billion Chrome Users

00:52:26 - Story # 8: The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn

01:00:16 - Story # 9: KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed

• (00:00) - PreShow Banter™ — The Cost of War.xyz

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — AWS Snow Day Party

00:11:31 - Online Book Store Takes Down Half of the Internet - BHIS - Talkin’ Bout [infosec] News 2025-10-20

00:12:12 - Story # 1: F5 says hackers stole undisclosed BIG-IP flaws, source code

00:35:11 - Story # 2: Newsom signs age verification law, siding with tech giants over Hollywood

00:48:39 - Story # 3: Researchers find a startlingly cheap way to steal your secrets from space

00:55:04 - Story # 4: Jeff Bezos Has a Plan to Curb AI’s Carbon Footprint: Send Data Centers to Space

01:02:22 - Story # 5: SolarWinds Security Chief reflects on the Russian hack that exposed US government agencies

• (00:00) - PreShow Banter™ — AWS Snow Day Party

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00 - PreShow Banter™ — A Real Podcast

03:15 - Hackers claim Discord breach exposed data of 5.5 million users – BHIS - Talkin' Bout [infosec] News 2025-10-13

05:44 - Story # 1: CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code

24:27 - Story # 2: Hackers claim Discord breach exposed data of 5.5 million users

36:52 - Story # 3: Velociraptor leveraged in ransomware attacks

46:47 - Story # 4: Huntress Threat Advisory: Widespread SonicWall SSLVPN Compromise

54:48 - CTF Challenge

• (00:00) - PreShow Banter™ — A Real Podcast

Register for FREE Infosec Webcasts, Anti-casts & Summits –

00:00 - PreShow Banter™ — A little radiation never hurt anybody.

03:07 - BHIS - Talkin’ Bout [infosec] News 2025-09-29

03:29 - Story # 1: As many as 2 million Cisco devices affected by actively exploited 0-day

19:07 - Story # 2: Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts | TechCrunch

24:25 - Story # 3: AI Darwin Awards Show AI’s Biggest Problem Is Human

29:32 - Story # 4: Nikon revokes all C2PA image authenticity certificates after major vulnerability exposed

34:14 - Story # 5: ‘You’ll never need to work again’: Criminals offer reporter money to hack BBC

38:18 - Story # 6: Cybersecurity Training Programs Don’t Prevent Employees from Falling for Phishing Scams

46:48 - Mini CTF Walkthrough

56:03 - Story # 7: U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area

• (00:00) - PreShow Banter™ — A little radiation never hurt anybody.

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Unnatural European Fridges

03:34 - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin’ Bout [infosec] News 2025-09-22

04:14 - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens

21:32 - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages

40:50 - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence

51:41 - Story # 3: Verified Steam game steals streamer’s cancer treatment donations

57:16 - Story # 4: Heathrow warns of second day of disruption after cyber-attack

• (00:00) - PreShow Banter™ — Unnatural European Fridges