Talkin' Bout [Infosec] News

By Black Hills Information Security

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.

Join us live on YouTube, Monday's at 4:30PM ET... more

4.8

9292 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Talkin' Bout [Infosec] News:

How many episodes does Talkin' Bout [Infosec] News have?

The podcast currently has 332 episodes available.

Talkin' Bout [Infosec] News episodes:

February 05, 2026US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
This episode breaks down recent reports of sensitive information being shared with AI tools and what that means for security and operations. The discussion covers OPSEC failures, common misuse of ChatGPT in professional environments, how data actually flows through AI systems, and what organizations should (and shouldn’t) worry about. The hosts focus on practical risk, realistic threat models, and actionable lessons for security teams navigating AI adoption.
Chapters
(00:00) - PreShow Banter™ — Robot Drivers
(06:29) - US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
(09:54) - Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT
(19:03) - Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
(23:01) - Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
(26:30) - Story # 4: Millions of Gmail, Facebook and other account credentials exposed
(30:55) - Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
(36:13) - Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security
(39:12) - Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity
(41:13) - Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google
(45:09) - Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
(48:49) - Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
(52:05) - Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine
(54:28) - Story # 12: Attack on Renewable Energy Plants
(56:26) - Story # 13: Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog

Links
Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT
Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Story # 4: Millions of Gmail, Facebook and other account credentials exposed
Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security
Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity
Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google
Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine
Story # 12: Attack on Renewable Energy Plants
Story # 13: Disrupting the World’s Largest Residential Proxy Network | Google Cloud Blog

Wade & Hayden on Simply Cyber -
https://www.youtube.com/live/c_lUP5gR15I
Hayden’s Class -
https://www.antisyphontraining.com/product/foundations-of-security-operations-with-hayden-covington/
Mishaal’s Class -
https://www.antisyphontraining.com/product/next-level-osint-with-mishaal-khan/

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 5min
January 28, 2026TikTok's invasive Privacy Policy - 2026-01-26
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

In this episode, the hosts break down TikTok’s latest privacy policy and why it’s raising serious red flags. They discuss how the app expands data collection and tracking, what that means for user privacy, and the broader security implications—especially concerns around data access and China. Along the way, the conversation connects these changes to ongoing TikTok ban discussions, real-world risk for individuals and organizations, and what users should consider if they continue using the platform. The episode mixes technical insight with practical takeaways, making the privacy risks easy to understand without losing nuance.
Chapters:
(00:00) - PreShow Banter™ — Electroshock Therapy
(02:28) - 2026-01-26
(07:33) - Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
(14:27) - Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
(17:37) - Story # 3: Clara Hawking’s Post on TikTok's Pivacy Policy
(24:05) - Story # 4: Supreme Court to hear Facebook pixel tracking case
(31:02) - Story # 5: Google accused of grooming kids after child receives this email
(34:38) - Story # 6: House of Lords backs legislation to ban social media for children under 16
(35:47) - Story # 6b: Australia has banned social media for kids under 16. How does it work?
(42:20) - Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
(48:29) - Story # 8: 1Password adds pop-up warnings for suspected phishing sites
(52:09) - ClawdBot / Moltbot

Links:
Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
Story # 3: Clara Hawking’s Post on TikTok’s Pivacy Policy
Story # 4: Supreme Court to hear Facebook pixel tracking case
Story # 5: Google accused of grooming kids after child receives this email
Story # 6: House of Lords backs legislation to ban social media for children under 16
Story # 6b: Australia has banned social media for kids under 16. How does it work?
Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
Story # 8: 1Password adds pop-up warnings for suspected phishing sites
ClawdBot / Moltbot
Troy’s Workshop
ANTI-CAST: Effective AI for Practical SecOps Workflows w/ Hayden Covington
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 4min
January 20, 2026Chinese firms drop US and Israeli cybersecurity software - 2026-01-19
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

This episode is a rapid-fire cybersecurity news roundup covering multiple headlines and what they mean for defenders. The crew debates reports that Chinese firms are dropping U.S. and Israeli security vendors, then pivots into breach fallout, malware activity, and real-world attacker behavior. Along the way, they unpack how geopolitics affects procurement, why supply-chain dependencies make “bans” messy, and what happens when organizations swap tools fast.
Expect candid takes on ransomware trends, enterprise security operations, and where hype collides with implementation. The hosts also riff on incident response realities, risk management, and what security teams should watch for next—plus plenty of side commentary and humor in between.
Chapters
(00:00) - PreShow Banter™ — Podcast Banter
(04:13) - Chinese firms to stop using US and Israeli cybersecurity software - 2026-01-19
(08:56) - Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say
(13:42) - Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
(16:25) - Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports
(18:20) - Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.
(20:02) - Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment
(27:41) - Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe
(29:12) - Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes
(41:47) - Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
(49:30) - Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
(55:29) - CTF Winners
(59:19) - ChickenSec: KFC app 'more secure' than Manage My Health, expert claims

Links
Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say
Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports
Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.
Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment
Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe
Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes
Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
ChickenSec: KFC app ‘more secure’ than Manage My Health, expert claims
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 4min
January 14, 2026BreachForums Doomsday - 2026-01-12
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

In this episode, we break down the “Doomsday” incident: a major breach forum gets breached, reminding everyone that even cybercriminal communities suffer constant OPSEC failures. We cover what leaked, why these underground markets keep imploding, and how infighting, reused infrastructure, weak authentication, and sloppy identity hygiene turn “elite hackers” into easy targets. Then we connect the dots to law enforcement’s latest crypto actions—how DOJ seizures and mixer investigations work, why blockchain tracing matters, and what criminals try (and fail) to do to hide money flows. Finally, we translate the news into practical defense: validate breach intel, monitor for credential stuffing, enable MFA, use unique passwords, and tighten access logs. Whether you’re a defender, creator, or online, this is the real-world cybercrime story behind the headlines.

Chapters
(00:00) - PreShow Banter™ — Task Overflow
(02:29) - BreachForums Doomsday - 2026-01-12
(05:09) - Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
(15:42) - Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
(23:04) - Story # 3: California bans data broker reselling health data of millions
(28:13) - Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
(36:00) - Story # 5: Ragebait as a phishing tactic
(38:00) - Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
(40:31) - Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
(45:39) - Story # 8: OpenAI says ChatGPT won't use your health information to train its models
(46:23) - Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
(50:15) - Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
(53:05) - Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
(56:49) - Reporter remembers saving animals a year after L.A. wildfires
(57:52) - CTF Winners

Links
Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
Story # 3: California bans data broker reselling health data of millions
Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
Story # 5: Ragebait as a phishing tactic
Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
Story # 8: OpenAI says ChatGPT won’t use your health information to train its models
Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
Reporter remembers saving animals a year after L.A. wildfires

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest - Join us for our Hybrid Conference and Pre-Conference Training
https://wildwesthackinfest.com
...more
1h 2min
January 09, 2026US Cyberattacks on Venezuela - 2026-01-05
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

In this episode, we break down the growing debate around U.S. cyber operations against Venezuela—and what it means for modern cyber warfare, critical infrastructure security, and geopolitics. The conversation explores how nation-state attacks can target a country’s power grid, the challenges of attributing cyberattacks, and why industrial control systems (ICS/SCADA) remain a high-impact battleground. We also discuss the strategic value (and risks) of disrupting energy infrastructure, how these campaigns compare to other real-world incidents, and what defenders can learn to better protect utilities and national systems.
Chapters
(00:00) - PreShow Banter™ — Undisclosed Closets
(09:07) - US Cyberattacks on Venezuela - 2026-01-05
(10:16) - Story # 1:Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes
(11:14) - Story # 1b: There Were BGP Anomalies During The Venezuela Blackout
(21:06) - Story # 1c: Pizza index of war: Late-night traffic near Pentagon surges again as US strikes Venezuela
(32:40) - Story # 2: Finland seizes ship suspected of damaging subsea cable in Baltic Sea
(35:11) - Story # 3: US cybersecurity experts plead guilty to BlackCat ransomware attacks
(35:46) - Story # 4: MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
(39:06) - Story # 5: Hackers claim to hack Resecurity, firm says it was a honeypot
(42:06) - Story # 6: NordVPN denies breach claims, says attackers have "dummy data"
(42:35) - Story # 7: Hackers say they have stolen 40 million Condé Nast Records - here's how to stay safe
(43:43) - Story # 8: Hacker Dressed As Pink Power Ranger Dismantles Racist Websites Live on Stage
(47:13) - Story # 9: NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
(52:18) - Story # 10: Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline
(55:15) - Story # 11: Ben Jordan Exposes Severe Security Vulnerabilities in Flock Surveillance Cameras
(57:26) - Story # 11b: We Tracked Ourselves with Exposed Flock Cameras

Links
Story # 1:Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes
Story # 1b: There Were BGP Anomalies During The Venezuela Blackout
Story # 1c: Pizza index of war: Late-night traffic near Pentagon surges again as US strikes Venezuela
Story # 2: Finland seizes ship suspected of damaging subsea cable in Baltic Sea
Story # 3: US cybersecurity experts plead guilty to BlackCat ransomware attacks
Story # 4: MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
Story # 5: Hackers claim to hack Resecurity, firm says it was a honeypot
Story # 6: NordVPN denies breach claims, says attackers have “dummy data”
Story # 7: Hackers say they have stolen 40 million Condé Nast Records - here’s how to stay safe
Story # 8: Hacker Dressed As Pink Power Ranger Dismantles Racist Websites Live on Stage
Story # 9: NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
Story # 10: Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline
Story # 11: Ben Jordan Exposes Severe Security Vulnerabilities in Flock Surveillance Cameras
Story # 11b: We Tracked Ourselves with Exposed Flock Cameras
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 10min
December 18, 2025Hot Take Predictions for Next Year – 2025-12-15
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com
Chapters
(00:00) - PreShow Banter™ — testing testing
(00:11) - Hot Take Predictions for Next Year – 2025-12-15
(02:10) - Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
(10:21) - Story # 2: Google's killing off its dark web report because users didn't know what to do with it
(20:05) - Story # 3: Coupang data breach traced to ex-employee who retained system access
(31:13) - Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
(34:18) - Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
(36:48) - Story # 6: When adversaries bring their own virtual machine for persistence
(41:57) - Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++
(44:20) - Hot Take Predictions for 2026

Links
Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
Story # 2: Google’s killing off its dark web report because users didn’t know what to do with it
Story # 3: Coupang data breach traced to ex-employee who retained system access
Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
Story # 6: When adversaries bring their own virtual machine for persistence
Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++

The team looks ahead to 2026 and shares practical, sometimes blunt predictions about where cybersecurity is heading. They discuss how AI will continue reshaping both offense and defense, with attackers using automation at scale while defenders struggle to operationalize AI beyond marketing hype.
The conversation highlights growing risk from identity abuse, cloud misconfigurations, and insecure SaaS sprawl, noting that many breaches will still come down to basic failures rather than advanced exploits. They also predict continued burnout in security teams, more consolidation among security vendors, and increasing pressure to prove real ROI from security tools.
On the positive side, the hosts see improved detection engineering, better security education, and more community-driven knowledge sharing. Overall, the message is clear: fundamentals still matter, hype won’t save you, and organizations that focus on people, process, and visibility will be better positioned for 2026.

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 3min
December 11, 2025A Live Stream From inside Lazarus Group – 2025-12-08
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat
A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.

Chapters
00:00 - PreShow Banter™ — Industry Leaders
02:34 - A Live Stream From inside Lazarus Group – 2025-12-08
04:24 - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
08:58 - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
20:37 - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
26:44 - Story # 4: Apple refuses to pre-install government app on iPhones in India
37:42 - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
44:55 - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
57:53 - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
(00:00) - 00:00 - PreShow Banter™ — Industry Leaders
(02:34) - A Live Stream From inside Lazarus Group – 2025-12-08
(04:24) - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
(08:57) - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
(20:37) - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
(26:44) - Story # 4: Apple refuses to pre-install government app on iPhones in India
(37:41) - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
(44:55) - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
(57:52) - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI
...more
1h 4min
December 04, 2025Lawmakers Want to Ban VPNs - 2025-12-01
Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

Chapters
(00:00) - PreShow Banter™ — The Problem With Extensions
(03:10) - Lawmakers Want to Ban VPNs – BHIS - Talkin' Bout [infosec] News 2025-12-01
(03:47) - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
(12:05) - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
(21:18) - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
(25:48) - Story # 4: 'Slop Evader' Lets You Surf the Web Like It’s 2022
(37:07) - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
(39:10) - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
(42:38) - Story # 7: Meta is earning a fortune on a deluge of fraudulent ads, documents show
(50:22) - Story # 8: Meta had a 17-strike policy for sex trafficking, former safety leader claims
(52:40) - Story # 9: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

News Links
Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
Story # 4: 'Slop Evader' Lets You Surf the Web Like It’s 2022
Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
Story # 7: Meta is earning a fortune on a deluge of fraudulent ads, documents show
Story # 8: Meta had a 17-strike policy for sex trafficking, former safety leader claims
Story # 9: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 3min
November 26, 2025Shai-Hulud malware leaks secrets on GitHub – 2025-11-24
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

Chapters
(00:00) - PreShow Banter™ — Stressed about lithium batteries
(04:59) - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-11-24
(05:57) - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
(11:18) - Story # 2: CrowdStrike catches insider feeding information to hackers
(15:50) - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages
(22:17) - Story # 4: NetApp sues former CTO for alleged data breach
(26:48) - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers
(36:05) - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now
(37:11) - Story # 6b: Cloudflare outage on November 18, 2025
(41:43) - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
(46:34) - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System
(51:10) - Story # 9: Microsoft to integrate Sysmon directly into Windows 11, Server 2025
(56:40) - Story # 10: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

News Links
Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
Story # 2: CrowdStrike catches insider feeding information to hackers
Story # 3: Fidelity sues Broadcom over access to key software to avoid outages
Story # 4: NetApp sues former CTO for alleged data breach
Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers
Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now
Story # 6b: Cloudflare outage on November 18, 2025
Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System
Story # 9: Microsoft to integrate Sysmon directly into Windows 11, Server 2025
Story # 10: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
...more
1h 6min
November 21, 2025A.I. Transcription Startup Was Just A Guy Taking Notes- 2025-11-17
Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

00:00:00 - PreShow Banter™ — The Way the Community Rumbles
00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin’ Bout [infosec] News 2025-11-17
00:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations
00:18:06 - Eric & Whitney’s “Podcast” [webcast] on training your own LLM
00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand
00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
00:37:35 - Story # 4: Google is easing up on Android’s new sideloading restrictions!
00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats
00:44:58 - Story # 5b: Hackers are saving Google’s abandoned Nest thermostats with open-source firmware
00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs
01:00:40 - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead
01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign
01:14:58 - Discord CTF Winners
(00:00) - PreShow Banter™ — The Way the Community Rumbles
(08:21) - A.I. Transcription Starup Was Just A Guy Taking Notes - BHIS - Talkin' Bout [infosec] News 2025-11-17
(09:01) - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations
(18:05) - Eric & Whitney's "Podcast" [webcast] on training your own LLM
(22:12) - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand
(26:20) - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
(37:34) - Story # 4: Google is easing up on Android's new sideloading restrictions!
(43:43) - Story # 5: Google is collecting troves of data from downgraded Nest thermostats
(44:58) - Story # 5b: Hackers are saving Google's abandoned Nest thermostats with open-source firmware
(51:33) - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs
(01:00:39) - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead
(01:05:55) - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign
(01:14:58) - Discord CTF Winners
...more
1h 17min

FAQs about Talkin' Bout [Infosec] News:

How many episodes does Talkin' Bout [Infosec] News have?

The podcast currently has 332 episodes available.

More shows like Talkin' Bout [Infosec] News

Hacked by Hacked

Hacked

190 Listeners

This Week in Tech (Audio) by TWiT

This Week in Tech (Audio)

3,062 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,007 Listeners

Risky Business by Patrick Gray

Risky Business

374 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

581 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

649 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,031 Listeners

Smashing Security by Graham Cluley

Smashing Security

322 Listeners

Click Here by Recorded Future News

Click Here

421 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,109 Listeners

The Jordan Harbinger Show by Jordan Harbinger

The Jordan Harbinger Show

11,999 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

177 Listeners

Hacking Humans by N2K Networks

Hacking Humans

316 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

138 Listeners

The 404 Media Podcast by 404 Media

The 404 Media Podcast

398 Listeners