Talkin' Bout [Infosec] News

ORIGINALLY AIRED ON MARCH 21, 2022 Articles discussed in this episode: 03:27 – Netflix to clamp down on password sharing – https://about.netflix.com/en/news/paying-to-share-netflix-outside-your-household 10:15 – Ransomeware is still a thing 12:31 – Ransomeware Tell-All – https://www.zdnet.com/article/hit-by-ransomware-or-paid-a-ransom-now-some-companies-will-have-to-tell-the-government/ 24:01 – Microsoft Defender tags Office Updates as ransomware – https://www.bleepingcomputer.com/news/security/microsoft-defender-tags-office-updates-as-ransomware-activity/ 31:01 – Microsft Double Patch Tuesday – https://www.bleepingcomputer.com/news/microsoft/windows-zero-day-flaw-giving-admin-rights-gets-unofficial-patch-again/ 32:28 […] The post Talkin’ About Infosec News – 3/29/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-03-21 (03:27) - Netflix to clamp down on password sharing (10:15) - Ransomeware is still a thing (12:31) - Ransomeware Tell-All (24:01) - Microsoft Defender tags Office Updates as ransomware (31:01) - Microsft Double Patch Tuesday (32:28) - BitB attack (39:44) - Women make up just 24% of the cyber workforce

ORIGINALLY AIRED ON MARCH 7, 2022 Articles discussed in this episode: 00:08:57 – Hacker Group Anonymous and Others Targeting Russian Data – https://www.websiteplanet.com/blog/cyberwarfare-ukraine-anonymous/ The post Talkin’ About Infosec News – Special Ukraine Edition – 3/10/2022 appeared first on Black Hills Information Security. (00:00) - Start (08:57) - Hacker Group Anonymous and Others Targeting Russian Data

ORIGINALLY AIRED ON FEBRUARY 28, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Off-Brand Trickx 00:43 – BHIS – Talkin’ Bout [infosec] News 2022-02-28 02:40 – BHIS Anti-Vigilante PSA 04:17 – Biden has been presented with options for massive cyberattacks against Russia – https://www.nbcnews.com/politics/national-security/biden-presented-options-massive-cyberattacks-russia-rcna17558?mc_cid=e57638ad42 09:46 – Russia has been preparing to have […] The post Talkin’ About Infosec News – 3/4/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Off-Brand Trickx (00:43) - BHIS - Talkin' Bout [infosec] News 2022-02-28 (02:40) - BHIS Anti-Vigilante PSA (04:17) - Biden has been presented with options for massive cyberattacks against Russia (09:46) - Russia has been preparing to have its internet cut off (12:45) - Conti ransomware gang chats leaked by pro-Ukraine member (14:43) - 'Hundreds of computers' in Ukraine hit with wiper malware as conflict continues (18:04) - NVIDIA Hit By Major Cyberattack That May Have ‘Completely Compromised’ Parts of Its Business (22:28) - A SWIFT discussion ( no article ) (28:59) - Russia started blocking Tor (32:28) - Elon Musk pledges to send Starlink terminals to Ukraine (36:10) - Insurance giant AON hit by a cyberattack over the weekend (46:02) - People & orgs providing FREE cyber services to Ukrainians (52:39) - Threatbutt Internet Hacking Attack Attribution Map

ORIGINALLY AIRED ON FEBRUARY 21, 2022 Articles discussed in this episode: 02:36 – Story # 1: Massive cyberattack takes Ukraine military, big bank websites offline – https://www.theregister.com/2022/02/15/ukraine_cyberattack/ 04:26 – Story # 2: The Elite Hackers of the FSB – https://interaktiv.br.de/elite-hacker-fsb/en/index.html 07:47 – Story # 3: Exclusive: FBI Braces for Russian Cyber Attacks in US as […] The post Talkin’ About Infosec News – 3/1/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-02-21 (02:36) - Story # 1: Massive cyberattack takes Ukraine military, big bank websites offline (04:26) - Story # 2: The Elite Hackers of the FSB (07:47) - Story # 3: Exclusive: FBI Braces for Russian Cyber Attacks in US as Ukraine Tensions Rise (18:22) - Story # 4: Microsoft Defender will soon block Windows password theft (22:28) - Story # 5: Dad takes down town's internet by mistake to get his kids offline (28:50) - Story # 6: Akamai acquires Linode for $900M (34:49) - Story # 7: Microsoft eyeing deal to buy cybersecurity firm Mandiant -Bloomberg (40:00) - Story # 8: If the Cloud Is More Secure, Then Why Is Everything Still Broken? (44:40) - Story # 9: Never, Ever, Ever Use Pixelation for Redacting Text

ORIGINALLY AIRED ON FEBRUARY 7, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — I’m a Rocket Mail 01:21 – BHIS – Talkin’ Bout [infosec] News 2022-02-07 02:18 – Story # 1: Be Careful When Sharing Data in Photos – https://twitter.com/amateuradam/status/1490394034900197388 03:44 – Story # 2: China-Linked Group Attacked Taiwanese Financial Firms for […] The post Talkin’ About Infosec News – 2/11/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — I'm a Rocket Mail (01:21) - BHIS - Talkin' Bout [infosec] News 2022-02-07 (02:18) - Story # 1: Be Careful When Sharing Data in Photos (03:44) - Story # 2: China-Linked Group Attacked Taiwanese Financial Firms for 18 Months (20:56) - Story # 3: Microsoft to block internet macros by default in five Office applications (28:11) - Story # 4: Apple's Privacy Measures to Cost Facebook $10 Billion in 2022 (47:27) - Noisy browser plugin (51:15) - Cool Leather Jackets

ORIGINALLY AIRED ON JANUARY 31, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Legions of the Undead 01:26 – BHIS – Talkin’ Bout [infosec] News 2022-01-31 04:06 – Story # 1: Hacktivists say they hacked Belarus rail system to stop Russian military buildup – https://arstechnica.com/information-technology/2022/01/hactivists-say-they-hacked-belarus-rail-system-to-stop-russian-military-buildup/ 08:46 – Story # 2: Ukrainian government […] The post Talkin’ About Infosec News – 2/4/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Legions of the Undead (01:26) - BHIS - Talkin' Bout [infosec] News 2022-01-31 (04:06) - Story # 1: Hactivists say they hacked Belarus rail system to stop Russian military buildup (08:46) - Story # 2: Ukrainian government calls out false flag operation in recent data wiping attack (11:18) - Story # 3: Ukrainian cyber defense in need of upgrades as tensions rise (17:32) - Story # 4: DoD weapons testers to assess cybersecurity of GPS satellites, ground system and user equipment (24:50) - Story # 5: FBI Reportedly Considered Buying NSO Spyware (28:02) - Story # 6: Hacking the Apple Webcam (again) (30:36) - Story # 7: Microsoft Teams users can now chat with any Teams user outside their organization (34:11) - Story # 7b: https://twitter.com/rucam365/status/1487861808081915906 (38:15) - Story # 8: Lazarus hackers use Windows Update to deploy malware (41:38) - Story # 9: Elon Musk Tried To Pay A Teen Thousands Of Dollars To Stop Tracking His Plane (45:36) - Story # 10: 1.5M US bank cards have been hacked: NordVPN (51:15) - Story # 11: 2FA app with 10,000 Google Play downloads loaded well-known banking trojan (54:50) - Story # 12: Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

ORIGINALLY AIRED ON JANUARY 24, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — The Monkey Dance 00:25 – BHIS – Talkin’ Bout [infosec] News 2022-01-24 01:49 – Story # 1: New Log4j attacks target SolarWinds, ZyXEL devices – https://therecord.media/new-log4j-attacks-target-solarwinds-zyxel-devices/ 08:18 – Story # 2: New MoonBounce UEFI bootkit can’t be removed by […] The post Talkin’ About Infosec News – 1/27/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — The Monkey Dance (00:25) - BHIS - Talkin' Bout [infosec] News 2022-01-24 (01:49) - Story # 1: New Log4j attacks target SolarWinds, ZyXEL devices (08:18) - Story # 2: New MoonBounce UEFI bootkit can’t be removed by replacing the hard drive (13:18) - Story # 3: Crypto.com finally confirms major hack, says it lost $34 million (15:53) - Story # 3b: Coinbase Hack (21:47) - Story # 4: Hackers From North Korea Stole Millions Of Dollars From Cryptocurrency Startups All Across The World (26:42) - Story # 5: Mixed Messages: Busting Box’s MFA Methods (35:06) - Story # 6: School District reports a 334% hike in cybersecurity insurance costs (38:42) - Story # 7: Europol takes down VPNLab, a service used by ransomware gangs (42:12) - Story # 8: Why this threat intelligence expert believes cyberattacks aren’t Ukraine’s biggest concern

ORIGINALLY AIRED ON JANUARY 17, 2022 Articles discussed in this episode: 0:00:00 – PreShow Banter™ — Whose Ears Are Buring? 0:01:06 – BHIS – Talkin’ Bout [infosec] News 2022-01-17 0:02:27 – Story # 1: Russia takes down REvil hacking group at U.S. request – https://www.reuters.com/technology/russia-arrests-dismantles-revil-hacking-group-us-request-report-2022-01-14/ 0:07:00 – Story # 2: White House: Arrested Russian hacker […] The post Talkin’ About Infosec News – 1/21/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Who's Ears Are Buring? (01:06) - BHIS - Talkin' Bout [infosec] News 2022-01-17 (02:27) - Story # 1: Russia takes down REvil hacking group at U.S. request (07:00) - Story # 2: White House: Arrested Russian hacker was behind Colonial Pipeline attack (09:29) - Story # 3: Hotel chain switches to Chrome OS to recover from ransomware attack (15:22) - Story # 4: QNAP issues ransomware warning to users (19:56) - Story # 5: Backdoor RAT for Windows, macOS, and Linux went undetected until now (24:50) - Story # 6: Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time (30:02) - Story # 7: New macOS vulnerability, “powerdir,” could lead to unauthorized user data access (35:26) - Story # 8: Revealed: UK Gov’t Plans Publicity Blitz to Undermine Privacy of Your Chats (36:52) - Story # 9: Apple under fire for iPhone encryption technology – Telegraph.co.uk (44:14) - Story # 10: Scammers put fake QR codes on parking meters to intercept parkers’ payments (50:38) - Story # 11: Chrome will limit access to private networks, citing security reasons (54:57) - Story # 12: Cyberattack causes Albuquerque Public Schools to cancel classes Thursday (01:03:15) - Talkin Bout Keyboards

ORIGINALLY AIRED ON JANUARY 10, 2022 Articles discussed in this episode: 01:58 – Story # 1: WordPress Core Vulnerabilities – https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/#close 11:32 – Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites – https://therecord.media/card-stealing-code-found-on-more-than-100-sothebys-luxury-real-estate-sites/ 14:55 – Story # 3: France hits Facebook & Google with $210 million in fines – https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/ […] The post Talkin’ About Infosec News – 1/14/2022 appeared first on Black Hills Information Security. (00:00) - BHIS - Talkin' Bout [infosec] News 2022-01-10 (01:58) - Story # 1: WordPress Core Vulnerabilities (11:32) - Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites (14:55) - Story # 3: France hits Facebook & Google with $210 million in fines (22:14) - Story # 4: Pwn2Own, ShmooCon security conferences postponed due to COVID-19 surge (24:48) - Story # 5: BREAKING! Cyber Threat Map (27:21) - Story # 6: Open source developer corrupts widely-used libraries (34:38) - Story # 7: FTC warns companies to remediate Log4j security vulnerability (39:58) - Story # 8: Trojanized dnSpy app drops malware cocktail (45:33) - Story # 9: Norton 360 Cryptominer (55:56) - Hot Takes and Sadness

ORIGINALLY AIRED ON JANUARY 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Who’s Job Is It Anyway? 00:20 – BHIS – Talkin’ Bout [infosec] News 2022-01-04 01:58 – Story # 1: iLOBleed Rootkit – https://thehackernews.com/2021/12/new-ilobleed-rootkit-targeting-hp.html 08:39 – Story # 2: Firmware attack can drop persistent malware in hidden SSD area – https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/ […] The post Talkin’ About Infosec News – 1/7/2022 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Who's Job Is It Anyway? (00:20) - BHIS - Talkin' Bout [infosec] News 2022-01-04 (01:58) - Story # 1: iLOBleed Rootkit (08:39) - Story # 2: Firmware attack can drop persistent malware in hidden SSD area (17:35) - Story # 3: OverWatch Exposes AQUATIC PANDA (21:38) - Story # 4: Experts warn against storing passwords in Chrome (42:16) - –Official Report: Not Responsible for the Information Super Highway