Black Hills Information Security

00:00 – PreShow Banter™ — Tossing Money at Problems00:58 – BHIS – Talkin’ Bout [infosec] News 2023-03-1301:41 – Story # 1: Silicon Valley Bank collapse: Treasury, Fed, and FDIC announce steps to ensure deposits will be paid in fullhttps://abcnews.go.com/Business/silicon-valley-bank-collapse-treasury-fed-fdic-announce/story?id=9780726817:23 – Story # 1b: Silicon Valley Bank exec was Lehman Brothers CFO prior to the 2008 collapsehttps://www.foxbusiness.com/economy/silicon-valley-bank-exec-was-lehman-brothers-cfo-prior-to-2008-collapse21:21 – Story # 2: FBI investigates data breach impacting U.S. House members and staffhttps://www.bleepingcomputer.com/news/security/fbi-investigates-data-breach-impacting-us-house-members-and-staff/30:33 – Story # 3: Acronis downplays intrusion after 12GB trove leaks onlinehttps://www.theregister.com/2023/03/10/acronis_data_breach_details/34:40 – Story # 4: Acer confirms breach after 160GB of data for sale on hacking forumhttps://www.bleepingcomputer.com/news/security/acer-confirms-breach-after-160gb-of-data-for-sale-on-hacking-forum/51:26 – Story # 5: The privacy loophole in your doorbellhttps://www.politico.com/news/2023/03/07/privacy-loophole-ring-doorbell-0008497957:28 – Spearfish General Store: https://spearphish-general-store.myshopify.com We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

THIS IS A TEST

00:00 – PreShow Banter™ — Lil NAS06:52 – BHIS – Talkin’ Bout [infosec] News 2023-03-0608:13 – Story # 1: LastPass says employee’s home computer was hacked and corporate vault takenhttps://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/28:32 – Story # 2: An Uncomfortable Reality: Occupational Hazards Associated with Thought Leadership in CTIhttps://medium.com/@Shinigami42/an-uncomfortable-reality-occupational-hazards-associated-with-thought-leadership-in-cti-7c5a1505636535:18 – Story # 3: FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategyhttps://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/45:17 – Story # 4: Roku Doesn’t Support IPv6 and It Might Be a Big Dealhttps://daringfireball.net/linked/2023/03/06/roku-apple-tv51:05 – Story # 5: Secret crawlspace cryptomine discovered in routine inspection of MA high schoolhttps://arstechnica.com/tech-policy/2023/02/secret-crawlspace-cryptomine-discovered-in-routine-inspection-of-ma-high-school/57:18 – Story # 6: ATM thieves use glue and ‘tap’ function to drain accounts at Chase Bankhttps://abc7news.com/atm-scam-tap-card-chase-bank-function/12905397/

Story # 1: A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Lifehttps://www.wsj.com/articles/apple-iphone-security-theft-passcode-data-privacya-basic-iphone-feature-helps-criminals-steal-your-digital-life-cbf14b1a Story # 1b: Apple’s iPhone Passcode Problem: Thieves Can Ruin Your Entire Digital Life in Minutes | WSJhttps://youtu.be/QUYODQB_2wQ Story # 2: Sensitive US military emails spill onlinehttps://techcrunch.com/2023/02/21/sensitive-united-states-military-emails-spill-online/?guccounter=1 Story # 3: Fruit giant Dole suffers ransomware attack impacting operationshttps://www.bleepingcomputer.com/news/security/fruit-giant-dole-suffers-ransomware-attack-impacting-operations/ Story # 4: Well-hidden Mac cryptomining malware found in pirate copies of Final Cut Pro; expect morehttps://9to5mac.com/2023/02/23/mac-cryptomining-malware/ Story # 5: AI Helps Crack NIST-Recommended Post-Quantum Encryption Algorithmhttps://www.securityweek.com/ai-helps-crack-a-nist-recommended-post-quantum-encryption-algorithm/ Story # 6: Snapchat launches ChatGPT integration, warns to not share your secretshttps://9to5mac.com/2023/02/27/snapchat-launches-chatgpt-ai/ Story # 7: How I Broke Into a Bank Account With an AI-Generated Voicehttps://www.vice.com/en/article/dy7axa/how-i-broke-into-a-bank-account-with-an-ai-generated-voice Story # 8: Firms Who Pay Ransom Subsidise 10 New Attacks: Reporthttps://www.infosecurity-magazine.com/news/firms-pay-ransom-subsidise-10/ Story # 9: Valve set a trap to catch and ban 40,000 Dota 2 cheatershttps://www.polygon.com/23610095/valve-dota-2-huge-ban-trap We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: 

00:00 – PreShow Banter™ — Pop Tart Pizza04:15 – BHIS – Talkin’ Bout [infosec] News 2023-02-2005:39 – Story # 1: Employee data from a major cybersecurity firm posted for sale on a hacker forumhttps://twitter.com/FalconFeedsio/status/162686144278689382413:43 – Story # 2: FBI is investigating a cybersecurity incident on its networkhttps://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/16:44 – Story # 3: GoDaddy: Hackers stole source code, installed malware in multi-year breachhttps://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/21:44 – Story # 4: Hyundai, Kia pushing updates so you can’t just steal their cars with USB cableshttps://arstechnica.com/cars/2023/02/hyundai-kia-pushing-updates-so-you-cant-just-steal-their-cars-with-usb-cables/30:21 – Story # 5: Eurostar forces ‘password resets’ — then fails and locks users outhttps://www.bleepingcomputer.com/news/security/eurostar-forces-password-resets-then-fails-and-locks-users-out/33:37 – Story # 6: Hacker Uncovers How to Turn Traffic Lights Green With Flipper Zerohttps://www.thedrive.com/news/hacker-uncovers-how-to-turn-traffic-lights-green-with-flipper-zero39:30 – Story # 7: Namecheap denies system breach after email service used to spread phishing scamshttps://therecord.media/namecheap-denies-system-breach-after-email-service-used-to-spread-phishing-scams/43:11 – Story # 8: Official: Twitter will now charge for SMS two-factor authenticationhttps://www.theverge.com/2023/2/17/23605073/twitter-blue-charge-sms-2fa48:24 – Story # 9: Software suite of Israeli security firm Cellebrite leaks onlinehttps://www.cybersecurityconnect.com.au/commercial/8607-entire-software-suite-of-israeli-security-firm-cellebrite-leaks-online51:22 – Story # 10: The US Air Force may have shot down an Amateur Radio Pico Balloon over Canadahttps://www.rtl-sdr.com/the-us-airforce-may-have-shot-down-an-amateur-radio-pico-balloon-over-canada/55:48 – Story # 11: ChatGPT Is Ingesting Corporate Secretshttps://www.schneier.

00:00 – PreShow Banter™ — Scalping Valentine’s Day Reservations04:13 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:52 – Story # 1: 5 Chinese companies and a research institute blacklisted by U.S. over spy balloon programhttps://www.cbsnews.com/news/us-blacklists-6-chinese-entities-over-spy-balloon-program/12:00 – Story # 2: We had a security incident. Here’s what we know.https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/15:19 – Ean Reports Live!21:44 – Story # 3: NameCheap’s email hacked to send Metamask, DHL phishing emailshttps://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/26:49 – Story # 4: Top mobile finance app Money Lover has some worrying security flawshttps://www.techradar.com/news/top-mobile-finance-app-money-lover-has-some-worrying-security-flaws31:24 – Story # 5: Ukraine war: Elon Musk’s SpaceX firm bars Kyiv from using Starlink tech for drone controlhttps://www.bbc.com/news/world-europe-6457926736:58 – Story # 6: NATO websites hacked, including that of the Headquarters of Special Operations Forceshttps://euroweeklynews.com/2023/02/13/nato-websites-hacked-including-that-of-the-headquarters-of-special-operations-forces/38:58 – Story # 7: Khinshtein said that hackers acting in the interests of the Russian Federation should be released from liabilityhttps://tass-ru.translate.goog/obschestvo/17021313?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp40:52 – Story # 8 NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Deviceshttps://thehackernews.com/2023/02/nist-standardizes-ascon-cryptographic.html43:29 – Story # 9: Americans don’t understand what companies can do with their personal data—and that’s a problemhttps://techxplore.com/news/2023-02-americans-dont-companies-personal-dataand.html45:15 – Story # 9b: AMERICANS CAN’T CONSENT TO COMPANIES’ USE OF THEIR DATAhttps://www.asc.upenn.edu/sites/default/files/2023-02/Americans_Can%27t_Consent.pdf54:33 – Story # 10: Pentagon Staffers Found Installing Dating Apps, Games on Government Phoneshttps://www.pcmag.com/news/pentagon-staffers-found-installing-dating-apps-games-on-government-phones5...

00:00 – PreShow Banter™ — We’ve got nothing to say03:07 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:56 – Story # 1: Cybercrime job ads on the dark web pay up to $20k per monthhttps://www.bleepingcomputer.com/news/security/cybercrime-job-ads-on-the-dark-web-pay-up-to-20k-per-month/10:52 – Story # 2: Discrepancies Discovered in Vulnerability Severity Ratingshttps://www.darkreading.com/application-security/discrepancies-discovered-in-vulnerability-severity-ratings25:27 – Story # 3: GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atomhttps://thehackernews.com/2023/01/github-breach-hackers-stole-code.html28:48 – Story # 4: Ex-Ubiquiti worker pleads guilty to data theft, extortion, and smear plothttps://www.bitdefender.com/blog/hotforsecurity/ex-ubiquiti-worker-pleads-guilty-to-data-theft-extortion-and-smear-plot/34:47 – Story # 5: North Korean hackers stole research data in two-month-long breachhttps://www.bleepingcomputer.com/news/security/north-korean-hackers-stole-research-data-in-two-month-long-breach/42:19 – Story # 6: Hacker Group Releases 128GB Of Data Showing Russia’s ‘Wide-Ranging’ Illegal Surveillance Of Citizenshttps://www.ibtimes.com/hacker-group-releases-128gb-data-showing-russias-wide-ranging-illegal-surveillance-citizens-3663530 We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

00:00 – PreShow Banter™ — Woke Up Like This03:20 – BHIS – Talkin’ Bout [infosec] News 2023-01-3005:04 – Story # 1: GoTo says hackers stole customers’ backups and encryption keyhttps://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key/09:48 – Story # 2: T-Mobile hacked to steal data of 37 million accounts in API data breachhttps://www.bleepingcomputer.com/news/security/t-mobile-hacked-to-steal-data-of-37-million-accounts-in-api-data-breach/11:29 – Story # 3: Appliance makers sad that 50% of customers won’t connect smart applianceshttps://arstechnica.com/gadgets/2023/01/half-of-smart-appliances-remain-disconnected-from-internet-makers-lament/23:11 – Story # 4: More Ransomware Victims Are Refusing to Pay Hackershttps://gizmodo.com/ransomware-hackers-blockchain-chainalysis-185000576425:34 – Story # 5: DOJ, FBI hack Hive Network, save US$130 mln from crypto ransomware attackshttps://forkast.news/headlines/doj-fbi-hack-hive-network-save-us130-mln-from-crypto-ransomware-attacks/27:27 – Story # 6: Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand ownerhttps://www.bleepingcomputer.com/news/security/ransomware-gang-steals-data-from-kfc-taco-bell-and-pizza-hut-brand-owner/29:35 – Story # 7: Pet fish commits credit card fraud on owner using a Nintendo Switchhttps://www.techspot.com/news/97334-pet-fish-commits-credit-card-fraud-owner-using.html34:15 – Story # 8: How to completely own an airline in 3 easy stepshttps://maia.crimew.gay/posts/how-to-hack-an-airline/38:43 – Story # 9: Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattackhttps://therecord.media/nearly-35000-paypal-users-had-ssns-tax-info-leaked-during-december-cyberattack/46:43 – Story # 10: The semiconductor monopoly: How one Dutch company has a stranglehold over the global chip industryhttps://www.firstpost.com/world/asml-holdings-dutch-company-that-has-monopoly-over-global-semiconductor-industry-12030422.html55:59 – Story # 11: Swipe right on our new credit card tokens!https://blog.thinkst.com/2023/01/swipe-right-on-our-new-credit-card-tokens.html

00:00 – PreShow Banter™ — Wade’s Googly Eyes00:41 – BHIS – Talkin’ Bout [infosec] News 2023-01-2301:26 – Story # 1: BIG TECH LAYOFFS. LAYOFFS! DOOM! RECESSION! We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

00:00 – PreShow Banter™ — Ralph’s Guide to Satellite Bands 04:33 – BHIS – Talkin’ Bout [infosec] News 2023-01-16 05:25 – Story # 1: Microsoft’s new AI can simulate anyone’s voice with 3 seconds of audio https://arstechnica.com/information-technology/2023/01/microsofts-new-ai-can-simulate-anyones-voice-with-3-seconds-of-audio/ 13:29 – Story # 2: Russian Hackers Tried to Break Into the U.S.’s Top Nuclear Labs: Report https://www.vice.com/en/article/jgpz88/russian-hackers-tried-to-break-into-the-uss-top-nuclear-labs-report 16:42 – Story # 3: CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie https://www.helpnetsecurity.com/2023/01/16/circleci-breach/ 26:59 – Story # 4: How a single developer dropped AWS costs by 90%, then disappeared https://bootcamp.uxdesign.cc/how-a-single-developer-dropped-aws-costs-by-90-then-disappeared-2b46a115103a 36:46 – Story # 5: A Widespread Logic Controller Flaw Raises the Specter of Stuxnet https://www.wired.com/story/siemens-s7-1500-logic-controller-flaw/ 48:38 – Story # 6: Meta sues “scraping-for-hire” service that sells user data to law enforcement https://arstechnica.com/information-technology/2023/01/meta-sues-scraping-for-hire-service-that-sells-user-data-to-law-enforcement/

00:00 – PreShow Banter™ — Twitch Airways International00:59 – BHIS – Talkin’ Bout [infosec] News 2023-01-1003:56 – Story # 1: How ChatGPT could become a hacker’s friendhttps://betanews.com/2023/01/05/how-chatgpt-could-become-a-hackers-friend/14:05 – Story # 2: Cybersecurity experts gaze into the 2023 crystal ball and see good, bad, uglyhttps://armerding.medium.com/cybersecurity-experts-gaze-into-the-2023-crystal-ball-and-see-good-bad-ugly-b5f958b89b3116:40 – Story # 3: Chick-Fil-A and other Breaches to snack onhttps://www.bleepingcomputer.com/news/security/chick-fil-a-investigates-reports-of-hacked-customer-accounts/31:01 – Story # 4: Identity Thieves Bypassed Experian Security to View Credit Reportshttps://krebsonsecurity.com/2023/01/identity-thieves-bypassed-experian-security-to-view-credit-reports/36:29 – Story # 5: CircleCI security alert: Rotate any secrets stored in CircleCI (Updated Jan 7)https://circleci.com/blog/january-4-2023-security-alert/40:45 – Story # 6: Air France and KLM notify customers of account hackshttps://www.bleepingcomputer.com/news/security/air-france-and-klm-notify-customers-of-account-hacks/43:27 – Story # 7: Guardian offices closed until 23 January due to ongoing fallout from suspected ransomware attackhttps://pressgazette.co.uk/publishers/guardian-ransomware-attack/

00:00 – PreShow Banter™ — Seven People00:51 – BHIS – Talkin’ Bout [infosec] News 2023-01-0201:37 – Story # 1: LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolenhttps://www.theverge.com/2022/12/28/23529547/lastpass-vault-breach-disclosure-encryption-cybersecurity-rebuttal32:22 – Story # 2: Southwest Airlines’ post-Christmas meltdown thanks to ‘outdated IT’ systems, poor schedulinghttps://www.nytimes.com/2022/12/31/opinion/southwest-airlines-computers.html42:18 – Story # 3: McGraw Hill’s S3 buckets exposed 100,000 students’ gradeshttps://www.theregister.com/2022/12/20/mcgraw_hills_s3_buckets_exposed/47:59 – Story # 4: Okta confirms another breach after hackers steal source codehttps://techcrunch.com/2022/12/22/okta-breach-source-code-github/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

00:00 – PreShow Banter™ — Talkin’ Bout [Elon] News00:51 – BHIS – Talkin’ Bout [infosec] News 2022-12-1902:46 – Story # 1: Antivirus and EDR solutions tricked into acting as data wipershttps://www.bleepingcomputer.com/news/security/antivirus-and-edr-solutions-tricked-into-acting-as-data-wipers/12:11 – Story # 2: Twitter suspends @ElonJet after Musk promises not to ban ithttps://www.theverge.com/2022/12/14/23508898/elonjet-twitter-ban-elon-musk-jet-tracker12:48 – Story # 2b: Elon Musk starts banning critical journalists from Twitterhttps://www.theverge.com/2022/12/15/23512004/elon-musk-starts-banning-critical-journalists-from-twitter14:37 – Story # 2c: Twitter abruptly bans all links to Instagram, Mastodon, and other competitorshttps://www.theverge.com/2022/12/18/23515221/twitter-bans-links-instagram-mastodon-competitors15:08 – Story # 2d: Elon Musk should step down as head of Twitter, says pollhttps://www.theverge.com/2022/12/18/23515764/elon-musk-head-twit-poll-tesla-doxxing-moderation16:18 – Story # 2e: Your Car is Trackable by Lawhttps://medium.com/@doctoreww/day-2-your-car-is-trackable-by-law-1d5f7438885022:41 – Story # 2f: AirNav RadarBox FlightStick – ADS-B USB Receiver with Integrated Filter, Amplifier and ESD Protectionhttps://www.amazon.com/AirNav-RadarBox-FlightStick-Advanced-Receiver/dp/B07K47P7XD/26:41 – Story # 3: FBI’s Vetted Info-Sharing Network ‘InfraGard’ Hackedhttps://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/32:24 – Story # 4: Reno mayor sues after finding tracking device on vehiclehttps://apnews.com/article/lawsuits-reno-34940c636465c050f2e0ebd2d9d119af36:43 – Story # 5: Email hijackers scam food out of businesses, not just moneyhttps://www.theregister.com/2022/12/17/in_brief_security/42:46 – Story # 6: Bugs in LEGO Resale Site Allowed Hackers to Hijack Accountshttps://www.pcmag.com/news/bugs-in-lego-resale-site-allowed-hackers-to-hijack-accounts45:41 – Story # 7: CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attackshttps://www.cyberscoop.com/apt28-fancy-bear-satellite/50:05 – Story # 8: CISA researchers: Russia’s Fancy Bear infiltrated US satellite networkhttps://thehackernews.com/2022/12/cisa-alert-veeam-backup-and-replication.html We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.

00:00 – PreShow Banter™ — Scissors Vs Paper00:15 – BHIS – Talkin’ Bout [infosec] News 2022-12-1202:12 – Story # 1: Rackspace confirms ransomware attack behind days-long email meltdownhttps://www.theregister.com/2022/12/06/rackspace_confirms_ransomware/07:56 – Story # 1b: Rackspace Hit With Lawsuits Over Ransomware Attackhttps://www.securityweek.com/rackspace-hit-lawsuits-over-ransomware-attack09:13 – Story # 2: Uber suffers new data breach after attack on vendor, info leaked onlinehttps://www.bleepingcomputer.com/news/security/uber-suffers-new-data-breach-after-attack-on-vendor-info-leaked-online/13:18 – Story # 3: Apple Plans New Encryption System to Ward Off Hackers and Protect iCloud Datahttps://www.wsj.com/articles/apple-plans-new-encryption-system-to-ward-off-hackers-and-protect-icloud-data-1167043563514:20 – Story # 3b: Apple Newsroom: Apple advances user security with powerful new data protectionshttps://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/16:46 – Story # 3c: FBI Calls End-to-End Encryption ‘Deeply Concerning’ as Privacy Groups Hail Apple’s Advanced Data Protection as a Victory for Usershttps://www.macrumors.com/2022/12/08/fbi-privacy-groups-icloud-encryption/21:17 – Story # 3d: Learn more about iCloud in China mainlandhttps://support.apple.com/en-us/HT20835122:53 – Story # 3e: Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Nexthttps://www.wired.com/story/apple-photo-scanning-csam-communication-safety-messages/25:02 – Story # 4: Pet Dog Unmasks Drug Trafficker on Encrypted Chathttps://www.infosecurity-magazine.com/news/pet-dog-unmasks-drug-trafficker/28:34 – Story # 4b: Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickershttps://www.nationalcrimeagency.gov.uk/news/operation-venetic-pet-dog-and-accidental-selfies-help-convict-international-drugs-traffickers30:06 – Story # 5: ChatGPT (No specific link)45:43 – Story # 6: San Francisco decides killer police robots aren’t such a great ideahttps://arstechnica.com/gadgets/2022/12/san-francisco-decides-killer-police-robots-arent-such-a-great-idea/

00:00 – PreShow Banter™ — Florida Bobsledding Team01:29 – PreShow Banter™ — Open AI Phishing Campaign05:17 – BHIS – Talkin’ Bout [infosec] News 2022-12-0507:53 – Story # 1: There are no episodes of Darknet Diaries scheduled Q1https://twitter.com/JackRhysider/status/159911598426227097709:45 – Story # 2: Elon Musk Meets With Apple CEO Tim Cook Amid Claims of Twitter App Store Disputehttps://www.macrumors.com/2022/11/30/elon-musk-tim-cook-meeting-apple-park/14:46 – Story # 3: Anker’s Eufy Cameras Caught Uploading Content to the Cloud Without User Consenthttps://www.macrumors.com/2022/11/29/eufy-camera-cloud-uploads-no-user-consent/23:20 – Story # 3b: Eufy caught lying about local-only security cameras with footage sent to cloud, accessible in unencrypted streamshttps://9to5google.com/2022/12/01/eufy-camera-cloud-security-leak/26:54 – Story # 4: FCC faces long road in stripping Chinese tech from US telecom networkshttps://www.cyberscoop.com/fcc-huawei-zte-security-risks/34:19 – Story # 5: TikTok NSFW if you work for the South Dakota governmenthttps://www.theregister.com/2022/11/30/tiktok_nsfw_if_you_work/37:40 – Story # 6: Never-before-seen malware is nuking data in Russia’s courts and mayors’ officeshttps://arstechnica.com/information-technology/2022/12/never-before-seen-malware-is-nuking-data-in-russias-courts-and-mayors-offices/41:56 – Story # 7: Lessons from Russia’s cyber-war in Ukrainehttps://www.economist.com/science-and-technology/2022/11/30/lessons-from-russias-cyber-war-in-ukraine44:15 – Story # 8: DHS Cyber Safety Review Board to focus on Lapsus$ hackershttps://www.cyberscoop.com/cybersecurity-review-board-lapsus/49:49 – Story # 8b: Cyber Safety Review Board to Conduct Second Review on Lapsus$https://www.dhs.gov/news/2022/12/02/cyber-safety-review-board-conduct-second-review-lapsus50:42 – Story # 9: Rackspace rocked by ‘security incident’ that has taken out hosted Exchange serviceshttps://www.theregister.com/2022/12/03/rackspace_security_incident_hosted_exchange/57:05 – Story # 10: Red Alert: The SFPD Want the Power to Kill with Robotshttps://www.eff.org/deeplinks/2022/11/red-alert-sfpd-want-power-kill-robots