Black Hills Information Security

00:00 – PreShow Banter™ — Inflatable Turkey00:15 – BHIS – Talkin’ Bout [infosec] News 2022-11-2802:34 – Story # 1: Musk recruits engineers for “Twitter 2.0”https://arstechnica.com/tech-policy/2022/11/musk-recruits-engineers-for-twitter-2-0-after-mass-layoffs-and-resignations/06:28 – Story # 2: Security experts are laying Mastodon’s flaws barehttps://www.techradar.com/news/security-experts-are-laying-mastodons-flaws-bare15:01 – Story # 3: 5.4 million Twitter users’ stolen data leaked online — more shared privatelyhttps://www.bleepingcomputer.com/news/security/54-million-twitter-users-stolen-data-leaked-online-more-shared-privately/18:23 – Story # 4: 34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malwarehttps://thehackernews.com/2022/11/34-russian-hacker-groups-stole-over-50.html19:48 – Story # 5: Sonder confirms data breach, documents and other PII potentially compromisedhttps://www.infosecurity-magazine.com/news/sonder-confirms-data-breach/27:49 – Story # 6: Why Medibank should have paid the hackershttps://www.smh.com.au/business/consumer-affairs/this-is-a-business-for-them-why-medibank-should-have-paid-the-hackers-20221121-p5bzzn.html30:43 – Story # 7: Hackers are locking out Mars Stealer operators from their own servershttps://techcrunch.com/2022/11/22/mars-stealers-flaw-lock-out/33:42 – Story # 8: Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s networkhttps://grahamcluley.com/ouch-ransomware-gang-says-it-wont-attack-airasia-again-due-to-the-chaotic-organisation-and-sloppy-security-of-hacked-companys-network/40:09 – Story # 9: Over 1,600 Docker Hub Repositories Were Found to Hide Malwarehttps://heimdalsecurity.com/blog/over-1600-docker-hub-repositories-were-found-to-hide-malware/46:25 – Story # 10: New Windows Server updates cause domain controller freezes, restartshttps://www.bleepingcomputer.com/news/microsoft/new-windows-server-updates-cause-domain-controller-freezes-restarts/53:39 – Story # 11: Making Cobalt Strike harder for threat actors to abusehttps://...

00:00 – BHIS – Talkin’ Bout [infosec] News 2022-11-1402:26 – Story # 1: Hackers Dump Australian Health Records Online After Insurer Refuses to Pay Ransom– https://gizmodo.com/hackers-health-info-online-medibank-pay-onion-dark-web-184976074210:04 – Story # 2: TransUnion LLC Confirms Recent Data Breach with State Attorney General’s Office– https://www.jdsupra.com/legalnews/transunion-llc-confirms-recent-data-6828319/18:08 – Story # 3: Russian LockBit ransomware operator arrested in Canada– https://www.bleepingcomputer.com/news/security/russian-lockbit-ransomware-operator-arrested-in-canada/22:58 – Story # 4: The downfall of FTX’s Sam Bankman-Fried sends shockwaves through the crypto world– https://www.npr.org/2022/11/14/1136482889/ftx-sam-bankman-fried-shockwaves-crypto32:10 – Story # 4b: Coinsec Podcast.– https://coinsecpodcast.com40:23 – Story # 5: Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days– https://thehackernews.com/2022/11/install-latest-windows-update-asap.html42:12 – Story # 6: Elon Musk is putting Twitter at risk of billions in fines, warns company lawyer– https://www.theverge.com/2022/11/10/23451198/twitter-ftc-elon-musk-lawyer-changes-fine-warning51:12 – Story # 7: https://infosec.exchange/explore– https://infosec.exchange/explore55:04 – Story # 8: Microsoft Windows Sysmon Elevation of Privilege Vulnerability– https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4112055:30 – Story # 8b: https://twitter.com/filip_dragovic/status/1590104354727436290https://twitter.com/filip_dragovic/status/1590104354727436290

00:00 – PreShow Banter™ — A is for All Team00:33 – BHIS – Talkin’ Bout [infosec] News 2022-11-0703:56 – Story # 1: Musk to cut half of Twitter jobs and end remote work for the rest, report sayshttps://fortune.com/2022/11/06/twitter-trying-to-rehire-workers-elon-musk-fired-days-ago-sources-say/18:56 – Story # 2: Dropbox Data Breach Another Multifactor Failhttps://www.databreachtoday.com/dropbox-data-breach-another-multifactor-fail-a-2040619:43 – Story # 2b: Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositorieshttps://thehackernews.com/2022/11/dropbox-breach-hackers-unauthorizedly.html24:24 – Story # 3: Hundreds of U.S. news sites push malware in supply-chain attackhttps://www.bleepingcomputer.com/news/security/hundreds-of-us-news-sites-push-malware-in-supply-chain-attack/28:38 – Story # 4: New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Datahttps://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html32:23 – Story # 5: A cyberattack blocked the trains in DenmarkSecurity Affairshttps://securityaffairs.co/wordpress/138127/cyber-crime/cyberattack-blocked-trains-denmark.html40:52 – Story # 6: Facebook probably has your phone number, even if you never shared it. Now it has a secret tool to let you delete it.https://www.businessinsider.com/facebook-has-hidden-tool-to-delete-your-phone-number-email-2022-1045:19 – Story # 7: China is likely stockpiling and deploying vulnerabilities, says Microsofthttps://www.theregister.com/2022/11/07/china_stockpiles_vulnerabilities_microsoft_asserts/48:44 – Story # 8: Hackers selling access to 576 corporate networks for $4 millionhttps://www.bleepingcomputer.com/news/security/hackers-selling-access-to-576-corporate-networks-for-4-million/

00:00 – PreShow Banter™ — Spook Show00:58 – BHIS – Talkin’ Bout [infosec] News 2022-10-3104:00 – Story # 1: OpenSSL warns of critical security vulnerability with upcoming patch– https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/04:42 – Story # 1b: Notes on OpenSSL remote memory corruption– https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/12:28 – Story # 2: GitHub Bug Exposed Repositories to Hijacking– https://www.infosecurity-magazine.com/news/github-bug-hackers-hijack/16:20 – Story # 3: Gartner Identifies the Top 10 Strategic Technology Trends for 2023– https://www.gartner.com/en/newsroom/press-releases/2022-10-17-gartner-identifies-the-top-10-strategic-technology-trends-for-202325:54 – Story # 4: Former U.K. Prime Minister Liz Truss’ Phone Allegedly Hacked By Kremlin Spies: Report– https://www.forbes.com/sites/daveywinder/2022/10/30/former-uk-prime-minister-liz-trusss-phone-allegedly-hacked-by-kremlin-spies-report/34:45 – Story # 5: New Azov data wiper tries to frame researchers and BleepingComputer– https://www.bleepingcomputer.com/news/security/new-azov-data-wiper-tries-to-frame-researchers-and-bleepingcomputer/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

00:00 – PreShow Banter™ — Best WWHF Ever!00:31 – BHIS – Talkin’ Bout [infosec] News 2022-10-1704:55 – Story # 1: The Verge: Cybersecurity Week 2022– https://www.theverge.com/23365380/cybersecurity-week-series-phishing-encryption-device-security07:02 – Story # 2: Google Cybersecurity Action Team Threat Horizons Report #4 Is Out!– https://medium.com/anton-on-security/google-cybersecurity-action-team-threat-horizons-report-4-is-out-c221342004c323:34 – Story # 3: Caffeine service lets anyone launch Microsoft 365 phishing attacks– https://www.bleepingcomputer.com/news/security/caffeine-service-lets-anyone-launch-microsoft-365-phishing-attacks/28:05 – Story # 4: AirTags in Checked Baggage– https://daringfireball.net/linked/2022/10/10/airtags-checked-baggage31:55 – Story # 5: International crackdown on West-African financial crime rings– https://www.interpol.int/en/News-and-Events/News/2022/International-crackdown-on-West-African-financial-crime-rings36:50 – Story # 6: Indian Energy Company Tata Power’s IT Infrastructure Hit By Cyber Attack– https://thehackernews.com/2022/10/indian-energy-company-tata-powers-it.html38:17 – Story # 6b: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race– https://www.amazon.com/This-They-Tell-World-Ends/dp/163557605956:08 – Story # 6c: Brave New War: The Next Stage of Terrorism and the End of Globalization– https://www.amazon.com/Brave-New-War-Terrorism-Globalization/dp/0471780790/58:18 – Bear Vs Bear Breaking News– https://www.blackhillsinfosec.com/rekcah/bear-vs-bear/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

00:00 – PreShow Banter™ — Dumpster Fire Friends03:07 – PreShow Banter™ — WHHF Deadwood – https://wildwesthackinfest.com/deadwood/ 03:48 – BHIS – Talkin’ Bout [infosec] News 2022-10-0307:37 – Story # 1: High-severity Microsoft Exchange 0-day under attack threatens 220,000 servershttps://arstechnica.com/information-technology/2022/09/high-severity-microsoft-exchange-0-day-under-attack-threatens-220000-servers/19:30 – Story # 2: Stealthy hackers target military and weapons contractors in recent attackhttps://www.bleepingcomputer.com/news/security/stealthy-hackers-target-military-and-weapons-contractors-in-recent-attack/25:52 – Story # 3: Putin grants Russian citizenship to Edward Snowdenhttps://www.npr.org/2022/09/26/1125109303/putin-edward-snowden-russian-citizenship29:09 – Story # 4: What the Securing Open Source Software Act does and what it misseshttps://www.zdnet.com/article/whats-what-in-the-united-states-securing-open-source-software-act/38:17 – Story # 4b: SecBSD Teamhttps://secbsd.org/team.html40:43 – Story # 5: New Malware Campaign Targeting Job Seekers with Cobalt Strike Beaconshttps://thehackernews.com/2022/09/new-malware-campaign-targeting-job.html We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

02:28 – Story # 1: American Airlines Breach Exposes Customer and Staff Information– https://www.infosecurity-magazine.com/news/american-airlines-breach-customer/18:59 – Story # 2: London police arrest, charge teen hacking suspect but won’t confirm GTA 6, Uber links– https://www.theverge.com/2022/9/23/23368340/hacking-suspect-arrested-city-of-london-lapsus-gta-6-uber25:32 – Story # 3: LockBit ransomware builder leaked online by “angry developer”– https://www.bleepingcomputer.com/news/security/lockbit-ransomware-builder-leaked-online-by-angry-developer-/30:11 – Story # 4: Malwarebytes blocks Google, YouTube as malware– https://www.theregister.com/2022/09/21/malwarebytes_blocks_google_domains/32:14 – Story # 5: AdGuard’s new ad blocker struggles with Google’s Manifest v3 rules– https://www.bleepingcomputer.com/news/security/adguard-s-new-ad-blocker-struggles-with-google-s-manifest-v3-rules/37:29 – Story # 6: Adware on Google Play and Apple Store installed 13 million times– https://www.bleepingcomputer.com/news/security/adware-on-google-play-and-apple-store-installed-13-million-times/41:18 – Story # 7: Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data– https://www.vice.com/en/article/y3pnkw/us-military-bought-mass-monitoring-augury-team-cymru-browsing-email-data50:55 – Story # 8: SIM Swapper Abducted, Beaten, Held for $200k Ransom– https://krebsonsecurity.com/2022/09/sim-swapper-abducted-beaten-held-for-200k-ransom/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/ 

ORIGINALLY AIRED ON AUGUST 22, 2022 00:00 – PreShow Banter™ — Ralph’s Birthday00:53 – BHIS – Talkin’ Bout [infosec] News 2022-08-2203:27 – Story # 1: PC store told it can’t claim full cyber-crime insurance after social-engineering attack – https://www.theregister.com/2022/08/16/social_engineering_cyber_crime_insurance/13:48 – Story # 2: Lloyd’s to Exclude Catastrophic Nation-Backed Cyberattacks From Insurance Coverage – https://www.wsj.com/articles/lloyds-to-exclude-catastrophic-nation-backed-cyberattacks-from-insurance-coverage-1166086158615:33 – Story # 2b: LLOYD’S Market Bulletin – https://assets.lloyds.com/media/35926dc8-c885-497b-aed8-6d2f87c1415d/Y5381%20Market%20Bulletin%20-%20Cyber-attack%20exclusions.pdf24:53 – Story # 3: AirTag leads to arrest of airline worker accused of stealing at least $15,000 worth of items from luggage – https://www.nbcnews.com/news/us-news/airtag-leads-arrest-airline-worker-accused-stealing-least-15000-items-rcna43547/30:12 – Story # 4: Apple security updates fix 2 zero-days used to hack iPhones, Macs – https://www.bleepingcomputer.com/news/security/apple-security-updates-fix-2-zero-days-used-to-hack-iphones-macs/37:58 – Story # 5: Microsoft Sysmon can now block malicious EXEs from being created – https://www.bleepingcomputer.com/news/microsoft/microsoft-sysmon-can-now-block-malicious-exes-from-being-created/43:37 – Story # 6: Def Con hacker shows John Deere’s tractors can run Doom – https://www.theverge.com/2022/8/15/23306650/def-con-hacker-john-deere-tractors-run-doom-right-to-repair53:44 – Story # 7: Janet Jackson’s ‘Rhythm Nation’ apparently vibed too hard for some laptops – https://www.theverge.com/2022/8/17/23310033/janet-jackson-rhythm-nation-laptop-crash-windows-xp-hard-drives We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: 

ORIGINALLY AIRED ON AUGUST 15, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Sneaking Candy03:32 – BHIS – Talkin’ Bout [infosec] News 2022-08-1507:06 – Story # 1: Blackhat 2022 recap – Trends and highlights – https://sysdig.com/blog/blackhat-2022-recap/09:52 – Story # 2: The Zoom installer let a researcher hack his way to root access on macOS – https://www.theverge.com/2022/8/12/23303411/zoom-defcon-root-access-privilege-escalation-hack-patrick-wardle14:14 – Story # 3: Researchers Find Vulnerabilities in Software Underlying Discord, Microsoft Teams, and Other Apps – https://www.vice.com/en/article/m7gb7y/researchers-find-vulnerability-in-software-underlying-discord-microsoft-teams-and-other-apps16:17 – Story # 4: Starlink Successfully Hacked Using $25 Modchip – https://threatpost.com/starlink-hack/180389/21:46 – Story # 5: Anonymous poop gifting site hacked, customers exposed – https://www.bleepingcomputer.com/news/security/anonymous-poop-gifting-site-hacked-customers-exposed/28:56 – Story # 6: Automotive supplier breached by 3 ransomware gangs in 2 weeks – https://www.bleepingcomputer.com/news/security/automotive-supplier-breached-by-3-ransomware-gangs-in-2-weeks/33:47 – Story # 7: Man who built ISP instead of paying Comcast $50K expands to hundreds of homes – https://arstechnica.com/tech-policy/2022/08/man-who-built-isp-instead-of-paying-comcast-50k-expands-to-hundreds-of-homes/38:07 – Story # 8: Slack leaked hashed passwords from its servers for years – https://www.theregister.com/2022/08/08/slack_passwords/40:31 – Story # 9: Cisco Talos shares insights related to recent cyber attack on Cisco – https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html48:04 – Story # 10: Incident Report: Employee and Customer Account Compromise – https://www.twilio.com/blog/august-2022-social-engineering-attack50:51 – Story # 11: Hackers Behind Twilio Breach Also Targeted Cloudflare Employees – https://thehackernews.com/2022/08/hackers-behind-twilio-breach-also_10.html

ORIGINALLY AIRED ON JULY 25, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-07-25 03:59 – Story # 1: DOJ seized ransoms paid by health centers in Kansas, Colorado after 2021 attacks – https://therecord.media/doj-seized-ransoms-paid-by-health-centers-in-kansas-colorado-after-2021-attacks/ 08:38 – Story # 1b: twitter.com/cryptowhale – https://twitter.com/cryptowhale 17:34 – Story # 2: How Conti ransomware hacked and encrypted the Costa Rican government – https://www.bleepingcomputer.com/news/security/how-conti-ransomware-hacked-and-encrypted-the-costa-rican-government/ 22:29 – Story # 3: Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users – https://thehackernews.com/2022/07/experts-uncover-new-cloudmensis-spyware.html 36:49 – Story # 4: Google Play hides app permissions in favor of developer-written descriptions – https://arstechnica.com/gadgets/2022/07/google-plays-new-privacy-section-actually-hides-app-permissions/ 39:09 – Story # 4b: Google is reinstating app permissions list on Play Store – https://techcrunch.com/2022/07/21/google-app-permissions-play-store/ 41:31 – Story # 5: Hack the pump: Rising prices lead to more reports of gas theft – https://www.nbcnews.com/tech/security/hack-pump-rising-prices-lead-reports-gas-theft-rcna35198 46:04 – Story # 5b: Gas pump manipulators steal ‘millions of dollars’ in fuel – https://youtu.be/Bcnjp2PESqw 50:40 – Story # 5c: Secret Service agents warn fleets about ‘fuel skimming’ – https://www.ccjdigital.com/technology/article/15114890/secret-service-agents-warn-fleets-about-fuel-skimming 53:13 – Story # 6: Atlassian fixes critical Confluence hardcoded credentials flaw – https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/ 53:33 – Story # 6b: Cisco fixes bug that lets attackers execute commands as root –

ORIGINALLY AIRED ON JULY 18, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Talkin’ Bout Audio 07:23 – BHIS – Talkin’ Bout [infosec] News 2022-07-18 09:28 – Story # 1: Russian “hacktivists” are causing trouble far beyond Ukraine – https://arstechnica.com/information-technology/2022/07/russian-hacktivists-are-causing-trouble-far-beyond-ukraine/ 12:19 – Wade Into International Relations – https://www.theregister.com/2022/07/12/uk_department_of_health_and/ 21:25 – Story # 2: UK Info Commissioner slams use of WhatsApp by health officials during pandemic – https://www.theregister.com/2022/07/12/uk_department_of_health_and/ 26:11 – Story # 3: Microsoft warns of massive phishing campaign that can bypass MFA – https://www.siliconrepublic.com/enterprise/microsoft-phishing-campaign-mfa 31:44 – Bud Patches Reporting 37:08 – Story # 4: Today I learned Amazon has a form so police can get my data without permission or a warrant – https://www.theverge.com/2022/7/14/23219419/amazon-ring-law-enforcement-no-warrant-no-consent 48:35 – Story # 4b: San Francisco cops want real-time access to private security cameras for surveillance – https://www.theregister.com/2022/07/11/san_francisco_police_private_security_cameras/ 56:59 – Story # 5: Man Arrested After Impersonating Disney Cast Member, Stealing $10,000 ‘Star Wars’ Droid – https://popcrush.com/man-arreste-impersonated-disney-worker-steals-r2d2-droid/ 59:06 – Story # 6: Disneyland social media accounts hacked, offensive messages posted – https://www.bitdefender.com/blog/hotforsecurity/disneyland-social-media-accounts-hacked-offensive-messages-posted/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: 

ORIGINALLY AIRED ON JULY 11, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Cons, China, and Florida Man, oh my! 07:03 – Story # 1: North Korean Hackers Target US Health Providers With ‘Maui’ Ransomware – https://www.infosecurity-magazine.com/news/north-korea-us-maui-ransomware/ 10:29 – Story # 2: Ransomware, hacking groups move from Cobalt Strike to Brute Ratel – https://www.bleepingcomputer.com/news/security/ransomware-hacking-groups-move-from-cobalt-strike-to-brute-ratel/ 24:24 – Story # 3: DoD issues call for hackers to dig into networks – https://therecord.media/dod-issues-call-for-hackers-to-dig-into-networks/ 29:21 – Story # 3b: Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act – https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act 33:15 – Story # 4: FCC Commissioner urges Google and Apple to ban TikTok – https://www.engadget.com/fcc-commissioner-google-facebook-ban-tik-tok-064559992.html 41:41 – Story # 5: Microsoft rolls back decision to block Office macros by default – https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-back-decision-to-block-office-macros-by-default/ 42:01 – Story # 5b: Microsoft says decision to stop blocking Office VBA macros by default is ‘temporary’ – https://therecord.media/microsoft-says-decision-to-stop-blocking-office-vba-macros-by-default-is-temporary/ We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant Cards (print version only)  Other stuffs  You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/