00:00:00 - PreShow Banter™ — The Grey Times

00:04:33 - BHIS - Talkin’ Bout [infosec] News 2024-11-04

00:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta’s Lawsuit Against CrowdStrike

00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways

00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware

00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware

00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

00:30:02 - Story # 4b: ‘We strive to put humanity above all’: Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy

00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative

00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology’s Photos app

00:50:10 - Story # 7: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices

00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch

01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords

00:00:00 - PreShow Banter™ — Sarsaparilla

00:05:50 - BHIS - Talkin’ Bout [infosec] News 2024-10-28

00:06:46 - Story # 1: AWS, Azure auth keys found in Android and iOS apps used by millions

00:15:02 - Story # 2: Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs

00:29:03 - Story # 3: Delta officially launches lawyers at $500M CrowdStrike problem

00:40:60 - Story # 4: New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks

00:46:25 - Story # 4b: CISA proposes new security requirements to protect govt, personal data

00:51:03 - Story # 5: Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection

00:55:35 - Story # 6: Throne’s toilet camera takes pictures of your poop

01:04:57 - A Community Support Moment - https://www.crisistextline.org

00:00:00 - PreShow Banter™ — Log Con

00:11:41 - BHIS - Talkin’ Bout [infosec] News 2024-10-21

00:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk

00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users

00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio

00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil

00:27:12 - Story # 4: Debunking Hype: China Hasn’t Broken Military Encryption With Quantum

00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers’ cloud products

00:35:03 - Story # 6: Should We Chat, Too? FAQ

00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections

00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online

00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs

00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera

00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks

00:54:55 - Story # 11: Google’s Chrome Browser Starts Disabling uBlock Origin

01:01:00 - WWHF Recorvery

00:00:00 - PreShow Banter™ — Cast of Special Characters

00:06:37 - BHIS - Talkin’ Bout [infosec] News 2024-09-30

00:08:06 - Story # 1: CUPS flaws enable Linux remote code execution, but there’s a catch

00:23:40 - Story # 2: US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek

00:27:40 - Story # 2b: ‘I’m a black NAZI!’: NC GOP nominee for governor made dozens of disturbing comments on porn forum

00:35:57 - Story # 3: NIST proposes barring some of the most nonsensical password rules

00:47:01 - Story # 3b: Why Two-Factor Authentication Is So Important - Teen Vogue

00:54:04 - Story # 4: Hacker plants false memories in ChatGPT to steal user data in perpetuity

01:00:42 - Story # 5: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

01:02:54 - Story # 6: Massive E-Learning Platform Udemy Gave Teachers a Gen AI ‘Opt-Out Window’. It’s Already Over.

00:00 - PreShow Banter™ — Plane Talk

05:50 - BHIS - Talkin’ Bout [infosec] News 2024-09-23

06:16 - A SANS Difference Maker Award Finalist

09:47 - Story # 1: Pagers attack brings to life long-feared supply chain threat

24:08 - Story # 2: Recaptcha Phish - John Hammond

25:49 - Story # 2b: Clever ‘GitHub Scanner’ campaign abusing repos to push malware

30:05 - Story # 3: Lazarus Group Targets Developers in Fresh VMConnect Campaign

35:22 - Story # 4: LinkedIn Addresses User Data Collection for AI Training

37:40 - Story # 5: Disney ditching Slack after massive July data breach

41:42 - Story # 6: FTC exposes massive surveillance of kids, teens by social media giants

51:35 - Story # 7: Kaspersky deletes itself, installs UltraAV antivirus without warning

00:00 - PreShow Banter™ — Pour Over News

06:01 - BHIS - Talkin’ Bout [infosec] News 2024-09-16

07:14 - Story # 1: Fortinet confirms data breach after hacker claims to steal 440GB of files

15:37 - Story # 2: Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches

21:30 - Story # 3: Omnipresent AI cameras will ensure good behavior, says Larry Ellison

28:11 - Story # 4: Mastercard bolsters threat intelligence capabilities with $2.65 billion deal for Recorded Future

34:27 - Story # 5: Cyber insurance set for explosive growth

40:20 - Story # 6: 23andMe will pay $30 million to settle 2023 data breach lawsuit

45:25 - Story # 7: Google faces EU investigation over AI data compliance

50:35 - Story # 8: Rogue WHOIS server gives researcher superpowers no one should ever have

00:00 - Introduction

01:22 - The Scenario

02:50 - First Steps

03:48 - Endpoint Analysis Roll

04:22 - Logon Scripts Were installed

05:09 - I.R. Team Introductions

07:17 - Second Step

10:32 - Network Threat Hunting Roll

11:36 - Third Step

15:12 - Anyway Here’s Firewall Roll

15:43 - Fourth Step

18:26 - SIEM Roll

19:41 - Fifth Step

20:47 - UEBA Roll

21:19 - Senario Recap

22:20 - Senario Plausibility?

25:51 - Wrap-up Takeaways

00:00 - PreShow Banter™ — Revenge of the Nerds / More Chicken Related Crimes

05:19 - N.Y. Official Charged With Taking Money, Travel and Poultry to Aid China

09:23 - BHIS - Talkin’ Bout [infosec] News 2024-09-09

09:50 - Story # 1: YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

20:35 - Story # 2: Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

25:24 - Story # 3: California legislature passes sweeping AI safety bill

38:02 - Story # 4: Brain Cipher claims attack on Olympic venue, promises 300 GB data leak

41:59 - Story # 5: How Navy chiefs conspired to get themselves illegal warship Wi-Fi

42:45 - Story # 5b: After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship

49:18 - Story # 6: Researchers say a bug let them add fake pilots to rosters used for TSA checks

51:32 - Story # 7: Durex India spilled customers’ private order data

54:53 - Story # 8: City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack

00:00 - PreShow Banter™ — Move to Signal

03:47 - BHIS - Talkin’ Bout [infosec] News 2024-08-26

04:37 - Story # 1: Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance

11:03 - Story # 1b: Moxie on X.com

23:17 - Story # 2: Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules

29:39 - Story # 3: Seattle airport ‘possible cyberattack’ snarls travel yet again

32:42 - Story # 4: Iran named as source of Trump campaign phish, leaks

38:53 - Story # 5: Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months

44:11 - Story # 6: Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

47:26 - Story # 7: New ‘ALBeast’ Misconfiguration Exposes Weakness in AWS Application Load Balancer

48:52 - Story # 8: “We will hold them accountable”: General Motors sued for selling customer driving data to third parties

00:00:00 - PreShow Banter™ — Nine Years for Chicken Wings

00:08:19 - BHIS - Talkin’ Bout [infosec] News 2024-08-19

00:09:03 - Story # 1: NationalPublicData.com Hack Exposes a Nation’s Data

00:18:17 - Story # 1b: National Public Data Published Its Own Passwords

00:25:01 - Story # 2: RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks

00:26:52 - Story # 3: T-Mobile fined $60 million for failing to stop data breaches

00:34:03 - Story # 4: Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments

00:45:43 - Story # 5: The US wants to use facial recognition to identify migrant children as they age

00:54:16 - Story # 6: Six ransomware gangs behind over 50% of 2024 attacks

00:59:56 - Story # 7: US accuses man of being ‘elite’ ransomware pioneer they’ve hunted for years

01:01:57 - Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World’s Deadliest Crooks

00:00 - PreShow Banter™ — Scotty’s Pizza (Not Sponsored)

03:38 - BHIS - Talkin’ Bout [infosec] News 2024-08-12

03:59 - Hacker Summer Camp Report 2024

08:56 - Story # 1: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

14:26 - Story # 2: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks

29:49 - Story # 3: DEF CON Badge Maker Pulled Off Stage Amid Claims of Non-Payment and Failed Work

30:06 - New raspberry pi chip in badge

33:31 - Story # 4: Exploit released for Cisco SSM bug allowing admin password changes

34:12 - Story # 5: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser

38:02 - Story # 6: Intelligence bill would elevate ransomware to a terrorist threat

44:36 - Story # 6b: Proposed bill would block large ransomware payments by financial institutions

46:26 - Story # 6c: Report shows decreased ransomware payments

54:26 - Story # 7: After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude

55:12 - Story # 8: CrowdStrike pursuing deal to buy patch management specialist Action1

57:24 - Story # 9: Microsoft punches back at Delta Air Lines and its legal threats