00:00 - PreShow Banter™ — Fake Australian

04:17 - BHIS - Talkin’ Bout [infosec] News 2025-01-27

04:34 - Story # 1: DeepSeek sparks AI stock selloff; Nvidia posts record market-cap loss

30:50 - Story # 2: Tech giants are putting $500bn into ‘Stargate’ to build up AI in US

42:23 - Story # 3: DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations

43:34 - Story # 4: DHS cyber review board cleaned out in Trump move to eliminate ‘misuse of resources’

47:38 - Story # 5: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack

50:02 - Story # 5b: UnitedHealth now says 190 million impacted by 2024 data breach

53:09 - Story # 6: Cloudflare Issue Can Leak Chat App Users’ Broad Location

54:09 - Story # 7: Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel

59:40 - Story # 8: Researchers say new attack could take down the European power grid

00:00 - PreShow Banter™ — Highest Rated Chalk

04:14 - BHIS - Talkin’ Bout [infosec] News 2025-01-20

08:53 - Story # 1: Data From 15,000 Fortinet Firewalls Leaked by Hackers

14:25 - Story # 2: China’s Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says

16:29 - Story # 3: TikTok reportedly plans ‘immediate’ Sunday shutdown in the US if it’s banned

25:47 - Story # 4: FBI forces Chinese malware to delete itself from thousands of US computers

35:06 - WWHF Denver

36:03 - BSides San Diego

37:23 - Security Stadium

38:22 - Story # 5: Exchange 2016 and 2019 reach end-of-life status later this year

42:45 - Story # 6: Snyk security researcher deploys malicious NPM packages targeting Cursor.com

46:17 - Story # 7: New UEFI Secure Boot flaw exposes systems to bootkits, patch now

57:34 - Story # 8: Lawsuit: Allstate used GasBuddy and other apps to quietly track driving

00:00:00 - PreShow Banter™ — An RGB State of Mind

00:07:20 - BHIS - Talkin’ Bout [infosec] News 2025-01-13

00:10:24 - Story # 1: A Day in the Life of a Prolific Voice Phishing Crew

00:18:39 - Story # 2: Dental group lied through teeth about data breach, fined $350,000

00:25:49 - Story # 3: Hacker claims breach of US location tracking company Gravy Analytics

00:27:48 - Story # 4: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data

00:33:19 - Story # 5: US Cyber Trust Mark launches as the Energy Star of smart home security

00:43:08 - Story # 6: Hackers are exploiting a new Ivanti VPN security bug to hack into company networks

00:45:09 - Story # 7: Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters

00:47:36 - Story # 8: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

00:54:47 - Story # 9: Ransomware crew abuses AWS native encryption

01:00:41 - Story # 10: Cannabis company Stiiizy says hackers accessed customers’ ID documents

00:00:00 - PreShow Banter™ — Coffee With Wade Wells

00:05:41 - BHIS - Talkin’ Bout [infosec] News 2025-01-06

00:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances

00:13:18 - Things Continued to be ignored in 2025

00:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again

00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes

00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year

00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach

00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court

00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions

00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

00:48:38 - Story # 9: Meta’s AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook

00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations

00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps’ 12 big Chinese bots from a Shanghai showroom, shocks world

00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks

00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence

01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware

00:00 - PreShow Banter™ — ChickenSec News Part 3

12:23 - BHIS - Talkin’ Bout [infosec] News 2024-12-16

14:48 - Story # 1: $50 Million Radiant Capital Heist Blamed on North Korean Hackers

20:30 - Story # 2: Trump administration wants to go on cyber offensive against China

32:53 - Story # 3: Krispy Kreme cyberattack impacts online orders and operations

43:02 - Story # 4: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance

52:02 - Story # 5: Europol announces takedown of major DDoS-for-hire network

56:50 - Story # 6: Data breach at Senior Dating website spills info of 765,000 users

58:46 - Story # 7: US sanctions Chinese firm for hacking firewalls in ransomware attacks

00:00 - PreShow Banter™ — A Better Mike

04:46 - BHIS - Talkin’ Bout [infosec] News 2024-12-09

05:43 - Story # 1: FBI Warns iPhone And Android Users—Stop Sending Texts

23:36 - Story # 2: US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data

42:55 - Story # 3: Vodka maker Stoli files for bankruptcy in US after ransomware attack

46:48 - Story # 4: British hospitals hit by cyberattacks still battling to get systems back online

00:00:00 - PreShow Banter™ — C Squad

00:11:03 - BHIS - Talkin’ Bout [infosec] News 2024-12-02

00:15:43 - Story # 1: Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research

00:30:41 - Story # 2: FTC finds that smart-device makers fail to make clear how long their products will be supported

00:44:47 - Story # 3: US senators propose law to require bare minimum security standards

00:46:35 - Story # 4: Starbucks baristas can’t view their schedules after ransomware attack on vendor

01:04:26 - Story # 5: Volunteer DEF CON hackers dive into America’s leaky water infrastructure

01:08:45 - Shameless Plugs

00:00:00 - PreShow Banter™ — Discordgate

00:09:24 - BHIS - Talkin’ Bout [infosec] News 2024-11-25

00:10:46 - Story # 1: DOJ says Google must sell Chrome to crack open its search monopoly

00:12:08 - Story # 1b: DOJ’s staggering proposal would hurt consumers and America’s global technological leadership

00:19:16 - Story # 2: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

00:24:37 - Story # 3: Palo Alto Networks tackles firewall-busting zero-days with critical patches

00:25:46 - Discordgate Follow Up

00:26:26 - Story # 4: Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

00:31:08 - Story # 5: Fintech giant Finastra investigates data breach after SFTP hack

00:34:01 - Story # 6: CFPB Finalizes Rule on Federal Oversight of Popular Digital Payment Apps to Protect Personal Data, Reduce Fraud, and Stop Illegal “Debanking”

00:38:49 - Story # 7: T-Mobile finally managed to thwart a data breach before it occured

00:40:22 - Story # 8: D-Link urges users to retire VPN routers impacted by unfixed RCE flaw

00:43:07 - Story # 9: US seizes PopeyeTools cybercrime marketplace, charges administrators

00:46:19 - Story # 10: Razzlekhan, crypto’s most embarrassing rapper, is going to prison

00:48:31 - Story # 10b: Netflix has a perfectly timed Razzlekhan doc coming out in December

00:50:10 - Story # 11: Microsoft Defender Is Not Enough Anymore—This Malware Gets Around It

00:55:11 - Story # 12: Microsoft president asks Trump to “push harder” against Russian hacks

00:57:02 - Story # 13: Hackers Breach Andrew Tate’s Online ‘University,’ Exposing 800,000 Users

01:00:36 - Story # 14: 7-Zip affected by dangerous vulnerability: users must update the app manually

01:01:31 - Story # 15: Microsoft disrupts ONNX phishing-as-a-service infrastructure

01:03:07 - Story # 16: US charges five linked to Scattered Spider cybercrime gang

01:04:25 - Plug: Secure Code Summit 2024

00:00 - PreShow Banter™ — Yacht Doc

07:40 - BHIS - Talkin’ Bout [infosec] News 2024-11-18

08:49 - Story # 1: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit

16:02 - Story # 2: CISA Director Jen Easterly to depart agency on January 20

19:26 - Story # 3: Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

28:44 - Story # 4: T-Mobile hacked in massive Chinese breach of telecom networks, WSJ reports

30:55 - Story # 4b: T-Mobile confirms it was hacked in recent wave of telecom breaches

33:03 - Story # 5: An Interview With the Target & Home Depot Hacker

40:04 - Story # 6: Hacker gets 10 years in prison for extorting US healthcare provider

42:47 - Story # 7: Ransomware fiends boast they’ve stolen 1.4TB from US pharmacy network

44:21 - Story # 8: A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

45:23 - Story # 9: 23andMe cuts 40% of its workforce and discontinues therapeutics division

50:38 - Story # 10: FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023

56:45 - CPTC - Education Through Competition

00:00 - PreShow Banter™ — The Old and The New

02:27 - BHIS - Talkin’ Bout [infosec] News 2024-11-11

03:44 - Story # 1: Mattel pulls thousands of ‘Wicked’ dolls off shelves after printing adult website on packaging

08:03 - Story # 2: Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus

11:41 - Story # 3: Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 2025

16:49 - Story # 4: Suspected Snowflake Hacker Arrested in Canada

18:26 - Story # 5: Interpol Cybercrime Sweep Takes Down 22,000 IP Addresses, Arrests 41

29:47 - Story # 6: Google Cloud to mandate MFA for all users in 2025

41:30 - Story # 7: Cisco scores a perfect CVSS 10 with critical flaw in its wireless system

49:26 - Story # 8: H.I.G. Capital and Thoma Bravo to Acquire CompTIA Brand and Products

59:05 - SANS Holiday Hack Challenge™ 2024

00:00:00 - PreShow Banter™ — The Grey Times

00:04:33 - BHIS - Talkin’ Bout [infosec] News 2024-11-04

00:05:54 - Story # 1: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

00:16:45 - Story # 2: Follow Up - 5 Things To Know On Delta’s Lawsuit Against CrowdStrike

00:17:43 - Story # 2b: CrowdStrike Sues Delta: 5 Key Takeaways

00:22:04 - Story # 3: Russian charged by U.S. for creating RedLine infostealer malware

00:22:59 - Story # 3b: How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware

00:28:09 - Story # 4: Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

00:30:02 - Story # 4b: ‘We strive to put humanity above all’: Disney drops arbitration demand over wrongful death lawsuit after woman died from fatal food allergy

00:37:10 - Story # 5: OCR Announces First Financial Penalty Under HIPAA Risk Analysis Enforcement Initiative

00:44:54 - Story # 6: Security researchers found a serious zero-click bug in Synology’s Photos app

00:50:10 - Story # 7: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices

00:52:21 - Story # 8: Microsoft wants $30 if you want to delay Windows 11 switch

01:00:03 - Story # 9: Colorado Secretary of State posted spreadsheet with voting system passwords