00:00 - PreShow Banter™ — Life is a Highway

04:28 - BHIS - Talkin’ Bout [infosec] News 2024-06-24

05:30 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions

14:18 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA

24:30 - Story # 3: CDK suffered another data breach as it was attempting to recover

35:08 - Story # 4: LockBit claims the hack of the US Federal Reserve

40:00 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers

45:36 - Story # 6: That PowerShell ‘fix’ for your root cert ‘problem’ is a malware loader in disguise

51:13 - Story # 7: US sanctions Kaspersky Lab executives, board members over ‘cooperation’ with Russia

53:23 - Story # 7b: Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks

00:00 - PreShow Banter™ — Hungry Hungry Hipaa

03:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-17

05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability

16:27 - Story # 2: Microsoft’s all-knowing Recall AI feature is being delayed

25:34 - Story # 3: Here’s how Apple’s AI model tries to keep your data private

32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord

35:28 - Story # 5: Pure Storage confirms data breach after Snowflake account hack

38:44 - Story # 6: Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says

00:00 - PreShow Banter™ — Louie is Live

04:53 - BHIS - Talkin’ Bout [infosec] News 2024-06-10

07:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion

18:39 - Story # 2: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.

39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts

41:34 - Story # 4: The Age of the Drone Police Is Here

52:07 - Story # 5: London hospitals declare emergency following ransomware attack

54:45 - Story # 6: Former Senior Executive and Former Sales Manager Convicted of Selling Data on Millions of U.S. Consumers to Perpetrators of Mail Fraud Schemes

56:40 - Story # 7: FBI Kicks Hackers In The Teeth With Free 7,000 Ransomware Key Giveaway

57:32 - Story # 8: FCC OKs pilot to bolster school, library cybersecurity

00:00:00 - PreShow Banter™ — In an RV down by the dumpster

00:07:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-03

00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online

00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection

00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions

00:13:42 - Story # 1d: Snowflake Denies Responsibility for Ticketmaster, Santander Breaches

00:21:21 - Story # 2: Chinese hackers hide on military and govt networks for 6 years

00:29:17 - Story # 3: Federal agency warns critical Linux vulnerability being actively exploited

00:34:19 - Story # 4: US dismantles 911 S5 botnet used for cyberattacks, arrests admin

00:39:19 - Story # 4b: How the FBI’s fake cell phone company put criminals into real jail cells

00:43:48 - Story # 5: Exploit released for maximum severity Fortinet RCE bug, patch now

00:46:09 - Story # 6: Enforcement Alert: Drinking Water Systems to Address Cybersecurity Vulnerabilities

00:54:44 - Story # 6b: Hackers attempt to poison Florida city’s water supply near Super Bowl

01:03:32 - Story # 7: GPT-4o’s Chinese token-training data is polluted by spam and porn websites

00:00 - PreShow Banter™ — Antichafing Training.

04:31 - BHIS - Talkin’ Bout [infosec] News 2024-05-20

07:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base

36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea

43:55 - Story # 4: FCC might require telecoms to report on securing internet’s BGP technology

52:45 - Story # 5: Slack under attack over sneaky AI training policy

00:00 - PreShow Banter™ — World Class RSA Cookies

04:49 - BHIS - Talkin’ Bout [infosec] News 2024-05-14

06:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach

18:48 - Story # 2: Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted

43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans

48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills

52:26 - Story # 4b: The Anxious Generation

53:46 - Story # 5:Hackers are now targeting the children of corporate executives in elaborate ransomware attacks

00:00 - PreShow Banter™ — RSA Power Moves

08:14 - BHIS - Talkin’ Bout [infosec] News 2024-05-06

09:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR

15:04 - Story # 2: A recent security incident involving Dropbox Sign

20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites

32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability

42:07 - Story # 6: LastPass goes independent over a year after serious breaches

50:16 - Cyber Security Basics for Muggles & Minions with Ashley and Chris

50:40 - Story # 7: Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

54:12 - Story # 8: Lockbit’s seized site comes alive to tease new police announcements

56:27 - Story # 9: Systemd v256 Introduces run0: A Safer Alternative to sudo

00:00 - BHIS - Talkin’ Bout [infosec] News 2024-04-29

02:33 - Story # 1: Cyber Hygiene Helps Organizations Mitigate Ransomware-Related Vulnerabilities

10:38 - Story # 2: ‘Admin’ and ‘12345’ banned from being used as passwords in UK crackdown on cyber attacks

16:34 - Story # 3: Maximum severity Flowmon bug has a public exploit, patch now

21:06 - Story # 3b: CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon

22:45 - Story # 4:GitHub comments abused to push malware via Microsoft repo URLs

30:52 - Story # 5: Security bugs in popular phone-tracking app iSharing exposed users’ precise locations

36:47 - Story # 6: Biden signs bill criticized as “major expansion of warrantless surveillance”

49:38 - Story # 7: ChatGPT’s hallucinations draw EU privacy complaint

57:46 - Story # 8: Sweden’s liquor shelves to run empty this week due to ransomware attack