00:00 - PreShow Banter™ — CrowdStroke Memes05:59 - BHIS - Talkin’ Bout [infosec] News 2024-07-2207:01 - Story # 1: A Windows version from 1992 is saving Southwest’s butt right now07:36 - Crowdstrike Global Outage - BHIS - Talkin’ Bout [infosec] #News09:48 - Story # 1b: CrowdStrike’s faulty update crashed 8.5 million Windows devices, says Microsoft12:13 - Story # 1c: Let’s blame the dev who pressed “Deploy”17:23 - Figure 122:14 - Story # 2: DHS Has a DoS Robot to Disable Internet of Things ‘Booby Traps’ Inside Homes25:58 - Story # 3: Notorious Hacker Kingpin ‘Tank’ Is Finally Going to Prison28:08 - Story # 4: UK Police Arrest Suspect in MGM Ransomware Attack30:49 - Story # 5: Russians plead guilty to involvement in LockBit ransomware attacks33:24 - Story # 6: DHS watchdog rebukes CISA and law enforcement training center for failing to protect data38:32 - Story # 7: Yacht giant MarineMax data breach impacts over 123,000 people40:38 - Story # 8: Sizable Chunk of SEC Charges Against SolarWinds Tossed Out of Court47:14 - Story # 9: The US Supreme Court Kneecapped US Cyber Strategy52:12 - Story # 10: War Thunder does it again, this time with classified documents relating to 3 Russian tanks

The outage of the decade!

00:00 - PreShow Banter™ — Absolute Madmen02:28 - BHIS - Talkin’ Bout [infosec] News 2024-07-1503:18 - Wi-Fi Forge07:31 - Story # 1: CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth22:39 - Story # 2: AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach33:35 - Story # 3: FTC study finds ‘dark patterns’ used by a majority of subscription apps and websites38:48 - Story # 4: Club Penguin fans breached Disney Confluence server, stole 2.5GB of data41:52 - Story # 5: Heritage Foundation Exec Threatens ‘Gay Furry Hackers’ in Unhinged Texts47:51 - Story # 6: German Navy to replace aging 8-inch floppy drives with an emulated solution for its anti-submarine frigates50:14 - Story # 7: 1.4 GB NSA Data Leaked Online – Email Address, Phone Number & Gov Classified Data Exposed53:56 - Story # 8: Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages

00:00 - PreShow Banter™ — A Bunch of Lunatics05:09 - BHIS - Talkin’ Bout [infosec] News 2024-07-0808:41 - Story # 1: Europol takes down 593 Cobalt Strike servers used by cybercriminals09:54 - Story # 1b: National Crime Agency leads international operation to degrade illegal versions of Cobalt Strike15:17 - Story # 2: ‘RockYou2024’: Nearly 10 billion passwords leaked online22:12 - Story # 3: Ticketmaster Breach: ShinyHunters Leak 440K Taylor Swift Eras Tour Ticket Data24:20 - Story # 3b: Hackers reverse-engineer Ticketmaster’s barcode system to unlock resales on other platforms27:41 - Story # 4: US Supreme Court ruling will likely cause cyber regulation chaos39:39 - Story # 5: California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition41:13 - Story # 5b: Senator Scott Wiener43:45 - Story # 6: OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report53:10 - Story # 7: Microsoft’s Midnight Blizzard source code breach also impacted federal agencies55:27 - Story # 8: Japan’s Government Finally Stops Using Floppy Disks57:48 - Story # 9: This smart toilet paper monitor tells you when you need a new roll58:50 - Story # 10: Twilio says hackers identified cell phone numbers of two-factor app Authy users

00:00 - PreShow Banter™ — Ice Cream Season07:22 - BHIS - Talkin’ Bout [infosec] News 2024-07-0107:48 - Story # 1: TeamViewer’s corporate network was breached in alleged APT hack09:11 - Story # 1b: TeeamViewer Security Update – June 28, 2024, 12:10 PM CEST16:33 - Story # 2: Supreme Court orders new look at Texas, Florida social media laws21:32 - Story # 3: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems24:52 - Story # 4: CISA: Most critical open source projects not using memory safe code40:03 - Story # 5: Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released42:35 - Story # 6: South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs49:24 - Story # 7: Drone As First Responder Programs Are Swarming Across the United States55:22 - GRC Rapid Fire

00:00 - PreShow Banter™ — Life is a Highway04:28 - BHIS - Talkin’ Bout [infosec] News 2024-06-2405:30 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions14:18 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA24:30 - Story # 3: CDK suffered another data breach as it was attempting to recover35:08 - Story # 4: LockBit claims the hack of the US Federal Reserve40:00 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers45:36 - Story # 6: That PowerShell ‘fix’ for your root cert ‘problem’ is a malware loader in disguise 51:13 - Story # 7: US sanctions Kaspersky Lab executives, board members over ‘cooperation’ with Russia 53:23 - Story # 7b: Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks

00:00 - PreShow Banter™ — Hungry Hungry Hipaa03:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-17 05:40 - Story # 1: Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability16:27 - Story # 2: Microsoft’s all-knowing Recall AI feature is being delayed25:34 - Story # 3: Here’s how Apple’s AI model tries to keep your data private32:27 - Story # 4: New Linux malware is controlled through emojis sent from Discord35:28 - Story # 5: Pure Storage confirms data breach after Snowflake account hack38:44 - Story # 6: Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says 

00:00 - PreShow Banter™ — Louie is Live04:53 - BHIS - Talkin’ Bout [infosec] News 2024-06-1007:09 - Story # 1: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion18:39 - Story # 2: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.39:02 - Story # 3: TikTok fixes zero-day bug used to hijack high-profile accounts41:34 - Story # 4: The Age of the Drone Police Is Here52:07 - Story # 5: London hospitals declare emergency following ransomware attack54:45 - Story # 6: Former Senior Executive and Former Sales Manager Convicted of Selling Data on Millions of U.S. Consumers to Perpetrators of Mail Fraud Schemes56:40 - Story # 7: FBI Kicks Hackers In The Teeth With Free 7,000 Ransomware Key Giveaway57:32 - Story # 8: FCC OKs pilot to bolster school, library cybersecurity 

00:00:00 - PreShow Banter™ — In an RV down by the dumpster 00:07:39 - BHIS - Talkin’ Bout [infosec] News 2024-06-03 00:09:21 - Story # 1: Ticketmaster confirms massive breach after stolen data for sale online 00:10:46 - Story # 1b: Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection 00:13:03 - Story # 1c: Detecting and Preventing Unauthorized User Access: Instructions 00:13:42 - Story # 1d: Snowflake Denies Responsibility for Ticketmaster, Santander Breaches 00:21:21 - Story # 2: Chinese hackers hide on military and govt networks for 6 years 00:29:17 - Story # 3: Federal agency warns critical Linux vulnerability being actively exploited 00:34:19 - Story # 4: US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:39:19 - Story # 4b: How the FBI’s fake cell phone company put criminals into real jail cells 00:43:48 - Story # 5: Exploit released for maximum severity Fortinet RCE bug, patch now 00:46:09 - Story # 6: Enforcement Alert: Drinking Water Systems to Address Cybersecurity Vulnerabilities 00:54:44 - Story # 6b: Hackers attempt to poison Florida city’s water supply near Super Bowl 01:03:32 - Story # 7: GPT-4o’s Chinese token-training data is polluted by spam and porn websites 

00:00 - PreShow Banter™ — Antichafing Training.04:31 - BHIS - Talkin’ Bout [infosec] News 2024-05-2007:12 - Story # 1: Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach29:49 - Story # 2: Palo Alto Networks is buying security assets from IBM to expand customer base36:50 - Story # 3: Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea43:55 - Story # 4: FCC might require telecoms to report on securing internet’s BGP technology52:45 - Story # 5: Slack under attack over sneaky AI training policy

00:00 - PreShow Banter™ — World Class RSA Cookies04:49 - BHIS - Talkin’ Bout [infosec] News 2024-05-1406:33 - Story # 1: Zscaler takes “test environment” offline after rumors of a breach18:48 - Story # 2: Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted43:36 - Story # 3: Leaked FBI email stresses need for warrantless surveillance of Americans48:46 - Story # 4: Despite big tech lobbying, Maryland passes two internet privacy bills52:26 - Story # 4b: The Anxious Generation53:46 - Story # 5:Hackers are now targeting the children of corporate executives in elaborate ransomware attacks

00:00 - PreShow Banter™ — RSA Power Moves08:14 - BHIS - Talkin’ Bout [infosec] News 2024-05-0609:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR15:04 - Story # 2: A recent security incident involving Dropbox Sign20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability42:07 - Story # 6: LastPass goes independent over a year after serious breaches50:16 - Cyber Security Basics for Muggles & Minions with Ashley and Chris50:40 - Story # 7: Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million54:12 - Story # 8: Lockbit’s seized site comes alive to tease new police announcements56:27 - Story # 9: Systemd v256 Introduces run0: A Safer Alternative to sudo

00:00 - BHIS - Talkin’ Bout [infosec] News 2024-04-29 02:33 - Story # 1: Cyber Hygiene Helps Organizations Mitigate Ransomware-Related Vulnerabilities 10:38 - Story # 2: ‘Admin’ and ‘12345’ banned from being used as passwords in UK crackdown on cyber attacks 16:34 - Story # 3: Maximum severity Flowmon bug has a public exploit, patch now 21:06 - Story # 3b: CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon 22:45 - Story # 4:GitHub comments abused to push malware via Microsoft repo URLs 30:52 - Story # 5: Security bugs in popular phone-tracking app iSharing exposed users’ precise locations 36:47 - Story # 6: Biden signs bill criticized as “major expansion of warrantless surveillance” 49:38 - Story # 7: ChatGPT’s hallucinations draw EU privacy complaint 57:46 - Story # 8: Sweden’s liquor shelves to run empty this week due to ransomware attack

00:00 - PreShow Banter™ — A Parent Process 03:01 - BHIS - Talkin’ Bout [infosec] News 2024-04-22 04:13 - Story # 1: Exploit code for Palo Alto Networks zero-day now public 07:44 - Story # 1b: (Timeline) Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) 23:22 - Story # 2: MGM says FTC can’t possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time 31:37 - Story # 3: MITRE was breached through Ivanti zero-day vulnerabilities 32:27 - Story # 4: Cisco Integrated Management Controller CLI Command Injection Vulnerability 41:20 - Story # 5: Cisco Duo’s Multifactor Authentication Service Breached 46:01 - Story # 6: DevSecOps security practices are doggone disastrous 54:57 - Story # 7: FYI: This site claims to have harvested 4B+ Discord chats, today all yours for a price

00:00 - PreShow Banter™ — Retro Actions 04:48 - BHIS - Talkin’ Bout [infosec] News 2024-04-15 07:05 - Story # 1: FCC to vote on net neutrality rules on April 25 18:52 - Story # 2: “All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass 23:40 - Story # 2b: Delinea has cloud security incident in Thycotic Secret Server gaff 28:23 - Story # 3: CISA Releases Malware Next-Gen Analysis System for Public Use 40:36 - Story # 4: Hacker Leaks 8.5M U.S. Environmental Protection Agency (EPA) Contact Data 45:55 - Story # 5: SoCal Man Arrested on Federal Charges Alleging He Schemed to Advertise and Sell ‘Hive’ Computer Intrusion Malware

00:00 - PreShow Banter™ — BHIS Bees Corp® 04:08 - The FUTURE IS…… Kickstarter 05:29 - BHIS - Talkin’ Bout [infosec] News 2024-04-08 06:03 - Story # 1: New draft bipartisan US federal privacy bill unveiled 11:03 - Story # 2: How To Opt Out Of GM Sharing Your Driving Data With Insurance Companies 13:04 - Story # 2b: Request a Consumer Disclosure Report 14:25 - Story # 3: Hackers Hijacked Notepad++ Plugin To Execute Malicious Code 29:19 - Story # 4: A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask 46:15 - Story # 5: It’s Time to Hand Cybersecurity Over to the Computers

00:00 - PreShow Banter™ — Zippers, Jokes, & Lawyers (Not to be confused with the song "Lawyers, Guns and Money")02:59 - BHIS - Talkin’ Bout [infosec] News 2024-04-0103:57 - Story # 1: New Darcula phishing service targets iPhone users via iMessage11:57 - Story # 2: Recent ‘MFA Bombing’ Attacks Targeting Apple Users17:22 - Story # 3: Thousands of phones and routers swept into proxy service, unbeknownst to users22:11 - Story # 4: Digital signs around Brookline are collecting data from your phone as you walk by26:57 - Story # 5: Backdoor found in widely used Linux utility targets encrypted SSH connections28:22 - Story # 5b: XZ Outbreak diagram37:32 - Story # 6: Vans warns customers of data breach40:00 - Story # 7: Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers50:32 - Story # 8: Criminals Are Weaponizing Child Abuse Imagery to Ban Discord Servers56:41 - Story # 9: International car theft tool seized in Australia, sparking police warning58:14 - Story # 9b: Investigation into electronic device at Utah high school raises larger concerns for police

00:00 - PreShow Banter™ — “Allegedly”03:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-2508:00 - Story # 1: Cisco Completes Acquisition of Splunk10:47 - Story # 2: General Motors Quits Sharing Driving Behavior With Data Brokers15:27 - Story # 3: Ron DeSantis signs bill requiring parental consent for kids under 16 to hold social media accounts24:34 - Story # 4: House passes bill to prevent the sale of personal data to foreign adversaries28:19 - Story # 5: Unsaflok - vulnerability impacts over 3 million hotel doors33:57 - Story # 6: Canada revisits decision to ban Flipper Zero36:57 - Story # 7: Truck-to-truck worm could infect – and disrupt – entire US commercial fleet42:59 - Story # 8: Cybercriminals Beta Test New Attack to Bypass AI Security46:31 - Story # 9: Russians will no longer be able to access Microsoft cloud services, business intelligence tools50:36 - Story # 10: New ‘Loop DoS’ Attack Impacts Hundreds of Thousands of Systems55:05 - Story # 11: New surveillance video of man catching a flight without ticket

Brought to you by Antisyphon Training — https://www.antisyphontraining.com00:00:00 - PreShow Banter™ — New Arms Again 00:03:24 - BHIS - Talkin’ Bout [infosec] News 2024-03-18 00:04:54 - Story # 1: NIST Releases Version 2.0 of Landmark Cybersecurity Framework 00:10:50 - Story # 2: The FCC has finally decreed that 25Mbps and 3Mbps are not ‘broadband’ speed 00:14:33 - Story # 3: Welcome to the 2024 Threat Detection Report 00:33:40 - Story # 4: NSA Releases Top Ten Cloud Security Mitigation Strategies 00:47:33 - Story # 5: US government agencies demand fixable ice cream machines 00:53:14 - Story # 6: Homeland Security is testing AI to help with immigration, trafficking investigations, and disaster relief 01:03:19 - Story # 7: Feds seize $1.4 million of tech support scam proceeds with the help of crypto firm

 00:00 - PreShow Banter™ — Death to Clippy 05:18 - BHIS - Talkin’ Bout [infosec] News 2024-03-11 – Featuring Josh Mason 06:58 - Story # 1: Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol, and sex 13:43 - Story # 2: Top US cybersecurity agency hacked and forced to take some systems offline 23:39 - Story # 3: Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’ 30:27 - Story # 4: FBI’s 2023 Internet Crime Report 38:18 - Story # 5: QNAP warns of critical auth bypass flaw in its NAS devices 50:42 - Story # 6: Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies

A weekly Podcast with BHIS and Friends. stories. We discuss notable Infosec, and infosec-adjacent news stories. Brought to you by: Black Hills Information Securityhttps://www.blackhillsinfosec.com/Antisyphon Traininghttps://www.antisyphontraining.com/Story # 1: Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concernhttps://www.whitehouse.gov/briefing-r...Story # 2: A leaky database spilled 2FA codes for the world’s tech giantshttps://techcrunch.com/2024/02/29/lea...Story # 3: eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operationhttps://www.darkreading.com/applicati...23:36 - LokiHakanin's related Post / sean-reilly-techopssec_8000-domains-of-tru...  Story # 4: Ivanti Connect Secure hackers hide in plain sight, evading protectionshttps://www.cybersecuritydive.com/new...Story # 5: Over 100,000 Infected Repos Found on GitHubhttps://apiiro.com/blog/malicious-cod...Story # 6: Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warnshttps://arstechnica.com/security/2024...

Story #1: Mr. Cooper leak exposes over two million customersStory #2: ConnectWise ScreenConnect attacks deliver malwareStory #3: LockBit Infrastructure Seized by US, UK PoliceStory #4: US health tech giant Change Healthcare hit by cyberattackStory #5: The reported leak of Chinese hacking documents supports experts’ warnings about how compromised the US could be

The post Talkin’ About Infosec News – 2/28/2024 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 2/20/24 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 2/14/2024 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 2/6/24 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 1/31/2024 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 1/24/2024 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 1/16/2024 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 1/10/24 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 12/21/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 12/15/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 12/06/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/30/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/22/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/13/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/10/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/09/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 11/4/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 10/10/23 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 10/9/2023 appeared first on Black Hills Information Security.

The post Special Segment – Cyber Security Career Advice – 9/28/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/25/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/18/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/11/2023 appeared first on Black Hills Information Security.

Brought to you by Antisyphon Training — https://www.antisyphontraining.com

Brought to you by Antisyphon Training — https://www.antisyphontraining.com

🔵Join us for the Antisyphon Blue Team Summit! https://www.antisyphontraining.com/training/blue-team/2023/06/blue-team-summit-coming-in-august-2023/ Blue Team Summit Coming in August 2023! – Antisyphon Training

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories. Brought to you by: /// 📄 Antisyphon Training August 2023 Blue Team Summit: https://www.antisyphontraining.com/training/blue-team/2023/06/blue-team-summit-coming-in-august-2023/ /// 📄 […]

The post Talkin’ About Infosec News – 6/9/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 5/26/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 5/17/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 5/11/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 5/5/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 4/18/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 4/11/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 4/5/2023 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 4/3/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Tossing Money at Problems00:58 – BHIS – Talkin’ Bout [infosec] News 2023-03-1301:41 – Story # 1: Silicon Valley Bank collapse: Treasury, Fed, and FDIC announce […] The post Talkin’ About Infosec News – 3/16/2023 appeared first on Black Hills Information Security.

THIS IS A TEST The post Talkin’ About Infosec News – 3/8/2023 (v2) appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Lil NAS06:52 – BHIS – Talkin’ Bout [infosec] News 2023-03-0608:13 – Story # 1: LastPass says employee’s home computer was hacked and corporate vault takenhttps://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/28:32 […] The post Talkin’ About Infosec News – 3/8/2023 appeared first on Black Hills Information Security.

Story # 1: A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Lifehttps://www.wsj.com/articles/apple-iphone-security-theft-passcode-data-privacya-basic-iphone-feature-helps-criminals-steal-your-digital-life-cbf14b1a Story # 1b: Apple’s iPhone Passcode Problem: Thieves Can Ruin Your Entire Digital Life in Minutes […] The post Talkin’ About Infosec News – 3/3/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Pop Tart Pizza04:15 – BHIS – Talkin’ Bout [infosec] News 2023-02-2005:39 – Story # 1: Employee data from a major cybersecurity firm posted for sale […] The post Talkin’ About Infosec News – 2/22/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Scalping Valentine’s Day Reservations04:13 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:52 – Story # 1: 5 Chinese companies and a research institute blacklisted by […] The post Talkin’ About Infosec News – 2/17/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — We’ve got nothing to say03:07 – BHIS – Talkin’ Bout [infosec] News 2023-06-2305:56 – Story # 1: Cybercrime job ads on the dark web pay […] The post Talkin’ About Infosec News – 2/13/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Woke Up Like This03:20 – BHIS – Talkin’ Bout [infosec] News 2023-01-3005:04 – Story # 1: GoTo says hackers stole customers’ backups and encryption keyhttps://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key/09:48 […] The post Talkin’ About Infosec News – 2/3/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Wade’s Googly Eyes00:41 – BHIS – Talkin’ Bout [infosec] News 2023-01-2301:26 – Story # 1: BIG TECH LAYOFFS. LAYOFFS! DOOM! RECESSION! The post Talkin’ About Infosec News – 1/25/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Ralph’s Guide to Satellite Bands 04:33 – BHIS – Talkin’ Bout [infosec] News 2023-01-16 05:25 – Story # 1: Microsoft’s new AI can simulate anyone’s […] The post Talkin’ About Infosec News – 1/17/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Twitch Airways International00:59 – BHIS – Talkin’ Bout [infosec] News 2023-01-1003:56 – Story # 1: How ChatGPT could become a hacker’s friendhttps://betanews.com/2023/01/05/how-chatgpt-could-become-a-hackers-friend/14:05 – Story # […] The post Talkin’ About Infosec News – 1/12/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Seven People00:51 – BHIS – Talkin’ Bout [infosec] News 2023-01-0201:37 – Story # 1: LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolenhttps://www.theverge.com/2022/12/28/23529547/lastpass-vault-breach-disclosure-encryption-cybersecurity-rebuttal32:22 – […] The post Talkin’ About Infosec News – 1/3/2023 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Talkin’ Bout [Elon] News00:51 – BHIS – Talkin’ Bout [infosec] News 2022-12-1902:46 – Story # 1: Antivirus and EDR solutions tricked into acting as data […] The post Talkin’ About Infosec News – 12/21/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Scissors Vs Paper00:15 – BHIS – Talkin’ Bout [infosec] News 2022-12-1202:12 – Story # 1: Rackspace confirms ransomware attack behind days-long email meltdownhttps://www.theregister.com/2022/12/06/rackspace_confirms_ransomware/07:56 – Story […] The post Talkin’ About Infosec News – 12/15/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Florida Bobsledding Team01:29 – PreShow Banter™ — Open AI Phishing Campaign05:17 – BHIS – Talkin’ Bout [infosec] News 2022-12-0507:53 – Story # 1: There are […] The post Talkin’ About Infosec News – 12/6/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Inflatable Turkey00:15 – BHIS – Talkin’ Bout [infosec] News 2022-11-2802:34 – Story # 1: Musk recruits engineers for “Twitter 2.0”https://arstechnica.com/tech-policy/2022/11/musk-recruits-engineers-for-twitter-2-0-after-mass-layoffs-and-resignations/06:28 – Story # 2: Security […] The post Talkin’ About Infosec News – 11/30/2022 appeared first on Black Hills Information Security.

00:00 – BHIS – Talkin’ Bout [infosec] News 2022-11-1402:26 – Story # 1: Hackers Dump Australian Health Records Online After Insurer Refuses to Pay Ransom– https://gizmodo.com/hackers-health-info-online-medibank-pay-onion-dark-web-184976074210:04 – Story # 2: TransUnion […] The post Talkin’ About Infosec News – 11/16/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — A is for All Team00:33 – BHIS – Talkin’ Bout [infosec] News 2022-11-0703:56 – Story # 1: Musk to cut half of Twitter jobs and […] The post Talkin’ About Infosec News – 11/11/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Spook Show00:58 – BHIS – Talkin’ Bout [infosec] News 2022-10-3104:00 – Story # 1: OpenSSL warns of critical security vulnerability with upcoming patch– https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/04:42 – Story […] The post Talkin’ About Infosec News – 11/1/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Best WWHF Ever!00:31 – BHIS – Talkin’ Bout [infosec] News 2022-10-1704:55 – Story # 1: The Verge: Cybersecurity Week 2022– https://www.theverge.com/23365380/cybersecurity-week-series-phishing-encryption-device-security07:02 – Story # 2: Google […] The post Talkin’ About Infosec News – 10/17/2022 appeared first on Black Hills Information Security.

00:00 – PreShow Banter™ — Dumpster Fire Friends03:07 – PreShow Banter™ — WHHF Deadwood – https://wildwesthackinfest.com/deadwood/ 03:48 – BHIS – Talkin’ Bout [infosec] News 2022-10-0307:37 – Story # 1: High-severity […] The post Talkin’ About Infosec News – 10/17/2022 appeared first on Black Hills Information Security.

02:28 – Story # 1: American Airlines Breach Exposes Customer and Staff Information– https://www.infosecurity-magazine.com/news/american-airlines-breach-customer/18:59 – Story # 2: London police arrest, charge teen hacking suspect but won’t confirm GTA 6, Uber […] The post Talkin’ About Infosec News – 10/5/2022 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/22/2022 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/13/2022 appeared first on Black Hills Information Security.

The post Talkin’ About Infosec News – 9/9/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON AUGUST 22, 2022 00:00 – PreShow Banter™ — Ralph’s Birthday00:53 – BHIS – Talkin’ Bout [infosec] News 2022-08-2203:27 – Story # 1: PC store told it can’t […] The post Talkin’ About Infosec News – 8/26/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON AUGUST 15, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Sneaking Candy03:32 – BHIS – Talkin’ Bout [infosec] News 2022-08-1507:06 – Story # 1: […] The post Talkin’ About Infosec News – 8/18/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JULY 25, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-07-25 03:59 – Story # 1: DOJ seized ransoms paid by […] The post Talkin’ About Infosec News – 7/25/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JULY 18, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Talkin’ Bout Audio 07:23 – BHIS – Talkin’ Bout [infosec] News 2022-07-18 09:28 – […] The post Talkin’ About Infosec News – 7/18/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JULY 11, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Cons, China, and Florida Man, oh my! 07:03 – Story # 1: North Korean […] The post Talkin’ About Infosec News – 7/11/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JUNE 27, 2022 Articles discussed in this episode: 02:13 – Story # 1: The #1 Period Tracker on the App Store Will Hand Over Data Without a […] The post Talkin’ About Infosec News – 6/27/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JUNE 20, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-06-20 01:31 – Story # 1: Internal TikTok Meetings Shows That […] The post Talkin’ About Infosec News – 6/20/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JUNE 13, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-06-13 02:26 – Story # 1: Roblox Game Pass store used […] The post Talkin’ About Infosec News – 6/13/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JUNE 6, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Boat Facts 01:38 – BHIS – Talkin’ Bout [infosec] News 2022-06-06 03:51 – Story […] The post Talkin’ About Infosec News – 6/6/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MAY 23, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-05-23 02:38 – Story # 1 – National bank trolls hackers […] The post Talkin’ About Infosec News – 5/23/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MAY 16, 2022 Articles discussed in this episode: 00:56 – Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors – https://threatpost.com/microsofts-may-patch-tuesday-updates-cause-windows-ad-authentication-errors/179631/ 08:56 – Update rings for […] The post Talkin’ About Infosec News – 5/16/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MAY 9, 2022 Articles discussed in this episode: 00:00 – Bud Patches Reporting 02:27 – BHIS – Talkin’ Bout [infosec] News 2022-05-09 03:47 – Story # 1 […] The post Talkin’ About Infosec News – 5/9/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON APRIL 25, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Broken Twitter Finger 01:38 – ISO – Talkin’ Bout [infosec] News 2022-04-26 03:08 – […] The post Talkin’ About Infosec News – 4/25/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON APRIL 18, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-04-18 02:05 – Current Activity | CISA | https://www.cisa.gov/uscert/ncas/current-activity 02:58 – […] The post Talkin’ About Infosec News – 4/25/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON APRIL 11, 2022 Articles discussed in this episode: The US Navy had cybersecurity wrong. Expect change. – https://www.c4isrnet.com/digital-show-dailies/navy-league/2022/04/05/us-navy-had-cybersecurity-wrong-expect-change/ Hackers have found a clever new way to steal […] The post Talkin’ About Infosec News – 4/12/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON APRIL 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Blame it on the Intern 06:24 – Spring Time for Java – https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework 09:10 […] The post Talkin’ About Infosec News – 4/6/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MARCH 28, 2022 Articles discussed in this episode: 01:42 – Suspected Okta hackers arrested by British police – https://www.reuters.com/world/uk/british-police-say-seven-people-arrested-after-okta-hack-2022-03-24/ 11:16 – A Closer Look at the LAPSUS$ […] The post Talkin’ About Infosec News – 3/31/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MARCH 22, 2022 Articles discussed in this episode: 00:00 – BHIS – 2022-03-22 Special Newscast –Okta and Microsoft — Everything’s not burning down 10:27 – https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/okta 13:29 […] The post Talkin’ About Infosec News – 3/30/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MARCH 21, 2022 Articles discussed in this episode: 03:27 – Netflix to clamp down on password sharing – https://about.netflix.com/en/news/paying-to-share-netflix-outside-your-household 10:15 – Ransomeware is still a thing 12:31 […] The post Talkin’ About Infosec News – 3/29/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON MARCH 7, 2022 Articles discussed in this episode: 00:08:57 – Hacker Group Anonymous and Others Targeting Russian Data – https://www.websiteplanet.com/blog/cyberwarfare-ukraine-anonymous/ The post Talkin’ About Infosec News – Special Ukraine Edition – 3/10/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON FEBRUARY 28, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Off-Brand Trickx 00:43 – BHIS – Talkin’ Bout [infosec] News 2022-02-28 02:40 – BHIS […] The post Talkin’ About Infosec News – 3/4/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON FEBRUARY 7, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — I’m a Rocket Mail 01:21 – BHIS – Talkin’ Bout [infosec] News 2022-02-07 02:18 […] The post Talkin’ About Infosec News – 2/11/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 31, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Legions of the Undead 01:26 – BHIS – Talkin’ Bout [infosec] News 2022-01-31 04:06 […] The post Talkin’ About Infosec News – 2/4/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 24, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — The Monkey Dance 00:25 – BHIS – Talkin’ Bout [infosec] News 2022-01-24 01:49 – […] The post Talkin’ About Infosec News – 1/27/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 17, 2022 Articles discussed in this episode: 0:00:00 – PreShow Banter™ — Whose Ears Are Buring? 0:01:06 – BHIS – Talkin’ Bout [infosec] News 2022-01-17 0:02:27 […] The post Talkin’ About Infosec News – 1/21/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 10, 2022 Articles discussed in this episode: 01:58 – Story # 1: WordPress Core Vulnerabilities – https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/#close 11:32 – Story # 2: Card-stealing code on over […] The post Talkin’ About Infosec News – 1/14/2022 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Who’s Job Is It Anyway? 00:20 – BHIS – Talkin’ Bout [infosec] News 2022-01-04 […] The post Talkin’ About Infosec News – 1/7/2022 appeared first on Black Hills Information Security.

This is a special joint webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand.  In this webcast, we cover […] The post Webcast: New Wave of Ransomware Attacks: How did this happen? appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON DECEMBER 20, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — Getting Nerdy With It 04:18 – BHIS – Talkin’ Bout [infosec] News 2021-12-20 – […] The post Talkin’ About Infosec News – 12/22/2021 appeared first on Black Hills Information Security.

Ransomware attacks have been growing in popularity, especially in critical infrastructure. Due to the importance of critical infrastructure, the need to secure the environments is an impending issue. The technology […] The post Webcast: Intro to Ransomware and Industrial Control Systems (ICS) appeared first on Black Hills Information Security.

At Black Hills Information Security (BHIS), we make our living doing pentesting, but we’ve never once been paid for a pentest. Penetration Testers get paid for their reports. For their […] The post Webcast: Hack for Show, Report For Dough: Part 2 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON DECEMBER 13, 2021 00:00 – PreShow Banter™ 09:41 – FEATURE PRESENTATION: The Floor is Java – Log4Shell / Log4J 10:26 – Lets Jump In 11:31 – Oh No… […] The post Talkin’ About Infosec News – The Floor is Java – 12/15/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON DECEMBER 6, 2021 Articles discussed in this episode: 00:18 – BHIS – Talkin’ Bout [infosec] News 2021-12-06 02:57 – Story # 1: Apple AirTag Car Thefts – […] The post Talkin’ About Infosec News – 12/09/2021 appeared first on Black Hills Information Security.

Kent Ickler // Background Over four years ago now, I wrote a blog post on fixing missing Content-Security-Policy by updating configuration on webservers: https://www.blackhillsinfosec.com/fix-missing-content-security-policy-website/. Content-Security-Policies instruct a user’s web browser […] The post Fixing Content-Security-Policies with Cloudflare Workers appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON NOVEMBER 22, 2021 Articles discussed in this episode: Story # 1: Chinese Team Up With Russia To Launch US Cybersecurity Assault – https://hothardware.com/news/chinese-hackers-team-up-with-russian-ransomware-gang Story # 2: The FBI […] The post Talkin’ About Infosec News – 11/26/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON NOVEMBER 15, 2021 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2021-11-15 02:22 – Story # 1: Robinhood data breach – https://www.bleepingcomputer.com/news/security/robinhood-discloses-data-breach-impacting-7-million-customers/ 07:27 […] The post Talkin’ About Infosec News – 11/17/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON November 08, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — God’s Waiting Room 03:08 – BHIS – Talkin’ Bout [infosec] News 2021-11-08 04:50 – […] The post Talkin’ About Infosec News – 11/12/2021 appeared first on Black Hills Information Security.

Have you ever seen a call for papers for a conference and thought to yourself that you’d like to submit a talk and then immediately thought, oh never mind? Have […] The post Webcast: How to Share Your Knowledge with Others appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON OCTOBER 25, 2021 Articles discussed in this episode: 01:42 – Story # 1: https://www.bleepingcomputer.com/news/security/fired-it-admin-revenge-hacks-school-by-wiping-data-changing-passwords/ 06:34 – Story # 2: https://krebsonsecurity.com/2021/10/missouri-governor-vows-to-prosecute-st-louis-post-dispatch-for-reporting-security-vulnerability/ 11:50 – Story # 3: https://www.pcgamer.com/hackers-drain-cryptocurrency-accounts-of-thousands-of-coinbase-users/ 23:47 […] The post Talkin’ About Infosec News – 10/28/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON OCTOBER 11, 2021 Articles discussed in this episode: 00:21 – Story # 1: Facebook Aftermath | https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ 09:17 – Story # 2: Twitch Source Code | https://www.theregister.com/2021/10/06/twitch_data_leak/ […] The post Talkin’ About Infosec News – 10/19/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON OCTOBER 4, 2021 Articles discussed in this episode: 00:57 – Story # 1: Facebook is Burning 22:09 – Story # 2: https://www.bleepingcomputer.com/news/security/voipms-phone-services-disrupted-by-ddos-extortion-attack/ 25:38 – Story # 3: […] The post Talkin’ About Infosec News – 10/13/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON SEPTEMBER 27, 2021 Articles discussed in this episode: 01:20 – Story # 1: https://habr.com/en/post/579714/ 02:14 – Story # 1b: https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/ 02:54 – Story # 1c: https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/ 04:03 […] The post Talkin’ About Infosec News – 9/29/2021 appeared first on Black Hills Information Security.

In this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode. GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, […] The post Webcast: Shellcode Execution with GoLang appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON SEPTEMBER 20, 2021 Articles discussed in this episode: 00:55 – Story # 1: https://techcrunch.com/2021/09/13/apple-zero-day-nso-pegasus/ 19:45 – Story # 2: https://www.tomshardware.com/news/researchers-find-windows-subsystem-linux-malware 27:45 – Story # 3: https://www.wsj.com/articles/u-s-to-target-crypto-ransomware-payments-with-sanctions-11631885336 41:19 […] The post Talkin’ About Infosec News – 9/23/2021 appeared first on Black Hills Information Security.

Jordan and Kent have heard from a lot of people that the past Black Hills Information Security (BHIS) webcasts: “Group Policies That Kill Kill Chains” and “Active Directory Best Practices […] The post Webcast: The Quest for the Kill Chain Killer Continues appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON SEPTEMBER 13, 2021 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2021-09-13 02:59 – Story # 1: https://cyberworkx.in/2021/08/31/authentication-bypass-vulnerability-in-exchange-server/ 04:43 – Story # […] The post Talkin’ About Infosec News – 9/17/2021 appeared first on Black Hills Information Security.

Why is blockchain security important? Blockchain usage has exploded since the Bitcoin whitepaper was first published in 2008. Many applications rely on this technology for increased trust and privacy, where […] The post Webcast: Getting Started in Blockchain Security and Smart Contract Auditing appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON SEPTEMBER 7, 2021 Articles discussed in this episode: 02:14 – Story # 1: https://therecord.media/chinese-hackers-behind-july-2021-solarwinds-zero-day-attacks 06:17 – Story # 2: https://www.secureworld.io/industry-news/ciso-lawsuit-solarwinds 08:30 – Story # 3: https://taskandpurpose.com/news/air-force-cybersecurity-nicolas-chaillan/ 10:29 […] The post Talkin’ About Infosec News – 9/9/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON AUGUST 30, 2021 Articles discussed in this episode: 01:38 – Story # 1: https://carbuzz.com/news/tom-cruise-couldnt-stop-thieves-stealing-his-bmw-7-series 14:45 – Story # 2: https://www.vice.com/en/article/jg84yy/data-brokers-netflow-data-team-cymru 23:24 – Story # 3: https://www.reuters.com/technology/exclusive-microsoft-warns-thousands-cloud-customers-exposed-databases-emails-2021-08-26/ 27:37 […] The post Talkin’ About Infosec News – 9/3/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON AUGUST 23, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — A Case of the Mondays 04:14 – Talkin’ Bout [InfoSec] News 2021-08-23 05:24 – […] The post Talkin’ About Infosec News – 8/25/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON AUGUST 16, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-16 01:34 – Story # 1: https://youtu.be/WqD-ATqw3js 05:50 – Story # 2: […] The post Talkin’ About Infosec News – 8/18/2021 appeared first on Black Hills Information Security.

Originally Aired on August 10, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-10 — The Ransomware Intro 03:18 – Story # 1: https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life 15:58 […] The post Talkin’ About Infosec News – 8/13/2021 appeared first on Black Hills Information Security.

Originally Aired on August 2, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-08-02 — Gold Foil Hats 05:18 – Story # 1: https://hothardware.com/news/microsoft-printnightmare-hack-grants-windows-admin-privileges 10:40 […] The post Talkin’ About Infosec News – 8/4/2021 appeared first on Black Hills Information Security.

Originally Aired on July 26, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-26 03:54 – Story # 1: https://cyberworkx.in/2021/07/24/new-windows-attack-petitpotam-forces-windows-hosts-to-share-ntlm-hashes/ 18:53 – Story # 2: […] The post Talkin’ About Infosec News – 7/28/2021 appeared first on Black Hills Information Security.

We’ve been having a problem with people that want to play with Security Onion or RITA at home. If a home router does not have a mirror port it can […] The post Webcast: No SPAN Port? No Tap? No Problem! appeared first on Black Hills Information Security.

Originally Aired on July 19, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-19 02:18 – Story # 1: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm 13:15 – Story # 2: […] The post Talkin’ About Infosec News – 7/21/2021 appeared first on Black Hills Information Security.

Originally Aired on July 12, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-12 01:56 – Story # 1: https://www.bleepingcomputer.com/news/security/biden-asks-putin-to-crack-down-on-russian-based-ransomware-gangs/ 03:09 – Russia’s R.A.R.E. Program […] The post Talkin’ About Infosec News – 7/12/2021 appeared first on Black Hills Information Security.

Building a phishing engagement is hard. While the concept is straightforward, real-world execution is tricky. Being successful takes enormous amounts of up-front setup and knowledge in quickly evolving phishing tactics. […] The post Webcast: How to Build a Phishing Engagement – Coding TTP’s appeared first on Black Hills Information Security.

Join the BHIS Community Discord: https://discord.gg/bhis Music By Beau: https://www.nobandwidth.io 00:00 – 2021-04-01 – PreShow Banter™ — Intro Sec Con & The Birth of PreShowBanterCon-A-Thon 2021!™ 05:29 – You’re So […] The post The Birth of PreShowBanterCon-A-Thon 2021!™ appeared first on Black Hills Information Security.

Originally Aired on July 6, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-06 02:32 – Story # 1 – CISA self-assessment audit tool – […] The post Talkin’ About Infosec News – 7/6/2021 appeared first on Black Hills Information Security.

Originally Aired on June 28, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — Way West Recap06:38 – Story 1 : https://www.bleepingcomputer.com/news/security/wd-my-book-nas-devices-are-being-remotely-wiped-clean-worldwide/12:58 – Story 2 : https://www.vice.com/en/article/bvzd8v/hackers-use-fake-call-center-to-trick-victims-into-installing-ransomware19:41 – […] The post Talkin’ About Infosec News – 6/28/2021 appeared first on Black Hills Information Security.

Originally Aired on June 1, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — Fishing Attacks 02:40 – Story 1: https://m1racles.com/ 05:33 – Story 2: https://arstechnica.com/gadgets/2021/05/vulnerability-in-vmware-product-has-severity-rating-of-9-8-out-of-10/ 11:26 – […] The post Talkin’ About Infosec News – 6/1/2021 appeared first on Black Hills Information Security.

In this Black Hills Information Security (BHIS) webcast, you will learn tools and techniques for performing penetration tests against Microsoft Azure environments. Increasingly, more organizations are migrating resources to being […] The post Webcast: Getting Started in Pentesting The Cloud: Azure appeared first on Black Hills Information Security.

Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […] The post Backdoors & Breaches LIVE – 5/19/2021 appeared first on Black Hills Information Security.

There has been a huge explosion of different free and open-source options for EDR in the security space. Which is nice because the commercial offerings are stupid expensive. In this […] The post Webcast: Your Free and Open Source EDR Options! appeared first on Black Hills Information Security.

Originally Aired on May 10, 2021 Articles discussed in this episode: https://whyy.org/segments/the-greatest-hoax-on-earth/ https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-network-disruption-at-colonial-pipeline https://arstechnica.com/gadgets/2021/05/peloton-takes-3-months-to-fix-flaw-that-exposed-users-private-information/ https://threatpost.com/critical-cisco-sd-wan-hyperflex-bugs/165923/ https://www.macrumors.com/2021/05/10/hacked-airtag-links-to-custom-url-lost-mode/ https://jalopnik.com/security-researchers-hack-a-tesla-from-a-drone-1846833249 The post Talkin’ About Infosec News – 5/10/2021 appeared first on Black Hills Information Security.

This is a joint emergency webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand. There have been a couple […] The post Webcast: Ok, Let’s Talk About Ransomware appeared first on Black Hills Information Security.

Originally Aired on May 5, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 5/5/2021 appeared first on Black Hills Information Security.

Originally Aired on May 3, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 5/3/2021 appeared first on Black Hills Information Security.

Join our Incident Master BanjoCrashland as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP SIMULATOR […] The post Backdoors & Breaches LIVE – 4/28/2021 appeared first on Black Hills Information Security.

Originally Aired on April 26, 2021 Articles discussed in this episode: https://usdaynews.com/celebrities/celebrity-death/dan-kaminsky-death-cause/ https://signal.org/blog/cellebrite-vulnerabilities/ https://arstechnica.com/gadgets/2021/04/hackers-backdoor-corporate-password-manager-and-steal-customer-data/ https://youtu.be/G0gOAvpGoJg The post Talkin’ About Infosec News – 4/26/2021 appeared first on Black Hills Information Security.

Originally Aired on April 19, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 4/19/2021 appeared first on Black Hills Information Security.

Originally Aired on April 12, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 4/12/2021 appeared first on Black Hills Information Security.

Originally Aired on April 7, 2021 Articles discussed in this episode: https://www.scmagazine.com/home/security-news/phishing/array-of-recent-phishing-schemes-use-personalized-job-lures-voice-manipulation/ https://www.coindesk.com/hackers-mined-crypto-on-githubs-servers-report https://www.securityweek.com/white-hats-earn-440000-hacking-microsoft-products-first-day-pwn2own-2021 https://www.infosecurity-magazine.com/news/consulting-firm-data-breach/ https://github.com/Neo23x0/Raccine https://github.com/ralphte/build_a_phish https://support.microsoft.com/en-us/windows/protect-your-pc-from-ransomware-08ed68a7-939f-726c-7e84-a72ba92c01c3 https://www.infosecurity-magazine.com/news/florida-school-district-40m-ransom/ The post Talkin’ About Infosec News – 4/7/2021 appeared first on Black Hills Information Security.

Originally Aired on April 5, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 4/5/2021 appeared first on Black Hills Information Security.

Originally Aired on March 29, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 3/29/2021 appeared first on Black Hills Information Security.

Originally Aired on March 24, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 3/24/2021 appeared first on Black Hills Information Security.

During remote red team exercises, it can be difficult to keep from leaking information to the target organization’s security team. Every interaction with the target’s website, every email sent, and […] The post Webcast: OPSEC Fundamentals for Remote Red Teams appeared first on Black Hills Information Security.

Originally Aired on March 22, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 3/22/2021 appeared first on Black Hills Information Security.

Originally Aired on March 17, 2021 Articles discussed in this episode: https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams https://media.cert.europa.eu/static/SecurityAdvisories/2021/CERT-EU-SA2021-014.pdf https://security.googleblog.com/2021/03/introducing-sigstore-easy-code-signing.html https://krebsonsecurity.com/2021/03/weleakinfo-leaked-customer-payment-info/ https://twitter.com/PythonResponder/status/1372023079719817218?s=20 The post Talkin’ About Infosec News – 3/17/2021 appeared first on Black Hills Information Security.

The Livestream of our first Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version of the game was a success! If you have STEAM / TABLETOP SIMULATOR […] The post Backdoors & Breaches LIVE – 3/10/2021 appeared first on Black Hills Information Security.

It is another year for the Sacred Cash Cow Tipping Webcast. For those of you who are new to our email list within the past year, this is a webcast […] The post Webcast: Sacred Cash Cow Tipping 2021 appeared first on Black Hills Information Security.

Originally Aired on March 8, 2021 The post Talkin’ About Infosec News – 3/8/2021 appeared first on Black Hills Information Security.

Originally Aired on March 3, 2021 Articles discussed in this episode: https://www.msn.com/en-us/money/other/microsoft-these-exchange-server-zero-day-flaws-are-being-used-by-hackers-so-update-now/ar-BB1ec0In The post Talkin’ About Infosec News – 3/3/2021 appeared first on Black Hills Information Security.

Originally Aired on March 1, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 3/1/2021 appeared first on Black Hills Information Security.

Originally Aired on February 24, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 2/24/2021 appeared first on Black Hills Information Security.

Originally Aired on February 22, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 2/22/2021 appeared first on Black Hills Information Security.

Originally Aired on February 17, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 2/17/2021 appeared first on Black Hills Information Security.

Originally Aired on February 8, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 2/8/2021 appeared first on Black Hills Information Security.

Originally Aired on February 1, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 2/1/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 25, 2021 The post Talkin’ About Infosec News – 1/25/2021 appeared first on Black Hills Information Security.

ORIGINALLY AIRED ON JANUARY 20, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 1/20/2021 appeared first on Black Hills Information Security.

A few short years ago, penetration testers did not have to work too hard for their malware command channels to execute. Fast forward to today in the age of Endpoint […] The post Webcast: Move Aside Script Kiddies – Malware Execution in the Age of Advanced Defenses appeared first on Black Hills Information Security.

Originally aired on January 13, 2021 Articles discussed in this episode: The post Talkin’ About Infosec News – 1/13/2021 appeared first on Black Hills Information Security.

This blog was written in conjunction with Wild West Hackin’ Fest. Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, […] The post Webcast: Discussing Implications of the SolarWinds Breach(es) appeared first on Black Hills Information Security.

Originally aired on December 21, 2020 Articles discussed in this episode: https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/ https://theintercept.com/2020/12/17/russia-hack-austin-texas/ The post Talkin’ About Infosec News – 12/21/2020 appeared first on Black Hills Information Security.

Originally aired on December 14, 2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 12/14/2020 appeared first on Black Hills Information Security.

Originally aired on December 11, 2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 12/11/2020 appeared first on Black Hills Information Security.

Are you responsible for the security of webapps? Are you curious about how penetration testers are able to find vulnerabilities in them? Burp Suite is the preferred tool for many […] The post Webcast: Getting Started with Burp Suite & Webapp Pentesting appeared first on Black Hills Information Security.

Have you ever tried packaging a Python library/app in order to upload it to the Python Package repository (Pypi)? Not so straight forward is it? There’s a gazillion files you […] The post Webcast: Pretty Little Python Secrets – Episode 2 – Python Development & Packaging as Beautiful as a Poem appeared first on Black Hills Information Security.

Originally aired on November 30, 2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 11/30/2020 appeared first on Black Hills Information Security.

Originally aired on November 19, 2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 11/19/2020 appeared first on Black Hills Information Security.

Originally aired on November 11, 2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 11/11/2020 appeared first on Black Hills Information Security.

Originally aired on 11/09/2020 Articles discussed in this episode: The post Talkin’ About Infosec News – 11/09/2020 appeared first on Black Hills Information Security.

Originally aired on October 26, 2020. The post Talkin’ About Infosec News – 10/26/2020 appeared first on Black Hills Information Security.

Originally aired on October 21, 2020. The post Talkin’ About Infosec News – 10/21/2020 appeared first on Black Hills Information Security.

Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst […] The post Webcast: The SOC Age Or, A Young SOC Analyst’s Illustrated Primer appeared first on Black Hills Information Security.

They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools […] The post Webcast: Infosec Mentoring | How to Find and Be a Mentor & Mentee appeared first on Black Hills Information Security.

Worlds collide as Black Hills Information Security (BHIS) brings together legendary developers in open source software (OSS) hunting and adversarial emulation projects for a discussion on the current state of […] The post Webcast: When Worlds Collide: OSS Hunting & Adversarial Simulation appeared first on Black Hills Information Security.

John Strand // Ok, that was a bit of a dramatic title. But, it works. In this Black Hills Information Security (BHIS) webcast, John covers the tips and tricks on […] The post Webcast: How to Present: Secrets of a Retired SANS Instructor appeared first on Black Hills Information Security.

Have you ever installed a Python tool / library only to then find out other Python based tools you’ve installed previously are now completely broken? Running Kali? Ever try installing […] The post Webcast: Pretty Little Python Secrets – Episode 1 – Installing Python Tools and Libraries the Right Way appeared first on Black Hills Information Security.

CJ and Bryan will share the knowledge they’ve accumulated, by helping 1,000’s of organizations determine what they need and don’t need when it comes to penetration tests and security assessments, […] The post Webcast: What to Expect When You’re Expecting a Penetration Test appeared first on Black Hills Information Security.

Jordan Drysdale & Kent Ickler // Jordan and Kent are back again to continue strengthening organizations’ information security human capital (That’s all you folks!). Organization Leadership and Security Practitioners can […] The post Webcast: Atomic Purple Team Framework and Life Cycle appeared first on Black Hills Information Security.

This is a joint webcast between Black Hills Information Security and the Wild West Hackin’ Fest conference. We hate ransomware. Like a lot. This is because we feel this is […] The post Webcast: What About Ransomware? appeared first on Black Hills Information Security.

So much information about testing webapps for security problems is old. Don’t get me wrong, the old stuff still works way more often than we’d like, but there’s more to […] The post Webcast: Modern Webapp Pentesting: How to Attack a JWT appeared first on Black Hills Information Security.

Joff Thyer has dove into everything that is IPv6 and has so much to share about it. He gets really technical but in a way you’ll be able to understand. […] The post Webcast: IPv6: How to Securely Start Deploying appeared first on Black Hills Information Security.

In this Black Hills Information Security webcast John breakdowns why he hates threat intelligence… Again… But, he breaks down some of the cool new projects that are focusing on durable […] The post Webcast: Durable vs. Ephemeral Threat Intel appeared first on Black Hills Information Security.

Kent and Jordan are back to continue their journey to make the world a better place. This time around, they will be reviewing a series of tools commonly used on […] The post Webcast: A Blue Team’s Perspective on Red Team Hack Tools appeared first on Black Hills Information Security.

Job hunting? Looking for a career change? Still in college and want to know how to get started now in your career? If you answered yes to any of these […] The post Webcast: How to Hunt for Jobs like a Hacker appeared first on Black Hills Information Security.

Join the BHIS Discord discussion server: https://discord.gg/aHHh3u5 We’re really excited to have a close member of our BHIS extended family, Tim Medin from Red Siege InfoSec, here for a webcast […] The post Webcast: Kerberos & Attacks 101 appeared first on Black Hills Information Security.

I like webapps, don’t you? Webapps have got to be the best way to learn about security. Why? Because they’re self-contained and so very transparent. You don’t need a big […] The post Webcast: Free Tools! How to Use Developer Tools and Javascript in Webapp Pentests appeared first on Black Hills Information Security.

This is a joint webcast from Black Hills Information Security and Active Countermeasures. How many of us have tried some new configuration option, utility, or hardware on a production environment, […] The post Webcast: How to Build a Home Lab appeared first on Black Hills Information Security.

What does it mean to work from home across your corporate VPN? What exactly is VPN? Is your home office prepared? How can you improve and better secure your home […] The post Webcast: Pandemic Paradigm Shift: Remote Working is the New Normal appeared first on Black Hills Information Security.

The team at Black Hills Information Security and Wild West Hackin’ Fest had to pivot from doing an in-person information security conference in San Diego to a 100% virtual conference […] The post Webcast: How (we) Run a Virtual Conference and How You Can, Too appeared first on Black Hills Information Security.

In this webcast, we will cover what we can do if we think there is a breach on our network. We will cover live forensics, cool PowerShell scripts, network, and […] The post Webcast: Think You’re Compromised? What Do We Do Next? appeared first on Black Hills Information Security.

Do you know what your attackers know? There’s a good chance you know, but you might not be aware of just how much information can be found historically and in […] The post Webcast: Enterprise Recon For Purple Teams appeared first on Black Hills Information Security.

In this webcast, we have our friend Hal Pomeranz sharing his massive knowledge on Linux. If you’re new to Linux, or if you know it and just want to hear […] The post Webcast: Linux Command Line Dojo with Hal Pomeranz appeared first on Black Hills Information Security.

Backdoors & Breaches kind of took off. In case you don’t know, Backdoors & Breaches is an Incident Response Card Game to help people better understand the various attacks and defenses used […] The post Webcast: Introducing Competitive Backdoors & Breaches and More! appeared first on Black Hills Information Security.

Ever wanted to get started in cyber deception? Ever wanted to do it for free? In this BHIS webcast, we will cover some basic, legal, and easy tools/techniques to get […] The post Webcast: Getting Started in Cyber Deception appeared first on Black Hills Information Security.

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […] The post Podcast: Passwords: You Are the Weakest Link appeared first on Black Hills Information Security.

Want to learn how attackers bypass endpoint products? Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_SacredCashCowTipping2020.pdf 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco […] The post Webcast: Sacred Cash Cow Tipping 2020 appeared first on Black Hills Information Security.

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated […] The post Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD appeared first on Black Hills Information Security.

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […] The post Webcast: Passwords: You Are the Weakest Link appeared first on Black Hills Information Security.

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded […] The post Podcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security.

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […] The post Podcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security.

In this BHIS podcast, originally recorded as a live webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens.  We cover how to […] The post BHIS PODCAST: Tracking attackers. Why attribution matters and how to do it. appeared first on Black Hills Information Security.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?  In this one-hour podcast, originally recorded as […] The post BHIS PODCAST: Endpoint Security Got You Down? No PowerShell? No Problem. appeared first on Black Hills Information Security.

Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely […] The post BHIS Podcast: Blockchain and You! InfoSec Edition appeared first on Black Hills Information Security.

Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to […] The post PODCAST: Sacred Cash Cow Tipping 2019 appeared first on Black Hills Information Security.

For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate […] The post PODCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security.

In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, […] The post PODCAST: BHIS Sorta Top Used Tools of 2018 appeared first on Black Hills Information Security.

Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. […] The post PODCAST: Raising Hacker Kids appeared first on Black Hills Information Security.

Over the past few months, we have discovered a couple trends that organizations seem to be missing. No silver bullets, just some general vulnerability issues we are seeing again and […] The post PODCAST: Blue Team-Apalooza appeared first on Black Hills Information Security.

Join John as he covers what he and the BHIS Systems team have been working on lately – creating a C2/Implant/Malware test bed. Testing our C2/malware solutions is important because […] The post PODCAST: Creating & Keeping a Malware Zoo appeared first on Black Hills Information Security.

John Strand shares some of his own journey into information security and also his ideas and tips for those wanting to get into the industry from the start, or those […] The post PODCAST: John Strand’s 5 Year Plan into InfoSec Part 2 appeared first on Black Hills Information Security.

Join special guest Chris Brenton, COO of Active Countermeasures, as he discusses the anatomy of beacons and why you need to be looking for them during a threat hunt. He […] The post PODCAST: Beacon Analysis appeared first on Black Hills Information Security.

Dakota Nelson // Dakota talks about the pentester pyramid of pain and the different types of tests available from an information security firm. See his slides here: https://blackhillsinformationsecurity.shootproof.com/gallery/7404264/ Extra links & […] The post PODCAST: What Is a Red Team, Anyway? appeared first on Black Hills Information Security.

Join John Strand as he continues his Attack Tactic series this time with the defense ideas for the attacks mentioned in episode 3 (see more here) To see the entire […] The post PODCAST: From Active Countermeasures – Attack Tactics 4 appeared first on Black Hills Information Security.

// Jordan Drysdale and Kent Ickler talk about Best Practices for setting up Active Directory. Bre joins as fake Sierra to host and ask questions from the audience since real […] The post PODCAST: Active Directory Best Practices that Frustrate Pentesters appeared first on Black Hills Information Security.

CJ Cox talks about the highs, lows, hows and why’s of security policy. // Show Notes Why are we doing this? Do you hate your audience? GDPR was bad enough. […] The post PODCAST: Security Policy: Fact Fiction or Implement the Marquis de Management appeared first on Black Hills Information Security.

Join Beau Bullock and Mike Felch as they talk about ways to learn more, network and wake up your inner hacker. See the full episode here and look at the slides […] The post PODCAST: Highly Caffeinated InfoSec appeared first on Black Hills Information Security.

John Strand talks about how BHIS pen tests companies who use the cloud. Want to know how you can defend against attacks in your cloud infrastructure? Keep your eyes peeled for […] The post PODCAST: Attack Tactics Part 3: No Active Directory? No Problem! appeared first on Black Hills Information Security.

Special guest Lee Kagan from RedBlack Security talks about his script, his previous guest posts and the future of C2 with Beau Bullock and Sierra. Check out these links: How […] The post PODCAST: Lee Kagan & Beau Bullock talk C2 appeared first on Black Hills Information Security.

Sally Vandeven & David Fletcher // This is the podcast version of Sally & David’s webcast. For the whole webcast see our webcast post. Links that are mentioned in this […] The post PODCAST: Hacker Tools, Compliments of Microsoft appeared first on Black Hills Information Security.

Matt Toussain goes through how Mailsniper can be the penetration tester’s best friend. If you haven’t been using this tool in your tests you might start now! Check out the […] The post PODCAST: Testing G Suites with MailSniper appeared first on Black Hills Information Security.

John talked about how we’d attack, here’s how you can defend against those attacks. Grab the slides here: https://blackhillsinformationsecurity.shootproof.com/gallery/6843799/ The post PODCAST: Attack Tactics Part 2 appeared first on Black Hills Information Security.

This is the audio only version of John’s webcast about how we would attack your company during a pentest. Grab his slides here:  https://blackhillsinformationsecurity.shootproof.com/gallery/6843799/ The post PODCAST: Attack Tactics Part 1 appeared first on Black Hills Information Security.