Talkin' Bout [Infosec] News cover art

Talkin' Bout [Infosec] News

Talkin' Bout [Infosec] News

By: Black Hills Information Security
Listen for free

About this listen

 A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. Join us live on YouTube, Monday's at 4:30PM ETCopyright 2025 Talkin' About [Infosec] News, Powered by Black Hills Information Security Politics & Government
Episodes
  • US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02

    US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
    Feb 5 2026
    Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatThis episode breaks down recent reports of sensitive information being shared with AI tools and what that means for security and operations. The discussion covers OPSEC failures, common misuse of ChatGPT in professional environments, how data actually flows through AI systems, and what organizations should (and shouldn’t) worry about. The hosts focus on practical risk, realistic threat models, and actionable lessons for security teams navigating AI adoption.Chapters(00:00) - PreShow Banter™ — Robot Drivers(06:29) - US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02(09:54) - Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT(19:03) - Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies(23:01) - Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users(26:30) - Story # 4: Millions of Gmail, Facebook and other account credentials exposed(30:55) - Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site(36:13) - Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security(39:12) - Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity(41:13) - Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google(45:09) - Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries(48:49) - Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group(52:05) - Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine(54:28) - Story # 12: Attack on Renewable Energy Plants(56:26) - Story # 13: Disrupting the World's Largest Residential Proxy Network | Google Cloud BlogLinksStory # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPTStory # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesStory # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select UsersStory # 4: Millions of Gmail, Facebook and other account credentials exposedStory # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the SiteStory # 6: County pays $600,000 to pentesters it arrested for assessing courthouse securityStory # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodityStory # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of GoogleStory # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 CountriesStory # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware groupStory # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in UkraineStory # 12: Attack on Renewable Energy PlantsStory # 13: Disrupting the World’s Largest Residential Proxy Network | Google Cloud BlogWade & Hayden on Simply Cyber - https://www.youtube.com/live/c_lUP5gR15IHayden’s Class - https://www.antisyphontraining.com/product/foundations-of-security-operations-with-hayden-covington/Mishaal’s Class - https://www.antisyphontraining.com/product/next-level-osint-with-mishaal-khan/🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Show More Show Less
    1 hr and 5 mins
  • TikTok's invasive Privacy Policy - 2026-01-26

    TikTok's invasive Privacy Policy - 2026-01-26
    Jan 28 2026
    Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatIn this episode, the hosts break down TikTok’s latest privacy policy and why it’s raising serious red flags. They discuss how the app expands data collection and tracking, what that means for user privacy, and the broader security implications—especially concerns around data access and China. Along the way, the conversation connects these changes to ongoing TikTok ban discussions, real-world risk for individuals and organizations, and what users should consider if they continue using the platform. The episode mixes technical insight with practical takeaways, making the privacy risks easy to understand without losing nuance.Chapters:(00:00) - PreShow Banter™ — Electroshock Therapy(02:28) - 2026-01-26(07:33) - Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched(14:27) - Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root(17:37) - Story # 3: Clara Hawking’s Post on TikTok's Pivacy Policy(24:05) - Story # 4: Supreme Court to hear Facebook pixel tracking case(31:02) - Story # 5: Google accused of grooming kids after child receives this email(34:38) - Story # 6: House of Lords backs legislation to ban social media for children under 16(35:47) - Story # 6b: Australia has banned social media for kids under 16. How does it work?(42:20) - Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)(48:29) - Story # 8: 1Password adds pop-up warnings for suspected phishing sites(52:09) - ClawdBot / MoltbotLinks:Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patchedStory # 2: Hackers exploit critical telnetd auth bypass flaw to get rootStory # 3: Clara Hawking’s Post on TikTok’s Pivacy PolicyStory # 4: Supreme Court to hear Facebook pixel tracking caseStory # 5: Google accused of grooming kids after child receives this emailStory # 6: House of Lords backs legislation to ban social media for children under 16Story # 6b: Australia has banned social media for kids under 16. How does it work?Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)Story # 8: 1Password adds pop-up warnings for suspected phishing sitesClawdBot / MoltbotTroy’s WorkshopANTI-CAST: Effective AI for Practical SecOps Workflows w/ Hayden Covington🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Show More Show Less
    1 hr and 3 mins
  • Chinese firms drop US and Israeli cybersecurity software - 2026-01-19

    Chinese firms drop US and Israeli cybersecurity software - 2026-01-19
    Jan 20 2026
    Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chat🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.comThis episode is a rapid-fire cybersecurity news roundup covering multiple headlines and what they mean for defenders. The crew debates reports that Chinese firms are dropping U.S. and Israeli security vendors, then pivots into breach fallout, malware activity, and real-world attacker behavior. Along the way, they unpack how geopolitics affects procurement, why supply-chain dependencies make “bans” messy, and what happens when organizations swap tools fast. Expect candid takes on ransomware trends, enterprise security operations, and where hype collides with implementation. The hosts also riff on incident response realities, risk management, and what security teams should watch for next—plus plenty of side commentary and humor in between.Chapters(00:00) - PreShow Banter™ — Podcast Banter(04:13) - Chinese firms to stop using US and Israeli cybersecurity software - 2026-01-19(08:56) - Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say(13:42) - Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system(16:25) - Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports(18:20) - Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.(20:02) - Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment(27:41) - Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe(29:12) - Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes(41:47) - Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations(49:30) - Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow(55:29) - CTF Winners(59:19) - ChickenSec: KFC app 'more secure' than Manage My Health, expert claimsLinksStory # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources sayStory # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing systemStory # 3: Hacker gets seven years for breaching Rotterdam and Antwerp portsStory # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experimentStory # 6: Hungary grants asylum to former Polish minister implicated in spyware probeStory # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakesStory # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrationsStory # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNowChickenSec: KFC app ‘more secure’ than Manage My Health, expert claimsBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Show More Show Less
    1 hr and 3 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.