Couverture de Talkin' Bout [Infosec] News

Talkin' Bout [Infosec] News

Talkin' Bout [Infosec] News

De : Black Hills Information Security
Écouter gratuitement

À propos de ce contenu audio

 A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. Join us live on YouTube, Monday's at 4:30PM ETCopyright 2025 Talkin' About [Infosec] News, Powered by Black Hills Information Security Politique et gouvernement
Épisodes
  • Tim Cook Announces Apple CEO Exit - 2026-04-20

    Tim Cook Announces Apple CEO Exit - 2026-04-20
    Apr 22 2026
    This episode covers several major cybersecurity and tech news stories, including a supply chain–related breach at Vercel involving exposed environment variables and compromised third-party AI tooling. The hosts also discuss concerns around AI-driven data risks, including browser extensions and large-scale data collection. Additional topics include a service scraping and republishing Zoom webinar recordings, evolving issues with web cookies and tracking, and industry news such as reports of Apple CEO Tim Cook stepping down.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Watch Out for the Brownies(04:35) - Tim Cook Announces Apple CEO Exit - 2026-04-20(05:57) - Story # 1: Vercel April 2026 security incident(19:00) - Story # 2: 'Addicted to hacking': Young hacker behind historic breach speaks out for 1st time, before reporting to prison(27:19) - Story # 3: Mythos And The CVSS Problem No One Wants to Talk About (But We Need To)(28:49) - Story # 4: Introducing Claude Opus 4.7(32:14) - Story # 4b: Identity verification on Claude(36:00) - Story # 5: Tim Cook to become Apple Executive Chairman John Ternus to become Apple CEO(40:18) - Story # 6: Microsoft faces fresh Windows Recall security concerns(44:12) - Story # 7: WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery Programs(48:20) - Story # 8: Google, Microsoft, Meta All Tracking You Even When You Opt Out, According to an Independent Audit(51:12) - Story # 9: Little Caesars Wants ChatGPT to Order Your Pizza for You(53:35) - Story # 10: NIST Updates NVD Operations to Address Record CVE Growth(01:00:08) - Workshop: Rapid Endpoint Investigations for Linux and Mac(01:01:20) - Cyber Threat Intelligence 101 2 Day Version(01:02:24) - ANTI-CAST: How to Break Free from the Cybersecurity Burnout Trap w/ Natalia SammanLinksStory # 1: Vercel April 2026 security incidentStory # 2: ‘Addicted to hacking’: Young hacker behind historic breach speaks out for 1st time, before reporting to prisonStory # 3: Mythos And The CVSS Problem No One Wants to Talk About (But We Need To)Story # 4: Introducing Claude Opus 4.7Story # 4b: Identity verification on ClaudeStory # 5: Tim Cook to become Apple Executive Chairman John Ternus to become Apple CEOStory # 6: Microsoft faces fresh Windows Recall security concernsStory # 7: WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery ProgramsStory # 8: Google, Microsoft, Meta All Tracking You Even When You Opt Out, According to an Independent AuditStory # 9: Little Caesars Wants ChatGPT to Order Your Pizza for YouStory # 10: NIST Updates NVD Operations to Address Record CVE GrowthWorkshop: Rapid Endpoint Investigations for Linux and MacCyber Threat Intelligence 101 2 Day VersionANTI-CAST: How to Break Free from the Cybersecurity Burnout Trap w/ Natalia SammanCreators & Guests Corey Ham - HostRalph May - HostPatterson Cake - GuestWade Wells - HostBronwen Aker - HostMeagan Bentley - ProducerClick here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Afficher plus Afficher moins
    1 h et 5 min
  • Anthropic’s Project Glasswing is an Infosec Turning Point – 2026-04-13

    Anthropic’s Project Glasswing is an Infosec Turning Point – 2026-04-13
    Apr 14 2026
    This episode dives into Anthropic’s “Project Glasswing” and the broader implications of AI-driven offensive security, including models autonomously discovering vulnerabilities and attempting sandbox escapes. The hosts discuss how agentic AI testing approaches could reshape vulnerability research, while also raising concerns about AI safety, regulation, and real-world risk. Additional topics include the growing impact of AI on security workflows, rising infrastructure costs tied to AI demand, a new infostealer ecosystem overview, and ongoing debates about data collection practices and platform privacy.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — A Real Studio(03:43) - Anthropic’s Project Glasswing is an Infosec Turning Point – 2026-04-13(05:39) - Story # 1: Project Glasswing(22:20) - Story # 2: AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties(30:36) - Story # 3: Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit(32:39) - WEBCAST: Proxy Execution with Microsoft Edge WebView2 w/ Matthew Eidelberg(51:47) - Story # 4: New "BrowserGate" report claims LinkedIn secretly scans user browsers for installed extensions and collects device data(56:32) - Story # 5: The silent “Storm”: New infostealer hijacks sessions, decrypts server-side(58:46) - ChickenSec: the Chicken Accords of 2026(01:00:27) - Story # 6: EFF is Leaving X(01:03:01) - Workshop: How to Think Like a Cybersecurity Defender(01:05:49) - AI Security Ops PodcastLinksStory # 1: Project GlasswingStory # 2: AI-Led Remediation Crisis Prompts HackerOne to Pause Bug BountiesStory # 3: Disgruntled researcher leaks “BlueHammer” Windows zero-day exploitWEBCAST: Proxy Execution with Microsoft Edge WebView2 w/ Matthew EidelbergStory # 4: New “BrowserGate” report claims LinkedIn secretly scans user browsers for installed extensions and collects device dataStory # 5: The silent “Storm”: New infostealer hijacks sessions, decrypts server-sideChickenSec: the Chicken Accords of 2026Story # 6: EFF is Leaving XWorkshop: How to Think Like a Cybersecurity DefenderAI Security Ops PodcastCreators & Guests Corey Ham - HostWade Wells - HostAlex Minster "Belouve" - GuestBronwen Aker - HostRalph May - HostJohn Strand - HostDoc Blackburn - GuestClick here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Afficher plus Afficher moins
    1 h et 6 min
  • Artemis Astronaut's Bad Outlooks - 2026-04-06

    Artemis Astronaut's Bad Outlooks - 2026-04-06
    Apr 9 2026
    This episode covers several major cybersecurity and tech news stories, including a sophisticated NPM supply chain attack that compromised the widely used Axios library through advanced social engineering, and the broader implications for software security. The hosts also discuss the accidental leak of Anthropic’s Claude codebase, what it reveals about AI development practices, and the risks of misconfigurations exposing sensitive systems. Additional conversation touches on AI reliability, “vibe-coded” software, and the growing role of AI in both development and attack techniques.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Professional Sitters(04:36) - Artemis Astronaut's Bad Outlooks - 2026-04-06(07:12) - The Absolute Truths of Cybersecurity with Doc Blackburn(08:52) - Professionally Evil API Testing: AAA and Keys are Not Just for Cars(09:35) - Story # 1: Post Mortem: axios npm supply chain compromise(19:54) - Story # 2: Artemis II astronaut: 'I have two Microsoft Outlooks, and neither one of those are working'(26:02) - Story # 3: Microsoft Copilot Terms of Service Label Copilot is for Entertainment Purposes Only(30:13) - Story # 4: Here’s what that Claude Code source leak reveals about Anthropic’s plans(35:03) - Story # 4b: https://neuromatch.social/@jonny/116325123136895805(37:57) - Story # 5: Meta freezes AI data work after breach puts training secrets at risk(41:40) - Story # 6: Possible US Government iPhone Hacking Tool Leaked(44:32) - Story # 7: FBI labels data breach ‘major incident,’ notifies Congress(46:58) - Story # 8: vSphere and BRICKSTORM Malware: A Defender's Guide(52:12) - Story # 9: CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards(01:04:26) - ChickenSec: Why did the chicken wear a reflective vest? To cross the road of courseLinksThe Absolute Truths of Cybersecurity with Doc BlackburnProfessionally Evil API Testing: AAA and Keys are Not Just for CarsStory # 1: Post Mortem: axios npm supply chain compromiseStory # 2: Artemis II astronaut: ‘I have two Microsoft Outlooks, and neither one of those are working’Story # 3: Microsoft Copilot Terms of Service Label Copilot is for Entertainment Purposes OnlyStory # 4: Here’s what that Claude Code source leak reveals about Anthropic’s plansStory # 4b: https://neuromatch.social/@jonny/116325123136895805Story # 5: Meta freezes AI data work after breach puts training secrets at riskStory # 6: Possible US Government iPhone Hacking Tool LeakedStory # 7: FBI labels data breach ‘major incident,’ notifies CongressStory # 8: vSphere and BRICKSTORM Malware: A Defender’s GuideStory # 9: CBP Facility Codes Sure Seem to Have Leaked Via Online FlashcardsChickenSec: Why did the chicken wear a reflective vest? To cross the road of courseCreators & Guests Jennifer Shannon - GuestWade Wells - HostCorey Ham - HostRalph May - HostRyan Poirier - ProducerBronwen Aker - HostDoc Blackburn - GuestClick here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
    Afficher plus Afficher moins
    1 h et 6 min
Aucun commentaire pour le moment