Talkin’ About Infosec News – 4/6/2022





ORIGINALLY AIRED ON APRIL 4, 2022

Articles discussed in this episode:

00:00 – PreShow Banter™ — Blame it on the Intern

06:24 – Spring Time for Java – https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework

09:10 – GitLab for Account Access – https://www.bleepingcomputer.com/news/security/critical-gitlab-vulnerability-lets-attackers-take-over-accounts/

10:33 – No Passwords for Okta – https://www.bleepingcomputer.com/news/security/sitel-on-okta-breach-spreadsheet-did-not-contain-passwords/

11:11 – Legacy Networks for Okta – https://therecord.media/sitel-blames-okta-breach-on-legacy-network-from-acquisition/

12:40 – Lawsuit for Ubiquity – https://arstechnica.com/tech-policy/2022/03/ubiquiti-sues-journalist-alleging-defamation-in-coverage-of-data-breach/

17:01 – MITRE AT&T&CK for EDMs

21:17 – Breach for Mailchimp – https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/

30:54 – 15 Characters for John – https://blog.pcisecuritystandards.org/pci-dss-v4-0-a-conversation-with-the-council

40:17 – Data Requests for Apple – https://www.macrumors.com/2022/03/30/apple-user-data-forged-legal-requests/

46:52 – Drones for Ukraine – https://www.forbes.com/sites/davidhambling/2022/03/08/how-small-drones-could-win-the-fight-in-ukraines-cities-and-the-truth-about-that-anti-drone-pickle-jar-story



We are self-publishing free Infosec Zines called PROMPT#.

PROMPT# will contain: 

  • Infosec articles 
  • Challenging puzzles 
  • Comic book based on real-life hacking adventures 
  • Coloring contests 
  • Bonus Backdoors & Breaches Consultant Cards (print version only) 
  • Other stuffs 

You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/