Talkin’ About Infosec News – 4/25/2022





ORIGINALLY AIRED ON APRIL 18, 2022

Articles discussed in this episode:

00:00 – BHIS – Talkin’ Bout [infosec] News 2022-04-18

02:05 – Current Activity | CISA | https://www.cisa.gov/uscert/ncas/current-activity

02:58 – CISA orders agencies to fix actively exploited VMware, Chrome bugs | https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-fix-actively-exploited-vmware-chrome-bugs/

08:45 – Russian invasion of Ukraine exposes cybersecurity threat to commercial satellites | https://spacenews.com/russian-invasion-of-ukraine-exposes-cybersecurity-threat-to-commercial-satellites/

10:43 – Leaked documents show notorious ransomware group has an HR department, performance reviews, and an ‘employee of the month’ | https://www.cnbc.com/2022/04/14/conti-ransomware-leak-shows-group-operates-like-normal-tech-company.html

15:35 – Hacking forum taken offline and UK suspect arrested | https://www.nationalcrimeagency.gov.uk/news/hacking-forum-taken-offline-and-uk-suspect-arrested | https://www.nationalcrimeagency.gov.uk/news/hacking-forum-taken-offline-and-uk-suspect-arrested

19:35 – GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens | https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html

23:49 – AWS API Keys Token – Canary Tokens 25:36 – First Malware Targeting AWS Lambda Serverless Platform Discovered | https://thehackernews.com/2022/04/first-malware-targeting-aws-lambda.html

27:01 – Make phishing great again. VSTO office files are the new macro nightmare? | https://medium.com/@airlockdigital/make-phishing-great-again-vsto-office-files-are-the-new-macro-nightmare-e09fcadef010

33:48 – my university financial hardship PHISHING exercise… | https://twitter.com/nina_luong/status/1513997316134301698

35:59 – 25% Of Workers Lost Their Jobs In The Past 12 Months After Making Cybersecurity Mistakes | https://www.forbes.com/sites/edwardsegal/2022/03/29/25-of-workers-lost-their-jobs-in-the-past-12-months-after-making-cybersecurity-mistakes-report/

46:49 – Elon Musk Believes Twitter Algorithm Should Be Open-Source | https://news.itsfoss.com/elon-musk-twitter-open-source/



We are self-publishing free Infosec Zines called PROMPT#.

PROMPT# will contain: 

  • Infosec articles 
  • Challenging puzzles 
  • Comic book based on real-life hacking adventures 
  • Coloring contests 
  • Bonus Backdoors & Breaches Consultant Cards (print version only) 
  • Other stuffs 

You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/