24 Jun 2022

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 6/20/2022

ORIGINALLY AIRED ON JUNE 20, 2022

Articles discussed in this episode:

00:00 – BHIS – Talkin’ Bout [infosec] News 2022-06-20

01:31 – Story # 1: Internal TikTok Meetings Shows That US User Data Accessed From China – https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access

05:14 – Story # 2: Mullvad VPN Removes Ability to Create New Subscriptions – https://www.pcmag.com/news/mullvad-vpn-removes-ability-to-create-new-subscriptions

09:23 – Story # 3: Flagstar Bank discloses data breach impacting 1.5 million customers – https://www.bleepingcomputer.com/news/security/flagstar-bank-discloses-data-breach-impacting-15-million-customers/

13:25 – Story # 4: Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability – https://securityaffairs.co/wordpress/132227/apt/cert-ua-sandworm-follina-rce.html

17:39 – Story # 5: Tesla cars barred for 2 months in Beidaihe, site of China leadership meet – https://www.reuters.com/business/autos-transportation/chinas-beidaihe-district-bar-tesla-cars-driving-july-local-police-2022-06-20/

20:18 – Story # 6: Microsoft 365 credentials targeted in new fake voicemail campaign – https://www.bleepingcomputer.com/news/security/microsoft-365-credentials-targeted-in-new-fake-voicemail-campaign/

22:27 – Bud Patches Reporting with Dancing John Strand

27:19 – Story # 7: FBI says fraud on LinkedIn a ‘significant threat’ to platform and consumers – https://www.cnbc.com/2022/06/17/fbi-says-fraud-on-linkedin-a-significant-threat-to-platform-and-consumers.html

30:04 – Story # 8: Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second – https://thehackernews.com/2022/06/cloudflare-saw-record-breaking-ddos.html

33:22 – Story # 9: Critical Code Execution Vulnerability Patched in Splunk Enterprise – https://www.securityweek.com/critical-code-execution-vulnerability-patched-splunk-enterprise

35:53 – Story # 10: Google AI Reprise

37:43 – Story # 11: RSA was a Covid Superspreader event – https://www.theregister.com/2022/06/16/rsa_covid_risk/

42:03 – Story # 12: Facebook Is Receiving Sensitive Medical Information from Hospital Websites – https://themarkup.org/pixel-hunt/2022/06/16/facebook-is-receiving-sensitive-medical-information-from-hospital-websites

43:58 – Story # 12b: 18 HIPAA Identifiers – https://www.luc.edu/its/aboutits/itspoliciesguidelines/hipaainformation/18hipaaidentifiers/

We are self-publishing free Infosec Zines called PROMPT#.

PROMPT# will contain:

Infosec articles
Challenging puzzles
Comic book based on real-life hacking adventures
Coloring contests
Bonus Backdoors & Breaches Consultant Cards (print version only)
Other stuffs

You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/