Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — It’s 8ft skeleton season.

02:18 - BHIS - Talkin’ Bout [infosec] News 2025-09-02

03:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks

07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K

19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’

20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025

22:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424

25:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research

30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people

34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI

35:20 - Story # 12: They weren’t lovin’ it - hacker cracks McDonald’s security in quest for free nuggets, and it was apparently not too tricky

39:29 - Identify the birds you see or hear with Merlin Bird ID

40:04 - Story # 13: Detecting and countering misuse of AI: August 2025

51:31 - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — Canadian Chicken

02:01 - The AI Bubble BHIS - Talkin’ Bout [infosec] News 2025-08-25

02:23 - Story # 1: Congressman proposes bringing back letters of marque for cyber privateers

09:27 - Story # 2: SIM-Swapper, Scattered Spider Hacker Gets 10 Years

12:43 - Story # 3: Developer jailed for taking down employer’s network with kill switch malware

16:33 - Story # 4: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet

20:42 - The Utopia Chronicles

23:20 - Story # 5: “Unstoppable Power Surges”: China’s Quantum Processor Outspeeds Supercomputers by 1 Quadrillion and Triggers US Intelligence Panic

28:47 - Story # 6: Bank forced to rehire workers after lying about chatbot productivity, union says

41:21 - Story # 7: It Took Many Years And Billions Of Dollars, But Microsoft Finally Invented A Calculator That Is Wrong Sometimes

43:41 - Story # 8: Copilot Broke Your Audit Log, but Microsoft Won’t Tell You

46:33 - Story # 9: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

49:24 - Story # 10 : Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions

53:12 - Story # 11: Cybersecurity training doesn’t work: time wasted with no impact, study finds

59:07 - ChickenSec: Artificial Intelligence: The other AI

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — The gif that keeps on giffing

01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin’ Bout [infosec] News 2025-08-18

02:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny

07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say

10:22 - Story # 3: How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes

12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software

13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities

19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely

23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks

24:51 - Story # 8: LAPD Eyes ‘GeoSpy’, an AI Tool That Can Geolocate Photos in Seconds

29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people

34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum

35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived

40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”

46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

48:13 - Story # 14: Plex warns users to patch security vulnerability immediately

50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — Wading Through Woods

06:06 - DEF CON RECAP - Talkin’ Bout [infosec] News 2025-08-11

09:16 - Story # 1: It’s time to acknowledge HTTP/1.1 is insecure

12:36 - Story # 2: Research reveals possible privacy gaps in Apple Intelligence’s data handling

17:51 - Story # 3: Federal court filing system hit in sweeping hack

21:09 - Story # 4: Cisco discloses data breach impacting Cisco.com user accounts

32:17 - Story # 5: Google says its AI-based bug hunter found 20 security vulnerabilities

34:20 - Story # 6: Automate security reviews with Claude Code

39:01 - Story # 7: Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands

44:44 - Story # 7b: OnStar assists CHP in stopping fleeing SUV with toddler inside

47:12 - Story # 7c: That viral video of a ‘deactivated’ Tesla Cybertruck is a fake

49:37 - Story # 8: LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code

50:53 - Story # 9: Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

53:08 - Story # 10: A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT

58:10 - Story # 11: Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — Stop Asking Wade if he’s in Vegas

00:02:16 - Perplexity Uses Stealth Crawlers to Evade No-Crawl Directives – 2025-08-04

00:11:25 - Story # 1: Insurance won’t cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security

00:18:40 - Story # 2: States Enact Safe Harbor Laws that Provide Affirmative Defenses in Data Breach Litigation

00:26:45 - Story # 3: Hackers Destroy Aeroflot’s IT Infrastructure, Causing Over 42 Flight Cancellations

00:34:18 - Story # 4: Attackers exploit link-wrapping services to steal Microsoft 365 logins

00:40:09 - Story # 5: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

00:42:18 - Wade’s plugin recommendation

00:44:39 - Story # 6: Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives

00:51:11 - Story # 7: After Backlash, ChatGPT Removes Option to Have Private Chats Indexed by Google

00:55:21 - AI 2027

01:01:01 - What’s Ralph been up to?

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — National Chicken Wing Day

04:16 - BHIS - Talkin’ Bout [infosec] News 2025-07-28

05:30 - Story # 1: Bad vibes: How an AI agent coded its way to disaster

08:40 - Story # 1b: Replit goes rogue, deletes entire database.

15:44 - Story # 2: A major AI training data set contains millions of examples of personal data

26:05 - Story # 3: Women Dating Safety App ‘Tea’ Breached, Users’ IDs Posted to 4chan

33:19 - Story # 4:A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors

40:28 - Story # 5: Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers

49:46 - Story # 6: Businesses banned from paying hackers’ ransoms to target cybercrime

57:38 - SharePoint Follow Up

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00 - PreShow Banter™ — PaintBallers

03:55 - BHIS - Talkin’ Bout [infosec] News 2025-07-21

04:21 - Story # 1: Microsoft 0-day Mass Exploitation

09:39 - Story # 2: Replit AI went rogue, deleted a company’s entire database, then hid it and lied about it

13:15 - Story # 3: ‘All US forces must now assume their networks are compromised’ after Salt Typhoon breach

18:08 - Story # 4: After FBI Warning, Alaska Airlines Grounded; Salt Typhoon Suspected

20:45 - Story # 5: FBI Cybersecurity Breach Led to Murders of Informants in El Chapo Case

21:54 - Story # 5b: FBI’s Report

29:57 - Story # 6: Google fixes actively exploited sandbox escape zero day in Chrome

31:30 - Story # 7: Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns

32:33 - Story # 8: CitrixBleed 2 situation update — everybody already got owned

33:01 - Story # 9: At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds

46:14 - Story # 10: Amazon Ring Doorbell May 28 Mass Hacking Claim Goes Viral

48:56 - jdbgmgr.exe virus hoax

51:52 - Story # 11: HPE warns of hardcoded passwords in Aruba access points

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Traditional Finger

00:21 - BHIS - Talkin’ Bout [infosec] News 2025-07-14

01:29 - Story # 1: ‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications

22:12 - Story # 2: Employee gets $920 for credentials used in $140 million bank heist

33:50 - Story # 3: Microsoft laying off about 9,000 employees in latest round of cuts

37:21 - Story # 5: Scammy YouTube Ads

46:31 - Story # 6: New ServiceNow flaw lets attackers enumerate restricted data