Talkin' Bout [Infosec] News

ORIGINALLY AIRED ON JUNE 27, 2022

Articles discussed in this episode:

02:13 – Story # 1: The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant – https://www.vice.com/en/article/y3pgvg/the-1-period-tracker-on-the-app-store-will-hand-over-data-without-a-warrant

20:56 – Story # 2: LockBit 3.0 introduces the first ransomware bug bounty program – https://www.bleepingcomputer.com/news/security/lockbit-30-introduces-the-first-ransomware-bug-bounty-program/

25:44 – Story # 3: Former AWS engineer convicted over hack that cost Capital One $270m – https://techmonitor.ai/technology/cybersecurity/capital-one-hack-aws-paige-thompson

28:52 – Story # 4: CISA experts propose ‘311’ cybersecurity emergency call line for small businesses – https://therecord.media/cisa-experts-propose-311-cybersecurity-emergency-call-line-for-small-businesses/

38:25 – Story # 5: Clever phishing method bypasses MFA using Microsoft WebView2 apps – https://www.bleepingcomputer.com/news/security/clever-phishing-method-bypasses-mfa-using-microsoft-webview2-apps/

40:00 – Story # 5b: mrd0x/WebView2-Cookie-Stealer – https://github.com/mrd0x/WebView2-Cookie-Stealer

43:28 – Story # 6: Game on! The 2022 Google CTF is here – https://security.googleblog.com/2022/06/game-on-2022-google-ctf-is-here.html

46:07 – Story # 7: Critical PHP flaw exposes QNAP NAS devices to RCE attacks – https://www.bleepingcomputer.com/news/security/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks/

50:03 – Story # 8: Japanese man loses USB stick with entire city’s personal details – https://www.bbc.com/news/world-asia-61921222

54:51 – Story # 9: A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould – https://securityaffairs.co/wordpress/132353/hacking/microsoft-365-feature-ransomware.html

We are self-publishing free Infosec Zines called PROMPT#.

Show Notes

ORIGINALLY AIRED ON JUNE 27, 2022 Articles discussed in this episode: 02:13 – Story # 1: The #1 Period Tracker on the App Store Will Hand Over Data Without a […]

The post Talkin’ About Infosec News – 6/27/2022 appeared first on Black Hills Information Security.

  • (00:00) - BHIS - Talkin' Bout [infosec] News 2022-06-27
  • (02:13) - Story # 1: The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant
  • (20:56) - Story # 2: LockBit 3.0 introduces the first ransomware bug bounty program
  • (25:44) - Story # 3: Former AWS engineer convicted over hack that cost Capital One $270m
  • (28:52) - Story # 4: CISA experts propose ‘311’ cybersecurity emergency call line for small businesses
  • (38:25) - Story # 5: Clever phishing method bypasses MFA using Microsoft WebView2 apps
  • (40:00) - Story # 5b: mrd0x/WebView2-Cookie-Stealer
  • (43:28) - Story # 6: Game on! The 2022 Google CTF is here
  • (46:07) - Story # 7: Critical PHP flaw exposes QNAP NAS devices to RCE attacks
  • (50:03) - Story # 8: Japanese man loses USB stick with entire city's personal details
  • (54:51) - Story # 9: A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET