Talkin' Bout [Infosec] News

Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com Chapters00:00 - PreShow Banter™ — Humans are Done03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-1005:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand

Show Notes

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 

Chapters

00:00 - PreShow Banter™ — Humans are Done
03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-10
05:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.
15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell
25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’
29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers
32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities
40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand
  • (00:00) - PreShow Banter™ — Humans are Done
  • (03:03) - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin' Bout [infosec] News 2025-11-10
  • (05:10) - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.
  • (15:14) - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell
  • (25:13) - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’
  • (29:03) - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers
  • (32:58) - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities
  • (40:00) - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
  • (56:37) - BHIS Webcast – X-Typhoon - Not your Father's China with John Strand

Creators and Guests

Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
Host
John Strand
John Strand has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.
Host
Ralph May
Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.
Guest
Alex Minster "Belouve"
Alex Minster is a cybersecurity professional with a passion for Open-Source Intelligence (OSINT) , and a desire to use his technical skills to make a meaningful impact on society. With nearly twenty years of experience in cybersecurity, and a current role in Threat Intelligence for a global financial corporation, Alex remains very active in numerous cybersecurity groups including DC608 and Black Hills Information Security. Beyond his professional accomplishments, Alex is an avid oldschool gamer who enjoys arcades, retro gaming, and tabletop games. He brings his passion for adventure and his commitment to helping others to everything he does, both in and out of his professional career.
Guest
MaryEllen
MaryEllen Kennel has held numerous roles in CyberSecurity, and is currently ranked top 1% in MetaCTF. MaryEllen has spoken at several conferences, including Magnet Forensics, KringleCon, and most recently, Wild West Hackin’ Fest in Deadwood, SD. MaryEllen grew up Mennonite, and treasures spending time with family.
Guest
Michael "Shecky" Kavka
Shecky, as he is commonly called, has been in the professional world of IT for nearly 30 years the last 11 as a blue team security engineer. He is focused on detection engineering, threat intel and analysis. Outside of his day to day he is involved in Bsides312, Hak4Kidz and Burbsec (Chicago's cybersecurity meetup conglomerate).
RP
Producer
Ryan Poirier
Ryan Poirier began his time at Black Hills Information Security (BHIS) as the Video Producer and Editor in August 2020. Ryan polishes and perfects every webcast, podcast, and workshop on the BHIS, ACM, and WWHF YouTube Channels. Prior to Ryan’s time at BHIS, he worked for one of the largest public schools in the United States, conducting their video production and live broadcasting. He joined the BHIS team because he felt like it would be a great group of people to work with, and he couldn’t pass up the perfect next step in his career. Outside of his time with BHIS, Ryan does freelance photography, attends Cars & Coffee events, and expands his knowledge of audio and videos.

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET