Talkin' About [Infosec] News, Powered by Black Hills Information Security

Talkin' About [Infosec] News, Powered by Black Hills Information Security


2024-04-24 - Exploits, Breaches and, Lawsuits!

April 24, 2024

00:00 - PreShow Banter™ — A Parent Process

03:01 - BHIS - Talkin’ Bout [infosec] News 2024-04-22

04:13 - Story # 1: Exploit code for Palo Alto Networks zero-day now public

07:44 - Story # 1b: (Timeline) Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

23:22 - Story # 2: MGM says FTC can’t possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time

31:37 - Story # 3: MITRE was breached through Ivanti zero-day vulnerabilities

32:27 - Story # 4: Cisco Integrated Management Controller CLI Command Injection Vulnerability

41:20 - Story # 5: Cisco Duo’s Multifactor Authentication Service Breached

46:01 - Story # 6: DevSecOps security practices are doggone disastrous

54:57 - Story # 7: FYI: This site claims to have harvested 4B+ Discord chats, today all yours for a price