Talkin' Bout [Infosec] News

Listen Anywhere

Apple Podcasts Spotify Pocket Casts Amazon Music YouTube
2025-02-17 - Prove That You're Wearing Pants
S:E1

2025-02-17 - Prove That You're Wearing Pants

Summary

 00:00 - PreShow Banter™ — Prove That You’re Wearing Pants05:50 - BHIS - Talkin’ Bout [infosec] News 2025-05-1706:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don’t die laughing08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever43:14 - Story # 5b: DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone46:59 - Story # 6: Man who SIM-swapped the SEC’s X account pleads guilty51:26 - Story # 7: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed 

 

00:00 - PreShow Banter™ — Prove That You’re Wearing Pants

05:50 - BHIS - Talkin’ Bout [infosec] News 2025-05-17

06:46 - Story # 1: Fortinet discloses second firewall auth bypass patched in January

07:12 - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don’t die laughing

08:45 - Story # 1c: Forbes Most Trusted Companies in America 2025 List

16:25 - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account

18:37 - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

20:04 - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says

36:35 - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack

37:44 - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever

43:14 - Story # 5b: DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone

46:59 - Story # 6: Man who SIM-swapped the SEC’s X account pleads guilty

51:26 - Story # 7: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs

53:55 - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

 

  • (00:00) - PreShow Banter™ — Prove That You're Wearing Pants
  • (05:49) - BHIS - Talkin' Bout [infosec] News 2025-05-17
  • (06:46) - Story # 1: Fortinet discloses second firewall auth bypass patched in January
  • (07:11) - Story # 1b: Fortinet CEO boasts it was voted the “most trusted” cybersecurity firm. Don't die laughing
  • (08:44) - Story # 1c: Forbes Most Trusted Companies in America 2025 List
  • (16:24) - Story # 2: SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account
  • (18:37) - Story # 2b: Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation
  • (20:04) - Story # 3: Putting the human back into AI is key, former NSA Director Nakasone says
  • (36:34) - Story # 4: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack
  • (37:43) - Story # 5: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever
  • (43:14) - Story # 5b: DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone
  • (46:58) - Story # 6: Man who SIM-swapped the SEC's X account pleads guilty
  • (51:26) - Story # 7: Russia's Sandworm caught snarfing credentials, data from American and Brit orgs
  • (53:55) - Story # 8: Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed