Breach Disclosure Lag is Worse Than Ever – 2026-06-08
This episode covers the rising costs and restrictions surrounding AI agents, including token consumption, model access policies, and the growing dependence on AI tools for security work. The hosts discuss Troy Hunt’s retrospective on Have I Been Pwned reaching its 1,000th tracked breach, examining why breach disclosures appear to be slowing and how GDPR and CCPA requirements affect notification practices. Additional topics include password and email hygiene, the value of breach-notification services, AI infrastructure and data center costs, and new research mapping AI-enabled cyber threats to the MITRE ATT&CK framework.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
Links
Story #1 - Anthropic ‘plants’ engineers at NSA despite facing ban by Pentagon
Story #2 - A new service branch could be joining the U.S. Armed Forces family
Story #3 - Websites have a new way to spy on visitors: Analyzing their SSD activity
Story #4 - The Quiet Numbers Station: Decoding Nineteen Years of GPS Cryptography
Story #5 - Russia Has Been Jamming GPS from Space Since 2019
Story #6 - Mapping AI-enabled cyber threats: Insights from the LLM AT&T&CK Navigator
Story #7 - Anthropic confidentially files IPO prospectus with SEC, prepping Wall Street for landmark AI deal
Story #8 - Microsoft Wants to ‘Make People Addicted’ to its New AI Assistant, Internal Documents Reveal
Story #9 - Amazon Shuts Down Internal AI Leaderboard After Employees Cheated
ANTI-CAST : RF Attacks Every InfoSec Pro Should Know with Paul Clark
Workshop: Build Your Own AI Security Agent
Workshop: Intro to SDR Hacking: Capture, Decode, Take Over
Training: Agentic AI for Threat Hunting
Training: Cyber Threat Intelligence 101 2-Day Version
ANTI-CAST: Prompt Engineering 201: The Context Stack w/ Bronwen Aker
Click here to watch this episode on YouTube.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
- (00:00) - PreShow Banter™ — Token Love
- (05:11) - Breach Disclosure is Lag Worse Than Ever – 2026-06-08
- (11:25) - Story #1 - Anthropic ‘plants’ engineers at NSA despite facing ban by Pentagon
- (20:59) - Story #2 - A new service branch could be joining the U.S. Armed Forces family
- (25:47) - Story #3 - Websites have a new way to spy on visitors: Analyzing their SSD activity
- (31:11) - Story #4 - The Quiet Numbers Station: Decoding Nineteen Years of GPS Cryptography
- (37:21) - Story #5 - 1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever
- (43:23) - Story #6 - Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator
- (48:00) - Story #7 - Anthropic confidentially files IPO prospectus with SEC, prepping Wall Street for landmark AI deal
- (01:02:26) - Story #8 - Microsoft Wants to 'Make People Addicted' to its New AI Assistant, Internal Documents Reveal
- (01:03:29) - Story #9 - Amazon Shuts Down Internal AI Leaderboard After Employees Cheated
- (01:04:57) - ANTI-CAST : RF Attacks Every InfoSec Pro Should Know with Paul Clark
- (01:05:54) - Workshop: Build Your Own AI Security Agent
- (01:06:43) - Training: Agentic AI for Threat Hunting
- (01:07:16) - Training: Cyber Threat Intelligence 101 2-Day Version
- (01:08:58) - ANTI-CAST: Prompt Engineering 201: The Context Stack w/ Bronwen Aker
Links
Story #1 - Anthropic ‘plants’ engineers at NSA despite facing ban by Pentagon
Story #2 - A new service branch could be joining the U.S. Armed Forces family
Story #3 - Websites have a new way to spy on visitors: Analyzing their SSD activity
Story #4 - The Quiet Numbers Station: Decoding Nineteen Years of GPS Cryptography
Story #5 - Russia Has Been Jamming GPS from Space Since 2019
Story #6 - Mapping AI-enabled cyber threats: Insights from the LLM AT&T&CK Navigator
Story #7 - Anthropic confidentially files IPO prospectus with SEC, prepping Wall Street for landmark AI deal
Story #8 - Microsoft Wants to ‘Make People Addicted’ to its New AI Assistant, Internal Documents Reveal
Story #9 - Amazon Shuts Down Internal AI Leaderboard After Employees Cheated
ANTI-CAST : RF Attacks Every InfoSec Pro Should Know with Paul Clark
Workshop: Build Your Own AI Security Agent
Workshop: Intro to SDR Hacking: Capture, Decode, Take Over
Training: Agentic AI for Threat Hunting
Training: Cyber Threat Intelligence 101 2-Day Version
ANTI-CAST: Prompt Engineering 201: The Context Stack w/ Bronwen Aker
Click here to watch this episode on YouTube.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
Brought to you by:
Black Hills Information Security
Antisyphon Training
Active Countermeasures
Wild West Hackin Fest
Episode Video
Creators and Guests
Host
Bronwen Aker
Bronwen Aker is a BHIS Technical Editor who joined full-time in 2022 after years of contract work, bringing decades of web development and technical training experience to her roles in editing pentest reports, enhancing QA/QC processes, and improving public websites, and who enjoys sci-fi/fantasy, Animal Crossing, and dogs outside of work.
Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
Host
John Strand
John Strand has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.
Host
Ralph May
Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.
Host
Wade Wells
Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events
Guest
Faan Rossouw
I’m a security researcher focused on the intersection of threat hunting and agentic AI. I do research at Active Countermeasures and instruct at AntiSyphon, teaching threat hunting and offensive security tooling. I’m also currently building aionsec.ai, an open-source platform to make elite threat hunting accessible to everyone.
Guest
Paul Clark
With nearly a decade of experience as a business owner and software‑defined radio (SDR) consultant and trainer, Paul helps clients and students leverage the power and potential of SDR technology. His company, Factoria Labs, provides consulting services as well as training, particularly in the realm of wireless communications, RF reverse engineering, and GNU Radio. Before founding Factoria Labs, he worked as a software development consultant for Meadow Registry, where he developed and marketed C++ tools for SDR‑based forensics. He has co‑authored three books in a series on getting started with SDR and GNU Radio, sharing his knowledge and passion for the topic. He also has a strong background in product management, embedded software, and mixed‑signal integrated circuit design, having led a cross‑functional team of 20 at Cypress Semiconductor to deliver innovative software solutions for PSoC® microcontrollers. He holds a Master of Science in Electrical and Electronics Engineering from the University of Washington and two patents in the fields of SDR and biometrics.
Producer
Ryan Poirier
Ryan Poirier began his time at Black Hills Information Security (BHIS) as the Video Producer and Editor in August 2020. Ryan polishes and perfects every webcast, podcast, and workshop on the BHIS, ACM, and WWHF YouTube Channels. Prior to Ryan’s time at BHIS, he worked for one of the largest public schools in the United States, conducting their video production and live broadcasting. He joined the BHIS team because he felt like it would be a great group of people to work with, and he couldn’t pass up the perfect next step in his career. Outside of his time with BHIS, Ryan does freelance photography, attends Cars & Coffee events, and expands his knowledge of audio and videos.