Talkin' Bout [Infosec] News

Listen Anywhere

Apple Podcasts Spotify Pocket Casts Amazon Music YouTube
BreachForums Doomsday - 2026-01-12
S6:E2

BreachForums Doomsday - 2026-01-12

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
đź”´live-chat

đź”— Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com


In this episode, we break down the “Doomsday” incident: a major breach forum gets breached, reminding everyone that even cybercriminal communities suffer constant OPSEC failures. We cover what leaked, why these underground markets keep imploding, and how infighting, reused infrastructure, weak authentication, and sloppy identity hygiene turn “elite hackers” into easy targets. Then we connect the dots to law enforcement’s latest crypto actions—how DOJ seizures and mixer investigations work, why blockchain tracing matters, and what criminals try (and fail) to do to hide money flows. Finally, we translate the news into practical defense: validate breach intel, monitor for credential stuffing, enable MFA, use unique passwords, and tighten access logs. Whether you’re a defender, creator, or online, this is the real-world cybercrime story behind the headlines.


Chapters
  • (00:00) - PreShow Banter™ — Task Overflow
  • (02:29) - BreachForums Doomsday - 2026-01-12
  • (05:09) - Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
  • (15:42) - Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
  • (23:04) - Story # 3: California bans data broker reselling health data of millions
  • (28:13) - Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
  • (36:00) - Story # 5: Ragebait as a phishing tactic
  • (38:00) - Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
  • (40:31) - Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
  • (45:39) - Story # 8: OpenAI says ChatGPT won't use your health information to train its models
  • (46:23) - Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
  • (50:15) - Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
  • (53:05) - Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
  • (56:49) - Reporter remembers saving animals a year after L.A. wildfires
  • (57:52) - CTF Winners

Links
Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
Story # 3: California bans data broker reselling health data of millions
Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
Story # 5: Ragebait as a phishing tactic
Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
Story # 8: OpenAI says ChatGPT won’t use your health information to train its models
Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
Reporter remembers saving animals a year after L.A. wildfires


Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest - Join us for our Hybrid Conference and Pre-Conference Training
https://wildwesthackinfest.com

Episode Video

Creators and Guests

Bronwen Aker
Host
Bronwen Aker
Bronwen Aker is a BHIS Technical Editor who joined full-time in 2022 after years of contract work, bringing decades of web development and technical training experience to her roles in editing pentest reports, enhancing QA/QC processes, and improving public websites, and who enjoys sci-fi/fantasy, Animal Crossing, and dogs outside of work.
Website Link
Corey Ham
Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
LinkedIn GitHub Website Link
Ralph May
Host
Ralph May
Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.
LinkedIn Website Link
Wade Wells
Host
Wade Wells
Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events
LinkedIn Website Link
Aisling nic Lynne
Guest
Aisling nic Lynne "siriciryel"
Aisling nic Lynne is a cybersecurity practitioner with strong interest in privacy and forensics, all the way back to setting up GPG inside her AOL IMs in college. Her broad technical background includes being a sysop for a top-20 supercomputer, high-energy particle physics experiments, and aero engine engineering. She is a second-generation ttrpg player, handyma'am, and would collect more Star Wars LEGO sets if only she had a place to put them. Some people want to see the world burn; she wants to see people's eyes alight with understanding.
LinkedIn
Cameron Cartier
Guest
Cameron Cartier
Cameron Cartier joined Black Hills Information Security as a Consultant in 2023. She holds a master’s degree in computer science from the University of Utah where she studied Tor and other privacy enhancing technologies. Currently, Cameron works in the ANTISOC and specializes in Social Engineering, Physical Security Testing, and Web Application Exploitation. Outside of work, she is an amateur cage fighter, and rock climber.
Website Link
David Blandford
Guest
David Blandford
David Blandford joined Black Hills Information Security (BHIS) in the spring of 2024 as a Security Consultant. In this role, he evaluates the security of web applications, mobile applications, cloud environments, and networks through the eyes of an attacker, working with companies to ensure their networks are secure. Previously, David has worked in many security roles such as a network engineer, software developer, and penetration tester, and he is currently a member of the Michigan National Guard’s Cyber Protection Team. He chose BHIS for the opportunity to work with “some of the brightest minds in the industry.” He thinks the best part is the people, as well as being able to contribute to the community through classes, webinars, presentations, tooling, etc. Outside of work, David can be found going on adventures with his family, weightlifting, and trying to listen to all of the albums in Rolling Stone’s top 500 albums (Fleetwood Mac’s “Rumours” is his favorite so far!).
Website Link