Talkin’ About Infosec News – 6/27/2022



ORIGINALLY AIRED ON JUNE 27, 2022

Articles discussed in this episode:

02:13 – Story # 1: The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant – https://www.vice.com/en/article/y3pgvg/the-1-period-tracker-on-the-app-store-will-hand-over-data-without-a-warrant

20:56 – Story # 2: LockBit 3.0 introduces the first ransomware bug bounty program – https://www.bleepingcomputer.com/news/security/lockbit-30-introduces-the-first-ransomware-bug-bounty-program/

25:44 – Story # 3: Former AWS engineer convicted over hack that cost Capital One $270m – https://techmonitor.ai/technology/cybersecurity/capital-one-hack-aws-paige-thompson

28:52 – Story # 4: CISA experts propose ‘311’ cybersecurity emergency call line for small businesses – https://therecord.media/cisa-experts-propose-311-cybersecurity-emergency-call-line-for-small-businesses/

38:25 – Story # 5: Clever phishing method bypasses MFA using Microsoft WebView2 apps – https://www.bleepingcomputer.com/news/security/clever-phishing-method-bypasses-mfa-using-microsoft-webview2-apps/

40:00 – Story # 5b: mrd0x/WebView2-Cookie-Stealer – https://github.com/mrd0x/WebView2-Cookie-Stealer

43:28 – Story # 6: Game on! The 2022 Google CTF is here – https://security.googleblog.com/2022/06/game-on-2022-google-ctf-is-here.html

46:07 – Story # 7: Critical PHP flaw exposes QNAP NAS devices to RCE attacks – https://www.bleepingcomputer.com/news/security/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks/

50:03 – Story # 8: Japanese man loses USB stick with entire city’s personal details – https://www.bbc.com/news/world-asia-61921222

54:51 – Story # 9: A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould – https://securityaffairs.co/wordpress/132353/hacking/microsoft-365-feature-ransomware.html



We are self-publishing free Infosec Zines called PROMPT#.

PROMPT# will contain: 

  • Infosec articles 
  • Challenging puzzles 
  • Comic book based on real-life hacking adventures 
  • Coloring contests 
  • Bonus Backdoors & Breaches Consultant Cards (print version only) 
  • Other stuffs 

You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/