Podcast Summary: Talkin' About [Infosec] News, Powered by Black Hills Information Security
Episode: 2024-09-23 - Plane Talk
Release Date: September 26, 2024
Introduction
In this engaging episode of Talkin' About [Infosec] News, the Black Hills Information Security team delves into a variety of pressing information security topics. From a harrowing personal anecdote about surviving a plane crash to sophisticated discussions on supply chain attacks and AI-driven phishing schemes, the podcast offers a comprehensive look into the latest threats and security insights shaping the infosec landscape.
Surviving a Plane Crash
The episode opens with a personal story shared by Ryan about surviving a small plane crash at the age of two. Ryan recounts the traumatic experience, highlighting the technical failures that led to the crash and the subsequent controlled descent into a farm field.
- Ryan (02:18): "It was a controlled descent into a farm field... everything's covered in oil, so it was just kind of a controlled descent into a farm field."
The team reflects on the psychological impact of such memories and the resilience demonstrated by surviving the ordeal.
SANS Difference Makers Nomination
Jason reveals that the podcast has been nominated as a finalist for the SANS Difference Makers award, sparking a lively discussion about the implications and the nature of the nomination.
- Kelly (06:31): "Apparently somebody nominated this podcast that you are watching or listening to right now for an award with SANS Difference Makers."
The team debates whether the award is a positive recognition or a potential backhanded compliment, emphasizing the importance of community support through voting.
Pager Supply Chain Attack: A Kinetic Threat
A significant portion of the episode is dedicated to dissecting a sophisticated supply chain attack involving pagers used by Hezbollah. The hosts explain how Israel orchestrated the attack by infiltrating the pager manufacturing process, embedding explosives in the devices, and exploiting the specialized nature of pagers to target a specific group.
- Wade (09:45): "Israel worked to set up a company that made pagers... [they] put bombs in all the pagers... a kinetic supply chain attack."
Technical Breakdown: Alex provides a technical overview of how pagers operate, emphasizing their broadcast nature, which made them susceptible to being weaponized.
- Alex (11:02): "The pager system works as a broadcast system... you can pick up the pager messages with like a software-defined radio or other hardware."
The conversation highlights the unique challenges of securing specialized communication devices and the broader implications for supply chain security.
ReCaptcha Fish: An Innovative Phishing Technique
The hosts introduce a novel phishing method known as the "ReCaptcha Fish," which leverages legitimate-looking captcha interfaces to execute malicious payloads effortlessly.
- Alex (24:22): "It looks like a captcha... as soon as you open up the page, it copies a command... executes a payload on your computer."
Corey underscores the sophistication of targeting developers, who are often trusted with sensitive tasks and may be more likely to execute such commands without suspicion.
- Corey (28:53): "Now it seems like they're coming after more of the security analysts and the developers. They've upped their game a little bit for sure."
The discussion emphasizes the importance of vigilance and advanced threat detection mechanisms to counteract such innovative attack vectors.
AI and Data Privacy Concerns: LinkedIn and Beyond
The podcast transitions to a critical analysis of major tech companies' use of AI and data collection practices, focusing on LinkedIn's controversial move to utilize user data for training AI models.
- Ralph (35:40): "LinkedIn turned on a feature that is an opt-out... they're using your data to train their AI."
Ben elaborates on the privacy implications, highlighting the unsettling nature of data sharing with affiliates.
- Ben (36:14): "At the bottom it says the setting controls training generative AI models used to create content... it's creepy."
The team discusses the broader regulatory landscape, noting that only three states have specific laws addressing AI and data governance, and expresses concern over the rapid pace of AI integration without adequate legislative oversight.
- Corey (43:12): "The FTC report... they're harvesting all this Data... use it to feed into the AI."
FTC Report on Data Collection Violations
The episode delves into the recent FTC report criticizing major tech companies for violating the Child Online Privacy Protection Act (COPPA) by improperly collecting and utilizing children's data.
- Corey (42:50): "The FTC report... they're harvesting all this Data... hurt our children."
The hosts discuss the potential long-term implications for these companies, including legal battles and the challenge of enforcing data protection laws effectively.
- Corey (44:33): "It's anti-competitive and most importantly, it doesn't actually protect consumers."
Slack and Disney Data Breach
Ralph brings attention to a significant breach involving Slack used by Disney, where terabytes of sensitive data were leaked online. The breach was attributed to a malicious insider who exploited Slack's data governance weaknesses.
- Ralph (37:11): "Slack was breached... terabytes of data leaked online."
The team debates the future of communication platforms for large organizations, with speculation that companies like Disney might switch to alternative solutions like Microsoft Teams or Matrix.
- Jason (38:25): "They publicly announced... but they did not say where they're going."
Kaspersky's Automated Antivirus Replacement
A notable segment covers the abrupt removal of Kaspersky antivirus software from U.S. government contractors' computers, replaced automatically with a less-known product, Ultra AV, by Pango Group.
- Wade (51:39): "Russian cybersecurity company Kaspersky deleted its AV software... replaced with Ultra AV."
The hosts express skepticism about Ultra AV's legitimacy, warning listeners to avoid installing unfamiliar antivirus solutions and to rely on trusted programs like Windows Defender.
- Wade (53:08): "If you don't know how it got on your computer, it's malicious."
They highlight the dangers of supply chain compromises and the importance of scrutinizing software sources to prevent unauthorized installations.
Upcoming Topics and Closing Remarks
Before signing off, the hosts tease upcoming content, including their participation in the Wild West Hacking Fest and discuss strategies for enhancing operational security (OPSEC) for job seekers in the cybersecurity field.
- Kelly (60:42): "We've got something coming up in a few weeks. Wild West Hacking Fest."
The episode concludes with a humorous exchange, reinforcing the podcast's blend of serious security discussions with light-hearted banter.
Notable Quotes
-
Corey (28:53): "Now it seems like they're coming after more of the security analysts and the developers. They've upped their game a little bit for sure."
-
Wade (51:39): "Kaspersky deleted its AV software... replaced with Ultra AV."
-
Ralph (35:40): "LinkedIn turned on a feature that is an opt-out... they're using your data to train their AI."
-
Alex (24:22): "It looks like a captcha... executes a payload on your computer."
-
Ben (36:14): "It's creepy... they're saying, oh, we're just giving it to everybody else also to train their AI."
Conclusion
This episode of Talkin' About [Infosec] News offers listeners a deep dive into complex security issues, blending technical analysis with real-world implications. From innovative phishing methods and supply chain vulnerabilities to the ethical dilemmas posed by AI-driven data practices, the Black Hills Information Security team provides valuable insights and practical advice for navigating the ever-evolving infosec landscape.
Stay Tuned
Don't miss next week's episode as the team explores new threats and continues to unravel the intricate world of information security. Whether you're a seasoned professional or just curious about the latest in cybersecurity, Talkin' About [Infosec] News delivers the information you need with expertise and engaging conversations.
![2024-09-23 - Plane Talk - Talkin' Bout [Infosec] News cover](/_next/image?url=https%3A%2F%2Fpod.wave.co%2Flogo.png&w=1200&q=75)