Podcast Summary: "Highest Rated Chalk" – Talkin' About [Infosec] News, Powered by Black Hills Information Security

Release Date: January 22, 2025

1. Opening Anecdote: The Chalk Story

The episode kicks off with a humorous and relatable story shared by host Wade about purchasing a highly-rated pack of chalk from Amazon to keep his son entertained. However, the overabundance—160 pieces—leads to playful commentary among the hosts about having more chalk than needed.

• Wade (00:01): “I just bought the first chalk that was on Amazon. Not really thinking about it. Highest rated, right?”
• Ralph (00:16): “Chalk’s chalk package shows up highest rated.”

This light-hearted start sets a casual tone for the episode, showcasing the hosts' camaraderie and ability to interject humor into technical discussions.

2. Cybersecurity News Overview

The hosts transition into the main content with a rundown of recent cybersecurity incidents and trends. Topics include Russian cyber spies collaborating with Pakistani counterparts, Europol’s takedown of major Distributed Denial of Service (DDoS) attacks, and a significant $50 million heist attributed to North Korean hackers.

• John (04:29): “Today we're going to be talking about how Russian cyber spies are joining together with people in Pakistan in unity.”

This segment highlights the evolving landscape of international cyber threats and the geopolitical tensions that underpin these activities.

3. Fortinet Firewall Vulnerabilities

A significant portion of the discussion centers around the leakage of 15,000 Fortinet firewall configurations. The hosts dissect the implications of this breach, emphasizing the risks posed by exposed management interfaces and poorly configured firewalls.

• Ralph (09:06): “Hackers have leaked 15,000 Fortinet firewall configs that were vulnerable devices.”
• Wade (09:37): “Poisoning most likely configured Fortinet firewall is now easy to like. Just statistics, all of them.”

John underscores the dangers of leaving firewall configurations exposed, advising organizations to patch vulnerabilities and avoid exposing management interfaces to the internet.

• John (11:21): “But that pollutes the landscape by making it easier for attackers to find and exploit these vulnerabilities.”

The hosts also touch upon the broader issue of default configurations and the necessity of robust cybersecurity hygiene practices.

4. TikTok Ban and Geopolitical Implications

The conversation shifts to the controversial ban on TikTok in the United States, exploring its effectiveness and underlying motivations. The hosts debate whether targeting a single app can address broader security concerns, especially given the extensive integration of Chinese technology in global supply chains.

• Kelly (16:58): “Why are we picking on the Chinese by banning TikTok?”
• John (17:16): “I wonder how the hell we ended up here at some point.”

John criticizes the performative nature of the legislation, arguing that banning TikTok alone is insufficient without addressing the pervasive reliance on Chinese technology in other sectors.

5. Data Breaches in Chinese Companies

Highlighting a massive data breach affecting Chinese platforms like Weibo and QQ Messenger, the hosts discuss the global impact of such incidents, emphasizing that data breaches transcend national boundaries and affect millions of users worldwide.

• Ralph (30:10): “These kinds of breaches do affect not just US citizens, they also affect Chinese citizens.”
• John (30:11): “How they map my house? Like, what does it need?”

This segment underscores the universal vulnerability to data breaches and the importance of robust data protection measures across all platforms.

6. UEFI Boot Kits and Advanced Threats

John delves into the technical intricacies of UEFI boot kits, questioning their prevalence in real-world attacks. The discussion explores whether these sophisticated threats are primarily the domain of nation-state actors or if they pose a broader risk to organizations.

• John (46:20): “Do you think it's one of those things that's like, no, they're being used, we just aren't seeing them because it's nation state level shenanigans?”
• Kelly (52:44): “There are people who assume that their hardware is just fine, it's untouchable.”

The hosts debate the practicality and frequency of such attacks, highlighting the challenges in detection and the advanced capabilities required to exploit UEFI vulnerabilities effectively.

7. Insurance Companies and Privacy Concerns with App Data

A contentious topic arises around insurance companies like Allstate using data from unrelated apps (e.g., GasBuddy, Life 360) to track driving behavior. The hosts express concerns over privacy violations and the opaque ways in which personal data is shared and utilized without explicit consent.

• Ralph (58:09): “Texas has sued Allstate, alleging that the firm and its data broker used data from apps like GasBuddy, Routley and Life 360 to quietly track drivers.”
• John (59:14): “It's spooky as hell.”

The segment raises critical questions about data privacy, consent, and the ethical implications of insurance companies leveraging third-party app data for policy adjustments.

8. Plugs and Conference Announcements

Towards the end of the episode, the hosts shift focus to plug upcoming events and initiatives, including their participation in the Wild West Hack Fest in Denver and promoting Black Hills Information Security’s (BHIS) services such as penetration testing, incident response, and security operations.

• John (35:09): “Oh, we got a conference and anti siphon training.”
• Marion (37:47): “I will be doing a webcast this Thursday and I'm going to be giving away a free tool.”

These announcements serve to inform listeners about future engagements and resources available through BHIS, fostering community engagement and professional development within the infosec field.

9. Conclusion

The episode wraps up with the hosts reflecting on the pervasive nature of cybersecurity threats and the relentless challenges faced by organizations in safeguarding their digital assets. Despite the often grim topics, the hosts maintain a tone of camaraderie and resilience, encouraging continuous vigilance and improvement in cybersecurity practices.

• John (62:23): “Take heart that you're going to be employed.”
• Ralph (62:31): “The thing is, we spent like two years podcasting about why they shouldn't, so this is kind of a reversal.”

The closing remarks blend humor with a sobering acknowledgment of the continuous battle against cyber threats, leaving listeners with both insights and a sense of solidarity.

Key Takeaways:

• Fortinet Vulnerabilities: Highlighted the risks of exposed firewall configurations and the importance of proper cybersecurity measures.
• Geopolitical Cyber Threats: Discussed the complexities of international cyber espionage and the limitations of targeted bans like that on TikTok.
• Data Privacy Concerns: Raised alarms about insurance companies using app data without explicit consent, emphasizing the need for stricter data protection regulations.
• Advanced Cyber Threats: Explored the niche yet significant threat posed by UEFI boot kits, questioning their real-world applicability and detection challenges.
• Community Engagement: Promoted upcoming conferences and resources, fostering a collaborative approach to tackling cybersecurity challenges.

Notable Quotes:

• Wade (00:01): “I just bought the first chalk that was on Amazon. Not really thinking about it. Highest rated, right?”
• Ralph (09:06): “Hackers have leaked 15,000 Fortinet firewall configs that were vulnerable devices.”
• John (17:16): “I wonder how the hell we ended up here at some point.”
• Ralph (58:09): “Texas has sued Allstate, alleging that the firm and its data broker used data from apps like GasBuddy, Routley and Life 360 to quietly track drivers.”
• John (46:20): “Do you think it's one of those things that's like, no, they're being used, we just aren't seeing them because it's nation state level shenanigans?”

This episode of "Talkin' About [Infosec] News" blends technical discussions with engaging anecdotes and humor, providing listeners with a comprehensive overview of current cybersecurity issues while maintaining an approachable and entertaining tone.