Talkin' About [Infosec] News, Powered by Black Hills Information Security

Episode: Year of the [European Union] Linux Desktop Finally Arrives?
Release Date: July 4, 2025

In the latest episode of "Talkin' About [Infosec] News, Powered by Black Hills Information Security," the hosts Wade, Charles, John, and Ethan delve into a multitude of pressing information security topics. From phishing techniques and government IT shifts to data breaches and emerging vulnerabilities, the discussion offers a comprehensive overview of the current infosec landscape.

1. Microsoft Direct Send Exploitation in Phishing Campaigns

The episode kicks off with an exploration of how Microsoft Direct Send is being weaponized in phishing campaigns. Wade highlights the significance of this technique, noting its effectiveness in bypassing traditional email filters.

Wade [12:55]: "It's one of those things that either doesn't work or it blows the customer's mind. And they're like, I'm mad."

The team emphasizes the importance of disabling Direct Send if it's not essential, as it can allow threat actors to masquerade as internal employees effectively.

2. European Governments Embrace Linux, Moving Away from Microsoft

A substantial portion of the discussion centers on European governments transitioning their IT infrastructure to Linux-based systems. Charles expresses surprise at the number of cities adopting their own Linux distributions.

Charles [15:19]: "Pretty big. That's an amazing feat."

Wade elaborates on the motivations behind this shift, citing concerns over data sovereignty and the desire to minimize reliance on American companies like Microsoft. The hosts debate the practicality of maintaining such environments, especially regarding features and support.

3. Info Stealers Targeting Screenshots on Mobile Devices

The team examines a recent article about an info stealer malware that extracts sensitive data from screenshots on smartphones. Wade explains how this malware targets critical information like crypto phrases, posing significant risks to users.

Wade [03:00]: "Don't save, don't use screenshots to store sensitive information at all."

They discuss the importance of reviewing app permissions and regularly deleting unused applications to mitigate such threats.

4. Mobile Security Best Practices

Continuing from the previous topic, the hosts share their strategies for maintaining mobile security. John mentions his routine of cleaning up apps monthly, supported by calendar reminders.

John [05:06]: "I do it once a month."

Charles shares his approach to securing devices used by his children, emphasizing minimal app installations and the removal of unnecessary permissions.

5. War Thunder Forums Leak Classified Military Data

A lighter yet concerning topic is the accidental leak of classified military manuals on the War Thunder forums. Wade humorously remarks on the recurring nature of such leaks and the actions taken by moderators to contain the breach.

Wade [25:40]: "The Harrier is not British. It's ours. My bad, I'm not a pilot."

The group underscores the ease with which sensitive information can spread on gaming communities and the importance of monitoring such platforms.

6. Scale AI’s Data Breach Through Misconfigured Google Docs

The episode highlights a significant data breach involving Scale AI, where numerous Google Docs were left publicly accessible due to improper link-sharing settings. Wade criticizes the lax security measures that allowed sensitive information, including employee lists and chatbot training data, to be exposed.

Wade [29:31]: "If you're an organization that uses Google Docs, you got to disable public link sharing."

The hosts advise organizations to tighten their document sharing policies and regularly audit permissions to prevent similar incidents.

7. Arrests Linked to Breach Forums in France

Discussions turn to recent arrests related to the notorious Breach Forums, a hub for cybercriminal activities. Wade comments on the cycle of forum ownership changes leading to repeated legal actions against administrators.

Charles [33:09]: "Just use Signal."

The conversation touches on the persistent nature of such forums and the challenges law enforcement faces in shutting them down permanently.

8. Supply Chain Attacks via Malicious NPM Packages

The team explores a new wave of supply chain attacks targeting job candidates through malicious NPM packages. Charles shares his experiences defending against such tactics, emphasizing the need for vigilance during the recruitment process.

Charles [36:23]: "It's pretty interesting to fight against it."

Wade suggests using ephemeral virtual machines during job interviews to contain potential threats, highlighting the evolving nature of cyber threats in the recruitment landscape.

9. Citrix Bleed 2: A New Vulnerability

A significant highlight is the introduction of Citrix Bleed 2, a vulnerability reminiscent of the infamous Heartbleed bug. Wade explains that this flaw affects both management and client interfaces of Citrix gateways, potentially allowing attackers to extract sensitive memory contents.

Wade [40:03]: "Patcher Citrix, you probably are super aware of this."

The hosts caution users to promptly apply patches and stay informed about security updates to protect their systems.

10. Vulnerability in Brother Printers’ Default Password Generation

The episode sheds light on a critical vulnerability discovered in Brother printers, where default admin passwords are generated based on the device's serial number. Charles recounts incidents where this flaw was exploited within organizations, emphasizing the necessity of changing default passwords.

Wade [44:12]: "Only affects 95% of printers."

The hosts advise businesses and individuals to update their printer credentials to safeguard against unauthorized access.

11. Canadian Government Bans Chinese Surveillance Cameras

Charles and Wade discuss Canada's decision to ban Hikvision cameras due to national security concerns, aligning with similar actions taken by the U.S. government. They debate the implications of such bans on privacy and security.

Wade [48:39]: "They're following the writing on the wall."

The conversation underscores the geopolitical ramifications of relying on foreign-manufactured surveillance equipment and the importance of securing critical infrastructure.

12. U.S. House of Representatives Bans WhatsApp

A surprising move by the U.S. House of Representatives to ban WhatsApp on staff devices becomes a topic of contention among the hosts. They debate the rationale and enforcement mechanisms behind this decision, questioning its effectiveness and consistency.

Charles [52:51]: "Someone off."

The discussion highlights the challenges in standardizing communication tools within government entities while balancing security and functionality.

13. Light-Hearted Segment: Chickens and Cybersecurity

In a departure from serious topics, the hosts share amusing anecdotes about chickens, blending humor with informal conversation. This segment serves as a brief respite from the intense discussions, showcasing the camaraderie among the team members.

14. Concluding Recommendations: Public Service Announcements

As the episode wraps up, the hosts offer practical security tips, encouraging listeners to:

1. Delete unused apps and review app permissions monthly.
2. Disable unnecessary features or consider disconnecting from the internet when not needed.
3. Change default passwords on all devices, especially printers and IoT devices.
4. Explore alternative operating systems like BSD for enhanced security.

Wade [58:07]: "Set a calendar invite now. So at this point, by the end of the show, you should have four monthly calendar invites."

These recommendations aim to bolster personal and organizational cybersecurity hygiene, reflecting the hosts' commitment to proactive security measures.

Final Thoughts:
This episode of "Talkin' About [Infosec] News" offers a robust examination of current cybersecurity challenges and trends. From sophisticated phishing techniques and government IT transformations to critical vulnerabilities in widely used products, the discussion provides valuable insights for both professionals and enthusiasts. The hosts blend technical expertise with engaging dialogue, making complex topics accessible and actionable.