Talkin’ About Infosec News – 12/06/2023

The post Talkin’ About Infosec News – 12/06/2023 appeared first on Black Hills Information Security. (00:00) - PreShow Banter™ — Chaos Agency (08:16) - BHIS - Talkin' Bout [infosec] News 2023-12-04 (11:03) - Story # 1: 2 municipal water facilities report falling to hackers in separate breaches (30:49) - Story # 2: PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) (37:16) - Story # 3: ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation (39:44) - Story # 4: Zyxel warns of multiple critical vulnerabilities in NAS devices (43:09) - Story # 5: Russian developer of Trickbot malware pleads guilty, faces 35-year sentence (46:55) - Story # 6: Hackers spent 2+ years looting secrets of chipmaker NXP before being detected (52:24) - Story # 7: Okta hackers stole data on all customer support users in major breach (53:30) - Story # 7b: November 29, 2023 - October Customer Support Security Incident - Update and Recommended Actions (01:01:55) - Story # 8: Dollar Tree hit by third-party data breach impacting 2 million people (01:04:07) - Hal's 20,000 - Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks