Talkin’ About Infosec News – 7/25/2022

ORIGINALLY AIRED ON JULY 25, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-07-25 03:59 – Story # 1: DOJ seized ransoms paid by health centers in Kansas, Colorado after 2021 attacks – https://therecord.media/doj-seized-ransoms-paid-by-health-centers-in-kansas-colorado-after-2021-attacks/ 08:38 – Story # 1b: twitter.com/cryptowhale – https://twitter.com/cryptowhale 17:34 – Story # 2: How Conti ransomware hacked and encrypted the Costa Rican government – https://www.bleepingcomputer.com/news/security/how-conti-ransomware-hacked-and-encrypted-the-costa-rican-government/ 22:29 – Story # 3: Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users – https://thehackernews.com/2022/07/experts-uncover-new-cloudmensis-spyware.html 36:49 – Story # 4: Google Play hides app permissions in favor of developer-written descriptions – https://arstechnica.com/gadgets/2022/07/google-plays-new-privacy-section-actually-hides-app-permissions/ 39:09 – Story # 4b: Google is reinstating app permissions list on Play Store – https://techcrunch.com/2022/07/21/google-app-permissions-play-store/ 41:31 – Story # 5: Hack the pump: Rising prices lead to more reports of gas theft – https://www.nbcnews.com/tech/security/hack-pump-rising-prices-lead-reports-gas-theft-rcna35198 46:04 – Story # 5b: Gas pump manipulators steal ‘millions of dollars’ in fuel – https://youtu.be/Bcnjp2PESqw 50:40 – Story # 5c: Secret Service agents warn fleets about ‘fuel skimming’ – https://www.ccjdigital.com/technology/article/15114890/secret-service-agents-warn-fleets-about-fuel-skimming 53:13 – Story # 6: Atlassian fixes critical Confluence hardcoded credentials flaw – https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/ 53:33 – Story # 6b: Cisco fixes bug that lets attackers execute commands as root –