Risky Bulletin
Regular cybersecurity news updates from the Risky Business team...
Episodes
Tom Uren and Amberleigh Jack talk about Huawei’s contract to manage storage for Spain’s lawful intercept system. News broke this week that Spain had signed a €12 million contract, but it turns out Huawei has been involved in the system since 2004!
They also discuss arrests in the UK of four individuals associated with Scattered Spider. The criminal resumés of two of the suspects support the idea that...
Salt Typhoon breaches a US state’s National Guard, Ukrainian hackers wipe the servers of a Russian drone maker, the UK relocates Afghans caught up in a data leak, and Microsoft outsources some US government work to China.
Show notes
In this edition of Between Two Nerds Tom Uren and The Grugq examine whether US cyber operations are too stealthy. Could they get more bang for the buck if they adopted a devil may care attitude to getting busted?
This episode is also available on Youtube.
Show notes
-
...
A radio equipment vulnerability can bring trains to sudden stops, researchers prevent a Lazarus crypto attack, Spain hands Huawei control over its phone wiretapping system, and CISA warns of ongoing CitrixBleed 2 attacks.
Show notes
In this Risky Business sponsored interview, Zero Networks Field CTO, Chris Boehm discusses the everyone-gets-an-AI future with Casey Ellis. Zero Networks makes network microsegmentation achievable without simply handing an AI control of the network. Will generative artificial intelligence ever be trusted to make hard access control decisions?
Two billion eSIMs receive crucial security patches, China’s cyber militias go on the offensive, four Scattered Spider members detained over UK retail attacks, and a Russian basketball player is arrested in a ransomware case.
Show notes
Tom Uren and Amberleigh Jack talk about our developing understanding of the group that people call Scattered Spider. Independent security firms agree that there are a small number of key people that are driving the group’s outrageous success. That gives us hope that targeted action might stem the bleeding.
They also talk about data leaks from China’s cyber espionage ecosystem that are for sale on a d...
Italy arrests a Chinese APT hacker, a Russian drone software group gets wiped, the SatanLock ransomware operation shuts down, and browser extensions power a web scraping botnet.
Show notes
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how there is an opportunity for the US to expand its 0day and talent acquisition pool to Asia. They revisit a paper comparing the Chinese and American 0day acquisition strategies and have some quibbles.
This episode is also available on Youtube.
Show notes<...
Chinese security researchers claim to have found a new American APT, the SEC and SolarWinds are seeking a settlement, a company insider was behind Brazil’s bank hack, and Luis Vuitton discloses a security breach.
Show notes
In this sponsored interview, Patrick Gray chats with the CEO of Knocknoc, Adam Pointon.
They talk about the woeful state of internal enterprise networks and how many control system networks aren’t appropriately segmented.
Adam also explains why Knocknoc released a very simple identity aware proxy: For too long the Zero Trust “industry” has focussed on securing access to critical applications, while ...
A ransomware operation shuts down and releases free decryption keys, the FBI investigates a ransomware negotiator for taking kickbacks, Spain arrests two over government hacks, and hackers steal $185 million from Brazilian financial institutions.
Show notes
Tom Uren and Patrick Gray discuss warnings about Iranian cyber attacks on US critical infrastructure. Despite many many warnings, there have been no actual attacks and they discuss the reasons why Iran would want to avoid escalatory cyber attacks.
They also talk about how the FBI is struggling to deal with the democratisation of surveillance and data analysis, what the agency calls Ubiquitous Technic...
The US sanctions another Russian bulletproof hosting provider, the International Criminal Court discloses a security breach, the US dismantles 29 North Korean laptop farms, and a Chinese student gets jailed in the UK for SMS blasting.
Show notes
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how Microsoft has embraced digital sovereignty and is bending over backwards to satisfy European tech supply chain concerns.
This episode is also available on Youtube.
Show notes
The Scattered Spider group targets the aviation sector, Russia throttles traffic from Cloudflare, a Mexican cartel hired hackers to track an FBI official, and Canada tells Hikvision to cease operations.
Show notes
In this Risky Bulletin sponsor interview Craig Rowland, CEO of Sandfly Security, talks to Tom Uren about the disconnect between how important Linux systems are and how much security attention they get. The pair discuss the variety of reasons that security teams underinvest in protecting Linux.
Show notes
<...A phishing group abuses a forgotten Exchange Online feature, a patient’s death is linked to the Synnovis ransomware attack, France arrests the BreachForums leadership, and Microsoft offers free Windows 10 Extended Security Updates … with a catch.
Show notes
Tom Uren and Patrick Gray talk about a new report that compares Chinese and American 0day pipelines. The US is narrowly focussed on acquiring exquisitely stealthy and reliable exploits, while China casts a far broader net. That was fine in the past, but as 0days get harder and harder to find, the report argues that the US needs to change the way it goes about getting them.
The pair also talk about Cy...
Hackers fully open a valve at a Norwegian dam, the US house bans WhatsApp on staff devices, Russia wants to build a national IMEI database, and four REvil members are released after time served.
Show notes
Popular Podcasts
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
The latest news in 4 minutes updated every hour, every day.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Listen to 'The Bobby Bones Show' by downloading the daily full replay.
Latino USA is the longest-running news and culture radio program in the U.S. centering Latino stories, hosted by Pulitzer Prize winning journalist Maria Hinojosa Every week, the Peabody winning team brings you revealing, in-depth stories about what’s in the hearts and minds of Latinos and their impact on the world. Want to support our independent journalism? Join Futuro+ for exclusive episodes, sneak peaks and behind-the-scenes chisme on Latino USA and all our podcasts. www.futuromediagroup.org/joinplus