Risky Business Podcast

December 17, 2025

Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • React2Shell attacks continue, surprising no one
  • The unholy combination of OAuth consent phishing, social engineering and Azure CLI
  • Venezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?!
  • Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain
  • Microsoft finally turns RC4 off by default in Active Directory Kerberos
  • Traefik’s TLS verify=on … turns it off, whoopsie 🤡

This week’s episode is sponsored by Sublime Security, makers of an email filtering solution that’s up for dealing with modern problems. Founder and CEO Josh Kamdjou joins to talk about calendar invite phishing, and the extra steps they’ve had to take to reach into people’s calendars and fix the mess.

The Risky Business weekly show is taking holiday break, and will return on 14 January for its twentieth year! Good luck out there, internet friends.

This episode is also available on Youtube.

Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack
0:00 / 54:05

Show notes

React2Shell attacks expand widely across multiple sectors | Cybersecurity Dive

React issues new patches after security researchers flag additional flaws | Cybersecurity Dive

ConsentFix: Browser-native ClickFix hijacks OAuth grants

Hacking Endpoint to Identity (Microsoft 365): "ConsentFix" - YouTube

Announced pick for No. 2 at NSA won’t get the job as another candidate surfaces | The Record from Recorded Future News

Laura Loomer on X: "EXCLUSIVE: 🚨 White House Official Confirms Ongoing Search for NSA Deputy Director As Tim Kosiba's Deep State And Anti-Trump Ties Raise Red Flags 🚨"

Senior official at Indo-Pacific Command is set to be Trump’s pick to lead Cyber Command, NSA | The Record from Recorded Future News

Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg

PdV says cyber attacks contained | Latest Market News

Venezuela state oil company blames cyberattack on US after tanker seizure | The Record from Recorded Future News

Office of Public Affairs | Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups | United States Department of Justice

DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure | The Record from Recorded Future News

vx-underground on X: "The United States government has indicted a state-sponsored Threat Actor named Victoria Eduardovna Dubranova"

vx-underground on X: "I'm actually laughing. One of the compromises is so dumb"

German parliament suffers suspected cyber attack during Zelenskyy’s visit

Während Selenskyj-Besuch: Große Internet-Störung im Bundestag! | Politik | BILD.de

Germany summons Russian ambassador over cyberattack, election disinformation | The Record from Recorded Future News

Russische hackgroep had toegang tot openbare waterfontein in Nederland | de Volkskrant

Most Parked Domains Now Serving Malicious Content – Krebs on Security

PornHub extorted after hackers steal Premium member activity data

Office of Public Affairs | Senior Manager for Government Contractor Charged in Cybersecurity Fraud Scheme | United States Department of Justice

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - Ars Technica

CVE-2025-66491: Traefik's "Verify=On" Turned TLS Off | AISLE

Dylan O'Donnell 🦋 on X: "This week I was rushed to hospital with a diagnosis of oesophageal cancer."