Risky Business Podcast

March 04, 2026

Risky Business #827 -- Iranian cyber threat actors are down but not out

Presented by

James Wilson
James Wilson

Enterprise Technology Editor

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

  • The US-Israeli attack on Iran had a whole lot of cyber. It’s clearly in the playbook now!
  • The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers
  • So long Maddhu Gottumukkala, but CISA’s annus horribilis continues
  • Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat
  • ASD’s Cisco SD-WAN threat hunting guide is clearly borne of … experience

This week’s episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It’s methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes!

This episode is also available on Youtube.

Risky Business #827 -- Iranian cyber threat actors are down but not out
0:00 / 61:24

Show notes

Inside the plan to kill Ali Khamenei

Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch

Matthew Prince 🌥 on X: "Counter to what some cyber vendors are saying, there’s been a dramatic drop in Iranian cyber operations. Likely as the operators are sheltering. They may pick back up, but right now there’s a noticeable lull." / X

Cyber Command disrupted Iranian comms, sensors, top general says | The Record from Recorded Future News

Iranian Hackers Use Elon Musk’s Starlink To Stay Online

Exclusive | U.S. Smuggled Thousands of Starlink Terminals Into Iran After Protest Crackdown - WSJ

Attacks on GPS Spike Amid US and Israeli War on Iran | WIRED

Amazon Data Centers on Fire After Iranian Missile Strikes on Dubai

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals | WIRED

Canceled contracts, a failed polygraph and personal disputes: Inside the turbulent tenure of Noem’s former cyber czar - POLITICO

CISA CIO Robert Costello exits agency | CyberScoop

OpenAI alters deal with Pentagon as critics sound alarm over surveillance

Inside Anthropic’s Killer-Robot Dispute With the Pentagon - The Atlantic

Read the full transcript of our interview with Anthropic CEO Dario Amodei - CBS News

CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements

Large-Scale Online Deanonymization with LLMs

Hackers Weaponize Claude Code in Mexican Government Cyberattack - SecurityWeek

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises - Ars Technica

CISA orders agencies to patch Cisco devices now under attack | Cybersecurity Dive

CISCO SD-WAN THREAT HUNT GUIDE

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Area Man Accidentally Hacks 6,700 Camera-Enabled Robot Vacuums | WIRED

Intellexa founder, three others sentenced to 8 years in prison over Greek spyware scandal | The Record from Recorded Future News

Moscow man accused of posing as FSB officer to extort Conti ransomware gang | The Record from Recorded Future News

Farewell, Felix · The Recurity Lablog

Atmos Sphere 2026 | Atmos

The Agentic Threat Hunting Framework | Nebulock blog

GitHub - Nebulock-Inc/agentic-threat-hunting-framework: ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy. · GitHub