Newsletters

Written content from the Risky Business Media team

Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The US government has charged two members of the Anonymous Sudan hacking group after the FBI secretly seized server infrastructure and disrupted its operations in March this year.

The indictment names two brothers—Ahmed Omer, 22, and Alaa Omer, 27—as the two main individuals behind the group's operations.

The two are accused of launching thousands of DDoS attacks against government agencies, hospitals, critical infrastructure, and private businesses all over the world.

Russia's GRU Thugs Double Down on Recruiting Cybercrooks

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Several strands of evidence suggest Russia's use of cybercriminals to support its war effort in Ukraine is now planned and deliberate rather than ad hoc and opportunistic. 

Russia's strategy to harness cybercriminal resources has evolved over the duration of the war. Prior to the conflict, connections between the Russian state and cybercriminals appeared to be opportunistic and based on relationships and connections between individuals.

However, a Mandiant report from April this year suggested that Sandworm (aka Unit 74455 of the GRU), was acquiring tools and bulletproof hosting services from criminal marketplaces. Now Russian intelligence services are taking the next logical step and are directly acquiring people from the criminal talent pool.  

Risky Biz News: China says the US is framing other countries for espionage operations

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The Chinese government has put out another report of questionable quality this week, claiming that the US is trying to smear poor lil' China as a bad cyber actor.

Beijing officials say that the US is actually the country behind most cyber espionage operations today, and they possess a "cyber weapon" that can mislead investigators and frame other states for its intrusions.

The report [English PDF] is the third in a series of reports that China's National Computer Virus Emergency Response Center (CVERC) has published on the topic this year, after previous reports in April and July.

Risky Biz News: Pro-Kremlin disinfo cluster disrupted ahead of Moldova's election

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Meta has taken down a network of fake accounts engaged in a disinformation campaign targeting Moldova a week before the small Eastern European country is set to hold presidential elections and a referendum to join the EU.

The network used fake accounts to manage pages that posed as "independent" news entities.

They posted content primarily in Russian that criticized the country's current president Maia Sandu, Moldova's pro-EU politicians, and the country's ever-increasing closer ties to neighboring Romania.

Risky Biz News: Dutch government to physically replace tens of thousands of hackable traffic lights

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Dutch authorities will have to replace tens of thousands of insecure road traffic lights over the next six years by 2030.

Officials are taking this extreme and very expensive step after a security researcher found a vulnerability that could allow threat actors to change traffic lights on demand.

The issue was discovered earlier this year by Alwin Peppels, a security engineer for Dutch security firm Cyber Seals.

How Telegram Turbocharges Organised Crime

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

A new report highlights the need to crack down on Telegram’s role as a massive enabler of transnational criminal organisations. It says Telegram is used to facilitate criminal activity ranging from cyber-enabled fraud and illegal gambling to money laundering and criminal marketplaces that sell malware, stolen data and even murder for hire. 

The report, authored by the UN Office on Drugs and Crime, examined the criminal adoption of technology and described the rapid evolution of the criminal ecosystem in Southeast Asia. 

It noted criminal groups started out running illegal or under-regulated gambling facilities, particularly in weakly governed regions including locations in Myanmar. These groups developed money laundering capabilities to handle the cash their activities generated. 

Risky Biz News: EU adopts new sanctions framework to cover Russia's cyber warfare and disinformation

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The European Council adopted on Tuesday a new sanctions framework designed to counter Russia's hybrid attacks against EU member states.

The new framework expands the type of actions the EU can leverage sanctions against the Russian government, organizations, and individuals involved in the Kremlin's ever-increasing aggression.

It's been expanded to cover:

Risky Biz News: Smart TVs take snapshots of what you watch

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

LG and Samsung smart TVs are shipping with intrusive technology that takes snapshots of the screen in order to track what users are watching.

The technology is named "Automatic Content Recognition" (ACR) and was pioneered in the early 2010s by Shazam.

It was initially offered via software libraries and SDKs, and was found only in a few apps, such as Netflix, Hulu, and others. However, over the past few years, ACR tracking tech has slowly crept into the core firmware of almost all modern-day smart TVs—making it almost impossible to avoid if you've bought a recent TV.

Risky Biz News: Russia arrests Cryptex founder a week after US sanctions

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Russian authorities have arrested 96 individuals linked to the Cryptex cryptocurrency exchange, the UAPS anonymous money transfer system, and 33 other illegal payment systems.

The arrests took place following house searches at 148 locations across 14 Russian regions in what Russian media has called one of the country's largest crackdowns against cybercrime and cryptocurrency gangs.

According to Russian news agency Interfax, one of the detained suspects was identified as Sergey Ivanov, the administrator of Cryptex and UAPS.

Responding To Election Interference At Warp Speed

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The US Department of Justice has announced the indictment of three Iranians allegedly responsible for a hack and leak operation targeting the Trump presidential campaign.

In addition to the hack and leak operation, the indictment alleges the three had been involved in a "wide-ranging hacking campaign" since 2020 and were employed by Iran's Islamic Revolutionary Guard Corp (IRGC). 

The operation was first reported by Politico on August 10 and by August 19 US agencies including the FBI and CISA had attributed it to Iran. The indictment was unsealed on September 27. This is operating at warp speed when responding to state-sponsored hacking.