Risky Bulletin Podcast feed

Tom Uren and James Wilson talk about the French criminal investigation into bias and illegal content on X. Elon Musk and former X CEO Linda Yaccarino didn’t appear for voluntary interviews scheduled this week, but refusing meetings won’t make X’s problems go away. European countries are concerned about X’s influence and regulators will be exploring all other options beyond criminal investigations.

They also discuss the fight to renew authorisation of Section 702 collection. It’s a valuable intelligence source, but in the past the FBI pointlessly overused it.

This episode is also available on YouTube

A Former FBI official wants terrorism designations for some ransomware groups, China threatens the EU over new cybersecurity regulations, Europe commits to €180 million for a sovereign cloud and a novel data wiper was found in Venezuela during US military operations.

In this edition of Between Two Nerds Tom Uren and The Grugq take a deep dive into how a single hacker used OpenAI and Anthropic’s tools to help hack nine Mexican government organisations in quick time.

This episode is also available on YouTube.

ShinyHunters claim credit for the Vercel hack, a malware strain attempted to sabotage Israel’s water system, the US government wants access to Mythos, and a Supreme Court hacker gets probation.

In this Risky Business sponsor interview, Catalin Cimpanu talks with Sydney Marrone, Head of Threat Hunting at Nebulock, about hunting shadow AI agents on corporate networks.

NIST says it won’t be enriching most CVEs, Russian hackers tried to disrupt a Swedish power plant, the EU releases its age verification app, and OpenAI announces its own private cyber model.

Tom Uren and Amberleigh Jack talk about a new Citizen Lab report into Webloc, a tool to identify and track mobile devices. It demonstrates how the collection and sale of mobile phone geolocation data presents privacy and national security risks.

They also discuss a deep-dive into how a single hacker was able to breach nine Mexican government agencies in just weeks using AI assistants. They enabled the attacker to move much faster.

Researchers find malicious LLM proxy routers, a fake Ledger crypto-wallet on the Mac App Store stole $10 million dollars, a ransomware crew leaks data from 38 law firms, and Google cracks down on back button hijacking.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how the rise of AI, which is very good at vulnerability and exploit development, will change the cyber security industry and competition between states.

This episode is also available on YouTube

France prepares to ditch Windows for Linux, OpenAI was impacted by the Axios supply chain attack, Rockstar Games gets hacked again, and Adobe patches a reader zero-day.