Risky Bulletin Podcast feed

Germany seeks more hacking and surveillance powers for its intelligence service, Finland intends to criminalize the spreading of false information, patriotic “French” social media goes quiet during Iran’s internet outage, and hackers are extorting GrubHub.

In this Risky Business sponsored interview, Tom Uren talks to Justin Kohler, Chief Product Officer at SpecterOps, about how attack paths exist in the seams between different identity or permissions management domains.

In isolation, for example, both your Github and your AWS deployment could follow best practices. But bring them together and you’ve got problems. Bloodhound’s OpenGraph lets you find and fix these otherwise invisible attack paths.

China bans Israeli and US cybersecurity products, Sean Plankey is re-nominated for CISA Director, RAM price hikes are likely to impact the cost of firewalls, and Lumen sinkholes the Kimwolf DDoS botnet.

Tom Uren and Amberleigh Jack talk about the Chinese government’s reactive approach to tackling scam compounds. It’s driven by bad news on domestic media and therefore focusses on the compounds that are targeting Chinese citizens. Rather than eliminating the industry, that may instead be shaping the industry to focus on other countries and particularly Americans.

They also discuss the role of disruptive cyber operations in the US’s raid to capture Venezuelan President Nicolás Maduro.

This episode is also available on Youtube.

Russia fines 33 telcos for surveillance non-compliance, AVCheck admin is arrested in Amsterdam, Poland repels an attack on its power grid, and voice cloning defenses can be bypassed.

In this edition of Between Two Nerds Tom Uren and The Grugq about the role of cyber operations in the US capture of Venezuela’s president Nicolas Maduro.

This episode is also available on Youtube.

The Apex Legends game is hacked again, data about 17 million Instagram users put up for sale, Indonesia blocks X over pornographic content, and a ransomware attack hits major Chilean energy provider

In this Risky Business News sponsored interview the CEO and founder of Prowler, Toni de la Fuente, explains how implementing AI systems brings new security challenges that differ for traditional cloud workloads. Toni also talks about ‘attack paths’ in the context of cloud infrastructure and using them to minimise risk.

Belarus deployed spyware on journalists’ phones, a man is arrested for installing malware on a ferry, France arrests the hacker behind an Interior Ministry email server breach, and new Cisco and SonicWall zero-days.

Tom Uren and Patrick Gray talk about America’s increasing dependence on Chinese manufacturers for electrical sector equipment. This doesn’t seem like a good idea when China is hacking electric utilities for sabotage and PLA researchers are dreaming up ways to attack the grid.

They also discuss the possibility that the US was responsible for a cyber attack on Venezuela’s state oil company and how Russian state-backed hacktivism is so dumb.

This episode is also available on Youtube.