Risky Bulletin Podcast feed

A Pro Palestinian group claims credit for the X DDoS, CISA gets a new director as DOGE fires its red teams, and Asian scam compounds keep growing.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about what Europe should do given that US security guarantees are evaporating. Should Europe grow its cyber capabilities, what it would get out of it and how should it go about doing it?

This episode is also available on Youtube.

Mobile browsers patch a passkey phishing vector, researchers find undocumented commands in a common IoT chip, the US government cuts election security funding, and a hacker steals – and then returns – funds from DeFi platform 1inch.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Andrew Morris, founder of security firm GreyNoise. Andrew talks about the major trends in mass internet scanning and exploitation, as per GreyNoise’s yearly threat report.

The US indicts the i-Soon and APT27 hackers, the BADBOX botnet gets disrupted again,authorities seize the Garantex crypto exchange, and the FBI arrests hackers who stole Taylor Swift concert tickets.

In this podcast Tom Uren and Patrick Gray discuss how Starlink is providing an internet lifeline for scam compounds that have had their internet access cut by Thai authorities. Starlink has a very poor track record dealing with unauthorised use, but it is time for the company to develop the processes to keep on top of these problems.

They also discuss how President Trump’s actions that favour Russia will make Five Eyes partners take stock, particularly when it comes to HUMINT intelligence sharing.

Finally they examine the did-it-happen-or-not stand-down of US Cyber Command’s Russian operations.

This episode is also available on Youtube.

Researchers turn any Bluetooth device into an AirTag tracker, VMware patches three ESXi zero-days, France debates encryption backdoors, and a fifth of the stolen Bybit funds are now untraceable.

In this Risky Business Talks interview we invited Will Thomas to talk about the recent leak of internal chats from the Black Basta ransomware group. Will is a SANS Instructor, co-author of the SANS FOR589 course, and the co-founder of a community research project for CTI analysts called Curated Intelligence. Will walks us through the Black Basta leak and uses the group’s attack on US healthcare provider Ascension to break down how the gang operated.

In this edition of Between Two Nerds Tom Uren and The Grugq take a deep dive into incident response reports from Chinese cybersecurity firms that attribute the hack of one of the country’s top seven defence universities to the US National Security Agency. These reports were collated and translated into English by the security researcher known as Inversecos [https://x.com/inversecos].

This episode is also available on Youtube.

The Trump administration stops treating Russian hackers as a threat, Meta seeks a permanent NSO injunction, new Cellebrite zero-days come to light, and big name Russian cyber criminals get … home detention.