Risky Bulletin Podcast feed

A North Korean IT worker scheme pivots to Europe after a US crackdown, 24,000 IPs are looking for Palo Alto Networks VPNs, Gmail rolls out end-to-end encrypted emails for enterprise users, and hackers steal over $100 million via Coinbase phishing.

In this edition of Between Two Nerds Tom Uren and The Grugq look at all the strands of evidence that make people think NSA is a top-tier cyber actor.

This episode is also available on Youtube

Oracle’s Health Tech division gets hacked and its customers extorted, the Italian government admits it used Paragon to spy on an NGO, a WordPress feature is being abused to silently install malicious plugins, and the Dutch public prosecutor pulls systems offline after a cyber incident.

In this Risky Bulletin sponsor interview Ed Currie from Kroll Cyber talks to Tom Uren about the recent hack of the Gravy Analytics geolocation data provider. He explains the hack and how geolocation data can be used by malicious actors.

France runs a phishing test on 2 and a half million students, Google fixes a Chrome zero-day abused for espionage, China publishes new facial recognition rules, and the DragonForce ransomware group hacks two rivals.

Tom Uren and Patrick Gray discuss how the Signalgate messages betray an alarming lack of security nous at the highest levels of the US natsec leadership. It’s head-scratchingly bad.

They also discuss the possibility the Trump Administration will reconstitute the CSRB. The Board wasn’t perfect, but in our view it is better to get it started again rather than waiting for reviews to determine its perfect form.

This episode is also available on Youtube.

Ukraine’s state railway hit by a cyberattack, a ransomware attack reduces Malaysia’s largest airport to writing flight details on a whiteboard, buggy exploits put DrayTek routers in a reboot loop, and the NIST CVE backlog grows bigger despite efforts to address it.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why people studying cyber operations are fascinated by 0days. These are vulnerabilities or exploits that have been found in a system before the vendor or manufacturer is made aware of them and so therefore no fix exists.

This episode is also available on Youtube.

The US removes Tornado Cash sanctions, the White House shifts cyber responsibility to state and local governments, a Michigan football coach is indicted for hacking, and Google sues a Maps scam syndicate.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh goes over recent trends in email badness, such as the increase in QR code abuse and the rise of SVG smuggling.