Risky Bulletin Podcast feed

The FBI extracted Signal chats from iPhone notifications logs, Los Angeles police data was leaked online, a former Meta employee is under investigation for downloading private photos, and an Adobe Reader zero-day is being exploited in the wild.

Tom Uren and Amberleigh Jack talk about the State Department taking to X to counter foreign propaganda. US Secretary of State Marco Rubio dismantled the State Department’s counter-propaganda office when he took charge, but it turns out that giving adversary states free reign online is a bad idea.

They also discuss how America’s lawful intercept systems are high value targets for Chinese hackers. It’s a big deal that part of the FBI’s lawful intercept system has been breached and it is high time that the security of these systems was reviewed.

This episode is also available on Youtube.

Cybercrime losses surpassed $20 billion last year, authorities disrupt a Russian router botnet that intercepted email logins, Iran hacks PLCs across the US, and exploitation hits ComfyUI and Flowise-AI-servers.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how Iran’s cyber forces have been used during the ongoing war so far.

Cambodia prepares harsher prison terms for scam compound operators, an Italian museum moves valuables into a bank vault after a cyberattack, hackers exploit a bug in Vite-based apps and sites, and a supply chain attack hits an e-learning platform.

In this Risky Business sponsored interview, James Wilson chats with Airlock Digital co-founders, David Cottingham and Daniel Schell, about how they’re moving up the stack from file-based allowlisting to application-based allowlisting. David and Daniel explain how they’re making a seamless and quite logical move into application allowlisting, but with a new take on the technique.

Russia wants to revoke small ISP licenses, a cyberattack has disrupted access to US newspaper archives, Node.js pauses bug bounty program after its funding lapses and Apple backports patches for DarkSword.

Tom Uren and Amberleigh Jack talk about how incredibly good AI models have gotten at finding and exploiting vulnerabilities. That will upend the cyber security industry and it has implications for state cyber organisations such as NSA and Cyber Command.

They also discuss how broadband wireless communications links are critical in the war in Ukraine. After losing access to Starlink, Russian forces are doubling down on using equipment from American company Ubiquiti.

This episode is also available on Youtube.

Iranian password spraying targets Israel ahead of missile strikes, a major npm package gets hacked, Iran says it will bomb US tech firms in the Middle East, and Flint24 hackers are sentenced to prison in Russia.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about hacking and scams. While hacking is disappearing as a threat for most people, it is a new golden age for scammers. Even Tom has been scammed!

This episode is also available on Youtube.