Risky Business News Podcast

Ukraine’s state railway hit by a cyberattack, a ransomware attack reduces Malaysia’s largest airport to writing flight details on a whiteboard, buggy exploits put DrayTek routers in a reboot loop, and the NIST CVE backlog grows bigger despite efforts to address it.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why people studying cyber operations are fascinated by 0days. These are vulnerabilities or exploits that have been found in a system before the vendor or manufacturer is made aware of them and so therefore no fix exists.

This episode is also available on Youtube.

The US removes Tornado Cash sanctions, the White House shifts cyber responsibility to state and local governments, a Michigan football coach is indicted for hacking, and Google sues a Maps scam syndicate.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh goes over recent trends in email badness, such as the increase in QR code abuse and the rise of SVG smuggling.

Hacktivists sabotage over 100 Iranian ships, Iran calls out China for hacking, six new Paragon customers come to light, and North Korea creates a new cyber unit.

Tom Uren and Patrick Gray discuss how China’s Ministry of State Security is increasingly doxxing and threatening Taiwanese APT operators. In some ways this mirrors the US strategy of naming and shaming Chinese cyber operators in indictments that contain lots of supporting information. But although MSS statements are filled with propaganda rather than technical detail, naming Taiwanese military hackers has some bite.

They also discuss Russia’s ‘shadow war’ sabotage campaign across Europe. The Russian campaign mostly relies on traditional sabotage and finding local proxies to throw bombs. But it does make sense for Western governments to respond with destructive cyber operations.

This episode is also available on Youtube.

Google buys Wiz for $32 billion, China attributes the Poison Ivy APT group to the Taiwanese Military, APT groups abuse a Windows zero-day and a judge tells CISA to reinstate fired workers.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how offensive cyber operations could do so much more than just ‘deny, disrupt, degrade and destroy’. Grugq thinks this thinking is rooted in military culture and he wonders why cyber operations are always so mean.

This episode is also available on Youtube.

A GitHub supply chain attack leaks secrets, the White House tells federal agencies to stop firing cyber staff, Germany exempts cybersecurity from debt limits, and the RCS standard adds support for end-to-end encryption.

In this Risky Bulletin sponsor interview Matt Muller, field CISO of Tines, explains how governments are using carrots and sticks to improve the security of enterprise software. Matt discusses CISA’s ‘Secure by Design’ pledge and the UK NCSC’s effort to quantify ‘unforgivable bugs’