Risky Business Cybersecurity

NIST says it won’t be enriching most CVEs, Russian hackers tried to disrupt a Swedish power plant, the EU releases its age verification app, and OpenAI announces its own private cyber model. Show notes Risky Bulletin: NIST gives up enriching most CVEs

Tom Uren and Amberleigh Jack talk about a new Citizen Lab report into Webloc, a tool to identify and track mobile devices. It demonstrates how the collection and sale of mobile phone geolocation data presents privacy and national security risks. They also discuss a deep-dive into how a single hacker was able to breach nine Mexican government agencies in just weeks using AI assistants. They enabled the attacker to move much faster. This episode is also available on YouTube Show notes Citizen Lab’s Webloc report Gambit’s Mexican hack analysis

Researchers find malicious LLM proxy routers, a fake Ledger crypto-wallet on the Mac App Store stole $10 million dollars, a ransomware crew leaks data from 38 law firms, and Google cracks down on back button hijacking. Show notes Risky Bulletin: Malicious LLM proxy routers found in the wild

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how the rise of AI, which is very good at vulnerability and exploit development, will change the cyber security industry and competition between states. This episode is also available on YouTube Show notes The Grugq on X: People are freaking out about an impending flood of 0days Patrick Gray with former NSA and CIA cyber leaders

France prepares to ditch Windows for Linux, OpenAI was impacted by the Axios supply chain attack, Rockstar Games gets hacked again, and Adobe patches a reader zero-day. Show notes Risky Bulletin: France takes first steps to ditch Windows for Linux

In this sponsored interview, Corelight’s Senior Director of Product Management, Dave Getman, tells James Wilson how Corelight Agentic Triage helps defenders stay ahead of AI-powered attacks. Corelight makes NDR hardware that runs a heavily optimised version of the Zeek network monitoring tool. Corelight Agentic Triage integrates with EDR and other data sources, and helps defenders make sense of all the data that NDR can generate. Show notes

The FBI extracted Signal chats from iPhone notifications logs, Los Angeles police data was leaked online, a former Meta employee is under investigation for downloading private photos, and an Adobe Reader zero-day is being exploited in the wild. Show notes Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs

Tom Uren and Amberleigh Jack talk about the State Department taking to X to counter foreign propaganda. US Secretary of State Marco Rubio dismantled the State Department’s counter-propaganda office when he took charge, but it turns out that giving adversary states free reign online is a bad idea. They also discuss how America’s lawful intercept systems are high value targets for Chinese hackers. It’s a big deal that part of the FBI’s lawful intercept system has been breached and it is high time that the security of these systems was reviewed. This episode is also available on Youtube. Show notes

Cybercrime losses surpassed $20 billion last year, authorities disrupt a Russian router botnet that intercepted email logins, Iran hacks PLCs across the US, and exploitation hits ComfyUI and Flowise-AI-servers. Show notes Risky Bulletin: Cybercrime losses passed $20 billion last year

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how Iran’s cyber forces have been used during the ongoing war so far. Show notes The Financial Times on the plan to kill Ali Khamenei Israel National News, 50 companies wiped

Cambodia prepares harsher prison terms for scam compound operators, an Italian museum moves valuables into a bank vault after a cyberattack, hackers exploit a bug in Vite-based apps and sites, and a supply chain attack hits an e-learning platform. Show notes Risky Bulletin: New Cambodian law will put scam compound operators in prison for life

In this Risky Business sponsored interview, James Wilson chats with Airlock Digital co-founders, David Cottingham and Daniel Schell, about how they’re moving up the stack from file-based allowlisting to application-based allowlisting. David and Daniel explain how they’re making a seamless and quite logical move into application allowlisting, but with a new take on the technique. Show notes

Russia wants to revoke small ISP licenses, a cyberattack has disrupted access to US newspaper archives, Node.js pauses bug bounty program after its funding lapses and Apple backports patches for DarkSword. Show notes Risky Bulletin: Russia will revoke licenses for unruly ISPs

Tom Uren and Amberleigh Jack talk about how incredibly good AI models have gotten at finding and exploiting vulnerabilities. That will upend the cyber security industry and it has implications for state cyber organisations such as NSA and Cyber Command. They also discuss how broadband wireless communications links are critical in the war in Ukraine. After losing access to Starlink, Russian forces are doubling down on using equipment from American company Ubiquiti. This episode is also available on Youtube. Show notes

Iranian password spraying targets Israel ahead of missile strikes, a major npm package gets hacked, Iran says it will bomb US tech firms in the Middle East, and Flint24 hackers are sentenced to prison in Russia. Show notes Risky Bulletin: Iranian password sprays came first, then came the missiles

In this edition of Between Two Nerds Tom Uren and The Grugq talk about hacking and scams. While hacking is disappearing as a threat for most people, it is a new golden age for scammers. Even Tom has been scammed! This episode is also available on Youtube. Show notes We Are All Targets, How Renegade Hackers Invented Cyber War and Unleashed an Age of Global Chaos The $1.25 million scam

Apple adds a ClickFix warning to macOS, Handala hacks Kash Patel’s personal email, Balancer crypto platform shuts down after last year’s hack, and the EU proposes a ban on AI nudify apps. Show notes Risky Bulletin: Apple adds ClickFix warning to macOS terminal

In this Risky Business sponsored interview, James Wilson chats with Adam Pointon, CEO of Knocknoc, about how AI is making old school security controls and paradigms like deny-by-default cool again. Today, patches are being reversed by AI systems into exploits in a matter of hours. The days of being able to rely on timely patching as a primary control are over. James talks to Adam about this new reality and how Knocknoc can help. Show notes

Russia will use a custom crypto-algorithm for its 5G network, the Hungarian opposition accuses the government of using spyware, Kaspersky says it tied Coruna to the “Operation Triangulation” attacks, and malware was deployed on thousands of Luxembourg government phones. Show notes Risky Bulletin: Russia to use custom crypto-algorithm for its 5G network

Tom Uren and Amberleigh Jack talk about FBI Director Kash Patel admitting to Congress that the Bureau is buying American’s location data and using it to generate valuable intelligence. That’s concerning, because commercially available information can be used in tremendously invasive ways and the FBI can buy it without needing a warrant. They also discuss the FCC’s surprising move to ban foreign-made consumer routers. It’s not about security, it is just about reshoring manufacturing. And finally they discuss the Trump administration’s plan for unleashing the private sector. This episode is also available on Youtube. Show notes