Risky Business #817 -- Less carnage than your usual Thanksgiving

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about:

• Airbus rolls out software updates after a cosmic ray bitflips an A320 into a dive
• Krebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec…
• … as Wired publishes an opsec guide for teens.
• Microsoft decides its login portal is worth a Content Security Policy
• South Korean online retailer data breach covers 65% of the country

This week’s episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS.

This episode is also available on Youtube.

Show notes

• Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNN
• Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoop
• Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog
• Update: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | Armis
• Glassworm's resurgence | Secure Annex
• 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi Blog
• Post by @spuxx.bsky.social — Bluesky
• Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security
• The WIRED Guide to Digital Opsec for Teens | WIRED
• Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC News
• Ed Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / X
• Reuters accused of hack attack | ZDNET
• The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIRED
• Microsoft tightens cloud login process to prevent common attack | Cybersecurity Dive
• Fortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity Dive
• Cryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future News
• Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future News
• Data breach hits 'South Korea's Amazon,' potentially affecting 65% of country’s population | The Record from Recorded Future News
• NSA Contractor Groomed Teenage Girls On Reddit, DOJ Alleges
• Nebulock developed coreSigma for MacOS
• coreSigma repo: