Risky Bulletin Risky Bulletin: Academics pull off novel 5G attack
Aug 17, 2025
Discover the latest in cybersecurity as researchers unveil a novel 5G downgrade attack. Learn about the ransomware striking car salvage yards across North America, causing significant disruptions. Multiple VPN apps are found sharing a hardcoded password, raising red flags about user safety. Bangladesh's massive $190 million investment in hacking and surveillance tools draws attention to global cybersecurity strategies. Dive into these pressing issues and stay informed on the ever-evolving landscape of digital security.
AI Snips
Chapters
Transcript
Episode notes
5G Downgrade Via Authentication Injection
- Researchers built a toolkit that disrupts 5G authentication to force devices to fall back to 4G.
- The attack worked best within 20 metres and was demonstrated near target devices.
Workday Breach Via CRM Social Engineering
- Workday disclosed a breach after attackers social engineered an employee to access a third-party CRM.
- The incident resembles a spree targeting corporate Salesforce accounts for theft and extortion.
Ransomware Hits Auto Salvage Yards
- Hundreds of auto salvage yards across Canada and the US were hit by ransomware in early August.
- Attackers used the Lockbit Black variant and likely accessed networks via the SimpleHelp remote management app.