Risky Business Risky Business #785 -- Signal-gate is actually as bad as it looks
25 snips
Mar 26, 2025 
HD Moore, founder of RunZero and a network vulnerability scanning expert, joins to discuss the recent chaos in cybersecurity. He highlights the absurdity of a security breach involving the Trump administration mistakenly including a journalist in sensitive discussions. The conversation also delves into the shortcomings of traditional vulnerability management and what he's doing to revitalize network scanning. Additionally, they explore recent cyber incidents, from GitHub supply chain attacks to Kubernetes vulnerabilities, pushing the urgency for robust security solutions.
AI Snips
Chapters
Transcript
Episode notes
Signal-gate
- US government officials used Signal to plan a Yemen attack, accidentally adding a journalist.
- This revealed potential classified info and raised concerns about endpoint security and other Signal groups.
Signal Security Concerns
- Signal, while encrypted, is risky for classified info due to endpoint vulnerabilities on personal devices.
- Adversaries likely target these devices, increasing risks of data breaches.
Signal Usage Issues
- The Signal group's existence is the real issue, not the journalist's inclusion.
- Copying and pasting from classified documents into Signal is a major concern.