Risky Bulletin

Russian police have captured the Meduza-Stealer trio, notorious for targeting government networks. A former L-3Harris manager has admitted to selling exploits to a Russian broker, raising concerns. The CIA's cyber operations against Venezuela reveal a complex international landscape. New cybersecurity measures are being introduced, including Windows 11's Administrator Protection. Meanwhile, scam rings and malicious software continue to plague the digital world, emphasizing the persistent threats in today's technology-driven society.

Peter Williams admits guilt for selling exploits to a Russian broker, raising alarm bells in the cybersecurity community. The hosts explore why trusting the private sector for exploit development remains crucial despite this incident. They discuss the varied missions of agencies like the NSA and FBI, highlighting distinct needs for exploit usage. The conversation also touches on the impact of budget cuts on national cybersecurity efforts and the ongoing challenges of leak response. Finally, they review a commission's call to bolster the Office of the National Cyber Director, stressing its importance amid reduced agency capabilities.

A new player in the cyber world targets Russia and Belarus with advanced espionage tools. A tragic leak has catastrophic consequences for Afghan helpers. An Italian hacking scandal leads to expected guilty pleas for those breaching government databases. F5 reveals a breach linked to Chinese state hackers alongside plans for increased cybersecurity spending. Meanwhile, a major data leak affects thousands due to a misconfigured server. Lastly, X users need to re-enroll security keys to safeguard their accounts.

Tom Uren and The Grugq dive into the implications of the NSA allegedly hacking China's national timekeeping service. They discuss the intelligence value of targeting such systems and the operational strategies involved. The hosts explore the use of triangulation exploits and how compromised phones can lead to network breaches. Insights into NSA's sophisticated tactics, such as patience and stealth in operations, highlight a shift from previous approaches. The conversation provides a fascinating look at modern espionage dynamics and the evolving threat landscape.

A Microsoft WSUS bug is under active exploitation, raising alarms in the tech world. In an intriguing twist, a major poker cheating conspiracy has led to indictments of 31 individuals, following a scheme involving hacked shufflers and marked cards. Meanwhile, Thailand has revoked citizenship from a businessman linked to scams, seizing millions in assets. Plus, a data leak at Raven Academy exposes Iranian hacking students. The landscape of cybersecurity continues to evolve with these compelling developments!

In this discussion, Adam Pointon, CEO of Knock Knock and an expert in Zero Trust architectures, critiques the trendy yet diluted understanding of Zero Trust. He explains that merely implementing multi-factor authentication (MFA) and single sign-on (SSO) won't fulfill its true essence. The conversation highlights how just-in-time network access and nano-segmentation can effectively reduce security exposure. Adam stresses that to achieve real Zero Trust, organizations must rethink their approaches beyond basic authentication to include comprehensive network access control.

iOS 26 is causing a stir by deleting logs that could reveal past spyware infections, raising concerns about cybersecurity. Meanwhile, Starlink has suspended over 2,500 terminals linked to scams in Myanmar. A Caribbean hospital is still grappling with the aftermath of a ransomware attack, costing them $800,000 weekly. In Poland, former officials face charges over the misuse of Pegasus surveillance data. The landscape of cybersecurity is shifting, with audits in South Korea and Microsoft taking action against potential threats.

Tom Uren, a cybersecurity analyst and policy editor, joins Amberleigh Jack to explore enhancing U.S. offensive cyber capabilities through private sector involvement. They discuss the fragmented ransomware ecosystem, illustrating how operators like Devman transition from affiliates to platform leaders. Tom proposes empowering vetted firms to target low-risk scammers, emphasizing the need for legal clarity for private disruptions. The duo also navigates the ethical dimensions of targeting and the rapid proliferation of small ransomware players.

A clever worm is wreaking havoc on VS Code users, targeting crypto wallets and developer credentials. F5 suffered a breach due to its own product vulnerabilities, leading to serious consequences. Following a significant security incident, the CEO of Korea Telecom plans to resign. In the world of scouting, the Boy Scouts are introducing new cybersecurity merit badges. Meanwhile, hackers continue to leak sensitive US government data, and malicious Chrome extensions are spamming WhatsApp Web. The cybersecurity landscape is more treacherous than ever!

Joe Devanny, a senior lecturer in War Studies at King’s College London, shares insights on India's unique position in the cyber world. He discusses India's impressive private-sector cyber capabilities but notes its lack of ambition in projecting power globally. The conversation dives into how regional threats from Pakistan and China have shaped India's cyber strategy. Devanny also contrasts India's opaque security culture with the transparency of the West, shedding light on the complexities of India's latent cyber potential.