Risky Bulletin

The show highlights a troubling surge in child sextortion linked to scam compounds in Southeast Asia. It also covers the resignation of Oracle’s chief security officer after 37 years and Europol's $50,000 reward for information on the Qilin ransomware group. Recent high-profile cybersecurity incidents, including arrests related to cybercrime and fraudulent schemes, are explored. Additionally, there are updates on legislative actions surrounding encryption and advancements in facial recognition security guidelines.

Dive into the tension between technical expertise and the bigger picture in cybersecurity. The growing threat of cyber espionage is examined through the lens of both human intelligence and digital tactics. The hosts discuss the disconnect between what security vendors provide and what clients truly need. They also highlight the vital role of analysts in the CIA and the challenges they face in our ever-evolving landscape. Finally, the conversation underscores the need for strategic alignment in cybersecurity efforts to effectively respond to global threats.

Discover the latest in cybersecurity as researchers unveil a novel 5G downgrade attack. Learn about the ransomware striking car salvage yards across North America, causing significant disruptions. Multiple VPN apps are found sharing a hardcoded password, raising red flags about user safety. Bangladesh's massive $190 million investment in hacking and surveillance tools draws attention to global cybersecurity strategies. Dive into these pressing issues and stay informed on the ever-evolving landscape of digital security.

A new HTTP2 vulnerability is lurking, empowering devastating DDoS attacks. Meanwhile, Russia takes a hard stance by blocking Telegram and WhatsApp voice calls. On the cybersecurity front, attackers are exploiting a zero-day flaw in N-able servers. Additionally, the US government is ramping up security by tracking chip shipments, raising eyebrows about surveillance. Tune in for a thrilling dive into the latest cyber threats and financial fraud schemes making waves!

Tom Uren and Amberleigh Jack dive into a concerning hack of the US court system, revealing that not only state actors but drug cartels are probing sensitive information. They discuss the urgent need for enhanced cybersecurity measures to combat these threats. The complexities of cyber warfare are explored, highlighting the limitations of current offensive strategies. The conversation also touches on the risks faced by tech companies involved with foreign intelligence, alongside Australia’s escalating espionage challenges in a competitive global landscape.

Russian hackers are under suspicion for breaching the US court system, revealing the dangers of international cyberattacks. Researchers have managed to break the encryption of the DarkBit ransomware, exposing vulnerabilities. Moreover, a new form of attack threatens to leak sensitive data from AMD processors. The podcast also discusses a brute-force campaign aimed at Fortinet devices, showcasing the ongoing risks in cybersecurity and the importance of robust defenses.

A security researcher hits the jackpot with a $250,000 reward for a Chrome vulnerability. WinRAR faces challenges with a new zero-day exploit. The dangers of the Tetra communications protocol come to light, revealing serious flaws. Meanwhile, a curious researcher gains access to Microsoft's internal network just for fun. The podcast also dives into cybersecurity scams, highlighting a $100 million scheme targeting individuals and the growing risk to elderly Americans from fraud. Ethical hackers strive to defend critical infrastructure amidst these threats.

Derek Hanson, Field CTO of Yubico, specializes in phishing-resistant security measures. He delves into the significance of YubiKey in combating modern security challenges. The conversation highlights vulnerabilities in account recovery and the need for better user identity verification, especially following recent legal issues. They explore the implications of advancements in AI for digital trust and identity verification, as well as the competitive dynamics of the cybersecurity landscape. Finally, they discuss the benefits and challenges of using syncable passkeys for improved security.

Federal agencies must act swiftly to patch a critical flaw in Microsoft Exchange servers. The podcast delves into recent high-profile breaches affecting major companies like Air France and KLM. It highlights the serious risks of data theft and application vulnerabilities. Additionally, it covers the FBI's actions against Tornado Cash and harmful Firefox extensions targeting crypto wallets. Ransomware threats from North Korea are also examined, revealing an ever-evolving cybersecurity landscape that organizations cannot ignore.

Russian firms are now required to switch to local ERP systems, reflecting tight regulations on foreign software. Ohio is debating new rules for public sector ransom payments. Meanwhile, major breaches at Chanel and Cisco highlight ongoing cyber vulnerabilities. A Thai hospital faces penalties for a hilariously egregious data breach involving patient records. Experts dive into the latest security initiatives from tech giants like Adobe and Meta to bolster user protection.