Risky Bulletin

Tom Uren, a policy and intelligence editor, dives into the intriguing tactics of the Clop ransomware gang. He explains how Clop’s strategy of mass exploitation yields significant profits while being the least harmful form of ransomware. Additionally, Tom discusses the importance of the U.S. government addressing foreign influence operations, providing insights into recent activities by adversarial states. His perspective on steering ransomware behaviors towards less damaging tactics is particularly thought-provoking.

Redis faces a critical vulnerability after 13 years, leaving many deployments open to remote code execution. Oracle rushes to fix an urgent zero-day that enabled unauthorized access in their eBusiness Suite. The Medusa group is linked to data theft from Fortra, marking a shift in their tactics. Meanwhile, India addresses flaws in its tax portal that exposed sensitive information. The conversation also touches on cybersecurity training cuts by the Pentagon and the international collaboration of Estonia and Ukraine to train cyber specialists.

Experts discuss the alarming trend of mass exploitation of platforms like SharePoint and Exchange. They analyze Google's time-to-exploit metric, revealing a troubling shift towards zero-day exploits. Notably, they explore why many vulnerabilities exploited today are years old and argue that attackers prioritize targets that yield quick gains. The conversation highlights how the announcement of patches triggers rapid exploitation and the impact of better detection methods on perceived trends in cyber incidents. A must-listen for cybersecurity enthusiasts!

Microsoft warns users to uninstall games due to a major Unity bug, creating concerns about security. Discord suffers a data breach, exposing user information. Google introduces end-to-end encryption for Gmail, enhancing email security. Meanwhile, both Apple and Google block an app that tracked ICE agents, prioritizing user safety. In a curious twist, optical mice are revealed to potentially record audio, showcasing unexpected tech vulnerabilities. The podcast dives into serious issues affecting privacy and security in the digital landscape.

Ashish Malpani, Head of Product Marketing at Corelight, dives deep into the evolving world of network detection and response (NDR). He predicts significant advancements in NDR to protect multi-cloud environments and enhance endpoint detection. Malpani emphasizes the importance of layered detection to reduce false positives and discusses how NDR can identify threats that bypass traditional cloud controls. He advocates for a robust security stack, highlighting the need for continuous evolution of detection strategies to stay ahead of cyber threats.

China sentences 11 scam compound operators to death for a massive $1.4 billion fraud scheme. A cyber attack has exposed 800 customers' data from Red Hat's private repositories. Microsoft blocks malicious SVG images in Outlook to enhance user security. Signal threatens to withdraw from the EU over controversial chat controls. SBI Crypto suffers a $21 million theft linked to North Korean laundering tactics, while the malicious group Klopp targets Oracle customers with ransom demands.

Tom Uren, a policy and intelligence editor known for his insights on cyberespionage, joins Amberleigh Jack to explore intriguing recruitment tactics used by foreign intelligence. They discuss Russia's strategy of enlisting locals through Telegram for espionage roles, highlighting the risks involved. Tom reveals how mapping Wi-Fi networks aids cyber operations and contrasts the cautious approaches of Western agencies with bolder strategies. They also address governance lapses observed in a DOGE report, showcasing how weak oversight can lead to vulnerabilities.

A cybercrime group exploits a router vulnerability to send SMS spam, raising alarms across the tech community. CISA introduces a new support model for local governments to enhance cybersecurity. South Korea elevates its cyber threat level after a data center fire, causing concerns about data outages. Researchers expose how Tile tracking devices leak location data, while the FTC sues Sendit over deceptive messaging practices. Additionally, a malware campaign infects thousands of devices in Italy and Spain, attributed to a Turkish-speaking group.

Dive into the fascinating world of cyber warfare as experts analyze its evolving role in modern conflicts. Discover how military expectations often clash with cyber's actual capabilities. The conversation highlights the significance of information operations, IP theft, and the limitations of traditional definitions of cyber attacks. Learn about the effective use of cyber in peacetime and the nuanced outcomes of subtle operations. Explore the UK's approach to responsible cyber power and the implications of information manipulation on society.

The UK government steps in with a £1.5bn loan guarantee for Jaguar Land Rover after a devastating ransomware attack. Hackers are targeting sensitive data, with one attempting to extort a nursery using children’s photos. Meanwhile, Dutch police take down teens allegedly sniffing Wi-Fi for Russian handlers. On the tech front, a serious exploit in the GoAnywhere MFT system is being actively exploited, while reports suggest that humanoid robots are sending data back to China.