Risky Bulletin

Tom Uren and The Grugq dive into the fascinating world of state cyber espionage. The Grugq, a savvy operational security commentator, discusses the impact of the recent Charming Kitten document leak and debates whether such disclosures can effectively deter espionage. They explore how leaks force adversaries like Iran to adapt swiftly and restructure their operations. The conversation also highlights the strategic implications of targeting high-value groups and how unique vulnerabilities within ecosystems can be exploited, making for a captivating discussion.

In this insightful discussion, Mike Lashley, Chief Security Officer at Mastercard, dives into the strategic motivations behind Mastercard's acquisition of Recorded Future. He emphasizes the power of merging payment data with threat intelligence to enhance fraud detection. Mike discusses the competitive edge of superior data and AI in the cyber arms race, as well as the importance of global collaboration with law enforcement to disrupt cybercrime. Furthermore, he explains the rationale for holding both the CSO and CISO roles within Mastercard.

Tom Uren, a policy and intelligence editor specializing in cybersecurity, dives into the concerns around the DeepSeek-R1 AI model, revealing how it produces insecure code when prompted with topics sensitive to the Chinese Communist Party. He explains emergent misalignment in AI and emphasizes that biases are not unique to China, citing Musk's Grok as an example. Additionally, he discusses the doxxing of Iran's APT35 group, detailing their structure and operations, while predicting their resilience after the leak. Uren underscores the need for rigorous review of AI-generated outputs.

Dive into the contrasting worlds of telcos and cloud services as experts discuss the ongoing debate about security practices. Explore how recent cyber incidents like Salt Typhoon prompted regulators to scrutinize telco vulnerabilities. Discover why cloud companies may excel at security through innovative chaos engineering methods. The conversation also touches on the potential risks of national sabotage, the effectiveness of encryption, and the unique leverage small teams gain in cyber warfare. Regulation’s role is critically examined, as is the promise and peril of critical infrastructure.

Tom Uren, a policy and intelligence editor specializing in cybersecurity, joins Amberleigh Jack to explore the recent revelations about AI-driven cyber espionage campaigns. They discuss how this innovation aids opportunistic attackers, while offering little advantage to Western intelligence. The conversation shifts to Google's legal victory over the Lighthouse phishing operation, which has had unexpected success in disrupting their activities. Lastly, Uren highlights the benefits of adopting the memory-safe Rust programming language in Android, showing its impact on security and performance.

Dive into the intriguing world of cyber warfare as experts dissect Russia's strategic focus on Ukraine's grain sector. They question whether these wiper attacks are planned or opportunistic. The discussion shifts to lessons learned by Russia, emphasizing intelligence integration over pure disruption. Curious insights emerge on how Western militaries might handle similar cyber operations. The role of volunteer hackers in Ukraine's defense also takes center stage, illustrating the complex landscape of modern warfare and the evolving nature of cyber tactics.

Europol successfully dismantles critical infrastructures behind Elysium, VenomRAT, and Rhadamanthys malware operations. Checkout.com makes waves by donating ransom money to cybercrime research instead of paying hackers. Cyberattacks disrupt radio broadcasts in Germany and the Netherlands. Google takes legal action against a phishing platform and makes significant changes to Android developer verification rules. Meanwhile, U.S. sanctions a military-linked scam group in Myanmar, and China disputes the origins of seized cryptocurrency.

Tom Uren, a policy and intelligence editor, dives into Meta's alarming $16 billion profit from scam ads, revealing the internal incentives that keep fraud thriving. He discusses how Meta's high denial threshold and algorithmic engagement create perverse incentives for scammers. The conversation shifts to restrained state-backed supply chain attacks and why some intrusions weren't weaponized. Lastly, Uren highlights the UK's pause on intelligence sharing with the US over concerns regarding legality in operations against suspected drug boats.

Discover the shocking leak of over 12,000 internal files from a Chinese security firm, revealing sensitive government contracts. Learn about the uncontained breach at the US Congressional Budget Office and its implications for digital communications. The Cybersecurity Information Sharing Act is looking at a vital extension. Plus, find out how ransomware attacks have impacted Jaguar's production and the UK's GDP. The latest OWASP Top 10 updates highlight emerging cybersecurity concerns, including supply chain vulnerabilities.

Tom Uren and The Grugq delve into the absurdity of AI use in cybercrime. They critique Google's AI Threat Tracker and discuss why LLMs used for malware like PromptSteal are underwhelming. The duo highlights how AI lowers skill barriers for hackers but introduces unpredictable failures. They explore how the illicit AI tooling market is maturing and debate when AI is genuinely useful in attacks versus its limitations. The conversation reveals a balanced view of AI's role in cyber operations, implying its potential benefits might not be as magical as expected.