Risky Bulletin

A reported Russian wiper aimed at Poland’s power grid was blocked before mass outages. Microsoft handed cloud BitLocker keys to law enforcement in a fraud probe. Romania shut down a crypto-funded murder-for-hire site and seized funds. The EU formed a new spyware investigation team to collect victim testimonies. Major breaches hit Under Armour, Nike, museums, and more.

Hackers are exploiting a poorly patched bug in Fortinet firewalls to create backdoor accounts. Cisco and SmarterMail recently rushed to patch zero-day vulnerabilities allowing severe security breaches. Meanwhile, troubling reports reveal Jordanian police misused Cellebrite technology against activists. Other highlights include investigations into data breaches in New Zealand and cybersecurity mishaps involving AI-generated noise disrupting bug bounties. This week, the focus is on the continual battle between cyber defenders and emerging threats.

Tom Uren, a policy and intelligence editor behind the Seriously Risky Business newsletter, joins Amberleigh Jack to tackle the implications of Starlink in authoritarian contexts. They explore how Starlink provides crucial connectivity during internet blackouts, especially in Iran, while discussing risks like GPS spoofing and the need for multiple satellite providers. They also analyze General Joshua Rudd's nomination to lead NSA, expressing concerns about his preparedness and responses on cyber policy, highlighting the complexities of national security in the digital age.

Discover how Canonical's Snap Store fell victim to domain resurrection attacks, allowing hackers to hijack developer accounts. Explore Russia's ambitious $30M AI initiative to detect VPN users and the response to increased surveillance laws in Ireland. Learn about Iranian hackers leveraging Starlink during internet outages and the surprising arrest of SMS spammers in Greece. Plus, delve into the latest on ransomware threats and efforts to reclaim lost funds in the tech world.

Tom Uren and The Grugq dive into the complex world of information warfare, exploring a landmark paper by Martin Libicki that reveals the fragmented nature of this field. They discuss a leaked recruitment tape showing how subtle propaganda is crafted in China and contrast that with Western hesitance to fund influence operations. The hosts emphasize the challenges democracies face in centralizing these efforts and highlight how societal reactions to hacks have evolved since 2016. Insights into using public intel offensively add depth to their analysis of modern information battles.

Germany is pushing for broader hacking powers for its intelligence service, while Finland plans to crack down on disinformation supporting foreign agendas. During a significant internet outage in Iran, patriotic social media accounts went suspiciously silent. In the world of cybercrime, hackers are extorting GrubHub with threats of releasing stolen files. Additionally, a major crypto theft of $282 million has been linked to social engineering tactics. Various vulnerabilities in tech services also come under scrutiny, raising concerns about digital security.

Justin Kohler, Chief Product Officer at SpecterOps, dives into the intricacies of attack path management. He highlights how systems that seem secure individually can create dangerous vulnerabilities when combined. Kohler explains the power of Bloodhound's OpenGraph in modeling multiple platforms like AWS and GitHub. He also shares a compelling case study on an AWS compromise via GitHub and discusses how their tool can automate vulnerability detection. With a focus on accessibility, he underscores their mission to make attack path analysis more user-friendly for all organizations.

China has ordered a halt on using cybersecurity products from major US and Israeli companies, sparking concerns in the tech world. Meanwhile, significant price hikes in RAM could squeeze firewall manufacturers' profits by 2026. In other news, a new law allows victims of deepfake porn to file lawsuits, while a recent DDoS attack leaked the personal data of 4,500 ICE agents. Lumen's takedown of the Kimwolf botnet helps protect nearly 250,000 devices, showcasing ongoing battles against cyber threats.

Tom Uren, a policy and intelligence editor specializing in cybersecurity, joins Amberleigh Jack to discuss China's reactive measures against scam compounds targeting its citizens. They explore how media-driven responses may inadvertently shift scams elsewhere. Tom shares viral rescue stories that forced rapid Chinese intervention and examines the role of disruptive cyber operations in the US's capture of Nicolás Maduro. The duo also delves into potential international collaborations to combat these threats.

This week, Russia levies fines against 33 telecom companies for failing to comply with surveillance mandates. In a concerning development, voice cloning defenses have been demonstrated to be bypassable, raising security alarms. Meanwhile, Poland successfully thwarts a cyber attack targeting its power grid, showcasing its resilience. Other highlights include a breach affecting JP Morgan clients and the arrest of an AVCheck admin in Amsterdam. The cyber world is buzzing with threats and vulnerabilities, making for a captivating discussion!