Risky Bulletin

Chinese researchers reveal the discovery of a new American APT, raising alarms about emerging cyber threats. The investigation into the SolarWinds hack progresses as legal battles intensify. A company insider's involvement in a significant bank heist in Brazil highlights the need for vigilance. Additionally, luxury brand Louis Vuitton grapples with a recent security breach, showcasing the ever-present challenges in global cybersecurity.

In a conversation with Patrick Gray, Adam Pointon, CEO of Knocknoc and former CISO, sheds light on the neglected state of internal enterprise networks. He highlights the need for better segmentation as many networks remain flat. Adam introduces Knocknoc's simple identity-aware proxy aimed at securing non-critical applications. He challenges the Zero Trust framework, arguing that protecting 'crappy apps' is essential. The discussion covers innovative strategies for securing outdated applications and the need for new security solutions in an evolving landscape.

A notorious ransomware group has shut down and is offering free decryption keys to victims. Meanwhile, the FBI investigates a negotiator caught taking kickbacks. Law enforcement in Spain is making arrests related to government hacks, while hackers in Brazil have successfully stolen a staggering $185 million from financial institutions. The podcast also explores threats from malicious Firefox extensions and highlights various legal battles in the tech world.

Tom Uren and Patrick Gray explore Iran's reluctance to launch cyber attacks on U.S. infrastructure, dissecting the strategic reasons behind this cautious stance. They also dive into the challenges the FBI faces with the rise of ubiquitous surveillance technology and its troubling response to security audits. Additionally, the hosts critique the agency's approach to organized crime and cybersecurity risks, illustrating a stark contrast with more proactive intelligence strategies. It's a thought-provoking discussion on the intersection of cyber warfare and law enforcement.

The latest sanctions target another Russian bulletproof hosting provider, shedding light on cybercrime networks. A significant breach at the International Criminal Court raises alarming security concerns. The US takes action against 29 North Korean laptop farms, disrupting their operations. Meanwhile, a Chinese student receives jail time in the UK for engaging in SMS blasting. The discussion also highlights critical vulnerabilities across platforms, including a major Chrome zero-day patch and advancements in post-quantum cryptography.

This discussion dives into Microsoft's commitment to digital sovereignty in Europe amid rising geopolitical tensions. The hosts unpack how the tech giant is tackling security challenges and addressing data management concerns. They touch on the trust issues with foreign telecom providers, particularly in light of relations with countries like Russia and China. The need for proactive policy adaptations and compliance in the face of international legal frameworks is highlighted, showcasing the intricate balance between data security and customer trust.

The Scattered Spider group is making waves by targeting the aviation sector, with high-profile attacks on airlines like WestJet and Hawaiian Airlines. Meanwhile, a Mexican cartel is reportedly hiring hackers to track an FBI official, raising serious concerns about law enforcement safety. Canada is stepping up its game by telling Hikvision to cease operations due to security issues. The podcast also dives into global cybercrime incidents, legal actions against ransomware gangs, and new efforts to enhance online safety amidst rising threats.

Craig Rowland, CEO of Sandfly Security, sheds light on the crucial, yet often overlooked, role of Linux in the cybersecurity landscape. He discusses how security teams frequently underinvest in Linux protection despite its importance. The conversation dives into the unique vulnerabilities of Linux systems and the threat posed by state-sponsored hackers. Rowland emphasizes the need for proactive monitoring solutions, contrasting the challenges of Linux with those of Windows, and advocates for agentless detection methods to enhance security without disrupting operations.

A sophisticated phishing group exploits a forgotten feature in Microsoft Exchange Online, posing dire security risks. A ransomware attack tragically links to a patient's death, highlighting the severe impacts of cybercrime. France takes decisive action by arresting BreachForums leadership amid a surge in cyber incidents, including major breaches in universities and municipalities. Meanwhile, cities like Lyon shift to open-source solutions, seeking greater digital independence from Microsoft.

The hosts delve into a fascinating comparison of U.S. and Chinese 0-day vulnerability acquisition methods. While the U.S. insists on stealth and exclusive exploits, China casts a wide net, raising questions about effectiveness and national security. They also explore the complexities of U.S. cyber operations, particularly regarding strikes on Iranian nuclear sites, revealing a less glamorous reality than often believed. Plus, there’s a discussion on potential reforms necessary for improving American cybersecurity compared to China's open market approach.