Risky Bulletin

The EU faces challenges in attracting and retaining cyber talent due to skills gaps and burnout. A massive security breach leads to the resignation of Coupang's CEO. Microsoft expands its bug bounty program, now covering third-party code vulnerabilities. Meanwhile, Ukraine showcases its hacking prowess by targeting Russian logistics, and a significant data exposure is revealed at Petco, affecting pet medical details. Additionally, multiple cyber attack indictments and security patches highlight ongoing vulnerabilities in digital infrastructure.

Linux is enhancing cloud security with PCIe encryption across major platforms. Europol recently arrested 193 individuals linked to violent crime facilitation. The International Criminal Court is now including cyber evidence in cases of genocide. In a separate incident, a massive data breach in South Korea led to police action against Kupang. Meanwhile, Cambodian authorities discovered a warehouse filled with SMS blasters. These stories highlight the ongoing battle against cybercrime and the innovative measures being taken to combat it.

Chinese APTs wasted no time exploiting the recently disclosed React2Shell vulnerability. The US response to telco hacking by China remains stalled, prioritizing trade over security. The hunt for a CISA director continues as the NSA faces significant staff reductions. Meanwhile, India has scrapped its mandatory cybersecurity app after backlash. In other news, unauthorized transactions linked to Gmarket and a significant data leak from Nonsec raise alarms, while a teen's hacking exploits using AI showcase the evolving threat landscape.

Tom Uren, a cyber policy analyst and author of the Seriously Risky Business newsletter, joins to discuss a new framework outlining seven 'red flags' for assessing cyber operations. They explore Iran's use of cyber intelligence for missile strikes and the implications of political interference in elections. The conversation dives into the significance of corporate disclosure amid evolving state cyber activities, and they express skepticism about China's claims of being a responsible cyber actor. This engaging dialogue sheds light on the complexities of modern cyber warfare.

Tom Uren and The Grugq dive into the fascinating world of state cyber espionage. The Grugq, a savvy operational security commentator, discusses the impact of the recent Charming Kitten document leak and debates whether such disclosures can effectively deter espionage. They explore how leaks force adversaries like Iran to adapt swiftly and restructure their operations. The conversation also highlights the strategic implications of targeting high-value groups and how unique vulnerabilities within ecosystems can be exploited, making for a captivating discussion.

In this insightful discussion, Mike Lashley, Chief Security Officer at Mastercard, dives into the strategic motivations behind Mastercard's acquisition of Recorded Future. He emphasizes the power of merging payment data with threat intelligence to enhance fraud detection. Mike discusses the competitive edge of superior data and AI in the cyber arms race, as well as the importance of global collaboration with law enforcement to disrupt cybercrime. Furthermore, he explains the rationale for holding both the CSO and CISO roles within Mastercard.

Tom Uren, a policy and intelligence editor specializing in cybersecurity, dives into the concerns around the DeepSeek-R1 AI model, revealing how it produces insecure code when prompted with topics sensitive to the Chinese Communist Party. He explains emergent misalignment in AI and emphasizes that biases are not unique to China, citing Musk's Grok as an example. Additionally, he discusses the doxxing of Iran's APT35 group, detailing their structure and operations, while predicting their resilience after the leak. Uren underscores the need for rigorous review of AI-generated outputs.

Dive into the contrasting worlds of telcos and cloud services as experts discuss the ongoing debate about security practices. Explore how recent cyber incidents like Salt Typhoon prompted regulators to scrutinize telco vulnerabilities. Discover why cloud companies may excel at security through innovative chaos engineering methods. The conversation also touches on the potential risks of national sabotage, the effectiveness of encryption, and the unique leverage small teams gain in cyber warfare. Regulation’s role is critically examined, as is the promise and peril of critical infrastructure.

Tom Uren, a policy and intelligence editor specializing in cybersecurity, joins Amberleigh Jack to explore the recent revelations about AI-driven cyber espionage campaigns. They discuss how this innovation aids opportunistic attackers, while offering little advantage to Western intelligence. The conversation shifts to Google's legal victory over the Lighthouse phishing operation, which has had unexpected success in disrupting their activities. Lastly, Uren highlights the benefits of adopting the memory-safe Rust programming language in Android, showing its impact on security and performance.

Dive into the intriguing world of cyber warfare as experts dissect Russia's strategic focus on Ukraine's grain sector. They question whether these wiper attacks are planned or opportunistic. The discussion shifts to lessons learned by Russia, emphasizing intelligence integration over pure disruption. Curious insights emerge on how Western militaries might handle similar cyber operations. The role of volunteer hackers in Ukraine's defense also takes center stage, illustrating the complex landscape of modern warfare and the evolving nature of cyber tactics.