Risky Bulletin

Norway is on edge after discovering remote control features in its Chinese-made electric buses. Meanwhile, students in the US face potential debt from the CyberCorps program due to risky government job placements. Cybersecurity measures are tightening, with Chrome and Edge introducing AI tools to combat scam pop-ups. In global news, cybersecurity incidents unfold, including breast data leaks in Iran, a major crypto theft in Garden DeFi, and widespread scam busts in Thailand and Cambodia.

In this engaging discussion, Josh Kamdjou, Founder and CEO of Sublime Security, shares insights on the alarming rise of ICS phishing in calendar invites. He highlights how these attacks often bypass standard email gateways, making detection tricky. Josh delves into the objectives behind these attacks, from credential theft to commoditized phishing services, and emphasizes the need for using AI in defense strategies. He also announces an open-source tool for remediation, showcasing Sublime's commitment to enhancing email security and efficiency.

Russian police have captured the Meduza-Stealer trio, notorious for targeting government networks. A former L-3Harris manager has admitted to selling exploits to a Russian broker, raising concerns. The CIA's cyber operations against Venezuela reveal a complex international landscape. New cybersecurity measures are being introduced, including Windows 11's Administrator Protection. Meanwhile, scam rings and malicious software continue to plague the digital world, emphasizing the persistent threats in today's technology-driven society.

Peter Williams admits guilt for selling exploits to a Russian broker, raising alarm bells in the cybersecurity community. The hosts explore why trusting the private sector for exploit development remains crucial despite this incident. They discuss the varied missions of agencies like the NSA and FBI, highlighting distinct needs for exploit usage. The conversation also touches on the impact of budget cuts on national cybersecurity efforts and the ongoing challenges of leak response. Finally, they review a commission's call to bolster the Office of the National Cyber Director, stressing its importance amid reduced agency capabilities.

A new player in the cyber world targets Russia and Belarus with advanced espionage tools. A tragic leak has catastrophic consequences for Afghan helpers. An Italian hacking scandal leads to expected guilty pleas for those breaching government databases. F5 reveals a breach linked to Chinese state hackers alongside plans for increased cybersecurity spending. Meanwhile, a major data leak affects thousands due to a misconfigured server. Lastly, X users need to re-enroll security keys to safeguard their accounts.

Tom Uren and The Grugq dive into the implications of the NSA allegedly hacking China's national timekeeping service. They discuss the intelligence value of targeting such systems and the operational strategies involved. The hosts explore the use of triangulation exploits and how compromised phones can lead to network breaches. Insights into NSA's sophisticated tactics, such as patience and stealth in operations, highlight a shift from previous approaches. The conversation provides a fascinating look at modern espionage dynamics and the evolving threat landscape.

A Microsoft WSUS bug is under active exploitation, raising alarms in the tech world. In an intriguing twist, a major poker cheating conspiracy has led to indictments of 31 individuals, following a scheme involving hacked shufflers and marked cards. Meanwhile, Thailand has revoked citizenship from a businessman linked to scams, seizing millions in assets. Plus, a data leak at Raven Academy exposes Iranian hacking students. The landscape of cybersecurity continues to evolve with these compelling developments!

In this discussion, Adam Pointon, CEO of Knock Knock and an expert in Zero Trust architectures, critiques the trendy yet diluted understanding of Zero Trust. He explains that merely implementing multi-factor authentication (MFA) and single sign-on (SSO) won't fulfill its true essence. The conversation highlights how just-in-time network access and nano-segmentation can effectively reduce security exposure. Adam stresses that to achieve real Zero Trust, organizations must rethink their approaches beyond basic authentication to include comprehensive network access control.

iOS 26 is causing a stir by deleting logs that could reveal past spyware infections, raising concerns about cybersecurity. Meanwhile, Starlink has suspended over 2,500 terminals linked to scams in Myanmar. A Caribbean hospital is still grappling with the aftermath of a ransomware attack, costing them $800,000 weekly. In Poland, former officials face charges over the misuse of Pegasus surveillance data. The landscape of cybersecurity is shifting, with audits in South Korea and Microsoft taking action against potential threats.

Tom Uren, a cybersecurity analyst and policy editor, joins Amberleigh Jack to explore enhancing U.S. offensive cyber capabilities through private sector involvement. They discuss the fragmented ransomware ecosystem, illustrating how operators like Devman transition from affiliates to platform leaders. Tom proposes empowering vetted firms to target low-risk scammers, emphasizing the need for legal clarity for private disruptions. The duo also navigates the ethical dimensions of targeting and the rapid proliferation of small ransomware players.