Risky Business Podcast
October 29, 2025
Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD
Presented by
Technology Editor
CEO and Publisher
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
- L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate
- Microsoft WSUS bug being exploited in the wild
- Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG
- SpaceX finally starts disabling Starlink terminals used by scammers
- Garbage HP update deletes certificates that authed Windows systems to Entra
This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation.
This episode is also available on Youtube.
Brought to you by tines
The smart, secure workflow builder
Show notes
US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunch
Attackers bypass patch in deprecated Windows Server update tool | CyberScoop
CVE-2025-59287 WSUS Unauthenticated RCE | HawkTrace
CVE-2025-59287 WSUS Remote Code Execution | HawkTrace
Catching Credential Guard Off Guard - SpecterOps
Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica
Uncovering Qilin attack methods exposed through multiple cases
SpaceX: Update Your Inactive Starlink Dishes Now or They'll Be Bricked
How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist
Former Polish official indicted over spyware purchase | The Record from Recorded Future News
HP OneAgent Update Broke Entra Trust on HP AI Devices
Windows' Built-in OpenSSH for Offensive Security
How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED