Newsletters

Written content from the Risky Business Media team

Srsly Risky Biz: Punish the Wicked, Reward the Righteous

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Pall Mall Process, an international effort to reign in abusive commercial spyware, is turning its efforts toward developing opt-in industry standards. 

These kinds of voluntary, non-binding standards are all well and good, but relatively useless without strong government action.

CyberScoop has a good wrap of issues raised at a Chatham House discussion about the process in Washington DC last weekend. The topics included who the rules would apply to, plus "how to incentivize and measure compliance and what to do with companies with a chequered past". 

Risky Bulletin: Cyberattack cripples cars across Russia

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

A cyberattack has wreaked havoc across Russia on Monday after the servers of the Delta smart alarm system went down.

Per reports in local media, car owners using Delta's alarm system couldn't unlock cars or stop active alarms. In some cases, owners couldn't start engines or their engines jammed while driving.

The company confirmed the incident but did not provide other details besides calling it a "large-scale external attack."

Risky Bulletin: EU readies new anti-spyware group, but with even less powers than PEGA

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The European Parliament has set up a new internal group tasked with investigating the use of spyware across the EU member bloc.

The new intergroup was set up last week in the aftermath of the Paragon spying scandal in Italy by Sandro Ruotolo, an Italian journalist and current member of the European Parliament for the Group of the Progressive Alliance of Socialists and Democrats.

According to WIRED Italy, Ruotolo will be joined by three other MEPs.

Risky Bulletin: Improperly patched bug exploited again in Fortinet firewalls

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Threat actors have mounted a new wave of attacks against Fortinet's FortiGate firewalls using a vulnerability that was improperly patched last month.

Security firm Arctic Wolf says hackers are bypassing Single Sign-On (SSO) authentication using generic usernames, creating their own admin account for future access, and stealing the device's current configuration file.

Since the attacks were first being reported online, Fortinet has confirmed in private emails to some customers that the attackers have found a new way to exploit CVE-2025-59718.

Srsly Risky Biz: You Can't Block Space Internet

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Amid ongoing domestic unrest and a violent government crackdown in Iran, the country’s government imposed an internet blackout. This shutdown, which began on Thursday January 8 is still in effect at time of writing.

During the shutdown some Iranians have been using SpaceX's Starlink satellite service to connect with the outside world. According to the New York Times, this didn't happen by chance. It was the result of deliberate planning:

Compared to domestic ISPs that the Iranian government can force to stop internet access, blocking Starlink is much more difficult. So far the government’s measures have included warnings to the public that possessing Starlink systems is a crime, using drones to find and confiscate terminals, and electronic jamming, possibly using Russian-provided equipment. In addition to jamming the frequencies Starlink operates on, GPS spoofers degrade the service, as terminals rely on accurate location information to direct their antennas correctly. The efforts have proven partly effective.

Risky Bulletin: Domain resurrection attacks come to Canonical's Snap Store

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

A threat actor is registering expired web domains in order to take over email servers, reset passwords on abandoned developer accounts, and publish malware on the Canonical Snap Store for Linux packages.

At least two developer accounts have been hijacked using this technique, also known as a domain resurrection attack, namely for Snap packages published using email addresses from storewise.tech and vagueentertainment.com.

According to Linux expert and former Canonical dev Alan Pope, the threat actor behind this campaign is a group he believes are located in Croatia.

Risky Bulletin: Germany seeks more hacking and surveillance powers for its intel service

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

German lawmakers are working on a new law that will grant the country's intelligence agency new and extensive hacking and surveillance powers.

The primary intent of the new law is to free up the Bundesnachrichtendienst (BND) from relying on the US National Security Agency (NSA) for threat information and bring its interception capabilities on par with other European countries, such as France, Italy, the Netherlands, and the UK.

According to a draft of the new law obtained by German media, the BND will have the power to intercept full internet communications and not just metadata as it is allowed today.

Risky Bulletin: DRAM price hikes set to impact firewalls too

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The current price hikes and supply shortage of DRAM memory chips are expected to also impact firewall makers and the cybersecurity market.

Powerful DRAM is a crucial component for the manufacturing of modern next-gen firewalls, a staple in the cybersecurity defense of any major enterprise.

Investment advisory firm Wedbush says firewall companies will see thinner margins this year due to the rising DRAM costs. This will impact their bills of materials, with the extra costs being passed down to customers as product price increases. This will likely lead to lower sales, smaller profit margins, and weaker investor yields.

China Fights Scam Compounds … For China

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

China's recent crack down on Southeast Asian scam compounds is clearly good news. But its efforts to tackle the scourge are domestically driven and may even cause scammers to shift their focus to Americans. 

Last week authorities announced that an alleged scam kingpin, Chen Zhi, had been arrested by Cambodian authorities and extradited to China. Chen is the founder of the Prince Group, which is ostensibly a Cambodian corporate conglomerate, but which US authorities allege was a transnational criminal organisation that operated forced-labour scam compounds engaging in various fraud schemes. 

US authorities had taken action against Chen Zhi. Back in October of last year, he was sanctioned and indicted and had a whopping USD$15 billion worth of cryptocurrency seized by the US. But China had the regional clout to actually get him in handcuffs. 

Risky Bulletin: Voice cloning defenses still weak, can be bypassed

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Modern security systems designed to protect user voices from getting cloned are still weak and can be bypassed with the proper tools.

These systems work by injecting random noise in voice audio recordings in order to prevent AI-based cloning technology from copying a user's voice. Voice cloning attacks are still possible, but they produce low quality output that can be easily detected and flagged by both manual reviewers and automated systems.

But three researchers from the University of Texas, in San Antonio, say that these systems are not complex enough and can be easily bypassed if attackers account for the added noise.