Risky Bulletin Podcast feed

The EU scraps its upcoming vote on Chat Control, Ukraine establishes a Cyber Force, CISA workers are reassigned to immigration enforcement, and two teens are arrested over the UK nursery hacks.

Tom Uren and Amberleigh Jack talk about the Clop ransomware gang. It is interesting because the group has arrived at a strategy that rinses a whole lot of enterprises at once and comes with a decent pay day, But it’s actually the least damaging kind of ransomware. Tom wonders why can’t more gangs be like Clop?

They also discuss the US government having second thoughts about ignoring foreign influence operations. Its adversaries run them all the time, so perhaps just sticking its head in the sand isn’t the best strategy.

This episode is also available on Youtube.

Redis patches a remote code execution vulnerability, Oracle out-of-band-fixes a zero-day used in a recent extortion campaign, Medusa ransomware group was behind a recent Fortra zero-day, and India fixes a tax filing system flaw;

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the 0day mass exploitation of SharePoint and Exchange. This type of widespread hacking appears to be increasingly common… but is it?

This episode is also available on YouTube.

Microsoft tells users to uninstall games affected by a Unity bug, Discord discloses a data breach, Google rolls out end-to-end encryption for Gmail, and Apple and Google block an ICE tracking app.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Ashish Malpani, Head of Product Marketing at Corelight. The discussion looks at how NDRs might evolve, such as expanding to protect inter-cloud networks and complementing EDRs.

China sentences 11 scam compound operators to death, the UK makes another request for Apple user data, an Iranian APT gets doxxed again, and Microsoft launches a Security Store.

Tom Uren and Amberleigh Jack talk about different ways foreign intelligence services are finding to recruit local proxies. These methods could be too risky for Western intelligence agencies, but for some state’s services they just make sense.

They also discuss a report into DOGE and how speed was prioritised over robust governance.

This episode is also available on Youtube.

A Cybercrime group abuses routers to send SMS spam, CISA announces a new collaboration model for state governments, South Korea raises its cyber threat level after a data center fire, and Tile tracking devices expose their location.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the power of cyber.

This episode is also available on Youtube.