In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate
• Microsoft WSUS bug being exploited in the wild
• Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG
• SpaceX finally starts disabling Starlink terminals used by scammers
• Garbage HP update deletes certificates that authed Windows systems to Entra

This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation.

Show Notes:

US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunch https://techcrunch.com/2025/10/23/u-s-government-accuses-former-l3harris-cyber-boss-of-stealing-trade-secrets/

Attackers bypass patch in deprecated Windows Server update tool | CyberScoop https://cyberscoop.com/microsoft-windows-server-update-services-vulnerability-exploited-attacks/

CVE-2025-59287 WSUS Unauthenticated RCE | HawkTrace https://hawktrace.com/blog/CVE-2025-59287-UNAUTH

CVE-2025-59287 WSUS Remote Code Execution | HawkTrace https://hawktrace.com/blog/CVE-2025-59287

Catching Credential Guard Off Guard - SpecterOps https://specterops.io/blog/2025/10/23/catching-credential-guard-off-guard/

Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/

Uncovering Qilin attack methods exposed through multiple cases https://blog.talosintelligence.com/uncovering-qilin-attack-methods-exposed-through-multiple-cases/

Safety on X: “By November 10, we’re asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one. A reminder: if you enroll a new security key, any” / X https://x.com/Safety/status/1981764501947953225

SpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds | The Record from Recorded Future News https://therecord.media/spacex-disables-starlink-kits-in-myanmar-scam-compounds

SpaceX: Update Your Inactive Starlink Dishes Now or They’ll Be Bricked https://au.pcmag.com/networking/113929/spacex-update-your-inactive-starlink-dishes-now-or-theyll-be-bricked

How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/

Former Polish official indicted over spyware purchase | The Record from Recorded Future News https://therecord.media/former-polish-official-indicted-spyware-probe

HP OneAgent Update Broke Entra Trust on HP AI Devices https://patchmypc.com/blog/hp-oneagent-update-broke-entra-trust-on-hp-ai-devices/

Windows’ Built-in OpenSSH for Offensive Security https://pulsesecurity.co.nz/articles/windows-ssh-is-awesome

How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED https://www.wired.com/story/how-hacked-card-shufflers-allegedly-enabled-a-mob-fueled-poker-scam-that-rocked-the-nba/