Risky Bulletin: APT report? No, just a phishing test!
In other news: Qantas cuts executive pay by 15% after breach; first AI-driven ransomware was just an academic project; Nepal blocks 26 social media sites.
Latest
Risky Bulletin: Chrome 140 comes with new hardened cookies
In other news: Cyberattack disrupts Bridgestone tyre factories in NA; a new infostealer takes your photo when you watch porn; CA misissued certificates for Cloudflare infrastructure for more than a year.
Google Sharpens its Cyber Knife
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Push Security. You can hear a podcast discussion of
Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring
In other news: Cloudflare, Zscaler, and Palo Alto Networks disclose breaches; ransomware attack disrupts vehicle production at Jaguar; new DDoS attack record.
Risky Bulletin: Noem fires FEMA IT team over alleged cybersecurity failures
In other news: WhatsApp patches zero-day; Salesloft hack impacts other services; scammer steals $1.5 million from Baltimore.
Risky Bulletin: npm attack uses AI prompts to steal creds, crypto-wallet keys
In other news: Google establishes "disruption unit"; ransomware attack disrupts Swedish municipalities; Salt Typhoon attacks have hit over 80 countries.
America Wants to Hack the Planet
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Okta. You can hear a podcast discussion of this
Risky Bulletin: FCC removes 1,200 voice providers from US phone network
In other news: Nevada government agencies close after cyberattack; hackers breach Salesloft to pivot to Salesforce accounts; new Citrix zero-day (yawn).
Risky Bulletin: Hackers sabotage Iranian ships at sea, again
In other news: Major cybercrime arrests across Africa; Chinese man extradited to South Korea for celebrity hacks; Auchan discloses data breach.
Risky Bulletin: A decade later, Russian hackers are still using SYNful Knock, and it's still working
In other news: Apple patches zero-day used in "extremely sophisticated attack"; Scattered Spider member gets 10 years in prison; Microsoft restricts Chinese firms from MAPP.
When the Chips Were Down, Russian Cyber Security Picked a Side
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Kroll. You can hear a podcast discussion of this
Risky Bulletin: NIST releases face-morphing detection guideline
In other news: Oracle CSO departs after 37 years; Europol offers reward for Qilin admins; UK drops Apple backdoor request.
Risky Business News
Risky Bulletin: Academics pull off novel 5G attack
In other news: Ransomware hits car recyclers across North America; VPN apps share the same hardcoded password; Bangladesh spent $190 million on surveillance tools.
Risky Business News
Risky Bulletin: MadeYouReset vulnerability enables unlimited HTTP/2 DDoS attacks
In other news: Russia blocks Telegram and WhatsApp calls; N-able zero-days exploited in the wild; Norway blames dam hack on Russia.
Seriously Risky Business
Drug Cartels Are the New APTs
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Yubico. You can hear a podcast discussion of this
Risky Business News
Risky Bulletin: Crypto-thieves turn their sights to Open VSX
In other news: Russia suspected of US Courts hack; DarkBit ransomware decrypted; new Heracles attack against AMD processors.
Risky Business News
Risky Bulletin: Researcher scores $250,000 for Chrome bug
In other news: WinRAR patches zero-day; new TETRA comms protocol vulnerabilities; researcher gains access to Microsoft's internal network for fun and no profit.
Risky Business News
Risky Bulletin: CISA tells federal agencies to mitigate on-prem-to-cloud Exchange attack
In other news: New HTTP desync attacks; new Trend Micro zero-day; and loads and loads of data breaches.
Risky Business News
Risky Bulletin: Russia to designate ERPs as "critical information infrastructure"
In other news: Thai hospital gets the dumbest breach fine ever; Ohio governments to approve ransoms in public legislative sessions; Chanel and Cisco disclose breaches.
Risky Business News
Risky Bulletin: China with the accusations again
In other news: Mega $14.5b hack discovered 5 years later; Cairncross confirmed as National Cyber Director; Lovense threatens lawsuits over security bugs disclosure.
Risky Business News
Risky Bulletin: Russia spies on foreign embassies using local ISPs
In other news: Google rolls out cryptographically-signed Chrome extension updates; Signal threatens to leave Australia; Russian pharmacies go down after cyberattack.
Seriously Risky Business
The West's Tepid China Deterrence Is Not Working
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Nucleus Security. You can hear a podcast discussion of
Risky Business News
Risky Bulletin: US seizes Chaos ransomware funds
In other news: Aeroflot cancels flights after hack; Kazakhstan arrests ransomware suspect; Kyrgyzstan nationalizes internet access.
Risky Business News
Risky Bulletin: Old exploit database finds its way online again
In other news: US law enforcement takes down BlackSuit ransomware portal; Arizona woman sentenced to prison for running DPRK laptop farm; Allianz life insurance suffers major security breach.