Risky Bulletin: NIST releases face-morphing detection guideline
In other news: Oracle CSO departs after 37 years; Europol offers reward for Qilin admins; UK drops Apple backdoor request.
Latest
Risky Bulletin: Academics pull off novel 5G attack
In other news: Ransomware hits car recyclers across North America; VPN apps share the same hardcoded password; Bangladesh spent $190 million on surveillance tools.
Risky Bulletin: MadeYouReset vulnerability enables unlimited HTTP/2 DDoS attacks
In other news: Russia blocks Telegram and WhatsApp calls; N-able zero-days exploited in the wild; Norway blames dam hack on Russia.
Drug Cartels Are the New APTs
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Yubico. You can hear a podcast discussion of this
Risky Bulletin: Crypto-thieves turn their sights to Open VSX
In other news: Russia suspected of US Courts hack; DarkBit ransomware decrypted; new Heracles attack against AMD processors.
Risky Bulletin: Researcher scores $250,000 for Chrome bug
In other news: WinRAR patches zero-day; new TETRA comms protocol vulnerabilities; researcher gains access to Microsoft's internal network for fun and no profit.
Risky Bulletin: CISA tells federal agencies to mitigate on-prem-to-cloud Exchange attack
In other news: New HTTP desync attacks; new Trend Micro zero-day; and loads and loads of data breaches.
Risky Bulletin: Russia to designate ERPs as "critical information infrastructure"
In other news: Thai hospital gets the dumbest breach fine ever; Ohio governments to approve ransoms in public legislative sessions; Chanel and Cisco disclose breaches.
Risky Bulletin: China with the accusations again
In other news: Mega $14.5b hack discovered 5 years later; Cairncross confirmed as National Cyber Director; Lovense threatens lawsuits over security bugs disclosure.
Risky Bulletin: Russia spies on foreign embassies using local ISPs
In other news: Google rolls out cryptographically-signed Chrome extension updates; Signal threatens to leave Australia; Russian pharmacies go down after cyberattack.
The West's Tepid China Deterrence Is Not Working
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Nucleus Security. You can hear a podcast discussion of
Risky Bulletin: US seizes Chaos ransomware funds
In other news: Aeroflot cancels flights after hack; Kazakhstan arrests ransomware suspect; Kyrgyzstan nationalizes internet access.
Risky Business News
Risky Bulletin: Old exploit database finds its way online again
In other news: US law enforcement takes down BlackSuit ransomware portal; Arizona woman sentenced to prison for running DPRK laptop farm; Allianz life insurance suffers major security breach.
Risky Business News
Risky Bulletin: Microsoft rolls out linkable token identifiers to help IR teams
In other news: SharePoint hacks hit DHS, NNSA, NIH; Ukraine arrests XSS forum admin; China launches Digital ID system.
Risky Business News
Risky Bulletin: Three Chinese APTs are behind the recent SharePoint zero-day attacks
In other news: UK wants to ban some ransomware payments; Russia takes down a malware operation; South Korea arrests K-pop celebrity data sellers.
Risky Business News
Risky Bulletin: SMS blasting incidents are rising
In other news: Chinese hackers breach Singapore critical infrastructure; new SharePoint and CrushFTP zero-days; Japan releases free decrypters for Phobos and 8base ransomware.
Risky Business News
Risky Bulletin: New phishing technique bypasses FIDO keys
In other news: Surveillance vendor deploys new SS7 exploit; South Korea's largest insurance provider gets ransomed; law enforcement agencies take down NoName057 servers.
Seriously Risky Business
Spain Leaves Key Under Mat for Huawei
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Zero Networks. You can hear a podcast discussion of
Risky Business News
Risky Bulletin: Microsoft blocks filesystem redirection attacks in new security feature
In other news: Ukrainian hackers wipe servers of Russian UAV maker; UK relocates Afghans who helped military after data leak; Microsoft outsources US government work to China.
Risky Business News
Risky Bulletin: Major EoT/HoT vulnerability can bring trains to sudden stops
In other news: Researchers spot a Lazarus backdoor attack targeting crypto contracts; Spain hands Huawei control over its wiretapping system; CISA warns of CitrixBleed 2 attacks.
Risky Business News
Risky Bulletin: Two billion eSIMs receive crucial security patch
In other news: China's cyber militias go on the offensive; four Scattered Spider members detained over UK retail attacks; Russian basketball player detained in ransomware case.
Seriously Risky Business
Four Key Players Drive Scattered Spider
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Knocknoc. You can hear a podcast discussion of this
Risky Business News
Risky Bulletin: Browser extensions hijacked for web scraping botnet
In other news: Hafnium APT member arrested in Italy; Russian drone volunteer group gets hacked; Satanlock shuts down and leaks all victim data.
Risky Business News
Risky Bulletin: Chinese researchers claim to find new North American APT
In other news: SEC and SolarWinds seek settlement; C&M hack linked to malicious insider; Luis Vuitton discloses breach.