Risky Bulletin: BlackBasta implodes, internal chats leak online
In other news: Microsoft patches a Power Pages zero-day; Meta sues account hacker; Russian military hackers target Signal comms.
Latest
Why America Needs Its Own Salt Typhoon
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Rad Security. You can hear a podcast discussion of
Risky Bulletin: It's probably not a good idea to pay RansomHub
In other news: Insight Partners discloses hack; OpenSSH patches MitM bug; Monero zero-day awaits patch.
Risky Bulletin: Sandworm deploys Tor nodes on hacked networks
In other news: UK drops military training for cyber staff; Salt Typhoon hacking spree continues; Russian APTs adopt device code phishing.
Governments Are Losing the Crypto Wars
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Resourcely. You can hear a podcast discussion of this
Risky Bulletin: Supply chain attack at AdsPower browser platform
In other news: Paragon cuts off Italy's access to its spyware; Trimble zero-day under attack; UN and NATO hacker detained in Spain.
DeepSeek Is a Win for Chinese Hackers
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Thinkst. You can hear a podcast discussion of this
Risky Bulletin: Crypto-stealer makes it on the iOS App Store
In other news: GrubHub discloses security breach; Russia hacked Starmer's personal email; Google patches Android zero-day.
Risky Bulletin: CISA & FDA warn of backdoor in patient monitor
In other news: Meta exposes Paragon spyware attacks; CISA employees exempt from Trump's resignation program; Poland arrests ex-minister in Pegasus probe.
Risky Bulletin: Authorities seize Cracked and Nulled cybercrime forums
In other news: APTs abuse Google's Gemini AI; Chinese info-op calls for the overthrow of Spain's government; spyware arrests in Turkiye.
Risky Bulletin: EU sanctions three GRU hackers
In other news: OTP Agency admins sentenced to prison; Apple fixes first 2025 zero-day; DeepSeek limits registrations after cyberattack.
Risky Bulletin: Tbilisi public transport goes free after anti-government hack
In other news: Zyxel firewalls are in a reboot loop; UnitedHealth doubles the number of users impacted by last year's ransomware attack; crypto-exchange Phemex hacked for $70 million.
Risky Business News
Risky Bulletin: Payment card NFC relay attacks spread across Russia
In other news: Hacker Pompompourin to be resentenced; a Chinese APT pulls off another supply chain attack; new cookie sandwich technique.
Risky Business News
Risky Bulletin: Threat actor impersonates FSB APT for months to target Russian orgs
In other news: HPE investigates breach; Trump guts the CSRB; malicious Chrome extensions found on the Web Store.
Risky Business News
Risky Bulletin: Looking at Biden's last cyber executive order
In other news: Threat actor leaks 15k Fortinet firewall configs; US Treasury sanctions company behind Salt Typhoon; FTC settles with GoDaddy over cybersecurity failures.
Risky Business News
Risky Bulletin: UK proposes ransomware payment ban for public bodies
In other news: Synnovis ransomware attack impacted patients' health; Silk Typhoon also hacked the Treasury CFIUS; new ransomware campaign targets S3 buckets.
Risky Business News
Risky Bulletin: Over 4,000 backdoors can be hijacked via expired C&C domains
In other news: Ivanti patches a new zero-day; Ukrainian hackers wipe Russian ISP; US sanctions Chinese IT company linked to Flax Typhoon APT.
Risky Business News
Risky Bulletin: Chinese hackers breach US Treasury, target OFAC bureau
In other news: US to update HIPAA with cybersecurity rules; ninth Salt Typhoon hacked telco found; US sanctions new Iranian and Russian disinfo orgs.
Risky Business News
Risky Bulletin: Russia returns the favor one year later, hacks Ukraine's state registers
In other news: Netwalker affiliate sentenced to 20 years; ColdFusion gets pre-Xmas security update; UN passes controversial cybercrime treaty.
Risky Business News
Risky Bulletin: The growing influencer problem to national security
In other news: Russia sanctions Recorded Future; US prepares to ban TP-Link; Raccoon Stealer dev sentenced to five years in prison.
Seriously Risky Business
Two Hats Are Better Than Two Heads
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. Note: this is the last edition of Seriously Risky Business for 2024 and we'll be
Risky Business News
Risky Bulletin: CISA sent 2,100+ pre-ransomware alerts this year
In other news: BlackBerry sells Cylance for a huge loss; US investment firm acquires Israeli spyware maker; Clop takes credit for Cleo hacks.
Risky Business News
Risky Bulletin: Secret ransomware campaign targeted DrayTek routers for a year
In other news: Yahoo lays off a quarter of its security team; US takes down Rydox cybercrime market; Amazon pauses Microsoft 365 rollout over security concerns.
Risky Business News
Risky Bulletin: Germany's BSI sinkholes BADBOX malware traffic
In other news: Scam centers raided in Myanmar, Peru, and Russia; new Chinese state spyware uncovered; Trump administration wants to separate CyberCom and NSA leadership.