Europol takes down servers behind three malware operations, the US sanctions another Burmese military group linked to scam compounds, Google backs down from mandatory Android developer registration, and Checkout-dot-com donates its ransom to cybercrime researchers instead of paying hackers. Show notes Risky Bulletin: Europol takes down Elysium, Ven…

Tom Uren and Amberleigh Jack talk about a new Reuters’ report that reveals how Meta is knowingly raking in cash from scam advertisements. It’s around $16 billion worth, and in documents Meta calculates that it outweighs the costs of possible regulatory action. They also discuss recent state-backed supply chain attacks that have, so far, remained ta…

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The KK Park scam compound in Myanmar gets blasted with actual dynamite China sentences more scammers TO DEATH While Singapore is opting to lash them with the cane Chinese security firm KnownSec leaks a bunch of documents Necromancy continues on NSO G…

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The KK Park scam compound in Myanmar gets blasted with actual dynamite China sentences more scammers TO DEATH While Singapore is opting to lash them with the cane Chinese security firm KnownSec leaks a bunch of documents Necromancy continues on NSO G…

Internal data leaks from another Chinese security firm, a US Congressional Budget Office breach has not been contained, the Cyber infosharing act likely to be extended until January, and we have a new OWASP Top 10. Show notes Risky Bulletin: Another Chinese security firm has its data leaked

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how cyber criminals and even state actors are being dumb about using AI. This episode is also available on Youtube. Show notes Google's AI Threat Tracker Script framework

Myanmar starts demolishing the KK Park scam compound, the US Congressional Budget Office gets hacked by a foreign APT, Chrome will remove risky X-S-L-T support, and scammers in Singapore will get the cane. Show notes

In this sponsored interview Casey Ellis chats to Toni de la Fuente, founder and CEO of Prowler, an open source platform for cloud security. They chat about how and why Prowler selectively applies AI to ensure it adds value rather than just because they can. Show notes

Payment service provider executives arrested over a credit card fraud ring, Meta makes a fortune showing scam ads, South Korean telco KT tried to hide a second breach and five more scammers are sentenced to death in China. Show notes Risky Bulletin: Europol arrests payment service executives for role in credit card fraud ring…

Tom Uren and Amberleigh Jack talk about aggressive US cyber operations targeting the Venezuelan government in President Trump’s first term. These were narrowly successful in that they achieved their immediate operational goals, but they didn’t achieve Trump’s broader policy goal of ousting Venezuelan leader Nicolás Maduro. They also talk about why …

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google OpenAI announces its Aardvark bug-gobbling system Two US ransomware responders get arrested for… ransomware Memento (nee HackingTeam) CEO says: Sì, those are tot…

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google OpenAI announces its Aardvark bug-gobbling system Two US ransomware responders get arrested for… ransomware Memento (nee HackingTeam) CEO says: Sì, those are tot…

The US indicts two cybersecurity employees over ransomware attacks, hackers extort customers of South Korean massage parlors, another crypto firm gets hacked for $128 million dollars, and cargo thieves collab with hackers to target freight companies. Show notes Risky Bulletin: US indicts two rogue cybersecurity employees for ransomware attacks…

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the futility of using aggressive cyber operations to send messages between states. This episode is also available on Youtube. Show notes The Record, Volt Typhoon was not successful Sand in the gears: Sabotage in world politics by Joshua Rovner, Rory Cormac and Lennart Maschmeyer…

Norway finds remote control features in its Chinese electric buses, the US CyberCorps program may saddle students with debt, Edge and Chrome get AI-based scareware blockers, and a Conti member has been extradited to the US. Show notes Risky Bulletin: Norway skittish of its Chinese electric buses

In this sponsored interview, Casey Ellis chats to Sublime Security CEO and founder, Josh Kamdjou about how Sublime is seeing a massive surge in ICS or calendar invite phishing and how the email security platform can help. Show notes

Russian police arrest the Meduza-Stealer trio, a Former L-3Harris manager pleads guilty to selling exploits to Russia, the US hacked Venezuela in 2020, and Windows 11 Administrator Protection goes live. Show notes Risky Bulletin: Russia arrests Meduza Stealer group

Tom Uren and Amberleigh Jack talk about Peter Williams, the general manager of vulnerability research firm Trenchant, who has pleaded guilty to selling exploits to the Russian 0day broker Operation Zero. It’s a terrible look, but it doesn’t mean the private sector can’t be trusted to develop exploits. They also discuss a new report’s recommendation…

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts dis…

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts dis…