February 05, 2025

Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems

Listen Later

56 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

DeepSeek leaves an unauthed database on the internet

Russia hacked UK prime minister’s personal mail

Australia sanctions a Telegram group… which is more sensible than it sounds

Medical device backdoor turns out to be just poorly thought out upgrade feature

Google abuses weak hashing to patch AMD CPU microcode

And much, much more.

This week’s episode is sponsored by email security boffins Sublime. Their co-founder and CEO Josh Kamdjou joins to talk about how attackers’ abuse of legitimate services like Docusign is a challenge for email security vendors.

This episode is also available on Youtube.

Show notes

Exclusive: Musk aides lock workers out of OPM computer systems | Reuters

Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog

Криптостилер SparkCat в магазинах Google Play и App Store | Securelist

Russian hackers suspected of compromising British PM’s personal email account | The Record from Recorded Future News

PowerSchool hack: missed basic security step resulted in data breach

Australia sanctions ‘Terrorgram’ white supremacist online group | The Record from Recorded Future News

‘Paid actors’ could be behind some antisemitic attacks, Albanese says | Australian security and counter-terrorism | The Guardian

Interview with James Glenday, ABC News Breakfast | Australian Minister for Foreign Affairs

WhatsApp says spyware company Paragon Solutions targeted journalists

Spyware maker Paragon confirms US government is a customer | TechCrunch

Former Polish justice minister arrested in sprawling spyware probe | The Record from Recorded Future News

Sweden releases suspected ship, says cable break ‘clearly’ not sabotage | The Record from Recorded Future News

Backdoor found in two healthcare patient monitors, linked to IP in China

Attackers exploit zero-day vulnerability in Zyxel CPE devices | Cybersecurity Dive

AMD: Microcode Signature Verification Vulnerability · Advisory · google/security-research · GitHub

22-year-old math wiz indicted for alleged DeFI hack that stole $65M - Ars Technica

A method to assess 'forgivable' vs 'unforgivable'... - NCSC.GOV.UK

Living Off the Land: Credential Phishing via Docusign abuse

Living Off the Land: Callback Phishing via Docusign comment

B2B freight-forwarding scams on the rise to evade financial fraud crackdowns

Callback phishing via invoice abuse and distribution list relays

Enhanced message groups: Improving efficiency in email incident response

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

354354 ratings

February 05, 2025

Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems

Listen Later

56 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

DeepSeek leaves an unauthed database on the internet

Russia hacked UK prime minister’s personal mail

Australia sanctions a Telegram group… which is more sensible than it sounds

Medical device backdoor turns out to be just poorly thought out upgrade feature

Google abuses weak hashing to patch AMD CPU microcode

And much, much more.

This week’s episode is sponsored by email security boffins Sublime. Their co-founder and CEO Josh Kamdjou joins to talk about how attackers’ abuse of legitimate services like Docusign is a challenge for email security vendors.

This episode is also available on Youtube.

Show notes

Exclusive: Musk aides lock workers out of OPM computer systems | Reuters

Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog

Криптостилер SparkCat в магазинах Google Play и App Store | Securelist

Russian hackers suspected of compromising British PM’s personal email account | The Record from Recorded Future News

PowerSchool hack: missed basic security step resulted in data breach

Australia sanctions ‘Terrorgram’ white supremacist online group | The Record from Recorded Future News

‘Paid actors’ could be behind some antisemitic attacks, Albanese says | Australian security and counter-terrorism | The Guardian

Interview with James Glenday, ABC News Breakfast | Australian Minister for Foreign Affairs

WhatsApp says spyware company Paragon Solutions targeted journalists

Spyware maker Paragon confirms US government is a customer | TechCrunch

Former Polish justice minister arrested in sprawling spyware probe | The Record from Recorded Future News

Sweden releases suspected ship, says cable break ‘clearly’ not sabotage | The Record from Recorded Future News

Backdoor found in two healthcare patient monitors, linked to IP in China

Attackers exploit zero-day vulnerability in Zyxel CPE devices | Cybersecurity Dive

AMD: Microcode Signature Verification Vulnerability · Advisory · google/security-research · GitHub

22-year-old math wiz indicted for alleged DeFI hack that stole $65M - Ars Technica

A method to assess 'forgivable' vs 'unforgivable'... - NCSC.GOV.UK

Living Off the Land: Credential Phishing via Docusign abuse

Living Off the Land: Callback Phishing via Docusign comment

B2B freight-forwarding scams on the rise to evade financial fraud crackdowns

Callback phishing via invoice abuse and distribution list relays

Enhanced message groups: Improving efficiency in email incident response

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,970 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

366 Listeners

Hacked by Hacked

Hacked

176 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,006 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Click Here by Recorded Future News

Click Here

408 Listeners

Malicious Life by Malicious Life

Malicious Life

925 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,871 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

166 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners