April 30, 2025

Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful

1 hour 2 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

British retail stalwart Marks & Spencer gets cybered

South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat

It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups

Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)

Anti-DOGE whistleblower sure sounds like he has a point

This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems.

Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉

This episode is also available on Youtube.

Show notes

British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News

M&S cyber-attack linked to hacking group Scattered Spider | Marks & Spencer | The Guardian

Bina Puri shares, Warrant B close sharply lower day after hacking

Bina Puri, Pos Malaysia tumble following hacking incident | FMT

Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News

US conducts cyberattacks against major Chinese commercial encryption provider: report - Global Times

Iran says major cyberattack on infrastructure repelled | Iran International

Spain rules out cyber attack - but what could have caused power cut?

South Korea's SK Telecom begins SIM card replacement after data breach

AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security

iOS and Android juice jacking defenses have been trivial to bypass for years - Ars Technica

How Android 16's new security mode will stop USB-based attacks - Android Authority

Researchers warn of critical flaw found in Erlang OTP SSH | Cybersecurity Dive

Critical vulnerability in SAP NetWeaver under threat of active exploitation | Cybersecurity Dive

CVE-2025-31324: Critical SAP Flaw Explained | Strobes

Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)

Risky Bulletin: NFC card malware keeps evolving in Russia, a bad omen for the future - Risky Business Media

Hegseth had unsecured internet line in Pentagon for Signal, sources say | AP News

Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security

2025_0414_Berulis-Disclosure-with-Exhibits.s.pdf

CISA gets a deputy director as it braces for major layoffs | Cybersecurity Dive

Two top cyber officials resign from CISA | The Record from Recorded Future News

Ex-CISA chief Chris Krebs leaving SentinelOne following Trump pressure | Reuters

Former cyber official targeted by Trump speaks out after cuts to digital defense

Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne

ZachXBT on X: "Nine hours ago a suspicious transfer was made from a potential victim for 3520 BTC ($330.7M)"

...more

View all episodes

By Patrick Gray

4.6

354354 ratings