May 07, 2025

Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate

Listen Later

56 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.

Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad

After six years dormant, a Magento eCommerce platform backdoor comes to life

The North Korean IT worker scam is truly webscale

NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?

This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube.

This episode is available on Youtube too.

Show notes

Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages

Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs

The Signal Clone the Trump Admin Uses Was Hacked

App used by Mike Waltz suspends services after hacking claims

Senator Demands Investigation into Trump Admin Signal Clone After 404 Media Investigation

MG on X: "Looks like TeleMessage was probably procured and rolled out under Biden. There are public records for it. https://t.co/XCuZpi8PL3" / X

Harrods becomes latest retailer to announce attempted cyberattack | The Record from Recorded Future News

Co-op DragonForce cyber attack includes customer data, firm admits

Co-op cyber attack: Staff told to keep cameras on in meetings

Hundreds of e-commerce sites hacked in supply-chain attack - Ars Technica

Microsoft’s new “passwordless by default” is great but comes at a cost - Ars Technica

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica

North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop

US wants to cut off key player in Southeast Asian cybercrime industry | The Record from Recorded Future News

Myanmar militia leader sanctioned by US over cyber scam connections | The Record from Recorded Future News

Trump proposes major cut to CISA’s budget, citing false ‘censorship’ claims | Cybersecurity Dive

NSA to cut up to 2,000 civilian roles as part of intel community downsizing | The Record from Recorded Future News

NSO Group owes $168M in damages to WhatsApp over spyware infections, jury says | CyberScoop

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

352352 ratings

May 07, 2025

Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate

Listen Later

56 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.

Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad

After six years dormant, a Magento eCommerce platform backdoor comes to life

The North Korean IT worker scam is truly webscale

NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?

This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube.

This episode is available on Youtube too.

Show notes

Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages

Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs

The Signal Clone the Trump Admin Uses Was Hacked

App used by Mike Waltz suspends services after hacking claims

Senator Demands Investigation into Trump Admin Signal Clone After 404 Media Investigation

MG on X: "Looks like TeleMessage was probably procured and rolled out under Biden. There are public records for it. https://t.co/XCuZpi8PL3" / X

Harrods becomes latest retailer to announce attempted cyberattack | The Record from Recorded Future News

Co-op DragonForce cyber attack includes customer data, firm admits

Co-op cyber attack: Staff told to keep cameras on in meetings

Hundreds of e-commerce sites hacked in supply-chain attack - Ars Technica

Microsoft’s new “passwordless by default” is great but comes at a cost - Ars Technica

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica

North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop

US wants to cut off key player in Southeast Asian cybercrime industry | The Record from Recorded Future News

Myanmar militia leader sanctioned by US over cyber scam connections | The Record from Recorded Future News

Trump proposes major cut to CISA’s budget, citing false ‘censorship’ claims | Cybersecurity Dive

NSA to cut up to 2,000 civilian roles as part of intel community downsizing | The Record from Recorded Future News

NSO Group owes $168M in damages to WhatsApp over spyware infections, jury says | CyberScoop

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,963 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

633 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

371 Listeners

Hacked by Hacked

Hacked

178 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,013 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

314 Listeners

Click Here by Recorded Future News

Click Here

389 Listeners

Malicious Life by Malicious Life

Malicious Life

926 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,812 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

162 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Hacking Humans by N2K Networks

Hacking Humans

312 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

76 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

120 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners