June 04, 2025

Risky Business #794 -- Psychic Panda outgunned by Fluffy Lizard and UNC56728242

Listen Later

58 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

Cyber firms agree to deconflict and cross-reference hacker group names

Russian nuclear facility blueprints gathered from public procurement websites

Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons

Germany identifies the Trickbot kingpin

Google spots China’s MSS using Calendar events for malware C2

Meta apps abuse localhost listeners to track web sessions.

This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.

This episode is also available on Youtube.

Show notes

'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames | Reuters

Ukraine's Massive Drone Attack Was Powered by Open Source Software

Massive security breach: Russian nuclear facilities exposed online

How a Spyware App Compromised Assad’s Army - New Lines Magazine

Exclusive | Federal Authorities Probe Effort to Impersonate White House Chief of Staff Susie Wiles - WSJ

Malaysian home minister’s WhatsApp hacked, used to scam contacts | The Record from Recorded Future News

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

Top counter antivirus service disrupted in global takedown | CyberScoop

Cops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware Kingpin | WIRED

Australian ransomware victims now must tell the government if they pay up | The Record from Recorded Future News

Google: China-backed hackers hiding malware in calendar events | Cybersecurity Dive

Coinbase breach linked to customer data leak in India, sources say | Reuters

US military IT specialist arrested for allegedly trying to leak secrets to foreign government | The Record from Recorded Future News

NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages | The Record from Recorded Future News

ConnectWise says nation-state attack targeted multiple ScreenConnect customers | The Record from Recorded Future News

Google Online Security Blog: Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers - Ars Technica

An Open Letter to Third-Party Suppliers

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

354354 ratings

June 04, 2025

Risky Business #794 -- Psychic Panda outgunned by Fluffy Lizard and UNC56728242

Listen Later

58 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

Cyber firms agree to deconflict and cross-reference hacker group names

Russian nuclear facility blueprints gathered from public procurement websites

Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons

Germany identifies the Trickbot kingpin

Google spots China’s MSS using Calendar events for malware C2

Meta apps abuse localhost listeners to track web sessions.

This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.

This episode is also available on Youtube.

Show notes

'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames | Reuters

Ukraine's Massive Drone Attack Was Powered by Open Source Software

Massive security breach: Russian nuclear facilities exposed online

How a Spyware App Compromised Assad’s Army - New Lines Magazine

Exclusive | Federal Authorities Probe Effort to Impersonate White House Chief of Staff Susie Wiles - WSJ

Malaysian home minister’s WhatsApp hacked, used to scam contacts | The Record from Recorded Future News

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

Top counter antivirus service disrupted in global takedown | CyberScoop

Cops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware Kingpin | WIRED

Australian ransomware victims now must tell the government if they pay up | The Record from Recorded Future News

Google: China-backed hackers hiding malware in calendar events | Cybersecurity Dive

Coinbase breach linked to customer data leak in India, sources say | Reuters

US military IT specialist arrested for allegedly trying to leak secrets to foreign government | The Record from Recorded Future News

NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages | The Record from Recorded Future News

ConnectWise says nation-state attack targeted multiple ScreenConnect customers | The Record from Recorded Future News

Google Online Security Blog: Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers - Ars Technica

An Open Letter to Third-Party Suppliers

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,970 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

366 Listeners

Hacked by Hacked

Hacked

176 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,006 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Click Here by Recorded Future News

Click Here

408 Listeners

Malicious Life by Malicious Life

Malicious Life

925 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,871 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

166 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners