Claim OwnershipRisky Bulletin
Subscribed: 316Played: 39,597
Subscribe
© Copyright Risky Business Media 2007-2026
Description
Regular cybersecurity news updates from the Risky Business team...
965 Episodes
Reverse
Tom Uren and Amberleigh Jack talk about how cyber operations were used in the first hours of the US-Israeli attack on Iran. They were instrumental in the attack on Iranian Supreme Leader Ali Khamenei, but they didn’t last long. The Iranian regime implemented an internet blackout within four hours of the first bombs.
They also discuss how threat actors are using AI. It’s not game-changing so far, but it is very much altering the balance between attack and defence.
This episode is also available on Youtube.
The US conducted cyberattacks ahead of strikes on Iran, Russia aims for internet independence by 2028, Google finds a new iOS exploit kit in the wild, and Chrome moves to a two-week release cycle.
In this edition of Between Two Nerds Tom Uren and The Grugq how the use of cyber operations in the war in Ukraine has evolved over time.
This episode is also available on Youtube.
LLMs can deanonymize internet users based on their comments, CISA gets a new acting director, hackers steal 15 million records from the French Ministry of Health, and Google takes down an ad fraud botnet.
In this sponsored interview Casey Ellis chats to Harish Peri, SVP and general manager for AI security at Okta, a cloud-based identity and access management company. The pair chat about the fact that AI is forcing enterprises to relearn the basics around identity security, and how Okta for AI Agents can help.
A Russian man prosecuted for extorting the Conti ransomware group, Google takes down a Chinese cyber-espionage operation, Anthropic tells Department of War to pound sand over AI restrictions, and a Cisco zero-day was exploited in the wild for three years.
Tom Uren and Amberleigh Jack talk about the argy-bargy between the Pentagon and AI company Anthropic. US Defense Secretary Pete Hegseth is demanding that all safeguards are lifted from Claude, while Anthropic CEO Dario Amodei is insisting on protections against mass surveillance of Americans and use in lethal autonomous weapons.
They also discuss the return of Volt Typhoon, the Chinese hacker group prepositioning in critical infrastructure for sabotage in the event of a conflict over Taiwan. The group is still around, even though the US government declared victory against it last July.
This episode is also available on Youtube.
Russia launches a criminal probe into Telegram’s founder, two teenagers arrested for a South Korean bike share hack, Anthropic accuses Chinese AI firms of distillation attacks, and the US Treasury sanctions a Russian exploit broker.
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI.
This episode is available on Youtube.
An AI-driven hacking campaign breached 600 Fortinet devices, Ivanti was hacked via its own product, Wikipedia bans Archive-dot-Today for DDoS attacks, and Chinese hackers breached Italy’s police force.
In this Risky Business sponsor interview, Casey Ellis and Feross Aboukhadijeh discuss how AI is affecting open source, chat about a few attacks the company has seen in the wild and introduce Socket’s answer to the smouldering trashfire: Socket Firewall.
RPKI relies on vulnerable servers, the French Ministry of Economy discloses a data breach, the UK gives tech platforms 48 hours to remove revenge porn, and ClickFix-attacks are responsible for 50% of malware infections.
Tom Uren and Amberleigh Jack talk about a groundswell of calls from European officials to build cyber capabilities to strike back against adversaries. There are good reasons that countries should have their own cyber capabilities, but if you don’t have the political will to strike back, having a magic cyber weapon doesn’t really make a difference.
They also talk about ‘distillation attacks’. They are a way that AI developers can steal the secret sauce of advanced models just by asking questions. It looks like American companies need government assistance if the US wants to keep its AI lead.
This episode is also available on Youtube.
A supply chain attack plants backdoors on Android tablets, the EU blocks AI from lawmakers’ devices, Cellebrite was used against a Kenyan politician, and a Chinese APT is exploiting a Dell zero-day.
In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether middle powers should be investing in military cyber capabilities.
This episode is also available on Youtube
Cambodia promises to dismantle cyber scam compounds by April, CISA urges companies to adopt the OpenEoX standard, Linux gets post-quantum crypto support, and Palo Alto Networks avoids attributing an APT to China.
In this sponsored interview Casey Ellis chats to Tod Beardsley, VP of Security at RunZero about Kevology, the company’s analysis of CISA’s KEV list. Kevology lets you easily identify and fix vulnerabilities from the list that are urgent and relevant to you.
1A Malware developer faked his own death to evade the FBI, Apple patches a zero-day used in a targeted attack, the Tianfu Cup quietly returns, and researchers spot the first malicious Outlook add-in.
Tom Uren and Amberleigh Jack talk about Microsoft CEO Satya Nadella’s messaging around personnel changes at the top of its security organisation. These signal a focus on selling security products rather than on making secure products.
They also discuss Expedition Cloud, a Chinese cyber range that replicated the critical infrastructure of neighbouring countries, apparently to develop and fine-tune cyber disruption operations.
Finally, they talk about what we’ve learnt about the role of cyber operations in the US bombing of Iranian nuclear facilities. It was far bigger than we previously thought.
This episode is also available on Youtube.
China has breached all of Singapore’s major telcos, Microsoft announces two new security features, a hacktivist leaks data from a stalkerware provider, and researchers map out “GRU information warfare units” based on their insignia.
Download from Google Play
Download from App Store
United States
I use converters daily for academic research, and CoolUtils genuinely stood out. You can convert files up to 30 MB without creating an account, and it respects your formatting like it’s sacred. Whether converting to or from PDF, it retains structure, text clarity, and embedded visuals. I was especially impressed with how well it handled multi-page Excel sheets. Just drag, drop, choose your format, and voilà https://www.coolutils.com/online/PDF-Converter/ no fluff, no hidden steps. It even supports page rotation and selective conversion. Everything feels designed with practical needs in mind. This tool has definitely earned its spot in my digital toolbox. It's reliable, responsive, and secure—just what I needed.
They are having too much fun!