PLAY PODCASTS
Risky Bulletin

Risky Bulletin

172 episodes — Page 2 of 4

Risky Bulletin: Ukrainians hacked Russian satellite comms platform

Apr 29, 20268 min

Between Two Nerds: Hackers from the future

Apr 27, 202632 min

Risky Bulletin: New fingerprinting technique can track Tor users

Apr 27, 20268 min

Sponsored: RunZero accidentally got good at OT

Apr 26, 202615 min

Risky Bulletin: Sean Plankey withdraws CISA nomination

Apr 24, 202611 min

Srsly Risky Biz: Musk snubs French authorities

Apr 23, 202622 min

Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals

Apr 22, 20269 min

Between Two Nerds: AI as the mythical 10x hacker

Apr 20, 202633 min

Risky Bulletin: ShinyHunters claim credit for Vercel hack

Apr 20, 202610 min

Sponsored: Nebulock on hunting shadow AI

Apr 19, 20269 min

Risky Bulletin: NIST gives up enriching most CVEs

Apr 17, 20269 min

Srsly Risky Biz: Time to ban sale of precise geolocation data

Apr 16, 202620 min

Risky Bulletin: Malicious LLM proxy routers found in the wild

Apr 15, 20267 min

Between Two Nerds: How AI will upset state cyber competition

Apr 13, 202629 min

Risky Bulletin: France takes first steps to ditch Windows for Linux

Apr 13, 20266 min

Sponsored: Corelight Agentic Triage helps defenders stay ahead

Apr 12, 202616 min

Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs

Apr 10, 20266 min

Srsly Risky Biz: American diplomats to fight foreign propaganda... on X

Apr 9, 202619 min

Risky Bulletin: Cybercrime losses passed $20 billion last year

Apr 8, 20268 min

Between Two Nerds: Make cyber, not war

Apr 6, 202626 min

Risky Bulletin: New Cambodian law will put scam compound operators in prison for life

Apr 6, 20267 min

Sponsored: Application allowlisting, but not as you know it

Apr 5, 202617 min

Risky Bulletin: Russia will revoke licenses for unruly ISPs

Russia wants to revoke small ISP licenses, a cyberattack has disrupted access to US newspaper archives, Node.js pauses bug bounty program after its funding lapses and Apple backports patches for DarkSword. Show notes Risky Bulletin: Russia will revoke licenses for unruly ISPs

Apr 3, 20268 min

Srsly Risky Biz: America's next top (cyber) model

Tom Uren and Amberleigh Jack talk about how incredibly good AI models have gotten at finding and exploiting vulnerabilities. That will upend the cyber security industry and it has implications for state cyber organisations such as NSA and Cyber Command. They also discuss how broadband wireless communications links are critical in the war in Ukraine. After losing access to Starlink, Russian forces are doubling down on using equipment from American company Ubiquiti. This episode is also available on Youtube. Show notes

Apr 2, 202619 min

Risky Bulletin: Iranian password sprays came first, then came the missiles

Iranian password spraying targets Israel ahead of missile strikes, a major npm package gets hacked, Iran says it will bomb US tech firms in the Middle East, and Flint24 hackers are sentenced to prison in Russia. Show notes Risky Bulletin: Iranian password sprays came first, then came the missiles

Apr 1, 20268 min

Between Two Nerds: More secure but less safe

In this edition of Between Two Nerds Tom Uren and The Grugq talk about hacking and scams. While hacking is disappearing as a threat for most people, it is a new golden age for scammers. Even Tom has been scammed! This episode is also available on Youtube. Show notes We Are All Targets, How Renegade Hackers Invented Cyber War and Unleashed an Age of Global Chaos The $1.25 million scam

Mar 30, 202626 min

Risky Bulletin: Apple adds ClickFix warning to macOS terminal

Apple adds a ClickFix warning to macOS, Handala hacks Kash Patel’s personal email, Balancer crypto platform shuts down after last year’s hack, and the EU proposes a ban on AI nudify apps. Show notes Risky Bulletin: Apple adds ClickFix warning to macOS terminal

Mar 30, 20266 min

Sponsored: AI is making old school prevention cool again

In this Risky Business sponsored interview, James Wilson chats with Adam Pointon, CEO of Knocknoc, about how AI is making old school security controls and paradigms like deny-by-default cool again. Today, patches are being reversed by AI systems into exploits in a matter of hours. The days of being able to rely on timely patching as a primary control are over. James talks to Adam about this new reality and how Knocknoc can help. Show notes

Mar 29, 202616 min

Risky Bulletin: Russia to use custom crypto-algorithm for its 5G network

Russia will use a custom crypto-algorithm for its 5G network, the Hungarian opposition accuses the government of using spyware, Kaspersky says it tied Coruna to the “Operation Triangulation” attacks, and malware was deployed on thousands of Luxembourg government phones. Show notes Risky Bulletin: Russia to use custom crypto-algorithm for its 5G network

Mar 27, 20266 min

Srsly Risky Biz: Why get a warrant when you have Kash?

Tom Uren and Amberleigh Jack talk about FBI Director Kash Patel admitting to Congress that the Bureau is buying American’s location data and using it to generate valuable intelligence. That’s concerning, because commercially available information can be used in tremendously invasive ways and the FBI can buy it without needing a warrant. They also discuss the FCC’s surprising move to ban foreign-made consumer routers. It’s not about security, it is just about reshoring manufacturing. And finally they discuss the Trump administration’s plan for unleashing the private sector. This episode is also available on Youtube. Show notes

Mar 26, 202621 min

Risky Bulletin: The CEO of Intellexa is big mad at Greece

Intellexa’s CEO is angry with Greek authorities, the FTC bans new foreign-made routers, Google launches a threat disruption unit, and German police warned companies about software bugs… in the middle of the night. Show notes Risky Bulletin: The Intellexa CEO is pissed!!!

Mar 25, 20266 min

Between Two Nerds: Its raining iOS exploit kits!

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how Google just keeps on finding iOS exploit kits. Is iPhone security busted? And why are Russian state hackers after crypto? This episode is also available on Youtube. Show notes Google on Coruna Google on DarkSword iVerify on DarkSword Lookout on DarkSword Coruna deep dive

Mar 23, 202623 min

Risky Bulletin: Russia's Signal phishing nets thousands of accounts

Russian intelligence services compromised thousands of Signal accounts, the Trivy vulnerability scanner is abused in a supply chain attack, Oracle issues an out-of-band patch for its Fusion Middleware, and the FBI takes down the Aisuru and Kimwolf botnets. Show notes Risky Bulletin: GitHub is starting to have a real malware problem

Mar 23, 20267 min

Sponsored: What is Extended Identity Access Management?

In this Risky Business sponsored interview, Casey Ellis chats to Fletcher Heisler, founder and CEO of open source identity provider, Authentik. They chat about Extended Identity Access Management (XIAM), the company’s new acronym that has been seven years in the making. Show notes

Mar 22, 202610 min

Risky Bulletin: Second iOS hacking framework found in the wild

A second iOS hacking framework has been found in the wild, Belgium launches its own government communications app, AWS kills S3 bucketsquatting and a cyberattack cripples car breathalyzers. Show notes Risky Bulletin: AWS kills bucketsquatting

Mar 20, 20267 min

Srsly Risky Biz: Successful war leaves Iran with one option, its cyber forces

Tom Uren and Amberleigh Jack talk about how successfully achieving America’s war goals could force Iran to double down on cyber power. It’s resilient to bombing and is the cheapest, quickest way for the regime to get some wins post-war. They also discuss Meta stepping back from end-to-end encryption on Instagram’s direct messages. There is a time and place for E2EE messages, so good riddance. Finally, they discuss the one weird trick President Trump uses to make his smartphone conversations useless for foreign intelligence services. This episode is also available on Youtube. Show notes

Mar 19, 202619 min

Risky Bulletin: EU finally imposes more cyber sanctions

The EU imposes cyber sanctions, an Iranian cyber chief was killed by US-Israeli strikes, the UK fixes a major bug in its company registry, and a US man phishes celebrity athletes while on home detention… for phishing. Show notes Risky Bulletin: EU finally imposes more cyber sanctions

Mar 18, 20266 min

Between Two Nerds: Unleashing Iran's hackers

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how bombing Iran changes incentives for Iranian hacker groups. Destroying other ways that Iran might project power could force it to double down on cyber capabilities. This episode is also available on Youtube. Show notes Zetter Zero Day on the Stryker hack BTN on the evolution of Iranian hackers with Hamid Kashfi

Mar 16, 202627 min

Risky Bulletin: Meta disrupts Mexican cartels

Meta suspends Mexican cartel accounts, multiple vulnerabilities have been found in Linux AppArmour, Instagram will disable support for end-to-end encrypted messaging and a supply chain attack hits AppsFlyer. Show notes Risky Bulletin: Meta disrupts Mexican cartels

Mar 16, 20266 min

Sponsored: Sublime Security on Zoom attacks

In this Risky Business sponsor interview, Catalin Cimpanu talks with Alex Orleans, Head of Threat Intelligence at Sublime Security, about the increase in email attacks leveraging Zoom invites and other video conferencing tools. Show notes Key findings from the 2026 Sublime Email Threat Research Report Scammers actively targeting real estate agents with remote access attacks Fake Google Meet invitation, fake Microsoft Store, real malware attack Alex Orleans on LinkedIn

Mar 15, 202614 min

Risky Bulletin: Another residential proxy provider falls

Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs. Show notes Risky Bulletin: Another residential proxy provider falls as authorities continue crackdowns

Mar 13, 20267 min

Srsly Risky Biz: President Trump's best ever cyber strategy

Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date. They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret. This episode is also available on Youtube. Show notes

Mar 12, 202618 min

Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head

The Senate confirms a new CyberCom and NSA chief, the US will establish an inter-agency cyber unit, the UK’s Online Crime Centre will launch in April, and the Coruna iOS hacking kit was the work of L3Harris. Show notes Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head

Mar 10, 20266 min

Between Two Nerds: An internet blackout won't stop NSA in Iran

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why an internet shutdown won’t stop US cyber operations in Iran. This episode is also available on Youtube. Show notes Srsly Risky Biz: The Four Hour Cyber War on Iran The Thing listening device IBM Selectric bug CIA compromise in Iran

Mar 9, 202625 min

Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime

US federal agencies told to crack down on scams and cybercrime, the White House releases its new Cyber Strategy, suspected Chinese hackers breach the FBI’s wiretap network, and Romania’s largest meat exporter is insolvent after a ransomware attack. Show notes Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime

Mar 9, 20268 min

Sponsored: What it means to be a learning organisation

In this Risky Business sponsor interview, Marco Slaviero, CTO of Thinkst, talks to Tom Uren about how the company ensures that it is a learning organisation. The pair discuss the company’s investment in its Thinkst Labs, how it differs from other security research labs, and how it helps grow products and people. Show notes

Mar 8, 202614 min

Risky Bulletin: Iranian hackers are scanning for security cameras to aid missile strikes

Iran attempts to hack security cameras to support its missile strikes, Israel bombs Iran’s cyber headquarters, authorities take down LeakBase and Tycoon 2FA, and TikTok says ‘no’ to encrypted private messaging. Show notes Risky Bulletin: Iranian hackers are scanning for security cameras to aid missile strikes

Mar 6, 20266 min

Srsly Risky Biz: The four hour cyber war on Iran

Tom Uren and Amberleigh Jack talk about how cyber operations were used in the first hours of the US-Israeli attack on Iran. They were instrumental in the attack on Iranian Supreme Leader Ali Khamenei, but they didn’t last long. The Iranian regime implemented an internet blackout within four hours of the first bombs. They also discuss how threat actors are using AI. It’s not game-changing so far, but it is very much altering the balance between attack and defence. This episode is also available on Youtube. Show notes

Mar 5, 202620 min

Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes

The US conducted cyberattacks ahead of strikes on Iran, Russia aims for internet independence by 2028, Google finds a new iOS exploit kit in the wild, and Chrome moves to a two-week release cycle. Show notes Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes

Mar 3, 20267 min

Between Two Nerds: The evolution of cyber ops in Ukraine

In this edition of Between Two Nerds Tom Uren and The Grugq how the use of cyber operations in the war in Ukraine has evolved over time. This episode is also available on Youtube. Show notes Russia using cyber espionage to direct grid missile strikes The Spectator article on US-UK relations BTN72 on the Taurus missile leak

Mar 2, 202627 min