PLAY PODCASTS
Risky Bulletin

Risky Bulletin

172 episodes — Page 3 of 4

Risky Bulletin: LLMs can deanonymize internet users based on their comments

LLMs can deanonymize internet users based on their comments, CISA gets a new acting director, hackers steal 15 million records from the French Ministry of Health, and Google takes down an ad fraud botnet. Show notes Risky Bulletin: LLMs can deanonymize internet users based on their past comments

Mar 2, 20268 min

Sponsored: AI Agents need distinct identities

In this sponsored interview Casey Ellis chats to Harish Peri, SVP and general manager for AI security at Okta, a cloud-based identity and access management company. The pair chat about the fact that AI is forcing enterprises to relearn the basics around identity security, and how Okta for AI Agents can help. Show notes

Mar 1, 202615 min

Risky Bulletin: Russian man extorts Conti ransomware group

A Russian man prosecuted for extorting the Conti ransomware group, Google takes down a Chinese cyber-espionage operation, Anthropic tells Department of War to pound sand over AI restrictions, and a Cisco zero-day was exploited in the wild for three years. Show notes Risky Bulletin: Russian man investigated for extorting Conti ransomware group

Feb 27, 20268 min

Srsly Risky Biz: Is Claude too woke for war?

Tom Uren and Amberleigh Jack talk about the argy-bargy between the Pentagon and AI company Anthropic. US Defense Secretary Pete Hegseth is demanding that all safeguards are lifted from Claude, while Anthropic CEO Dario Amodei is insisting on protections against mass surveillance of Americans and use in lethal autonomous weapons. They also discuss the return of Volt Typhoon, the Chinese hacker group prepositioning in critical infrastructure for sabotage in the event of a conflict over Taiwan. The group is still around, even though the US government declared victory against it last July. This episode is also available on Youtube. Show notes

Feb 26, 202616 min

Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov

Russia launches a criminal probe into Telegram’s founder, two teenagers arrested for a South Korean bike share hack, Anthropic accuses Chinese AI firms of distillation attacks, and the US Treasury sanctions a Russian exploit broker. Show notes Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov

Feb 25, 20267 min

Between Two Nerds: How NSA will use AI

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI. This episode is available on Youtube. Show notes How AI-powered espionage will favour China Google's AI threat tracker, February 2026

Feb 23, 202627 min

Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices

An AI-driven hacking campaign breached 600 Fortinet devices, Ivanti was hacked via its own product, Wikipedia bans Archive-dot-Today for DDoS attacks, and Chinese hackers breached Italy’s police force. Show notes Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices

Feb 23, 20266 min

Sponsored: The smouldering trashfire of AI and open source

In this Risky Business sponsor interview, Casey Ellis and Feross Aboukhadijeh discuss how AI is affecting open source, chat about a few attacks the company has seen in the wild and introduce Socket’s answer to the smouldering trashfire: Socket Firewall. Show notes

Feb 22, 202624 min

Risky Bulletin: RPKI infrastructure sits on shaky ground

RPKI relies on vulnerable servers, the French Ministry of Economy discloses a data breach, the UK gives tech platforms 48 hours to remove revenge porn, and ClickFix-attacks are responsible for 50% of malware infections. Show notes Risky Bulletin: RPKI infrastructure sits on shaky ground

Feb 20, 20268 min

Srsly Risky Biz: Cyber bullets can't replace political will

Tom Uren and Amberleigh Jack talk about a groundswell of calls from European officials to build cyber capabilities to strike back against adversaries. There are good reasons that countries should have their own cyber capabilities, but if you don’t have the political will to strike back, having a magic cyber weapon doesn’t really make a difference. They also talk about ‘distillation attacks’. They are a way that AI developers can steal the secret sauce of advanced models just by asking questions. It looks like American companies need government assistance if the US wants to keep its AI lead. This episode is also available on Youtube. Show notes

Feb 19, 202619 min

Risky Bulletin: Supply chain attack plants backdoor on Android tablets

A supply chain attack plants backdoors on Android tablets, the EU blocks AI from lawmakers’ devices, Cellebrite was used against a Kenyan politician, and a Chinese APT is exploiting a Dell zero-day. Show notes Risky Bulletin: Supply chain attack plants backdoor on Android tablets

Feb 18, 20268 min

Between Two Nerds: Buying the magic weapon

In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether middle powers should be investing in military cyber capabilities. This episode is also available on Youtube Show notes The Record on Iranian air defences Max Smeets No Shortcuts RunZero sponsor interview

Feb 16, 202628 min

Risky Bulletin: Cambodia promises to dismantle scam compounds by April

Cambodia promises to dismantle cyber scam compounds by April, CISA urges companies to adopt the OpenEoX standard, Linux gets post-quantum crypto support, and Palo Alto Networks avoids attributing an APT to China. Show notes Risky Bulletin: Cambodia promises to dismantle scam networks by April

Feb 16, 20268 min

Sponsored: Filtering the KEV was really hard … Until now!

In this sponsored interview Casey Ellis chats to Tod Beardsley, VP of Security at RunZero about Kevology, the company’s analysis of CISA’s KEV list. Kevology lets you easily identify and fix vulnerabilities from the list that are urgent and relevant to you. Show notes KEVology: An analysis of exploits, scores, & timelines on the CISA KEV

Feb 15, 202623 min

Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI

A Malware developer faked his own death to evade the FBI, Apple patches a zero-day used in a targeted attack, the Tianfu Cup quietly returns, and researchers spot the first malicious Outlook add-in. Show notes Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI

Feb 13, 20267 min

Srsly Risky Biz: Microsoft forgoes its secure future

Tom Uren and Amberleigh Jack talk about Microsoft CEO Satya Nadella’s messaging around personnel changes at the top of its security organisation. These signal a focus on selling security products rather than on making secure products. They also discuss Expedition Cloud, a Chinese cyber range that replicated the critical infrastructure of neighbouring countries, apparently to develop and fine-tune cyber disruption operations. Finally, they talk about what we’ve learnt about the role of cyber operations in the US bombing of Iranian nuclear facilities. It was far bigger than we previously thought. This episode is also available on Youtube. Show notes

Feb 12, 202619 min

Risky Bulletin: Chinese cyber-spies breached all of Singapore's telcos

China has breached all of Singapore’s major telcos, Microsoft announces two new security features, a hacktivist leaks data from a stalkerware provider, and researchers map out “GRU information warfare units” based on their insignia. Show notes Risky Bulletin: Chinese cyber-spies breached all of Singapore's telcos

Feb 11, 20266 min

Between Two Nerds: Why we are doomed to insecurity

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why the world is destined to be perpetually insecure. This episode is also available on Youtube. Show notes Hunterbrook's Ubiquiti investigation Trail of Bits sponsor interview

Feb 9, 202627 min

Risky Bulletin: SmarterTools hacked via its own product

A software company gets hacked through vulnerabilities in its own product, European agencies are hacked via recent Ivanti zero-days, Senegal is being extorted by hackers, and a state actor is behind a Signal phishing campaign in Germany. Show notes Risky Bulletin: SmarterTools hacked via its own product

Feb 9, 20266 min

Sponsored: Trail of Bits going all-in on AI

In this Risky Business sponsored interview, Tom Uren talks to Trail of Bits CEO Dan Guido about how Trail of Bits is reworking its business processes to take advantage of AI. Dan talks about what it takes to make AI agents reliable and trustworthy and how that will give the company an edge by making its work both better and faster. Show notes Trail of Bits Skills Marketplace

Feb 8, 202618 min

Risky Bulletin: Denmark recruits hackers for offensive cyber operations

Denmark recruits hackers for offensive cyber operations, CISA tells agencies to remove old edge devices, Coinbase has another insider breach, and Microsoft appoints a new security chief. Show notes Risky Bulletin: Denmark recruits hackers for offensive cyber operations

Feb 6, 20266 min

Srsly Risky Biz: Google's cyber disruption unit kicks its first goal

Tom Uren and Amberleigh Jack talk about Google’s cyber disruption unit taking aim at the IPIDEA residential proxy network. The network was a cybercrime enabler that was used by hundreds of threat actors for crime and espionage. More of this kind of disruption please. They also discuss SpaceX’s rapid action to stop the Russian military using Starlink terminals to guide drones deep into Ukrainian territory. This episode is also available on Youtube. Show notes

Feb 5, 202617 min

Risky Bulletin: Plone CMS stops supply-chain attack

The Plone CMS stops a supply-chain attack, French cops raid the X Paris office; the number of malicious OpenClaw skills grows, and a Chinese APT hacked Notepad++ servers. Show notes Risky Bulletin: Plone CMS stops supply-chain attack

Feb 4, 20268 min

Between Two Nerds: The internal logic of Russian power grid attacks

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the recent Russian attack on Polish electricity infrastructure. This episode is also available on Youtube. Show notes ESET's first report ESET's update report CERT-PL report Dragos report The Insider 'Hidden Bear' investigation BTN 124, How Russia's sabotage team got into hacking BTN 145, Russia's cyber war on wheat

Feb 2, 202632 min

Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"

ICE tracking app blames a recent hack on a government agent, Microsoft will disable NTLM in the next release of Windows, Poland bans Chinese cars from military bases, and Ivanti patches two new zero-days. Show notes Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"

Feb 2, 20267 min

Sponsored: AI is critical to the future of cyber defence

In this sponsored interview, Casey Ellis chats to Edward Wu, founder of Dropzone AI about a recent Vanderbilt University report that reveals that foreign adversaries’ resources are growing. Edward says AI capabilities are critical to the future of cyber defence, because the west can’t hire itself out of the shortfall. Show notes Dominating the Digital Space: A Whole-of-Society Strategy for Securing the United States from Cyber Aggression

Feb 1, 202618 min

Risky Bulletin: eScan antivirus distributes backdoor in latest supply chain attack

Hackers breach eScan antivirus and distribute a backdoor, Google takes down the IPIDEA proxy botnet, most GDPR fines remain uncollected, and the Poland wiper attack hit 30 locations. Show notes Risky Bulletin: eScan antivirus distributes backdoor in latest supply chain attack

Jan 29, 20267 min

Srsly Risky Biz: Punish the wicked and reward the righteous

Tom Uren and Amberleigh Jack talk about the Pall Mall Process, an international effort to reign in abusive spyware. Tom thinks the US has already stumbled into a viable carrots and sticks style strategy that will shape the industry more than coming up with standards will. The pair also discuss news that Chinese Salt Typhoon hackers compromised the calls of senior UK officials in Downing Street. The UK has extensive telecommunications security regulations and the incident makes us wonder what that legislation is actually good for. This episode is also available on Youtube. Show notes

Jan 29, 202617 min

Risky Bulletin: Cyberattack cripples cars across Russia

A cyberattack has crippled cars in Russia, Microsoft patches an Office zero-day, WhatsApp rolls out an account lockdown feature, and a handful of Chrome extensions steal ChatGPT auth tokens. Show notes Risky Bulletin: Cyberattack cripples cars across Russia

Jan 27, 20267 min

Between Two Nerds: Getting pinged and the fog of war

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how getting pinged hurts state hackers by introducing uncertainty. Publishing technical reports on the hack can actually improve the situation by removing uncertainty about how attackers were detected. This episode is also available on Youtube. Show notes BTN 36, The culture of the Snake

Jan 26, 202630 min

Sponsored: Push Security on ConsentFix attacks

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Luke Jennings, VP of Research & Development at Push Security, about ConsentFix. It’s a new form of email-based social engineering attack used in the wild, an evolution of the ClickFix attack that goes after your identity. Show notes ConsentFix: Analysing a browser-native ClickFix-style attack that hijacks OAuth consent grants ConsentFix debrief: latest community insights, recommendations, and predictions Luke Jennings, ConsentFix LinkedIn post Year in Review: How Phishing Attacks Evolved in 2025

Jan 26, 202613 min

Risky Bulletin: Russia deployed wipers on Poland's energy grid

Russia deployed wipers against Poland’s energy grid, Microsoft shared BitLocker keys with the FBI, Romania dismantles a murder-for-hire portal, and the EU creates a new anti-spyware group. Show notes Risky Bulletin: EU readies new anti-spyware group, but with even less powers than PEGA

Jan 25, 20266 min

Risky Bulletin: Improperly patched bug exploited again in Fortinet firewalls

A poorly patched bug is being exploited in Fortinet firewalls, hackers go after security testing environments, Jordanian police used Cellebrite against activists, and new Cisco and SmarterMail zero-days. Show notes Risky Bulletin: Improperly patched bug exploited again in Fortinet firewalls

Jan 22, 20266 min

Srsly Risky Biz: You can't block space internet

Tom Uren and Amberleigh Jack talk about the rise of technologies that can undermine internet blackouts such as Starlink and its relatively new direct-to-cell service. Authoritarian internet shutdowns and disasters happen often enough that governments should think about how to take advantage of these new technologies rather than just reacting when crises arise. They also discuss the nomination of General Joshua Rudd as head of NSA and US Cyber Command. This episode is also available on Youtube. Show notes

Jan 22, 202619 min

Risky Bulletin: Domain resurrection attacks come to Canonical's Snap Store

Canonical’s Snap Store hit by domain resurrection attacks, Russia will use AI to detect VPN users, Iranian hackers switch to Starlink during internet outage, and Greece arrests SMS blasters… by dumb luck. Show notes Risky Bulletin: Domain resurrection attacks come to Canonical's Snap Store

Jan 21, 20266 min

Between Two Nerds: Why the West sucks at Information Warfare

In this edition of Between Two Nerds Tom Uren and The Grugq talk about what information warfare even is, revisit a 30-year-old paper and examine why Western governments struggle with the concept. This episode is also available on Youtube. Show notes What is Information Warfare by Martin Libicki Human Rights in China Leaked conversation on Youtube, in Mandarin Rebecca Black, Friday

Jan 19, 202632 min

Risky Bulletin: Germany seeks more hacking and surveillance powers for its intel service

Germany seeks more hacking and surveillance powers for its intelligence service, Finland intends to criminalize the spreading of false information, patriotic “French” social media goes quiet during Iran’s internet outage, and hackers are extorting GrubHub. Show notes Risky Bulletin: Germany seeks more hacking and surveillance powers for its intel service

Jan 18, 20267 min

Sponsored: Seeing into the seams

In this Risky Business sponsored interview, Tom Uren talks to Justin Kohler, Chief Product Officer at SpecterOps, about how attack paths exist in the seams between different identity or permissions management domains. In isolation, for example, both your Github and your AWS deployment could follow best practices. But bring them together and you’ve got problems. Bloodhound’s OpenGraph lets you find and fix these otherwise invisible attack paths. Show notes

Jan 18, 202614 min

Risky Bulletin: China bans Israeli and US cybersecurity products

China bans Israeli and US cybersecurity products, Sean Plankey is re-nominated for CISA Director, RAM price hikes are likely to impact the cost of firewalls, and Lumen sinkholes the Kimwolf DDoS botnet. Show notes Risky Bulletin: DRAM price hikes set to impact firewalls too

Jan 15, 20267 min

Srsly Risky Biz: China Fights Scam Compounds … For China

Tom Uren and Amberleigh Jack talk about the Chinese government’s reactive approach to tackling scam compounds. It’s driven by bad news on domestic media and therefore focusses on the compounds that are targeting Chinese citizens. Rather than eliminating the industry, that may instead be shaping the industry to focus on other countries and particularly Americans. They also discuss the role of disruptive cyber operations in the US’s raid to capture Venezuelan President Nicolás Maduro. This episode is also available on Youtube. Show notes

Jan 15, 202619 min

Risky Bulletin: Russia fines 33 telcos for surveillance non-compliance

Russia fines 33 telcos for surveillance non-compliance, AVCheck admin is arrested in Amsterdam, Poland repels an attack on its power grid, and voice cloning defenses can be bypassed. Show notes Risky Bulletin: Voice cloning defenses still weak, can be bypassed

Jan 14, 20266 min

Between Two Nerds: Lights out!

In this edition of Between Two Nerds Tom Uren and The Grugq about the role of cyber operations in the US capture of Venezuela’s president Nicolas Maduro. This episode is also available on Youtube. Show notes Maduro's fall puts US cyber power in the spotlight Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes Venezuela strike marks a turning point for US cyber warfare Power outages, but not cyber (from Oleg Shakirov) NYTimes Inside 'Operation Absolute Resolve' Spec Ops by William McRaven

Jan 12, 202627 min

Risky Bulletin: Apex Legends streamers hacked again

The Apex Legends game is hacked again, data about 17 million Instagram users put up for sale, Indonesia blocks X over pornographic content, and a ransomware attack hits major Chilean energy provider Show notes Risky Bulletin: Apex Legends streamers hacked again

Jan 11, 20266 min

Sponsored: What AI workloads mean for Cloud security

In this Risky Business News sponsored interview the CEO and founder of Prowler, Toni de la Fuente, explains how implementing AI systems brings new security challenges that differ for traditional cloud workloads. Toni also talks about ‘attack paths’ in the context of cloud infrastructure and using them to minimise risk. Show notes

Jan 11, 202615 min

Risky Bulletin: Belarus deploys spyware on journalists' phones

Belarus deployed spyware on journalists’ phones, a man is arrested for installing malware on a ferry, France arrests the hacker behind an Interior Ministry email server breach, and new Cisco and SonicWall zero-days. Show notes Risky Bulletin: Belarus deploys spyware on journalists' phones

Dec 19, 20256 min

Srsly Risky Biz: Like Huawei, but for electricity

Tom Uren and Patrick Gray talk about America’s increasing dependence on Chinese manufacturers for electrical sector equipment. This doesn’t seem like a good idea when China is hacking electric utilities for sabotage and PLA researchers are dreaming up ways to attack the grid. They also discuss the possibility that the US was responsible for a cyber attack on Venezuela’s state oil company and how Russian state-backed hacktivism is so dumb. This episode is also available on Youtube. Show notes

Dec 17, 202519 min

Risky Bulletin: Most smart devices run outdated web browsers

Most smart devices run outdated web browsers, Ukrainian hacktivists breach a major Russian defense contractor, ransomware hits Venezuela’s state-owned oil company, and hackers are trying to extort PornHub with stolen user data. Show notes Risky Bulletin: Most smart devices run outdated web browsers

Dec 17, 20257 min

Between Three Nerds: The evolution of Iranian cyber espionage

In this edition of Between Two Nerds Tom Uren and The Grugq talk to Hamid Kashfi, CEO and founder of DarkCell, talk about the Iranian cyber espionage scene. Kashfi talks about how the regime once forced people to hack and crushed the domestic security research scene. He describes how and why the government has changed its approach and is now reaping the rewards of improved Iranian capabilities. This episode is available on Youtube. Show notes The "Mossad or not" threat model by James Mickens Shamoon wiper iLO rootkit

Dec 15, 202549 min

Risky Bulletin: African freelancers behind anti-US and anti-French disinfo campaigns

Russia is hiring African freelancers for disinformation campaigns, the US is preparing to let contractors run offensive cyber operations, Germany blames Russia for the hack of its air traffic control agency, and Apple patches two WebKit zero-days. Show notes Risky Bulletin: African freelancers behind anti-US and anti-French disinfo campaigns

Dec 15, 20257 min

Sponsored: ConsentFix and Push Security's browser attack taxonomy

In this sponsored interview Casey Ellis is joined by Push Security’s Field CTO, Mark Orlando. They chat about the ways that browser-based attacks are evolving and how Push Security is finding and cataloging them. Show notes ConsentFix: Analysing a browser-native ClickFix-style attack that hijacks OAuth consent grants Introducing our guide to phishing detection evasion techniques

Dec 14, 202519 min