Risky Bulletin: Windows Update will patch third party apps
Windows Update will deliver third party app updates, a public database exposed Russia’s nuclear secrets, US banks ask the SEC to rescind cyber breach disclosure rule, and ConnectWise discloses an APT breach.
Show notes
-------- Â
6:05
Srsly Risky Biz: Russia's cybercriminals and spies are officially in cahoots
Tom Uren and Patrick Gray talk about Russian DanaBot malware developers making a tailored variant of their malware specifically for espionage. This fills in some of the blanks on the exact relationship between Russian criminals and the country’s intelligence services.
They also discuss a US Director of National Intelligence initiative to centralise the purchase of commercially acquired information. Although this information can be used maliciously, having a one-stop-shop should make it easier to check that it is being used responsibly.
This episode is also available on Youtube.
Show notes
-------- Â
16:27
Risky Bulletin: Dutch intelligence discovers a new Russian APT
Dutch intelligence discovers a new Russian APT, a ransomware attack hits the maker of MATLAB, 20 arrested in Nigeria over hacking exam results, and an Iranian pleads guilty for the Robbinhood ransomware attacks.
Show notes
-------- Â
5:27
Between Two Nerds: Cyber's hard problems
In this edition of Between Two Nerds Tom Uren and The Grugq talk about cyber’s ‘hard problems’ and why they are intractable.
This episode is also available on Youtube.
Show notes
Cyber Hard Problems, from the National Academies of Sciences
-------- Â
26:19
Risky Bulletin: Major CISA leadership exodus underway
A major exodus of leadership is underway at CISA, the US government will audit NIST over its vulnerability backlog; an ancient and mysterious APT has been linked to Spain’s government, and the SVG image format is great for phishing.
Show notes