Srsly Risky Biz: AI-Powered espionage will favor China
Tom Uren and Amberleigh Jack talk about Anthropic’s discovery of an “AI-orchestrated” cyber espionage campaign. To Tom, it feels a research project, but it’s pretty clear it will be really useful for threat actors that aren’t focussed on specific high-priority targets. Think ransomware, Chinese intellectual property theft and North Korean hackers. But it won’t be so good for Western intelligence agencies.
They also discuss Google’s legal disruption of the China-based Lighthouse phishing as a service operation. Surprisingly, it seems to be working!
Finally, they talk about why the memory safe Rust language has been a triple win for Android.
This episode is also available on Youtube.
Show notes
--------
21:28
--------
21:28
Between Two Nerds: Russia's cyber war on wheat
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the strategic “logic” of Russian wiper attacks on the Ukrainian grain sector.
This episode is also available on Youtube.
Show notes
ESET report
Soesanto and Gajos at Lawfare
--------
30:52
--------
30:52
Risky Bulletin: Europol takes down Elysium, VenomRAT, and Rhadamanthys
Europol takes down servers behind three malware operations, the US sanctions another Burmese military group linked to scam compounds, Google backs down from mandatory Android developer registration, and Checkout-dot-com donates its ransom to cybercrime researchers instead of paying hackers.
Show notes
Risky Bulletin: Europol takes down Elysium, VenomRAT, and Rhadamanthys infrastructure
--------
7:48
--------
7:48
Srsly Risky Biz: Meta's fraud profit scandal
Tom Uren and Amberleigh Jack talk about a new Reuters’ report that reveals how Meta is knowingly raking in cash from scam advertisements. It’s around $16 billion worth, and in documents Meta calculates that it outweighs the costs of possible regulatory action.
They also discuss recent state-backed supply chain attacks that have, so far, remained targeted and responsible. Finally they look at the UK’s decision to stop sharing intelligence with the US about suspected drug boats in the Caribbean.
This episode is also available on Youtube.
Show notes
--------
18:23
--------
18:23
Risky Bulletin: Another Chinese security firm has its data leaked
Internal data leaks from another Chinese security firm, a US Congressional Budget Office breach has not been contained, the Cyber infosharing act likely to be extended until January, and we have a new OWASP Top 10.
Show notes
Risky Bulletin: Another Chinese security firm has its data leaked
Netherlands