Risky Bulletin

Tom Uren and Amberleigh Jack talk about Google’s cyber disruption unit taking aim at the IPIDEA residential proxy network. The network was a cybercrime enabler that was used by hundreds of threat actors for crime and espionage. More of this kind of disruption please.

They also discuss SpaceX’s rapid action to stop the Russian military using Starlink terminals to guide drones deep into Ukrainian territory.

This episode is also available on Youtube.



Show notes

The Plone CMS stops a supply-chain attack, French cops raid the X Paris office;
the number of malicious OpenClaw skills grows, and a Chinese APT hacked Notepad++ servers.



Show notes



Risky Bulletin: Plone CMS stops supply-chain attack

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the recent Russian attack on Polish electricity infrastructure.

This episode is also available on Youtube.



Show notes



ESET's first report


ESET's update report


CERT-PL report


Dragos report


The Insider 'Hidden Bear' investigation


BTN 124, How Russia's sabotage team got into hacking


BTN 145, Russia's cyber war on wheat

ICE tracking app blames a recent hack on a government agent, Microsoft will disable NTLM in the next release of Windows, Poland bans Chinese cars from military bases, and Ivanti patches two new zero-days.



Show notes



Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"

In this sponsored interview, Casey Ellis chats to Edward Wu, founder of Dropzone AI about a recent Vanderbilt University report that reveals that foreign adversaries’ resources are growing. Edward says AI capabilities are critical to the future of cyber defence, because the west can’t hire itself out of the shortfall.



Show notes



Dominating the Digital Space: A Whole-of-Society Strategy for Securing the United States from Cyber Aggression