Explore every episode of the podcast Risky Bulletin
| Title | Pub. Date | Duration | |
|---|---|---|---|
| Risky Bulletin: EU has a problem attracting and retaining cyber talent | 12 Dec 2025 | 00:09:22 | |
The EU has a problem attracting and retaining cyber talent, the CEO of Coupang resigns following the company’s security breach, Microsoft expands its bug bounty program to cover third party code, and Chrome and Gogs patch zero-days. Show notes | |||
| Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers | 10 Dec 2025 | 00:04:37 | |
Linux adds PCIe encryption to help secure cloud servers, Europol cracks down on Violence-as-a-Service providers, the International Criminal Court prepares for cyber-enabled genocide, and Cambodia busts a warehouse full of SMS blasters. Show notes | |||
| Risky Bulletin: Europol takes down Elysium, VenomRAT, and Rhadamanthys | 14 Nov 2025 | 00:07:48 | |
Europol takes down servers behind three malware operations, the US sanctions another Burmese military group linked to scam compounds, Google backs down from mandatory Android developer registration, and Checkout-dot-com donates its ransom to cybercrime researchers instead of paying hackers. Show notes | |||
| Srsly Risky Biz: Meta's fraud profit scandal | 13 Nov 2025 | 00:18:23 | |
Tom Uren and Amberleigh Jack talk about a new Reuters’ report that reveals how Meta is knowingly raking in cash from scam advertisements. It’s around $16 billion worth, and in documents Meta calculates that it outweighs the costs of possible regulatory action. They also discuss recent state-backed supply chain attacks that have, so far, remained targeted and responsible. Finally they look at the UK’s decision to stop sharing intelligence with the US about suspected drug boats in the Caribbean. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Another Chinese security firm has its data leaked | 11 Nov 2025 | 00:05:34 | |
Internal data leaks from another Chinese security firm, a US Congressional Budget Office breach has not been contained, the Cyber infosharing act likely to be extended until January, and we have a new OWASP Top 10. Show notes | |||
| Between Two Nerds: Why AI in malware is lame | 10 Nov 2025 | 00:29:54 | |
In this edition of Between Two Nerds Tom Uren and The Grugq discuss how cyber criminals and even state actors are being dumb about using AI. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Myanmar scam compound goes boom! | 10 Nov 2025 | 00:07:54 | |
Myanmar starts demolishing the KK Park scam compound, the US Congressional Budget Office gets hacked by a foreign APT, Chrome will remove risky X-S-L-T support, and scammers in Singapore will get the cane. Show notes | |||
| Sponsored: Prowler uses AI how AI works best | 09 Nov 2025 | 00:19:17 | |
In this sponsored interview Casey Ellis chats to Toni de la Fuente, founder and CEO of Prowler, an open source platform for cloud security. They chat about how and why Prowler selectively applies AI to ensure it adds value rather than just because they can. Show notes | |||
| Risky Bulletin: Europol arrests massive credit card fraud ring | 07 Nov 2025 | 00:07:24 | |
Payment service provider executives arrested over a credit card fraud ring, Meta makes a fortune showing scam ads, South Korean telco KT tried to hide a second breach and five more scammers are sentenced to death in China. Show notes | |||
| Srsly Risky Biz: The cyber regime change pipe dream | 06 Nov 2025 | 00:22:04 | |
Tom Uren and Amberleigh Jack talk about aggressive US cyber operations targeting the Venezuelan government in President Trump’s first term. These were narrowly successful in that they achieved their immediate operational goals, but they didn’t achieve Trump’s broader policy goal of ousting Venezuelan leader Nicolás Maduro. They also talk about why the adtech ecosystem is a national security problem all round the world and how cybercriminals are collaborating with organised crime to steal cargo from logistics companies. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: US indicts two rogue cybersecurity employees for ransomware attacks | 05 Nov 2025 | 00:07:22 | |
The US indicts two cybersecurity employees over ransomware attacks, hackers extort customers of South Korean massage parlors, another crypto firm gets hacked for $128 million dollars, and cargo thieves collab with hackers to target freight companies. Show notes | |||
| Between Two Nerds: Lost in transmission | 03 Nov 2025 | 00:28:35 | |
In this edition of Between Two Nerds Tom Uren and The Grugq discuss the futility of using aggressive cyber operations to send messages between states. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: APTs go after the React2Shell vulnerability within hours | 07 Dec 2025 | 00:08:18 | |
APTs go after the React2Shell vulnerability just hours after public disclosure. CISA remains without a director after the nomination stalls again, NSA is down 2,000 staff this year, and Intellexa is still active despite sanctions. Show notes | |||
| Risky Bulletin: Norway skittish of its Chinese electric buses | 03 Nov 2025 | 00:06:37 | |
Norway finds remote control features in its Chinese electric buses, the US CyberCorps program may saddle students with debt, Edge and Chrome get AI-based scareware blockers, and a Conti member has been extradited to the US. Show notes | |||
| Sponsored: Sublime can save a s**t tonne of time | 02 Nov 2025 | 00:17:17 | |
In this sponsored interview, Casey Ellis chats to Sublime Security CEO and founder, Josh Kamdjou about how Sublime is seeing a massive surge in ICS or calendar invite phishing and how the email security platform can help. Show notes | |||
| Risky Bulletin: Russia arrests Meduza Stealer group | 30 Oct 2025 | 00:07:44 | |
Russian police arrest the Meduza-Stealer trio, a Former L-3Harris manager pleads guilty to selling exploits to Russia, the US hacked Venezuela in 2020, and Windows 11 Administrator Protection goes live. Show notes | |||
| Srsly Risky Biz: When cyber campaigns cross a line | 04 Dec 2025 | 00:16:18 | |
Tom Uren and Patrick Gray discuss a new report proposing a framework for deciding when cyber operations raise red flags. It suggests seven red flags and could help clarify thinking about how to respond to different operations. They also discuss Anthropic testifying to Congress and Iran using cyber intelligence to target missile strikes including by sharing it with Houthi rebels who fired at a specific ship. And finally, we are not reassured by China’s white paper about being a good cyber citizen. This episode is also available of Youtube. Show notes | |||
| Between Two Nerds: Beating back state espionage | 01 Dec 2025 | 00:27:51 | |
In this edition of Between Two Nerds Tom Uren and The Grugq wonder whether it is possible to deter states from cyber espionage with doxxing and other disruption measures. This episode is also available on Youtube. Show notes | |||
| Sponsored: Why Mastercard got into threat intel | 30 Nov 2025 | 00:14:05 | |
In this Risky Business News sponsor interview, Mike Lashlee, CSO of Mastercard talks to Tom Uren about why the company got into threat intelligence. Mike talks about bringing together payments insights with threat intel to get strong signals about fraud or crime, the benefits of international collaboration and when it makes sense for your CSO to also be the CISO. Show notes | |||
| Srsly Risky Biz: DeepSeek and Musk's Grok both toe the party line | 27 Nov 2025 | 00:21:25 | |
Tom Uren and Amberleigh Jack talk about new research that shows the Chinese-made DeepSeek-R1 AI model produces insecure code when prompts include topics that the Chinese Communist Party dislikes. It’s interesting research, but the CCP doesn’t have a monopoly on imposing AI bias. They also discuss the complete doxxing of the Iranian cyber espionage group known as APT35 or Charming Kitten. This episode is also available on Youtube. Show notes | |||
| Between Two Nerds: Telcos bad, Cloud good. | 24 Nov 2025 | 00:35:26 | |
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the differences between telcos and cloud companies. Does the nature of the business force cloud companies to be better at security? This episode is also available on Youtube. Show notes | |||
| Srsly Risky Biz: AI-Powered espionage will favor China | 20 Nov 2025 | 00:21:28 | |
Tom Uren and Amberleigh Jack talk about Anthropic’s discovery of an “AI-orchestrated” cyber espionage campaign. To Tom, it feels a research project, but it’s pretty clear it will be really useful for threat actors that aren’t focussed on specific high-priority targets. Think ransomware, Chinese intellectual property theft and North Korean hackers. But it won’t be so good for Western intelligence agencies. They also discuss Google’s legal disruption of the China-based Lighthouse phishing as a service operation. Surprisingly, it seems to be working! Finally, they talk about why the memory safe Rust language has been a triple win for Android. This episode is also available on Youtube. Show notes | |||
| Between Two Nerds: Russia's cyber war on wheat | 17 Nov 2025 | 00:30:52 | |
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the strategic “logic” of Russian wiper attacks on the Ukrainian grain sector. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Meta disrupts Mexican cartels | 16 Mar 2026 | 00:06:12 | |
Meta suspends Mexican cartel accounts, multiple vulnerabilities have been found in Linux AppArmour, Instagram will disable support for end-to-end encrypted messaging and a supply chain attack hits AppsFlyer. Show notes | |||
| Sponsored: Sublime Security on Zoom attacks | 15 Mar 2026 | 00:14:17 | |
In this Risky Business sponsor interview, Catalin Cimpanu talks with Alex Orleans, Head of Threat Intelligence at Sublime Security, about the increase in email attacks leveraging Zoom invites and other video conferencing tools. Show notes | |||
| Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes | 03 Mar 2026 | 00:07:12 | |
The US conducted cyberattacks ahead of strikes on Iran, Russia aims for internet independence by 2028, Google finds a new iOS exploit kit in the wild, and Chrome moves to a two-week release cycle. Show notes | |||
| Between Two Nerds: The evolution of cyber ops in Ukraine | 02 Mar 2026 | 00:27:48 | |
In this edition of Between Two Nerds Tom Uren and The Grugq how the use of cyber operations in the war in Ukraine has evolved over time. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: LLMs can deanonymize internet users based on their comments | 02 Mar 2026 | 00:08:59 | |
LLMs can deanonymize internet users based on their comments, CISA gets a new acting director, hackers steal 15 million records from the French Ministry of Health, and Google takes down an ad fraud botnet. Show notes | |||
| Sponsored: AI Agents need distinct identities | 01 Mar 2026 | 00:15:14 | |
In this sponsored interview Casey Ellis chats to Harish Peri, SVP and general manager for AI security at Okta, a cloud-based identity and access management company. The pair chat about the fact that AI is forcing enterprises to relearn the basics around identity security, and how Okta for AI Agents can help. Show notes | |||
| Risky Bulletin: Russian man extorts Conti ransomware group | 27 Feb 2026 | 00:08:39 | |
A Russian man prosecuted for extorting the Conti ransomware group, Google takes down a Chinese cyber-espionage operation, Anthropic tells Department of War to pound sand over AI restrictions, and a Cisco zero-day was exploited in the wild for three years. Show notes | |||
| Srsly Risky Biz: Is Claude too woke for war? | 26 Feb 2026 | 00:16:25 | |
Tom Uren and Amberleigh Jack talk about the argy-bargy between the Pentagon and AI company Anthropic. US Defense Secretary Pete Hegseth is demanding that all safeguards are lifted from Claude, while Anthropic CEO Dario Amodei is insisting on protections against mass surveillance of Americans and use in lethal autonomous weapons. They also discuss the return of Volt Typhoon, the Chinese hacker group prepositioning in critical infrastructure for sabotage in the event of a conflict over Taiwan. The group is still around, even though the US government declared victory against it last July. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov | 25 Feb 2026 | 00:07:12 | |
Russia launches a criminal probe into Telegram’s founder, two teenagers arrested for a South Korean bike share hack, Anthropic accuses Chinese AI firms of distillation attacks, and the US Treasury sanctions a Russian exploit broker. Show notes | |||
| Between Two Nerds: How NSA will use AI | 23 Feb 2026 | 00:27:26 | |
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI. This episode is available on Youtube. Show notes | |||
| Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices | 23 Feb 2026 | 00:06:25 | |
An AI-driven hacking campaign breached 600 Fortinet devices, Ivanti was hacked via its own product, Wikipedia bans Archive-dot-Today for DDoS attacks, and Chinese hackers breached Italy’s police force. Show notes | |||
| Sponsored: The smouldering trashfire of AI and open source | 22 Feb 2026 | 00:24:59 | |
In this Risky Business sponsor interview, Casey Ellis and Feross Aboukhadijeh discuss how AI is affecting open source, chat about a few attacks the company has seen in the wild and introduce Socket’s answer to the smouldering trashfire: Socket Firewall. Show notes | |||
| Risky Bulletin: Another residential proxy provider falls | 13 Mar 2026 | 00:07:40 | |
Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs. Show notes | |||
| Risky Bulletin: RPKI infrastructure sits on shaky ground | 20 Feb 2026 | 00:08:36 | |
RPKI relies on vulnerable servers, the French Ministry of Economy discloses a data breach, the UK gives tech platforms 48 hours to remove revenge porn, and ClickFix-attacks are responsible for 50% of malware infections. Show notes | |||
| Srsly Risky Biz: Cyber bullets can't replace political will | 19 Feb 2026 | 00:19:34 | |
Tom Uren and Amberleigh Jack talk about a groundswell of calls from European officials to build cyber capabilities to strike back against adversaries. There are good reasons that countries should have their own cyber capabilities, but if you don’t have the political will to strike back, having a magic cyber weapon doesn’t really make a difference. They also talk about ‘distillation attacks’. They are a way that AI developers can steal the secret sauce of advanced models just by asking questions. It looks like American companies need government assistance if the US wants to keep its AI lead. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Supply chain attack plants backdoor on Android tablets | 18 Feb 2026 | 00:08:18 | |
A supply chain attack plants backdoors on Android tablets, the EU blocks AI from lawmakers’ devices, Cellebrite was used against a Kenyan politician, and a Chinese APT is exploiting a Dell zero-day. Show notes | |||
| Between Two Nerds: Buying the magic weapon | 16 Feb 2026 | 00:28:18 | |
In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether middle powers should be investing in military cyber capabilities. This episode is also available on Youtube Show notes | |||
| Risky Bulletin: Cambodia promises to dismantle scam compounds by April | 16 Feb 2026 | 00:08:52 | |
Cambodia promises to dismantle cyber scam compounds by April, CISA urges companies to adopt the OpenEoX standard, Linux gets post-quantum crypto support, and Palo Alto Networks avoids attributing an APT to China. Show notes | |||
| Sponsored: Filtering the KEV was really hard … Until now! | 15 Feb 2026 | 00:23:58 | |
In this sponsored interview Casey Ellis chats to Tod Beardsley, VP of Security at RunZero about Kevology, the company’s analysis of CISA’s KEV list. Kevology lets you easily identify and fix vulnerabilities from the list that are urgent and relevant to you. Show notes | |||
| Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI | 13 Feb 2026 | 00:07:11 | |
A Malware developer faked his own death to evade the FBI, Apple patches a zero-day used in a targeted attack, the Tianfu Cup quietly returns, and researchers spot the first malicious Outlook add-in. Show notes | |||
| Srsly Risky Biz: Microsoft forgoes its secure future | 12 Feb 2026 | 00:19:50 | |
Tom Uren and Amberleigh Jack talk about Microsoft CEO Satya Nadella’s messaging around personnel changes at the top of its security organisation. These signal a focus on selling security products rather than on making secure products. They also discuss Expedition Cloud, a Chinese cyber range that replicated the critical infrastructure of neighbouring countries, apparently to develop and fine-tune cyber disruption operations. Finally, they talk about what we’ve learnt about the role of cyber operations in the US bombing of Iranian nuclear facilities. It was far bigger than we previously thought. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: Chinese cyber-spies breached all of Singapore's telcos | 11 Feb 2026 | 00:06:48 | |
China has breached all of Singapore’s major telcos, Microsoft announces two new security features, a hacktivist leaks data from a stalkerware provider, and researchers map out “GRU information warfare units” based on their insignia. Show notes | |||
| Between Two Nerds: Why we are doomed to insecurity | 09 Feb 2026 | 00:27:15 | |
In this edition of Between Two Nerds Tom Uren and The Grugq talk about why the world is destined to be perpetually insecure. This episode is also available on Youtube. Show notes | |||
| Srsly Risky Biz: President Trump's best ever cyber strategy | 12 Mar 2026 | 00:18:48 | |
Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date. They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret. This episode is also available on Youtube. Show notes | |||
| Risky Bulletin: SmarterTools hacked via its own product | 09 Feb 2026 | 00:06:08 | |
A software company gets hacked through vulnerabilities in its own product, European agencies are hacked via recent Ivanti zero-days, Senegal is being extorted by hackers, and a state actor is behind a Signal phishing campaign in Germany. Show notes | |||
| Sponsored: Trail of Bits going all-in on AI | 08 Feb 2026 | 00:18:44 | |
In this Risky Business sponsored interview, Tom Uren talks to Trail of Bits CEO Dan Guido about how Trail of Bits is reworking its business processes to take advantage of AI. Dan talks about what it takes to make AI agents reliable and trustworthy and how that will give the company an edge by making its work both better and faster. Show notes | |||
| Risky Bulletin: Denmark recruits hackers for offensive cyber operations | 06 Feb 2026 | 00:06:19 | |
Denmark recruits hackers for offensive cyber operations, CISA tells agencies to remove old edge devices, Coinbase has another insider breach, and Microsoft appoints a new security chief. Show notes | |||