Risky Bulletin

Discover the shocking leak of over 12,000 internal files from a Chinese security firm, revealing sensitive government contracts. Learn about the uncontained breach at the US Congressional Budget Office and its implications for digital communications. The Cybersecurity Information Sharing Act is looking at a vital extension. Plus, find out how ransomware attacks have impacted Jaguar's production and the UK's GDP. The latest OWASP Top 10 updates highlight emerging cybersecurity concerns, including supply chain vulnerabilities.

Tom Uren and The Grugq delve into the absurdity of AI use in cybercrime. They critique Google's AI Threat Tracker and discuss why LLMs used for malware like PromptSteal are underwhelming. The duo highlights how AI lowers skill barriers for hackers but introduces unpredictable failures. They explore how the illicit AI tooling market is maturing and debate when AI is genuinely useful in attacks versus its limitations. The conversation reveals a balanced view of AI's role in cyber operations, implying its potential benefits might not be as magical as expected.

Myanmar is making headlines as it demolishes the notorious KK Park scam compound. In cybersecurity, the US Congressional Budget Office faces a major email breach by foreign hackers. Singapore introduces harsh penalties for scammers, including caning. Meanwhile, significant sanctions hit North Korean hacking groups, and a new chairman steps in at the controversial NSO Group. Troubling data breaches continue, including a massive TISA party leak in Hungary and arrests related to online data sales in Pakistan.

Toni de la Fuente, Founder and CEO of Prowler, shares insights into leveraging AI for cloud security. He emphasizes Prowler's selective application of AI to enhance usability while retaining key deterministic checks. The discussion explores how AI augments context, improves user experience, and accelerates provider integrations. Toni advocates for open cloud security to empower organizations and highlights the efficiency of Prowler's API-driven approach compared to LLM-driven queries. He also addresses the strengths and limitations of LLMs in cloud security.

Payment service executives are arrested in a massive €300 million credit card fraud scheme. Meta faces scrutiny for raking in over $16 billion from scam ads while allowing them to flourish. In a severe crackdown, China sentences scammers to death. A German national is linked to a $275 million scam empire in Georgia. In a chilling twist, a 14-year-old is implicated in a Roblox extortion ring targeting children in the Arab world. Meanwhile, KT telecom attempts to cover up a serious malware breach during an investigation.

The hosts delve into US cyber operations against Venezuela, revealing their tactical successes but ultimate failure to topple Maduro. They explore the global risks of the adtech ecosystem and how cybercriminals partner with organized crime to steal high-value cargo. Techniques like falsified bills and hijacked logistics access illustrate the evolving landscape of crime. The conversation highlights how the economy around cargo theft thrives, even as cybercriminals adapt, signaling both progress and new dangers for the digital age.

The US indicts two cybersecurity employees for deploying ransomware, raising eyebrows in the tech community. Meanwhile, hackers target South Korean massage parlors, threatening business owners to extort customer data. In another twist, a crypto firm loses a staggering $128 million to attackers. Organized crime teams up with hackers to hijack freight shipments, creating a new level of threat in the logistics industry. Finally, a wave of arrests across Europe tackles massive online investment scams, highlighting the ongoing battle against cybercrime.

Tom Uren and The Grugq dive into the complexities of cyber messaging between states. They discuss the limitations of aggressive cyber operations and the mixed signals surrounding China's cyber activities. The hosts highlight the differences between Salt Typhoon and Vault Typhoon and critique the effectiveness of tariffs against IP theft. They explore the unpredictable nature of cyber signaling and the risks of overt retaliation. Throughout, they emphasize that cyber operations alone can't replace comprehensive diplomatic strategies.

Norway is on edge after discovering remote control features in its Chinese-made electric buses. Meanwhile, students in the US face potential debt from the CyberCorps program due to risky government job placements. Cybersecurity measures are tightening, with Chrome and Edge introducing AI tools to combat scam pop-ups. In global news, cybersecurity incidents unfold, including breast data leaks in Iran, a major crypto theft in Garden DeFi, and widespread scam busts in Thailand and Cambodia.

In this engaging discussion, Josh Kamdjou, Founder and CEO of Sublime Security, shares insights on the alarming rise of ICS phishing in calendar invites. He highlights how these attacks often bypass standard email gateways, making detection tricky. Josh delves into the objectives behind these attacks, from credential theft to commoditized phishing services, and emphasizes the need for using AI in defense strategies. He also announces an open-source tool for remediation, showcasing Sublime's commitment to enhancing email security and efficiency.