Risky Business #785 -- Signal-gate is actually as bad as it looks

Risky Business
26/03/2025 59 min

Listen "Risky Business #785 -- Signal-gate is actually as bad as it looks"

Descargar episodio Ver en sitio original

Episode Synopsis



On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:


Yes, the Trump admin really did just add a journo to their Yemen-attack-planning Signal group
The Github actions hack is smaller than we thought, but was targeting crypto
Remote code exec in Kubernetes, ouch
Oracle denies its cloud got owned, but that sure does look like customer keymat
Taiwanese hardware maker Clevo packs its private keys into bios update zip
US Treasury un-sanctions Tornado Cash, party time in Pyongyang?


This week’s episode is sponsored by runZero. Long time hackerman HD Moore joins to talk about how network vulnerability scanning has atrophied, and what he’s doing to bring it back en vogue. Do you miss early 2000s Nessus? HD knows it, he’s got you fam.

This episode is also available on Youtube.



Show notes


The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic

Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT | WIRED

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed

GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 3/21)

Critical vulnerabilities put Kubernetes environments in jeopardy | Cybersecurity Dive

Researchers back claim of Oracle Cloud breach despite company’s denials | Cybersecurity Dive

The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants | CloudSEK

Capital One hacker Paige Thompson got too light a sentence, appeals court rules | CyberScoop

US scraps sanctions on Tornado Cash, crypto ‘mixer’ accused of laundering North Korea money | Reuters

Tornado Cash Delisting | U.S. Department of the Treasury

Major web services go dark in Russia amid reported Cloudflare block | The Record from Recorded Future News

Clevo Boot Guard Keys Leaked in Update Package

Six additional countries identified as suspected Paragon spyware customers | CyberScoop

The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it | The Record from Recorded Future News

Malaysia PM says country rejected $10 million ransom demand after airport outages | The Record from Recorded Future News

Hacker defaces NYU website, exposing admissions data on 1 million students | The Record from Recorded Future News

Notre Dame uni students say outage creating enrolment, graduation, assignment mayhem - ABC News

DNA of 15 Million People for Sale in 23andMe Bankruptcy




More episodes of the podcast Risky Business

Risky Business #811 -- F5 is the tip of the crap software iceberg 22/10/2025
Wide World of Cyber: A deep dive on the F5 hack 21/10/2025
Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business 17/10/2025
Risky Business #810 -- Data extortion attacks have a silver lining 15/10/2025
Snake Oilers: Realm Security, Horizon3 and Persona 08/10/2025
Risky Business #809 -- Hackers try to pay a journalist for access to the BBC 01/10/2025
Risky Business #808 -- Insane megabug in Entra left all tenants exposed 24/09/2025
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc 17/09/2025
Risky Biz Soap Box: runZero shakes up vulnerability management 15/09/2025
Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal 10/09/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA