Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now

Risky Business
21/05/2025 53 min

Listen "Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now"

Descargar episodio Ver en sitio original

Episode Synopsis



On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

TeleMessage memory dumps show up on DDoSecrets
Coinbase contractor bribed to hand over user data
Telegram does seem to be actually cooperating with law enforcement
Britain’s legal aid service gets 15 years worth of applicant data stolen
Shocking no one, Ivanti were weaseling when they blamed latest bugs on a third party library


This week’s episode is sponsored by Prowler, who make an open source cloud security tool. Founder and original project developer Toni de la Fuente joins to talk through the flexibility that open tooling brings. Prowler is also adding support for SaaS platforms like M365, and of course, an AI assistant to help you write checks!

This episode is also available on Youtube.



Show notes


TeleMessage - Distributed Denial of Secrets

How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes | WIRED

Coinbase says thieves stole user data and tried to extort $20M

Hack could cost Coinbase up to $400M: filing | Cybersecurity Dive

Severed Fingers and ‘Wrench Attacks’ Rattle the Crypto Elite

Money Stuff: US Debt Rates Itself | NewsletterHunt

2 massive black market services blocked by Telegram, messaging app says | Reuters

Telegram Gave Authorities Data on More than 20,000 Users

GovDelivery, an email alert system used by governments, abused to send scam messages | TechCrunch

ATO warning as hackers steal $14,000 in tax returns: ‘Be wary’

Hack of SEC social media account earns 14-month prison sentence for Alabama man | The Record from Recorded Future News

19-year-old accused of largest child data breach in U.S. agrees to plead guilty

Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy | 7NEWS

Pegasus spyware maker rebuffed in efforts to get off trade blacklist - The Washington Post

Ransomware attack hits supplier of refrigerated groceries to British supermarkets | The Record from Recorded Future News

UK government confirms massive data breach following hack of Legal Aid Agency | The Record from Recorded Future News

Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities | Cybersecurity Dive

Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)




More episodes of the podcast Risky Business

Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD 29/10/2025
Risky Business #811 -- F5 is the tip of the crap software iceberg 22/10/2025
Wide World of Cyber: A deep dive on the F5 hack 21/10/2025
Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business 17/10/2025
Risky Business #810 -- Data extortion attacks have a silver lining 15/10/2025
Snake Oilers: Realm Security, Horizon3 and Persona 08/10/2025
Risky Business #809 -- Hackers try to pay a journalist for access to the BBC 01/10/2025
Risky Business #808 -- Insane megabug in Entra left all tenants exposed 24/09/2025
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc 17/09/2025
Risky Biz Soap Box: runZero shakes up vulnerability management 15/09/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA