Risky Bulletin

The DAEMON Tools website was hit in a targeted supply chain attack, Australia gets its own CSRB, the US arrests a wanted VOIP server hacker after 17 years, and Oracle switches to monthly security updates.



Show notes



Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the breakdown of cyber norms. What would have been an unthinkable cyber operation just a few years ago is now a regular occurrence.

This episode is also available on YouTube.



Show notes



Fast16 analysis by SentinelOne


Fast16 malware


Zero Day on the wiper targeting Venezuela's state oil company

DigiCert got hacked via a malicious screensaver file, two ransomware negotiators each get four years in prison, Trellix discloses a security breach, and another Russian hacker gets arrested while vacationing in the wrong place.



Show notes



Risky Bulletin: DigiCert hacked with a malicious screensaver file

In this sponsored interview, James Wilson talks with James Kettle and Daf Stuttard from PortSwigger about the incredible research James will unveil at Black Hat US this July, and how that research will be productised into Burp Suite. It shouldn’t be surprising that when James Kettle bolts an LLM into his research methodology that insanely dangerous things happen. This interview is a window into the future of AI-enabled hacking and security testing.

This interview is also available on YouTube.



Show notes

The Copy Fail vulnerability impacts all Linux distros going back to 2017, hackers are exploiting a cPanel auth bypass, every Moldovan citizen has their data stolen, and some scam compounds got raided raided… in Dubai.



Show notes



Risky Bulletin: The mysterious hack of Moldova's healthcare database