Risky Bulletin

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how bombing Iran changes incentives for Iranian hacker groups. Destroying other ways that Iran might project power could force it to double down on cyber capabilities.

This episode is also available on Youtube.



Show notes



Zetter Zero Day on the Stryker hack


BTN on the evolution of Iranian hackers with Hamid Kashfi

Meta suspends Mexican cartel accounts, multiple vulnerabilities have been found in Linux AppArmour,
Instagram will disable support for end-to-end encrypted messaging and a supply chain attack hits AppsFlyer.



Show notes



Risky Bulletin: Meta disrupts Mexican cartels

In this Risky Business sponsor interview, Catalin Cimpanu talks with Alex Orleans, Head of Threat Intelligence at Sublime Security, about the increase in email attacks leveraging Zoom invites and other video conferencing tools.



Show notes



Key findings from the 2026 Sublime Email Threat Research Report


Scammers actively targeting real estate agents with remote access attacks


Fake Google Meet invitation, fake Microsoft Store, real malware attack


Alex Orleans on LinkedIn

Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs.



Show notes



Risky Bulletin: Another residential proxy provider falls as authorities continue crackdowns

Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date.

They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret.

This episode is also available on Youtube.



Show notes