Podcast Episode Details

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy

---

---

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Australia expels Iranian ambassador
• Hackers sabotage Iranian shipping satcoms
• APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
• Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
• The Com’s King Bob gets ten years in the slammer
• It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.

This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.

This episode is also available on Youtube.

Show notes

• Embassy staff flee Canberra in dead of night | news.com.au — Australia’s leading news site for latest headlines
• Swedish security service says Iran uses criminal networks in Sweden | Reuters
• Risky Bulletin: Hackers sabotage Iranian ships at sea, again - Risky Business Media
• Microsoft scales back Chinese access to cyber early warning system | Reuters
• Microsoft Didn’t Disclose Key Details to U.S. Officials of China-Based Engineers, Record Shows — ProPublica
• .:: Phrack Magazine ::.
• Uncovering the Chinese Proxy Service Used in APT Campaigns
• Weaponizing image scaling against production AI systems -The Trail of Bits Blog
• FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive
• CrowdStrike warns of uptick in Silk Typhoon attacks this summer | CyberScoop
• Kevin Beaumont: "There’s a bunch of new Netscal…" - Cyberplace
• US charges Oregon man in vast botnet-for-hire operation | Cybersecurity Dive
• South Korea arrests

  ---

  Published on 1 week, 6 days ago