Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• DeepSeek leaves an unauthed database on the internet
• Russia hacked UK prime minister’s personal mail
• Australia sanctions a Telegram group… which is more sensible than it sounds
• Medical device backdoor turns out to be just poorly thought out upgrade feature
• Google abuses weak hashing to patch AMD CPU microcode
• And much, much more.

This week’s episode is sponsored by email security boffins Sublime. Their co-founder and CEO Josh Kamdjou joins to talk about how attackers’ abuse of legitimate services like Docusign is a challenge for email security vendors.

This episode is also available on Youtube.

Show notes

• Exclusive: Musk aides lock workers out of OPM computer systems | Reuters
• Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog
• Криптостилер SparkCat в магазинах Google Play и App Store | Securelist
• Russian hackers suspected of compromising British PM’s personal email account | The Record from Recorded Future News
• PowerSchool hack: missed basic security step resulted in data breach
• Australia sanctions ‘Terrorgram’ white supremacist online group | The Record from Recorded Future News
• ‘Paid actors’ could be behind some antisemitic attacks, Albanese says | Australian security and counter-terrorism | The Guardian
• Interview with James Glenday, ABC News Breakfast | Australian Minister for Foreign Affairs
• WhatsApp says spyware company Paragon Solutions targeted journalists
• Spyware maker Paragon confirms US government is a customer | TechCrunch
• Former Polish justice minister arrested in sprawling spyware probe | The Record from Recorded Future News
• Sweden releases suspected ship, says cable break ‘clearly’ not sabotage | The Record from Recorded Future News
• Backdoor found in two healthcare patient monitors, linked to IP in China
• Attackers exploit zero-day vulnerability in Zyxel CPE devices | Cybersecurity Dive
• AMD: Microcode Signature Verification Vulnerability · Advisory · google/security-research · GitHub
• 22-year-old math wiz indicted for alleged DeFI hack that stole $65M - Ars Technica
• A method to assess 'forgivable' vs 'unforgivable'... - NCSC.GOV.UK
• Living Off the Land: Credential Phishing via Docusign abuse
• Living Off the Land: Callback Phishing via Docusign comment
• B2B freight-forwarding scams on the rise to evade financial fraud crackdowns
• Callback phishing via invoice abuse and distribution list relays
• Enhanced message groups: Improving efficiency in email incident response