Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.
• Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad
• After six years dormant, a Magento eCommerce platform backdoor comes to life
• The North Korean IT worker scam is truly webscale
• NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?

This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube.

This episode is available on Youtube too.

• Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages
• Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs
• The Signal Clone the Trump Admin Uses Was Hacked
• App used by Mike Waltz suspends services after hacking claims
• Senator Demands Investigation into Trump Admin Signal Clone After 404 Media Investigation
• MG on X: "Looks like TeleMessage was probably procured and rolled out under Biden. There are public records for it. https://t.co/XCuZpi8PL3" / X
• Harrods becomes latest retailer to announce attempted cyberattack | The Record from Recorded Future News
• Co-op DragonForce cyber attack includes customer data, firm admits
• Co-op cyber attack: Staff told to keep cameras on in meetings
• Hundreds of e-commerce sites hacked in supply-chain attack - Ars Technica
• Microsoft’s new “passwordless by default” is great but comes at a cost - Ars Technica
• Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica
• North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop
• US wants to cut off key player in Southeast Asian cybercrime industry | The Record from Recorded Future News
• Myanmar militia leader sanctioned by US over cyber scam connections | The Record from Recorded Future News
• Trump proposes major cut to CISA’s budget, citing false ‘censorship’ claims | Cybersecurity Dive
• NSA to cut up to 2,000 civilian roles as part of intel community downsizing | The Record from Recorded Future News
• NSO Group owes $168M in damages to WhatsApp over spyware infections, jury says | CyberScoop