Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy

Listen to this episode from Risky Business on Spotify. On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Australia expels Iranian ambassador Hackers sabotage Iranian shipping satcoms APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK? Trail of Bits uses image-downscaling to sneak prompts into Google Gemini The Com’s King Bob gets ten years in the slammer It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild. This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please. This episode is also available on Youtube. Show notes Embassy staff flee Canberra in dead of night | news.com.au — Australia’s leading news site for latest headlines Swedish security service says Iran uses criminal networks in Sweden | Reuters Risky Bulletin: Hackers sabotage Iranian ships at sea, again - Risky Business Media Microsoft scales back Chinese access to cyber early warning system | Reuters Microsoft Didn’t Disclose Key Details to U.S. Officials of China-Based Engineers, Record Shows — ProPublica .:: Phrack Magazine ::. Uncovering the Chinese Proxy Service Used in APT Campaigns Weaponizing image scaling against production AI systems -The Trail of Bits Blog FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive CrowdStrike warns of uptick in Silk Typhoon attacks this summer | CyberScoop Kevin Beaumont: "There’s a bunch of new Netscal…" - Cyberplace US charges Oregon man in vast botnet-for-hire operation | Cybersecurity Dive South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities | The Record from Recorded Future News SIM-Swapper, Scattered Spider Hacker Gets 10 Years – Krebs on Security Chinese national who sabotaged Ohio company’s systems handed four-year jail stint | The Record from Recorded Future News Nevada state offices close after wide-ranging 'network security incident' | Reuters DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security Russia weighs Google Meet ban as part of foreign tech crackdown | The Record from Recorded Future News Kremlin-Mandated Messaging App Max Is Designed To Spy On Users Иеромонах РПЦ Макарий призвал помолиться за мессенджер MAX