惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Scott Helme
Scott Helme
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Project Zero
Project Zero
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Hacker News - Newest:
Hacker News - Newest: "LLM"
PCI Perspectives
PCI Perspectives
Attack and Defense Labs
Attack and Defense Labs
T
Tenable Blog
V
Vulnerabilities – Threatpost
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
量子位
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Apple Machine Learning Research
Apple Machine Learning Research
MongoDB | Blog
MongoDB | Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
H
Help Net Security
小众软件
小众软件
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Recorded Future
Recorded Future
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Application and Cybersecurity Blog
Application and Cybersecurity Blog
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
GbyAI
GbyAI
Y
Y Combinator Blog
博客园 - 【当耐特】
Google Online Security Blog
Google Online Security Blog
F
Full Disclosure
Microsoft Security Blog
Microsoft Security Blog
S
Secure Thoughts
S
Securelist
S
Security Affairs
WordPress大学
WordPress大学
Hugging Face - Blog
Hugging Face - Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Spread Privacy
Spread Privacy
T
Threatpost
W
WeLiveSecurity
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
O
OpenAI News
B
Blog RSS Feed
V2EX - 技术
V2EX - 技术
SecWiki News
SecWiki News
U
Unit 42
Google DeepMind News
Google DeepMind News
G
GRAHAM CLULEY
云风的 BLOG
云风的 BLOG
NISL@THU
NISL@THU
P
Proofpoint News Feed
Vercel News
Vercel News

Risky Business

Risky Business #840 -- Microsoft walks back researcher threats Risky Business #839 -- TeamPCP stole GitHub's internal repos Risky Business #838 -- GitHub investigates possible breach Soap Box: Where does AI fit into cloud security? Risky Business #837 -- GitHub Actions footgun claims TanStack Risky Business #836 -- You can't patch the bugpocalypse Snake Oilers: Ent AI, Spacewalk and Mondoo Risky Business #835 -- Why the Fast16 malware is badass Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs Risky Business #833 -- The Great Mythos Freakout of 2026 Snake Oilers: Burp AI, Sondera and Truffle Security Risky Business #832 -- Anthropic unveils magical 0day computer God How the World Got Owned Episode 2: The 1990s, Part One Risky Business #831 -- The AI bugpocalypse begins Soap Box: Red teaming AI systems with SpecterOps Risky Business #830 -- LiteLLM and security scanner supply chains compromised Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat Risky Biz Soap Box: It took a decade, but allowlisting is cool again Risky Business #828 -- The Coruna exploits are truly exquisite Risky Business #826 -- A week of AI mishaps and skulduggery Risky Biz Soap Box: The lethal trifecta of AI risks Risky Business #825 -- Palo Alto Networks blames it on the boogie Risky Business #824 -- Microsoft's Secure Future is looking a bit wobbly Risky Business #823 -- Humans impersonate clawdbots impersonating humans Risky Business #822 -- France will ditch American tech over security risks Risky Business #821 -- Wiz researchers could have owned every AWS customer Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!) How the World Got Owned Episode 1: The 1980s Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack Risky Biz Soap Box: Graph the planet! Risky Business #818 -- React2Shell is a fun one Risky Business #817 -- Less carnage than your usual Thanksgiving Risky Business #816 -- Copilot Actions for Windows is extremely dicey Risky Biz Soap Box: Greynoise knows when bad bugs are coming Risky Business #815 -- Anthropic's AI APT report is a big deal Risky Business #814 -- It's a bad time to be a scam compound operator Risky Business #813 -- FFmpeg has a point Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD Risky Business #811 -- F5 is the tip of the crap software iceberg Wide World of Cyber: A deep dive on the F5 hack Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business Risky Business #810 -- Data extortion attacks have a silver lining Snake Oilers: Realm Security, Horizon3 and Persona Risky Business #809 -- Hackers try to pay a journalist for access to the BBC Risky Business #808 -- Insane megabug in Entra left all tenants exposed Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc Risky Biz Soap Box: runZero shakes up vulnerability management Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal Snake Oilers: Nebulock, Vali Cyber and Cape Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup" Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy Wide World of Cyber: Microsoft's China Entanglement Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs Risky Biz Soap Box: How to measure vulnerability reachability Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds Risky Business #801 -- AI models can hack well now and it's weirding us out Soap Box: Why AI can't fix bad security products Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP Risky Business #799 -- Everyone's Sharepoint gets shelled Risky Biz Soap Box: Prowler, the open cloud security platform Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators Risky Business #796 -- With special guest co-host Chris Krebs Soap Box: AI has entered the SOC, and it ain't going anywhere Risky Business #795 -- How The Com is hacking Salesforce tenants Risky Business #794 -- Psychic Panda outgunned by Fluffy Lizard and UNC56728242 Risky Business #793 -- Scattered Spider is hijacking MX records Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now Risky Biz Soap Box: Push Security's browser-first twist on identity security Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys Wide World of Cyber: How state adversaries attack security vendors Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate BONUS INTERVIEW: Senator Mark Warner on Signalgate, Volt Typhoon and tariffs Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful Snake Oilers: LimaCharlie, Honeywell Cyber Insights, CobaltStrike and Outflank Snake Oilers: Pangea, Cosive and Sysdig Risky Business #788 -- Trump targets Chris Krebs, SentinelOne Wide World of Cyber: How the Trump admin is changing the cybersecurity landscape Risky Business #787 -- Trump fires NSA director, CISA cuts inbound Risky Business #786 -- Oracle is lying Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access Risky Business #785 -- Signal-gate is actually as bad as it looks Risky Business #784 -- GitHub supply chain attack steals secrets from 23k projects Risky Business #783 -- Evil webcam ransomwares entire Windows network Risky Business #782 -- Are the USA and Russia cyber friends now? Risky Business #781 -- How Bybit oopsied $1.4bn Wide World of Cyber: DeepSeek lobs an AI hand grenade Risky Business #780 -- ASD torched Zservers data while admins were drunk Risky Biz Soap Box: Run your own open source IDP with Authentik Risky Business #779 -- DOGE staffer linked to The Com Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems Risky Business #777 -- It's SonicWall's turn Risky Business #776 -- Trump will flex American cyber muscles Risky Biz Soap Box: Cool compliance tricks with the Island enterprise browser Risky Business #775 -- Cl0p is back, SEC hack disclosures disappoint Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations Risky Business #774 -- Cleo file transfer appliances under widespread attack Risky Biz Soapbox: Enterprise Yubikeys can now be pre-registered Risky Business #773 -- Cybercriminals are dropping like flies in Russia Risky Business #772 -- Salt Typhoon is truly a national security disaster
Risky Business #827 -- Iranian cyber threat actors are down but not out
James Wilson · 2026-03-04 · via Risky Business

Risky Business Podcast

March 04, 2026

Presented by

James Wilson

James Wilson

Technology Editor

Adam Boileau

Adam Boileau

Co-host at large

Patrick Gray

Patrick Gray

CEO and Publisher

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

  • The US-Israeli attack on Iran had a whole lot of cyber. It’s clearly in the playbook now!
  • The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers
  • So long Maddhu Gottumukkala, but CISA’s annus horribilis continues
  • Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat
  • ASD’s Cisco SD-WAN threat hunting guide is clearly borne of … experience

This week’s episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It’s methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes!

This episode is also available on Youtube.

Your browser does not support the audio element.

Risky Business #827 -- Iranian cyber threat actors are down but not out

0:00 / 61:24

Logo

Show notes

Inside the plan to kill Ali Khamenei

Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch

Matthew Prince 🌥 on X: "Counter to what some cyber vendors are saying, there’s been a dramatic drop in Iranian cyber operations. Likely as the operators are sheltering. They may pick back up, but right now there’s a noticeable lull." / X

Cyber Command disrupted Iranian comms, sensors, top general says | The Record from Recorded Future News

Iranian Hackers Use Elon Musk’s Starlink To Stay Online

Exclusive | U.S. Smuggled Thousands of Starlink Terminals Into Iran After Protest Crackdown - WSJ

Attacks on GPS Spike Amid US and Israeli War on Iran | WIRED

Amazon Data Centers on Fire After Iranian Missile Strikes on Dubai

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals | WIRED

Canceled contracts, a failed polygraph and personal disputes: Inside the turbulent tenure of Noem’s former cyber czar - POLITICO

CISA CIO Robert Costello exits agency | CyberScoop

OpenAI alters deal with Pentagon as critics sound alarm over surveillance

Inside Anthropic’s Killer-Robot Dispute With the Pentagon - The Atlantic

Read the full transcript of our interview with Anthropic CEO Dario Amodei - CBS News

CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements

Large-Scale Online Deanonymization with LLMs

Hackers Weaponize Claude Code in Mexican Government Cyberattack - SecurityWeek

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises - Ars Technica

CISA orders agencies to patch Cisco devices now under attack | Cybersecurity Dive

CISCO SD-WAN THREAT HUNT GUIDE

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Area Man Accidentally Hacks 6,700 Camera-Enabled Robot Vacuums | WIRED

Intellexa founder, three others sentenced to 8 years in prison over Greek spyware scandal | The Record from Recorded Future News

Moscow man accused of posing as FSB officer to extort Conti ransomware gang | The Record from Recorded Future News

Farewell, Felix · The Recurity Lablog

Atmos Sphere 2026 | Atmos

The Agentic Threat Hunting Framework | Nebulock blog

GitHub - Nebulock-Inc/agentic-threat-hunting-framework: ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy. · GitHub