Risky Business #770 -- A Russian IR guy discovers extremely cool spookware

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:



Apple frustrates law enforcement with iOS auto-reboot

CISA says most KEV vulnerabilities in 2023 were first used as zero days

Russians roll incident response on some sweet Linux spookware

Regular users can create mailboxes in M365?

Tor tracks down the source of its joe-job abuse complaints

And much, much more.



This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.


This episode is sponsored by software supply chain security firm Socket.dev. Founder Feross Aboukhadijeh thinks that we need a CVE-like catalogue for supply-chain attacks, and he makes a solid argument.


The show is also available on Youtube.





Show notes


Jason Koebler: "New: We’ve confirmed Apple quietly introduced a feature in the new iOS that is preventing cops from hacking iPhones that they have confiscated as evidence. Apple really did say ACAB www.404media.co/apple-quietl..." — Bluesky


Apple Quietly Introduced iPhone Reboot Code Which is Locking Out Cops


Exclusive | U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack - WSJ


Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance


The Elusive GoblinRAT: How a Linux Backdoor Infiltrated Government Infrastructures


Microsoft Bookings – Facilitating Impersonation | Cyberis Limited


TrustedSec | EKUwu: Not just another AD CS ESC


Russia’s internet watchdog blocks thousands of websites that use Cloudflare's privacy service


Defending the Tor network: Mitigating IP spoofing against Tor | The Tor Project


Law enforcement operation takes down 22,000 malicious IP addresses worldwide - Ars Technica


Press Conference - Parliament House, Canberra | Prime Minister of Australia


DHS nominee Kristi Noem stood alone for rejecting department cyber grants to state, local governments | CyberScoop


Patrick Gray: "Allies will feel comfortable until these guys get fired in their first 100 days for opposing Trump’s proposed annexation of Iceland or something. People have forgotten… Trump is out of his gourd" — Bluesky