Summary5 min read

Risky Bulletin: Cyber Command Conducted Cyberattacks Ahead of Iran Strikes

Podcast: Risky Bulletin by Risky Business Media
Date: March 3, 2026
Host: Claire Aird (prepared by Catalyn Kimpanu)

Episode Overview

This episode delivers a concise roundup of key cybersecurity and digital policy events from around the globe. The main focus is on the recent US and Israeli cyber operations against Iran, as well as major updates on Russia’s push for internet sovereignty, cyberattack trends involving mobile and web technologies, and noteworthy law enforcement actions against cybercriminals.

Key Discussion Points & Insights

1. US and Israeli Cyber Operations Preceding Strikes on Iran

[00:11] The Pentagon confirms cyber operations were used by US Cyber Command, alongside Space Command, to "blind Iran's ability to respond to airstrikes" conducted at the weekend.
Israeli cyber units reportedly carried out complementary operations, including disrupting mobile towers around Iran’s leader to hinder security communications.
Highlight: The integration of cyber and kinetic military operations is increasingly central to modern conflict.

“Cyber Command worked with Space Command to blind Iran's ability to respond to airstrikes at the weekend.”
— Claire Aird, [00:18]

2. U.S. Customs and Border Protection Buys Ad Data for Tracking

[00:40] Internal documents reveal Customs and Border Protection purchases real-time location data from advertising platforms, bypassing the need for a warrant or coordination with mobile providers.
This practice raises serious privacy concerns.

“This allows the agency access to location data without a warrant or having to go through mobile operators.”
— Claire Aird, [00:48]

3. Russia Targets Internet Independence by 2028

[00:56] Russian officials aim for “digital sovereignty,” planning to fully segregate their internet infrastructure by 2028 at an estimated cost of $13 billion.
Implementation relies on replacing Western tech with Chinese and Indian systems, posing supply chain and compatibility challenges.

4. China’s Military Pushes for Widespread AI Integration

[01:18] Intelligence procurement documents show the People’s Liberation Army employing AI for intrusion detection, cyber operations, disinformation, big data analysis, drone piloting, and autonomous attacks.
Notable: Beijing’s interest in using AI to accelerate decision-making and avoid chain-of-command bottlenecks in combat scenarios.

5. Dutch Political Push for Citizen Cybersecurity Suite

[01:44] Dutch opposition urges the government to offer free security tools—VPN, ad blockers, password managers, antivirus—to all citizens.

6. French Investigate Sale of Mobile Impersonation Devices

[01:55] French authorities are prosecuting a Chinese national and buyers of IMSI catchers—devices mimicking cell towers to send SMS spam and facilitate online scams.

7. US: Social Media Hacking and Sextortion Case

[02:12] Jamarcus Mosley of Alabama pleads guilty to hacking and extorting hundreds of (mostly female) victims—including minors—by compromising accounts on Snapchat and Instagram between 2022-2025.

8. Florida Software Trafficker Sentenced

[02:33] Heidi Richards, via Trinity Software Distribution, illegally resold millions in Microsoft license keys harvested from physical labels over five years. She receives a 22-month prison term.

9. Indian Crackdown on Social Media Investment Scams

[02:52] Police arrest 27 individuals running scams via WhatsApp and Instagram, recovering part of the $1.5M stolen through fraudulent schemes.

10. iOS Exploit Kit ‘Karun’ Targets Users Worldwide

[03:11] Russian APT and Chinese eCrime groups deploy the Karun exploit kit, boasting 23 exploits and five exploit chains capable of hacking devices up to iOS 17 (released in 2023).
Kit origins possibly trace to a US government program, drawing parallels to earlier exploits used against Russian officials.

“Security firm Iverify told Wired. The kit may originally have been developed for the US government.”
— Claire Aird, [03:32]

11. US High School Sports Platform Fined for Privacy Violations

[03:49] California fines Play On Sports $1.1M for using purchased user data for targeted ads from over 1,400 high schools’ ticket sales.

12. Threat Actors Abuse OAuth Redirection in Phishing

[04:02] Government organizations are targeted by malicious campaigns exploiting OAuth URL redirections. Microsoft has begun removing affected apps.

13. Indian Espionage Group Targets Pakistan, Bangladesh

[04:17] "Sloppy Lemming" hacking group attacks critical systems including Pakistan Navy and nuclear bodies; campaign exposed by open directories on control servers.

14. Vehicle Tire Pressure Systems Leak Driver Data

[04:34] Wireless tire pressure monitors emit unencrypted signals identifiable up to 50 meters, creating unforeseen physical tracking risks for drivers.

15. Google Patches Active Android Zero-Day

[04:50] An exploited Qualcomm zero-day discovered by Google’s security team in December is fixed in this month’s Android update.

16. Chrome Moves to Two-Week Release Cycle

[04:59] Starting September, Chrome will update every two weeks (from four), with emergency security patches as needed.

“Security updates will continue to be released every week if needed.”
— Claire Aird, [05:05]

Notable Quotes & Memorable Moments

On US military cyber and space collaboration:

“Cyber Command worked with Space Command to blind Iran's ability to respond to airstrikes at the weekend.” ([00:18])
On location data privacy:

“This allows the agency access to location data without a warrant or having to go through mobile operators.” ([00:48])
On iOS exploit kit origins:

“The kit may originally have been developed for the US government. It has similarities to the triangulation exploits used against Russian officials in early 2023.” ([03:32])

Important Segment Timestamps

US/Iran/Israel cyber operations: [00:11] – [00:39]
U.S. Customs ad data purchase: [00:40] – [00:55]
Russia plans internet sovereignty: [00:56] – [01:18]
China AI and military: [01:18] – [01:43]
Dutch digital security push: [01:44] – [01:54]
French IMSI catcher case: [01:55] – [02:12]
Alabama social media hacking: [02:12] – [02:33]
Florida software trafficking: [02:33] – [02:52]
Indian investment scam crackdown: [02:52] – [03:11]
iOS exploit kit ‘Karun’: [03:11] – [03:49]
High school sports privacy case: [03:49] – [04:01]
OAuth phishing attacks: [04:02] – [04:16]
Indian espionage campaign: [04:17] – [04:34]
Vehicle tire pressure tracking: [04:34] – [04:49]
Android zero-day patch: [04:50] – [04:58]
Chrome release changes: [04:59] – [05:10]

Episode Tone & Style

The reporting is brisk, clinical, and informative, focusing on fact-based summaries and expert analysis. The tone is straightforward with minimal editorializing, maintaining a serious, no-nonsense approach suited to cybersecurity professionals and enthusiasts.

Loading summary

Transcript1 lines

[00:04]
A
The US conducted cyber attacks ahead of strikes on Iran. Russia aims for Internet independence by 2028. Google finds a new iOS exploit kit in the wild and Chrome moves to a two week release cycle. This is the risky bulletin prepared by Catalyn Kimpanu and read by me, Claire aird. Today is the 4th of March and this podcast episode is brought to you by Okta. In today's top story, the Pentagon says the U.S. carried out cyber operations to disrupt Iranian defences ahead of recent strikes. Cyber Command worked with Space Command to blind Iran's ability to respond to airstrikes at the weekend. Similar attacks were also carried out by Israeli cyber units. One of the Israeli attacks disrupted mobile towers around Iran's leader to prevent his security detail from receiving warnings. In other news, the U.S. customs in Border protection is buying data from online advertisers to track people's movements. 404 Media obtained an internal document showing the datas taken from real time ad bidding platforms. This allows the agency access to location data without a warrant or having to go through mobile operators. The Russian government anticipates it will achieve digital sovereignty and separate itself from the rest of the Internet by 2028. Officials say they're currently replac replacing the hardware and software that runs crucial systems. The process is estimated to cost up to $13 billion. Russia will be replacing Western technology with Chinese and Indian systems, which will come with its own challenges. Procurement documents have revealed that China is pushing for the integration of AI into its military, intelligence and cyber operations. The People's Liberation army is already using AI to detect intrusions and enhance cyber operations and for disinformation campaigns. It's also experimenting with AI to analyse large quantities of data, pilot unmanned combat vehicles and attack targets autonomously. Beijing also wants to use the technology to accelerate decision making to avoid the chain of command being overwhelmed in combat. Dutch political opposition parties have urged the government to create a digital security package for citizens. They want the government to run its own ad blocker, vpn, password manager and antivirus system. The package would be free for Dutch citizens. French authorities are seeking an eight year prison sentence for a Chinese national who sold IMSI catchers. The devices were bought by fraudsters to impersonate mobile towers and send SMS spam. The messages were used to lure victims to online scams and phishing pages. The individuals who bought the devices are also on trial and and are facing up to five years in prison. An Alabama man has pleaded guilty to hacking social media accounts of young women and extorting them. 22 year old Jamarcus Mosley targeted hundreds of victims, including minors. He hacked accounts on multiple platforms, including Snapchat and Instagram. His scheme began in 2022 and ran for three years. Several victims complied with his extortion requests, but for money or explicit photos. A Florida woman has been sentenced to 22 months in prison for trafficking in Microsoft software licenses. Heidi Richards and her company, Trinity Software Distribution, harvested product keys from Microsoft's certificate of authenticity labels. She then resold them for below the software's retail price. The scheme lasted for five years and netted Richards millions of dollars. Indian Authorities have arrested 27 individuals during a crackdown on cyber fraud gangs. The primary suspects are accused of conducting investment scams via WhatsApp and Instagram. Others were arrested on suspicion of laundering stolen funds. Authorities said the operation made more than $1.5 million, a tenth of which was recovered during the raids. A Russian apt and a Chinese ecrime group are targeting iOS users with a leaked commercial exploit kit. The Karun toolkit has been spotted on Ukrainian sites and Chinese gambling platforms. Google says. Karuna was developed by an unnamed surveillance vendor. It features 23 exploits across five exploit chains. The exploits are based on old zero days that can hack devices up to iOS 1-1-17, which was released in 2023. Security firm Iverify told Wired. The kit may originally have been developed for the US government. It has similarities to the triangulation exploits used against Russian officials in early 2023. California has fined a high school sports ticketing platform $1.1 million for privacy violations. Play On Sports users had to agree to its terms of service to purchase tickets. The company then used the data for targeted advertising. More than 1,400 U.S. high schools used the platform. Threat actors are abusing the redirection to URL feature of legitimate OAuth services. In phishing campaigns, attacks are targeting government and public sector organisations. Microsoft has removed some of the OAuth apps being abused. A suspected Indian cyber espionage campaign is targeting Pakistani and Bangladeshi government entities and critical infrastructure operators. The sloppy lemming group has targeted the Pakistan Navy, the National Logistics Corp. Nuclear regulatory bodies and major telcos and energy providers. Security firm Arctic Wolf discovered the scope of their campaign after the group left multiple command and control servers with open directories. Vehicle tyre pressure monitoring systems leak data that can be used to track drivers movements. The issue is caused by the sensors sending unencrypted tire pressure data to a car's computer. These signals contain unique identifiers that can be monitored by nearby radio equipment, according to Imdin Networks These messages can be received up to 50 metres away. Google has patched an actively exploited zero day in the Android mobile operating system. The zero day impacts a Qualcomm component. It was discovered by Google's security team in December and patch this month. And finally, the Google Chrome web browser will switch to a two week release cycle in September. Since 2021, Google's released a new browser version every four weeks. Security updates will continue to be released every week if needed. And that is all for this podcast edition. Today's show was brought to you by our sponsor Okta. Find them@octa.com thanks for your company.