Summary5 min read

Risky Bulletin: Cyberattack Cripples Cars Across Russia

Podcast: Risky Bulletin (Risky Biz)
Date: January 27, 2026
Host: Amberly Jack
Prepared by: Catalyn Campanu

Episode Overview

This episode delivers a brisk, information-packed roundup of the week’s major cybersecurity news, with a headline focus on a cyberattack that left thousands of cars in Russia immobile by targeting an internet-connected car alarm system. Amberly Jack also highlights global legal, political, and technical developments in cybersecurity, ranging from legal actions over stolen data, new regulatory moves in Israel and France, tech company settlements, to vulnerabilities in major software platforms.

Key Discussion Points & Insights

1. Headline Story: Russian Cars Crippled by Cyberattack

[00:04–01:10]

Incident: A cyberattack targeted the Delta smart automotive alarm system in Russia, disabling the ability of owners to unlock, start, or silence alarms on their vehicles.
Company Response: Delta acknowledged the attack but withheld technical details.
Impact: Many Russian car owners were rendered immobile; broader implications for IoT and automotive cybersecurity.

Amberly Jack:
“Car owners reported not being able to open doors, silence alarms or start cars. The company has confirmed the incident but has not provided further details.”
[00:17]

2. Major Data Leak Severs U.S. Treasury Contract

[01:11–01:51]

The US Treasury canceled contracts with Booz Allen Hamilton following revelations that a firm employee leaked IRS records from 2018–2020.
Over 400,000 Americans’ tax details, including those of President Donald Trump, Elon Musk, and Jeff Bezos, were exposed.
The data was sent to ProPublica and the New York Times.

3. New Israeli Cybersecurity Law

[01:52–02:19]

Israel is poised to pass a law requiring all organizations to notify the National Cyber Directorate of cyberattacks.
Immediate reporting is mandatory for attacks on critical infrastructure.

4. EU Investigation into X Over Explicit AI Content

[02:20–02:40]

The European Commission is investigating X (formerly Twitter) and its Grok AI feature for generating explicit images of women and children.
X and its XAI division face potential fines up to 6% of global revenue.
More than a dozen countries are pursuing similar probes.

5. Chinese Cyber Espionage on UK Officials

[02:41–03:12]

Chinese hackers targeted phones of aides to UK prime ministers Boris Johnson, Liz Truss, and Rishi Sunak between 2021 and 2024.
Unclear how much access was obtained or if the prime ministers themselves were compromised.

6. France Mandates Sovereign Video Conferencing

[03:13–03:36]

French government directs all agencies to replace Zoom and Teams with a domestic platform, Visio, by 2027.
Part of a national initiative for digital sovereignty.

7. Mass ATM Jackpotting Scheme in the U.S.

[03:37–03:56]

The US indicted 31 Venezuelan and Colombian nationals for a coordinated ATM jackpotting campaign using the Plautus malware.
The group is linked to the Aragua cartel; DOJ has now charged 87 people.

8. Spyware Lawsuit Win Against Saudi Arabia

[03:57–04:24]

Saudi critic Ghanem Al Masaray won £3 million in damages after Pegasus spyware was found on his phone.
The Saudi government did not participate in the UK lawsuit, citing immunity.
The suit included lost revenue and severe depression after Al Masaray had to shut down his YouTube channel.

9. Doxxing and Swatting Arrests in Eastern Europe

[04:25–04:45]

Four suspects arrested in Hungary and Romania for targeted harassment, threats, and bomb hoaxes directed at various organizations.

10. Tow Truck Fraud in Spain

[04:46–05:10]

Rogue tow operators are abusing Spain’s new mandatory V16 emergency beacons by intercepting location signals to scam car owners before legitimate help arrives.

11. Scattered Lapsus Hunters: Okta and SSO Phishing

[05:11–05:37]

The group has targeted SSO accounts at over 100 companies using phishing panels and real-time attack methods.
Notable targets include Atlassian, Zillow, HubSpot, Epic Games, and Telstra.

12. Security Updates and Vulnerabilities

[05:38–06:50]

Microsoft: Emergency patch for an Office zero-day in object embedding; newer Office versions are less susceptible.
OpenSSL: Patch for a critical bug allowing remote code execution via malformed CMS packets; one of 12 vulnerabilities addressed.
Kubernetes: API WebSocket auth bypass vulnerability will be addressed in a new system launching in April.

Amberly Jack:
“Microsoft has released an out of band security update to patch an actively exploited Office Zero day.”
[05:38]

13. WhatsApp Rolls Out Lockdown Feature

[06:51–07:19]

Inspired by Apple’s and Android’s advanced security modes, WhatsApp’s new lockdown feature:
- Enables two-factor authentication
- Turns on security notifications
- Prompts encrypted backups
- Disables link previews, blocks unsolicited attachments/media

14. Major Tech Companies Settle Privacy Suits

[07:20–07:40]

Google agrees to a $68 million settlement over allegations its voice assistant illegally recorded users for ad targeting.
Apple settled a similar case for $95 million over Siri recordings last year.

15. Chrome Extensions Stealing ChatGPT Tokens

[07:41–08:00]

Fifteen Chrome extensions and one Edge extension stole OpenAI ChatGPT tokens.
Distribution was limited (900 downloads total), but the threat highlights persistent privacy issues in browser extensions.

Notable Quotes & Memorable Moments

On the Russia Car Attack:

“Car owners reported not being able to open doors, silence alarms or start cars.”
— Amberly Jack, [00:17]
On the IRS Leak:

“A Booz Allen employee leaked tax records of more than 400,000 Americans to ProPublica and the New York Times.”
— Amberly Jack, [01:28]
On WhatsApp’s Security Feature:

“The strict account settings feature is inspired by Apple’s lockdown mode and Android’s advanced protection mode.”
— Amberly Jack, [06:53]

Timestamps for Important Segments

Russian Car Cyberattack: 00:04–01:10
IRS Leak/Booz Allen: 01:11–01:51
Israeli Cybersecurity Law: 01:52–02:19
EU Investigation of X: 02:20–02:40
Chinese Hackers Target UK Officials: 02:41–03:12
French Video Conferencing Mandate: 03:13–03:36
ATM Jackpotting Indictments: 03:37–03:56
Spyware Lawsuit Win: 03:57–04:24
Eastern European Doxxing/Swatting Arrests: 04:25–04:45
Spanish Tow Truck Fraud: 04:46–05:10
SSO/Okta Phishing Campaign: 05:11–05:37
Security Vulnerability Updates: 05:38–06:50
WhatsApp Lockdown Feature: 06:51–07:19
Voice Assistant Settlements: 07:20–07:40
Malicious Chrome Extensions: 07:41–08:00

Tone and Language

Amberly Jack maintains a brisk, neutral, and factual tone, moving quickly through each headline with minimal commentary, focusing on the impact and key facts of each cybersecurity development.

Summary

This episode offers a jam-packed roundup of major stories at the intersection of technology, law, and global security. The wide-ranging updates—from car immobilizations in Russia to privacy law settlements—underscore increasing digital threats and regulatory scrutiny, while also providing practical alerts about patches and emerging risks relevant to cybersecurity professionals and the general public.

Loading summary

Transcript1 lines

[00:04]
A
A cyber attack has crippled cars in Russia Microsoft patches an office zero day, WhatsApp rolls out an account lockdown feature and a handful of chrome extensions steal ChatGPT auth tokens. This is the Risky bulletin prepared by Catalyn Campanu and read by me, Amberly Jack. Today is January 28th and this podcast episode is brought to you by Push Security. In today's top story, a cyber attack against an Internet connected automotive alarm system has crippled cars in Russia. The attack targeted the smart alarm system Delta. Car owners reported not being able to open doors, silence alarms or start cars. The company has confirmed the incident but has not provided further details. The US treasury has cancelled its contracts with Booz Allen Hamilton following an internal leak of IRS documents. Between 2018 and 2020, a Booz Allen employee leaked tax records of more than 400,000Americans to ProPublica and the new York Times. The data included tax details for President Donald Trump, Elon Musk, Jeff Bezos and other billionaires. The Israeli government is expected to pass its first cybersecurity law next week. The law would require all organisations to report cyber attacks to the country's National Cyber Directorate. If attacks target critical infrastructure, organisations would be required to report the incident as soon as it's discovered. The European Commission has launched a formal probe into X over the Grok AI feature that generated explicit photos of women and children. The platform and its XAI division face fines of up to 6% of global revenue. More than a dozen European and Asian countries are conducting similar investigations. Chinese hackers reportedly hacked the phones of UK government officials. The hacks between 2021 and 2024 targeted the aides of Boris Johnson, Liz Truss and Rishi Sunak. It is unclear what level of access the hackers obtained or whether former prime ministers were themselves compromised. British Prime Minister Sir Keir Starmer is set to meet with Chinese officials this week. The French government is replacing US video conferencing platforms with a local alternative. All agencies and departments must switch from Zoom and Microsoft Teams to the French conferencing product Visio by 2027. Visio launched this year and is part of a national plan to create a sovereign digital ecosystem. The US has indicted 31 Venezuelan and Colombian nationals for their roles in an ATM jackpotting scheme. The group scouted ATMs at night and replaced the hard drives with ones preloaded with the Plautus malware. In the last two months, the Justice Department has charged a total of 87 individuals in relation to the scheme. All suspects are believed to be members of the trendy Aragua criminal cartel. A critic of the Saudi government has won a spyware lawsuit in the UK. Ghanem Al Masaray sued the Saudi government in 2019 after his phone was infected with the Pegasus spyware. The lawsuit cited severe depression that forced him to abandon his YouTube satire channel. The court awarded damages of three million pounds to cover the loss of revenue. The Saudi government refused to participate in the lawsuit, citing state immunity. Hungarian and Romanian authorities have arrested four people accused of doxxing and swatting attacks. Three suspects were detained in Hungary and one in Romania. They doxxed victims, threatened to kill people and issued fake bomb threats against educational, religious and law enforcement organisations. Rogue tow truck operators are abusing Spanish emergency vehicle beacons and defrauding car owners needing assistance. Spanish authorities say the groups are intercepting GPS coordinates emitted by V16. The rogue operators are arriving before legitimate tow trucks and scamming people in high stress situations. The beacons recently became mandatory for all cars in the country. The Scattered Lapsus Hunters hacking group has targeted Okta and SSO accounts at more than 100 companies. The group is using a combination of classic phishing and voice calls to lure employees into sharing SSO sessions and tokens, according to security firm Silent Push. The group uses specialised phishing panels that direct the process in real time. Atlassian, Zillow, HubSpot, Epic Games and Telstra are among the companies targeted. Microsoft has released an out of band security update to patch an actively exploited Office Zero day. The Zero day is a bypass of a security feature relating to object embedding exploitation, requires user interaction and affects all Office versions after 2016. Users of Office 2021 and later are protected by a change. At Microsoft's end, the OpenSSL project has patched a memory corruption bug that can lead to remote code execution. The bug resides in the processing of cryptographic message syntax data. Threat actors can use CMS packets with crafted parameters to crash, open SSL and run malicious code. It is one of 12 issues patched by OpenSSL this week. All were found and reported by IELTS. Security threat actors can bypass authorization and execute code on any Kubernetes container. The vulnerability exploits a bug in how Kubernetes API servers handle WebSockets. The Kubernetes project has declined to patch the issue, but will release a new API authorization system in April to address the attack. WhatsApp is rolling out a new security feature meant to block advanced exploits in spyware. The strict account settings feature is inspired by Apple's lockdown mode and Android's Advanced protection mode. It enables two factor authentication, turns on security notifications, and prompts the user to set up encrypted backups. It also disables link previews and blocks attachments and media from unknown senders. Google has agreed to pay $68 million to settle a class action lawsuit. The company was accused of illegally recording users via its voice assistant. Google later used the recordings to deliver targeted ads. Last year, Apple agreed to pay $95 million in a similar settlement over Siri recordings. And finally, a cluster of malicious Chrome extensions is stealing ChatGPT authentication tokens. Fifteen extensions were hosted on the official web store, while one was distributed via the Edge Add Ons Marketplace. According to security firm LayerX, the extensions were collectively downloaded only 900 times. That's all for this podcast edition. Today's show was brought to you by our sponsor podcast, Push Security. Find them@PushSecurity.com thanks for your company.