Transcript
Caitlin Sorey (0:00)
Foreign Dutch intelligence discovers a new Russian apt A ransomware attack hits the maker of MATLAB 20 arrested in Nigeria over hacking exam results and an Iranian pleads guilty for the Robin Hood ransomware attacks. This is the risky bulletin prepared by Catalan Campanu and read by me, Caitlin sorey. Today is May 28th and this podcast episode is brought to you by Sublime Security, an email security platform that's not a black box. Dutch intelligence agencies have uncovered a new Russian cyber espionage group. The group was identified when authorities investigated a security breach of the Dutch police force last September. The group was formed last year to aid Russia's war effort in Ukraine. It is tracked by Dutch intelligence services as Laundry Bear and by Microsoft as Void Blizzard. Its targets have included defense and foreign affairs ministries in NATO member states. They're ambassadors, branches of the armed forces, defense contractors and high tech businesses involved in military production. The Australian Defence Force has adopted a new skills based pay structure in an effort to build and retain cyber warfare personnel. The ADF's chief of joint capabilities, Lt. Gen. Susan Coyle, said the new structure would also open reservist roles to people with industry experience. Australia is one of several countries focusing on enhancing their military cyber capability. China has accused Taiwan of hacking an unnamed technology company in the city of Guangzhou. China's security service said the hackers also targeted organisations in 10 other provinces. They described the attackers as unsophisticated and claimed they were supported by Taiwan's Pro Independence party. Taiwan has denied the accusations and accused Beijing of spreading false information to shift focus from its own hacks. An Iranian national has pleaded guilty in the US to hacking American companies and deploying the Robinhood ransomware. 37 year old Sinha Golangard faces up to 30 years in prison on wire fraud and hacking charges. The Robinhood group is known for its attack and extortion of the US city of Baltimore, according to court documents. The group also ransomed three three smaller American cities. A ransomware attack has brought down MathWorks, the company that makes a numeric computing software package. Matlab internal systems and online apps have been down since the attack on May 18th. No ransomware gang has taken credit yet. A hacker has stolen customer data from the South Korean network of jewelry brand Tiffany & Co. The company has notified users that their data was stolen last month, including names, emails, phone numbers and home addresses. Tiffany & Co. Is the second brand in the LVMH group to disclose a recent breach, with incidents also impacting Christian Dior's South Korean and Chinese networks. Earlier this month, Chinese security firm Qianxin says the hack of the Chinese software developer Network forum resulted from a skirmish between contract tech workers. The forum was hacked to host a watering hole attack in December last year. It was one of several IT portals hacked by the group the company calls UTG Q015. Qianxin believes the group is made up of Chinese nationals working in Southeast Asia who are attempting to steal code from other developers. An arrest warrant has been issued in Estonia for a Moroccan citizen accused of hacking a major pharmacy chain last year. The suspect has been identified as 25 year old Adrar Khalid. He allegedly obtained an admin password for a database at the Apotheca pharmacy chain and downloaded customer loyalty card data. Twenty suspects have been arrested in Nigeria and charged with hacking the country's national exam board to alter results. The individuals are believed to be part of a larger hacker for hire syndicate that offered to modify exam scores for a fee of up to $1200. The hackers are also suspected of stealing the personal data of almost 380,000 students. The InSyber forum has postponed its US security conference, citing changes in the country's border procedures. Several other US security conferences have canceled or postponed events following low ticket sales. A number of countries have issued advice and warnings for travellers to the US after reports of visitors being detained or refused entry at the border. Attackers can hijack GitHub AI agents through a vulnerability in the GitHub Model Context Protocol server. The agents can be abused to leak data or run malicious code inside private repositories. Attackers can trigger the vulnerability by filing an issue in a target repository. MCP servers are software components to integrate AI tools with other systems such as GitHub repositories. A blockchain firm, has created more than 50,000 community notes alerting users to crypto scam advertisements on x. The firm, Web3 Antivirus, says it's filling in the gap left by X's lack of response to such scams. Its automated process has created more community notes than the next nine contributors combined. Apple stopped more than $2 billion in fraudulent app store transactions last year. It also shut down over 146,000 developer accounts due to fraud concerns. In a press release, the company said it identified attempted fraudulent transactions from more than 4.7 million stolen credit cards. The company says it's blocked over $9 billion in fraudulent transactions in the last Is that's all for this podcast edition? Today's show is brought to you by our sponsor, Sublime Security. Find them at Sublime Security.