Risky Bulletin: Germany Seeks More Hacking and Surveillance Powers for Its Intel Service
Podcast: Risky Bulletin (Risky.biz)
Episode date: January 19, 2026
Host: Amberly Jack
Prepared by: Katalin Campanu
Episode Overview
This episode provides a rapid-fire rundown of significant cybersecurity and geopolitics news, with a primary focus on Germany's proposed law to extend digital surveillance and hacking capabilities for its intelligence service (BND). Other featured topics include legislative moves in Finland and the European Union, global internet and disinformation disruptions, high-profile hacks, legal actions against threat actors, notable vulnerabilities, and ongoing cyber exploits in major software platforms.
Key Discussion Points & Insights
1. Germany’s BND Surveillance Law
-
[00:10] The German government is considering a law to grant its Federal Intelligence Service (BND) expanded hacking and surveillance powers.
- The law would allow BND to:
- Store full internet communications, not just metadata.
- Hack foreign service providers.
- Surveil foreigners and some journalists.
"If approved, a new law would allow the storage of full internet communications rather than just selected metadata."
— Amberly Jack [00:12] - The law would allow BND to:
2. Finnish Legislation Against Disinformation
- [00:24] Finland's Ministry of Justice proposes criminalizing the spread of false information on behalf of foreign entities.
- The law targets local operatives involved in foreign disinformation.
- Uncertainty remains whether penalties include prison time.
3. US Government and RSA Conference Tensions
- [00:32] US cyber officials may skip this year’s RSA Cybersecurity Conference.
- Triggered by Jen Easterly’s appointment as RSA CEO, previously CISA Director under Biden.
- Seen as a political signal from Trump administration officials.
4. EU to Ban Chinese Tech in Critical Infrastructure
- [00:39] The EU is preparing a ban on Chinese telecom and solar equipment in its cybersecurity act.
- Affects companies like Huawei and ZTE.
5. Permanent Internet Cuts in Iran
- [00:46] Iran could make longstanding internet disconnects permanent; ongoing internet blackout amid protests.
- Only ‘vetted’ individuals may be allowed broader access going forward.
- Digital rights groups confirm government plans for severe restriction.
6. Disinformation Actors Go Silent During Outages
-
[00:57] Patriotic “French” accounts stirring anti-government sentiment disappeared from X (Twitter) after Iran’s internet outage. Similar activity reported in Scottish independence circles.
"A cluster of so called French patriotic accounts went silent on X after Iran removed itself from the Internet."
— Amberly Jack [01:00]
7. Legal and Regulatory Actions
- CrowdStrike Lawsuit Dismissed ([01:10]):
- Shareholder lawsuit over the massive 2024 outage dismissed for lack of evidence of fraud.
- Hackers Extort Grubhub ([01:19]):
- Shiny Hunters threaten to leak data hacked from Grubhub’s Salesforce and Zendesk.
- European Rail Data Breach ([01:25]):
- Personal information (including passports) of EU rail customers stolen.
- $282M Crypto Theft ([01:29]):
- Funds drained from a hardware wallet using social engineering, laundered into Monero—price spikes 70% as a result.
8. Prosecutions and Criminal Cases
- Access Broker Arrested ([01:37]):
- Jordanian man, Firas Khali Ahmad Abashiti (aka Riz), pled guilty to selling US network access.
- Tennessee Hacker Sentenced ([01:43]):
- Nicholas Moore hacked Supreme Court/Veterans Affairs, posted data to Instagram. Pleads guilty.
- Venezuelans Sentenced for ATM Malware ([01:52]):
- Five nationals used malware in Georgia (US) ATMs, caught via fingerprints/surveillance.
9. Active Threats and Vulnerabilities
-
Malicious Chrome Extensions ([02:02]):
- Five extensions targeted HR/ERP software (Workday, NetSuite, SuccessFactors), stealing cookies and hijacking sessions. 2,300 users affected.
-
AMD Stack Warp Attack ([02:10]):
- Vulnerability allows code execution in AMD SEV environments; exposed secrets in VMs. Firmware patch released.
-
Fortinet FortiSIEM Exploited ([02:17]):
- Attackers use recent PoC for pre-auth remote command execution after public disclosure.
-
Cisco Zero-Day Active Exploits ([02:23]):
- Zero-day in email security appliances abused by a Chinese espionage group; lets attackers run root commands.
-
Google Zero-Click Dolby Vulnerability ([02:30]):
- Project Zero discloses zero-click exploit for Dolby decoder in Android; tested on Pixel 9, affects many devices.
"No user interaction is required, as many Android communication apps automatically process audio."
— Amberly Jack [02:42] -
Livewire PHP RCE ([02:44]):
- Unpatched Laravel Livewire file manager lets attackers upload and run malicious PHP. No vendor response yet.
Notable Quotes & Memorable Moments
-
On Germany’s Proposed Law:
"A new law would allow the storage of full internet communications rather than just selected metadata."
— Amberly Jack [00:12] -
On the French Disinformation Cluster Vanishing:
"A cluster of so called French patriotic accounts went silent on X after Iran removed itself from the internet."
— Amberly Jack [01:00] -
On the Scale of Crypto Theft:
"A hacker has stolen $282 million in crypto from a single hardware wallet… The move caused the price of Monero to spike 70% in the days following."
— Amberly Jack [01:30] -
On Google’s Zero-Click Exploit:
"No user interaction is required, as many Android communication apps automatically process audio."
— Amberly Jack [02:42]
Timestamps for Important Segments
- Germany’s Surveillance Law – [00:10]
- Finland’s Proposed Disinformation Law – [00:24]
- US RSA Conference Boycott – [00:32]
- EU Ban on Chinese Tech – [00:39]
- Iran’s Internet Blackout – [00:46]
- Disinformation Accounts Go Silent – [00:57]
- CrowdStrike Lawsuit Dismissed – [01:10]
- Grubhub Data Extortion – [01:19]
- EU Rail Data Breach – [01:25]
- $282M Crypto Heist – [01:29]
- Access Broker Sentenced – [01:37]
- US Supreme Court/VA Hacker – [01:43]
- ATM Malware Group Sentenced – [01:52]
- Malicious Chrome Extensions – [02:02]
- AMD Stack Warp Vulnerability – [02:10]
- Fortinet Vulnerability Exploited – [02:17]
- Cisco Zero-Day Hack – [02:23]
- Android Zero-Click Exploit – [02:30]
- Livewire File Manager RCE – [02:44]
Tone and Style
The episode delivers news in a brief, factual, and slightly urgent tone, providing context and highlighting impacts where appropriate. Amberly Jack’s delivery is clear and information-dense, in line with cybersecurity professional audiences.
Summary
This installment of Risky Bulletin succinctly unpacks top global cybersecurity, policy, and infosec news: from sweeping proposals for German state surveillance, European responses to Chinese tech, Iran’s drive for a split internet, to ongoing threats and vulnerabilities affecting software, hardware, and infrastructure. The briefing format ensures maximum relevance for security professionals and anyone interested in current cyber and policy developments.
