Risky Bulletin: Linux Adds PCIe Encryption to Help Secure Cloud Servers
Podcast: Risky Bulletin
Host: risky.biz
Date: December 10, 2025
Episode Theme:
A fast-paced roundup of the week’s most significant cybersecurity stories, with a special focus on major policy updates, high-profile arrests, and substantial security advances—highlighted by the Linux kernel’s addition of PCIe encryption.
Main Story: Linux Kernel Adds PCIe Encryption
[00:04]
- The News:
The upcoming Linux kernel version 6.19 will include PCI Express (PCIe) Link encryption. - Purpose:
Designed to secure communication between the CPU and PCIe-connected components, providing protection against attacks that intercept data via these high-speed internal interfaces. - Scope:
While home computers (notably graphics cards) use PCIe, the innovation is especially targeted at securing cloud servers, where PCIe interconnects are vital. - Development:
A collaborative effort by Intel, AMD, and ARM.
Notable Quote:
"The new feature is designed to protect communications between the CPU and components connected via the PCI Express interface in home computers. ... The standard is also widely used by the servers that run cloud infrastructure."
—Claire Aird [00:10]
Global Cybersecurity News Roundup
Coupang Hack Investigation (South Korea)
[01:05]
- Incident: South Korean authorities raided the e-commerce giant Coupang’s headquarters.
- Background:
A breach exposed data of two-thirds of South Korea’s population. - Key Points:
- Reports allege poor data protection and minimal cyber insurance.
- Coupang alleged the attack was linked to a (former) Chinese employee.
US National Defence Authorisation Act (NDAA) Updates
[01:43]
- Development:
US House and Senate reached consensus on the 2026 NDAA, pending a vote this week. - Cybersecurity-related clauses:
- Senior DoD officials must use encrypted phones.
- Expanded mental health support for cyber personnel.
- Provisions to discourage spyware use against journalists.
- Ending the “dual hat” leadership of NSA and Cyber Command.
Notable Quote:
"The bill includes several cybersecurity-related clauses. One requires senior Department of Defence officials to use encrypted phones. Another will provide mental health services for cyber personnel."
—Claire Aird [01:48]
ICC Addresses Cyber-Enabled Genocide
[02:20]
- Headline: ICC will now investigate genocide/war crimes perpetrated or enabled through cyberspace.
- Significance:
Cyber activities (hacks, data leaks, online propaganda) are now recognized as legitimate evidence in trials for crimes against humanity.
Arrests and Enforcement Actions
Poland: Hacking Equipment Bust
[02:54]
- Story: Three Ukrainian men arrested with a car full of hacking tools (Flipper Zero, laptops, SIM cards, etc.).
- Authorities' Statement:
Devices included a "spying device detector."
Motivation for the equipment was not provided.
Russia: NFC Relaying Malware
[03:22]
- Arrest: Three suspects stole $2.6M via NFC relaying malware.
- Technique: Hijacked NFC radios on victims’ phones to interact with bank cards, relaying sensitive data for ATM withdrawals.
Spain: Major Data Theft
[03:45]
- Arrest: A 19-year-old in Igualada for selling data from nine organizations (~64 million records) on hacking forums.
Europol: Violence-as-a-Service Crackdown
[04:10]
- Operation: 193 people arrested across Europe for providing or facilitating “violence as a service,” including platform operators and contracted perpetrators.
- Impact: Linked to shootings and attempted murders.
Notable Quote:
"Europol has arrested 193 people associated with violence as a service providers. This includes platform operators, individuals who recruited people for violent acts and the actual perpetrators."
—Claire Aird [04:12]
Cambodia: SMS Spamming Operation Dismantled
[04:42]
- Incident:
Cambodian police raided a warehouse packed with SMS Blaster devices, suspected to be prepped for mobile (car-based) spam campaigns.
Tech Industry: Mass Spyware Warnings
[05:08]
- Apple and Google:
Alerts sent to users in nearly 80 countries about potential spyware exposure. - Context:
Warnings coincided with a Google report on spyware vendor Intellexa.
Memorable Moments
- The breadth and international nature of the law enforcement cyber actions (Poland, Russia, Spain, Europol, Cambodia).
- The ICC’s new policy treating "cyber-enabled genocide" as equivalent to traditional war crimes, marking a major milestone for the recognition of cyber in international law.
Timestamps of Key Segments
| Segment | Timestamp | |-----------------------------------------------|------------| | Linux PCIe Encryption Announcement | 00:04 | | Coupang Hack Raid | 01:05 | | US NDAA Cybersecurity Clauses | 01:43 | | ICC Recognizes Cyber-Enabled Genocide | 02:20 | | Poland: Arrests with Hacking Equipment | 02:54 | | Russia: NFC Relaying Fraud | 03:22 | | Spain: Major Hacking Arrest | 03:45 | | Europol Crackdown on “Violence as a Service” | 04:10 | | Cambodia: SMS Blaster Bust | 04:42 | | Apple/Google Mass Spyware Notifications | 05:08 |
Summary
This episode delivers a comprehensive, rapid-fire survey of major global cybersecurity news—ranging from technical advances in the Linux world to sweeping law enforcement actions and landmark international legal developments. Cloud security, privacy, state policy, and organized cybercrime all feature prominently, with memorable moments underscoring the accelerating convergence between technology, law, and global security.