Summary4 min read

Risky Bulletin: Linux Adds PCIe Encryption to Help Secure Cloud Servers

Podcast: Risky Bulletin
Host: risky.biz
Date: December 10, 2025
Episode Theme:
A fast-paced roundup of the week’s most significant cybersecurity stories, with a special focus on major policy updates, high-profile arrests, and substantial security advances—highlighted by the Linux kernel’s addition of PCIe encryption.

Main Story: Linux Kernel Adds PCIe Encryption

[00:04]

The News:
The upcoming Linux kernel version 6.19 will include PCI Express (PCIe) Link encryption.
Purpose:
Designed to secure communication between the CPU and PCIe-connected components, providing protection against attacks that intercept data via these high-speed internal interfaces.
Scope:
While home computers (notably graphics cards) use PCIe, the innovation is especially targeted at securing cloud servers, where PCIe interconnects are vital.
Development:
A collaborative effort by Intel, AMD, and ARM.

Notable Quote:

"The new feature is designed to protect communications between the CPU and components connected via the PCI Express interface in home computers. ... The standard is also widely used by the servers that run cloud infrastructure."
—Claire Aird [00:10]

Global Cybersecurity News Roundup

Coupang Hack Investigation (South Korea)

[01:05]

Incident: South Korean authorities raided the e-commerce giant Coupang’s headquarters.
Background:
A breach exposed data of two-thirds of South Korea’s population.
Key Points:
- Reports allege poor data protection and minimal cyber insurance.
- Coupang alleged the attack was linked to a (former) Chinese employee.

US National Defence Authorisation Act (NDAA) Updates

[01:43]

Development:
US House and Senate reached consensus on the 2026 NDAA, pending a vote this week.
Cybersecurity-related clauses:
- Senior DoD officials must use encrypted phones.
- Expanded mental health support for cyber personnel.
- Provisions to discourage spyware use against journalists.
- Ending the “dual hat” leadership of NSA and Cyber Command.

Notable Quote:

"The bill includes several cybersecurity-related clauses. One requires senior Department of Defence officials to use encrypted phones. Another will provide mental health services for cyber personnel."
—Claire Aird [01:48]

ICC Addresses Cyber-Enabled Genocide

[02:20]

Headline: ICC will now investigate genocide/war crimes perpetrated or enabled through cyberspace.
Significance:
Cyber activities (hacks, data leaks, online propaganda) are now recognized as legitimate evidence in trials for crimes against humanity.

Arrests and Enforcement Actions

Poland: Hacking Equipment Bust

[02:54]

Story: Three Ukrainian men arrested with a car full of hacking tools (Flipper Zero, laptops, SIM cards, etc.).
Authorities' Statement:
Devices included a "spying device detector."
Motivation for the equipment was not provided.

Russia: NFC Relaying Malware

[03:22]

Arrest: Three suspects stole $2.6M via NFC relaying malware.
Technique: Hijacked NFC radios on victims’ phones to interact with bank cards, relaying sensitive data for ATM withdrawals.

Spain: Major Data Theft

[03:45]

Arrest: A 19-year-old in Igualada for selling data from nine organizations (~64 million records) on hacking forums.

Europol: Violence-as-a-Service Crackdown

[04:10]

Operation: 193 people arrested across Europe for providing or facilitating “violence as a service,” including platform operators and contracted perpetrators.
Impact: Linked to shootings and attempted murders.

Notable Quote:

"Europol has arrested 193 people associated with violence as a service providers. This includes platform operators, individuals who recruited people for violent acts and the actual perpetrators."
—Claire Aird [04:12]

Cambodia: SMS Spamming Operation Dismantled

[04:42]

Incident:
Cambodian police raided a warehouse packed with SMS Blaster devices, suspected to be prepped for mobile (car-based) spam campaigns.

Tech Industry: Mass Spyware Warnings

[05:08]

Apple and Google:
Alerts sent to users in nearly 80 countries about potential spyware exposure.
Context:
Warnings coincided with a Google report on spyware vendor Intellexa.

Memorable Moments

The breadth and international nature of the law enforcement cyber actions (Poland, Russia, Spain, Europol, Cambodia).
The ICC’s new policy treating "cyber-enabled genocide" as equivalent to traditional war crimes, marking a major milestone for the recognition of cyber in international law.

Timestamps of Key Segments

| Segment | Timestamp | |-----------------------------------------------|------------| | Linux PCIe Encryption Announcement | 00:04 | | Coupang Hack Raid | 01:05 | | US NDAA Cybersecurity Clauses | 01:43 | | ICC Recognizes Cyber-Enabled Genocide | 02:20 | | Poland: Arrests with Hacking Equipment | 02:54 | | Russia: NFC Relaying Fraud | 03:22 | | Spain: Major Hacking Arrest | 03:45 | | Europol Crackdown on “Violence as a Service” | 04:10 | | Cambodia: SMS Blaster Bust | 04:42 | | Apple/Google Mass Spyware Notifications | 05:08 |

Summary

This episode delivers a comprehensive, rapid-fire survey of major global cybersecurity news—ranging from technical advances in the Linux world to sweeping law enforcement actions and landmark international legal developments. Cloud security, privacy, state policy, and organized cybercrime all feature prominently, with memorable moments underscoring the accelerating convergence between technology, law, and global security.

Loading summary

Transcript1 lines

[00:04]
A
Linux adds PCIe encryption to help secure cloud servers Europol cracks down on violence as a service providers the International Criminal Court prepares for cyber enabled genocide and Cambodia busts a warehouse full of SMS blasters. This is the risky bulletin prepared by Catalyn Kim Panu and read by me, Claire Aird. Take today is the 10th of December and this podcast episode is brought to you by Mastercard. In today's top story, the Linux kernel is adding support for PCI Express Link encryption. The new feature is designed to protect communications between the CPU and components connected via the PCI Express interface in home computers. PCI Express connections are commonly used for graphics cards. However, the standard is also widely used by the servers that run cloud infrastructure. The new feature was developed by intel, AMD and ARM. It'll roll out with the upcoming version 6.19 release of the Linux kernel. In other news South Korean authorities have raided the headquarters of local e commerce giant Kupang. The raid sought evidence related to a recent hack that exposed the personal data of two thirds of the country's population. Local media reports have claimed the company had minimal cyber insurance coverage and poor data protection practices. Coupang filed a complaint against a former employee in relation to the hack. A identified only as a Chinese national. The US House and Senate have reached an agreement on the 2026 National Defence Authorisation Act. The bill includes several cybersecurity related clauses. One requires senior Department of Defence officials to use encrypted phones. Another will provide mental health services for cyber personnel. The bill also includes language to discourage the use of spyware against journalists and seeks to end the so called dual hat joint leadership of NSA and Cyber Command. The NDAA is expected to be submitted for a vote this week. The International Criminal Court will investigate genocide and war crimes that have been enabled through cyberspace. The ICC published a new policy this month that puts cyber on the same footing as crimes committed through more traditional means. Hacks, data leaks, propaganda and social media posts will now be accepted as evidence in ICC investigations. Polish authorities have arrested three Ukrainian men with a car full of hacking equipment. Officials seized Flipper zero devices, antennas, laptops, portable hard drives, SIM cards and routers. They also seized something authorities described as a spying device detector. The suspects did not say why they had the equipment in the car. Russian authorities have arrested three suspects accused of using NFC relaying malware. The trio stole more than $2.6 million from the bank accounts of Russian citizens. Valware used NFC radios on victims phones to communicate with their bank cards. The data was relayed to an accomplice who used it to withdraw cash from ATMs. Spanish police have arrested a 19 year old for selling data stolen from nine companies. The teen was arrested this week in the city of Igualada near Barcelona. He allegedly stole more than 64 million records which he attempted to sell on multiple hacking forums. Meantime, Europol has arrested 193 people associated with violence as the service providers. This includes platform operators, individuals who recruited people for violent acts and the actual perpetrators. The suspects were linked to shootings and attempted murders across several European countries. Cambodian authorities have raided a warehouse that stored a dozen SMS Blaster devices. The equipment was allegedly being prepared to be installed in cars and driven around the city of Phnom Penh. Police discovered the warehouse after stopping an SMS Blaster equipped car last week. And finally, Apple and Google have sent fresh spyware notifications to users in almost 80 countries. Neither company provided details about the specific spyware involved. However, the notifications were sent just days after Google published a report on the activity of spyware vendor Intellexa. And that is all for this podcast edition. Today's show is brought to you by our sponsor MasterCard. Find them@mastercard.com thanks for your company.

Risky Bulletin: Linux Adds PCIe Encryption to Help Secure Cloud Servers

Main Story: Linux Kernel Adds PCIe Encryption

[00:04]

The News:
The upcoming Linux kernel version 6.19 will include PCI Express (PCIe) Link encryption.
Purpose:
Designed to secure communication between the CPU and PCIe-connected components, providing protection against attacks that intercept data via these high-speed internal interfaces.
Scope:
While home computers (notably graphics cards) use PCIe, the innovation is especially targeted at securing cloud servers, where PCIe interconnects are vital.
Development:
A collaborative effort by Intel, AMD, and ARM.

Notable Quote:

"The new feature is designed to protect communications between the CPU and components connected via the PCI Express interface in home computers. ... The standard is also widely used by the servers that run cloud infrastructure."
—Claire Aird [00:10]

Global Cybersecurity News Roundup

Coupang Hack Investigation (South Korea)

[01:05]

Incident: South Korean authorities raided the e-commerce giant Coupang’s headquarters.
Background:
A breach exposed data of two-thirds of South Korea’s population.
Key Points:
- Reports allege poor data protection and minimal cyber insurance.
- Coupang alleged the attack was linked to a (former) Chinese employee.

US National Defence Authorisation Act (NDAA) Updates

[01:43]

Development:
US House and Senate reached consensus on the 2026 NDAA, pending a vote this week.
Cybersecurity-related clauses:
- Senior DoD officials must use encrypted phones.
- Expanded mental health support for cyber personnel.
- Provisions to discourage spyware use against journalists.
- Ending the “dual hat” leadership of NSA and Cyber Command.

Notable Quote:

"The bill includes several cybersecurity-related clauses. One requires senior Department of Defence officials to use encrypted phones. Another will provide mental health services for cyber personnel."
—Claire Aird [01:48]

ICC Addresses Cyber-Enabled Genocide

[02:20]

Headline: ICC will now investigate genocide/war crimes perpetrated or enabled through cyberspace.
Significance:
Cyber activities (hacks, data leaks, online propaganda) are now recognized as legitimate evidence in trials for crimes against humanity.

Arrests and Enforcement Actions

Poland: Hacking Equipment Bust

[02:54]

Story: Three Ukrainian men arrested with a car full of hacking tools (Flipper Zero, laptops, SIM cards, etc.).
Authorities' Statement:
Devices included a "spying device detector."
Motivation for the equipment was not provided.

Russia: NFC Relaying Malware

[03:22]

Arrest: Three suspects stole $2.6M via NFC relaying malware.
Technique: Hijacked NFC radios on victims’ phones to interact with bank cards, relaying sensitive data for ATM withdrawals.

Spain: Major Data Theft

[03:45]

Arrest: A 19-year-old in Igualada for selling data from nine organizations (~64 million records) on hacking forums.

Europol: Violence-as-a-Service Crackdown

[04:10]

Operation: 193 people arrested across Europe for providing or facilitating “violence as a service,” including platform operators and contracted perpetrators.
Impact: Linked to shootings and attempted murders.

Notable Quote:

"Europol has arrested 193 people associated with violence as a service providers. This includes platform operators, individuals who recruited people for violent acts and the actual perpetrators."
—Claire Aird [04:12]

Cambodia: SMS Spamming Operation Dismantled

[04:42]

Incident:
Cambodian police raided a warehouse packed with SMS Blaster devices, suspected to be prepped for mobile (car-based) spam campaigns.

Tech Industry: Mass Spyware Warnings

[05:08]

Apple and Google:
Alerts sent to users in nearly 80 countries about potential spyware exposure.
Context:
Warnings coincided with a Google report on spyware vendor Intellexa.

Memorable Moments

The breadth and international nature of the law enforcement cyber actions (Poland, Russia, Spain, Europol, Cambodia).
The ICC’s new policy treating "cyber-enabled genocide" as equivalent to traditional war crimes, marking a major milestone for the recognition of cyber in international law.