Risky Bulletin: Norway Skittish of its Chinese Electric Buses

Podcast: Risky Bulletin (Risky.biz)
Date: November 3, 2025
Host: Claire Aird (prepared by Catalyn Kim Panu)

Episode Overview

This episode covers the latest cybersecurity news headlines, with a primary focus on concerns in Norway over Chinese-made electric buses featuring remote control capabilities. Additionally, the episode explores developments in cybersecurity workforce training in the U.S., regulatory moves in Europe on telecom security, ongoing scam crackdowns in Asia, cybercrime cases, and notable software security updates.

Key Discussion Points and Insights

1. Norway's Concerns Over Chinese Electric Buses

[00:04–01:10]

• Main Story: Oslo public transportation agency discovered that their Chinese-manufactured Utong electric buses have embedded remote control features, highlighted during a recent audit.
• Technical Findings: The capabilities were found in the software diagnostics module and battery systems of the buses.
• Scope: Over 300 Utong buses are deployed in Oslo, with 550 more across Norway.
• Comparison: No remote control features were detected in Dutch-made buses.
• Implication: Raises questions about transportation infrastructure security and dependencies on foreign manufacturers.

2. U.S. Cyber Corps Program Could Saddle Students with Debt

[01:11–01:58]

• Challenge: The program, meant to train cybersecurity experts for government roles in exchange for tuition, faces trouble as hiring freezes and budget cuts have led to job offers being rescinded.
• Debt Risk: Without placements, students may be forced to repay their training costs.
• Reference: “Many participants…have had job offers rescinded this year following federal budget cuts and hiring freezes.” (01:30)

3. Russia Blocks 2FA Calls and SMS

[01:59–02:25]

• Russian telecoms are blocking two-factor authentication mechanisms—calls and SMS—for apps like Telegram and WhatsApp.
• Impact: Hinders logins and new-user signups for messaging services.
• Context: Follows Russia’s ongoing attempts to restrict and control internet communications.

4. Germany Considers Paying to Replace Huawei Gear

[02:26–02:48]

• The German government is weighing whether to use public funds to help Deutsche Telekom replace Huawei telecommunications equipment.
• Cost Estimate: Could exceed 2 billion euros.
• Backdrop: Most NATO allies have already prohibited Huawei from core networks.

5. Iranian Hackers Expose Sensitive Israeli Defense Data

[02:49–03:17]

• Attack: Iranian Cybertufan Group claims breach of Maya Defence (an Israeli contractor), leaking employee names, photos, internal documents, and factory CCTV footage.
• Significance: Maya Defence supplies drones, missiles, and launch systems to the Israeli government.

6. Cryptocurrency Hack – Garden Defi Platform

[03:18–03:32]

• Hackers stole approximately $10.8 million from the DeFi platform “Garden.”
• The company proposed a 10% bounty for return of the funds.
• More than a quarter of the platform's activity is tied to criminal transactions.

7. AI-Driven Scareware Blocking in Edge and Chrome

[03:33–04:08]

• Microsoft Edge: Rolled out a scareware blocker using a local computer vision model to detect/block fake warnings and popup scams (Edge v142).
• Chrome: Similar blockers using large language models (LLMs) for scam detection added last week.

8. Conti Ransomware Member Extradited to U.S.

[04:09–04:27]

• Case: Ukrainian Alexi Alexeyevich Litvin Nenko extradited for his role in the Conti ransomware group between 2020-2022.
• Detail: Arrested in Ireland in 2023; accused as a key operative.

9. Southeast Asian Crackdowns on Scam Compounds

[04:28–05:11]

• Thailand: Arrested 24 alleged scammers near Bangkok; many are Filipino nationals fleeing Myanmar enforcement.
• Cambodia: Authorities raided a scam compound, detaining 111 mostly Indonesian suspects; part of broader anti-scam operations.
• Singapore: Seized $115 million in assets linked to Chen Ji Was, operator of notorious Cambodian scam compounds—sanctioned by the U.S. Treasury.

10. Major U.S. and Australian Cybercrime Cases

[05:12–05:44]

• U.S.: Arizona man Baron Kane Martin faces charges over the 764 online terror network, accused of child exploitation, murder-for-hire, and animal torture.
• Australia: Federal police launches Task Force Pompolid (child exploitation & extremism) and Task Force Thunder (Pacific cybercrime).

11. Canadian Tech Support Scam

[05:45–06:10]

• An elderly Canadian couple lost $1 million to scammers after months of fake tech support calls, manipulation, and coerced gold and Bitcoin transfers.

12. Cisco IOS XE Routers Malware Infections

[06:11–06:34]

• Over 400 routers in Australia infected due to unpatched vulnerabilities in Cisco devices.
• Threat Actor: Chinese cyber espionage group “Salt Typhoon.”

13. New Linux Privilege Escalation Exploited by Ransomware

[06:35–end]

• Ransomware group exploits a 2024 Linux nftables kernel vulnerability for root access.
• Confirmation: CISA has validated the exploit is active, but responsible group remains unidentified.

Notable Quotes & Memorable Moments

• On Norway’s transport audit:

  “During an audit, Oslo's public transportation agency found that its buses from Chinese carmaker Utong had remote control capabilities.” (Claire Aird, 00:15)

• On US Cyber Corps risk:

  “If students do not get a government job, they’re required to repay the costs.” (Claire Aird, 01:47)

• On advanced browser protection:

  “The scareware Blocker uses a local computer vision model to block full screen pop ups and fake warnings.” (Claire Aird, 03:43)

• On Southeast Asian crackdown:

  “Singaporean authorities have seized $115 million in assets belonging to a Cambodian scam compound operator… The group ran scam compounds in Cambodia, where it used kidnappings and threats of violence.” (Claire Aird, 05:06–05:11)

Important Segment Timestamps

• Norway Electric Bus Remote Controls: 00:04–01:10
• U.S. Cyber Corps Debt Issues: 01:11–01:58
• Russia Blocks 2FA: 01:59–02:25
• Germany and Huawei: 02:26–02:48
• Israeli Defense Hack: 02:49–03:17
• DeFi Crypto Theft: 03:18–03:32
• Edge/Chrome AI Scam Blockers: 03:33–04:08
• Conti Ransomware Extradition: 04:09–04:27
• Asian Scam Crackdowns: 04:28–05:11
• U.S. and Australian Cybercrime: 05:12–05:44
• Canadian Fraud: 05:45–06:10
• Cisco Router Hacking: 06:11–06:34
• Linux Kernel Vulnerability: 06:35–End

Summary

This episode of Risky Bulletin delivers a rapid rundown of global cybersecurity stories, led by Norway’s scrutiny of Chinese bus technology, challenges in cybersecurity workforce pipelines, international moves against telecommunications risks, expanding criminal crackdowns in Asia, software security upgrades, and ongoing cybercrime investigations. The reporting remains concise, factual, and focused on risk implications, making it a highly informative briefing for security professionals and public observers alike.