Risky Bulletin: Russia Fines 33 Telcos for Surveillance Non-Compliance

Risky Business // Episode Released Jan 14, 2026

Host: Amberly Jack
Prepared by: Catalin Cimpanu

Overview

In this episode of Risky Bulletin, Amberly Jack delivers a lightning-round update on major cybersecurity news from around the world. The main theme centers on regulatory crackdowns, significant data breaches, innovative malware, and a startling breakthrough in bypassing voice cloning defenses. The episode has a measured, no-nonsense tone, focusing on the facts and technical implications.

Key Discussion Points & Insights

1. Russia Sanctions 33 Telcos over Surveillance Equipment

[00:08 – 01:00]

• Russian authorities have fined 33 telecommunications companies, plus specific staff, for not installing government-mandated traffic inspection devices.
• Since the Ukraine invasion, Roskomnadzor requires telcos to monitor user traffic and block banned sites.
• The move is part of broader internet surveillance efforts.

2. Crypto KYC Rules in India Get Stricter

[01:00 – 01:16]

• India mandates more stringent Know-Your-Customer (KYC) for crypto exchanges.
• Platforms must collect government IDs, tax numbers, selfies, geolocation data, and verify bank accounts and emails/phones.

3. Vietnam Fights Fraud with Stricter Mobile Banking App Requirements

[01:17 – 01:38]

• Banks must disable apps on phones that are rooted or if a debugger is attached.
• Effective March; the goal is to combat fraud and malware.

4. Poland Repels Major Power Grid Cyber Attack

[01:38 – 01:54]

• Late December: Attack targeted communications between renewable energy generation and distribution.
• Called the "largest cyber attack against its power grid in years" by Energy Minister Milosz Motjeka.
• No attribution has been made yet.

“The attack targeted the communications between renewable generation and power distribution operators.” – Amberly Jack, [01:40]

5. Target Investigates Potential Source Code Breach

[01:54 – 02:19]

• US retailer Target took its git server offline after hackers claimed access.
• Sample data published, attacker seeking a buyer.

6. Data Breach Impacts JP Morgan Chase & Goldman Sachs Customers

[02:20 – 02:37]

• Incident at law firm Fried, Frank, Harris, Shriver and Jacobsen: Data for 700 JP Morgan Chase clients exposed.
• Goldman Sachs clients already notified of the same breach last month.

7. Indesa, Spain's #2 Power Firm, Discloses Breach

[02:37 – 02:50]

• Hackers accessed customer contracts, names, ID, and bank info.

8. Ransomware Hits Korean eLearning Giant Kyowon

[02:50 – 03:09]

• Ransomware disrupted the company’s key education portals.
• Services shut down for restoration.

9. Coupang CEO Under Scrutiny over Major Data Breach

[03:09 – 03:33]

• South Korean authorities may ban travel for Coupang’s CEO after a 33.7-million customer breach.
• Leadership shake-up: Harold Rogers steps in after Park Daejun’s resignation.
• Rogers failed to appear at a key government hearing.

10. Arrest of Avchek Admin by Dutch Police

[03:33 – 03:56]

• 33-year-old Dutch national arrested in Amsterdam after flying in from the UAE.
• Avchek, seized in May, let criminals test malware against antivirus before deployment.

“Dutch police have arrested the administrator of the Avchek cybercrime service… detained at the airport in Amsterdam.” – Amberly Jack, [03:40]

11. Leak Exposes Stalkware Operator via MSPY Docs

[03:56 – 04:19]

• Internal docs show SpyX owner’s info after a transaction attempt, refund, and claim of card fraud, exposing their details in the appeals process.

12. New Malware Targets Linux Cloud Infrastructure

[04:19 – 04:41]

• “Void Link” targets Linux cloud/container environments.
• Modular plugins: Reconnaissance, credential harvesting, persistence, lateral movement (targeting Docker and Kubernetes).
• Check Point says the developers are likely Chinese-speaking.

13. Russia’s Laundry Bear Targets Ukrainian Military via Messaging Apps

[04:41 – 04:54]

• Espionage group “Laundry Bear” poses as charities to lure Ukrainian military members to malicious sites (since October).

14. Instagram Password Reset Abuse & Data Leak Denial

[04:54 – 05:07]

• Instagram fixed a vulnerability abused to spam users with reset emails.
• The company denies any massive API scraping, despite user data surfacing for sale.

15. New Attack Bypasses Voice Cloning Protections

[05:07 – 05:27]

• Researchers detail "Vocal Bridge"—an attack that removes ‘protective noise’ from voice clips.
• Once noise is removed, standard AI voice cloning tools can create high-quality fakes.

“The Vocal Bridge attack cleans the audio and allows AI voice cloning tools to create high quality impressions.” – Amberly Jack, [05:25]

Notable Quotes & Memorable Moments

• "Fines were imposed on the telcos as well as relevant employees."
  – Amberly Jack, [00:13]
• "Poland says it repelled a cyber attack against its power grid in late December... described as the largest cyber attack against its power grid in years."
  – [01:39]
• "Dutch police have arrested the administrator of the Avchek cybercrime service. A 33 year old Dutch national was detained at the airport in Amsterdam..."
  – [03:33]
• "The Vocal Bridge attack cleans the audio and allows AI voice cloning tools to create high quality impressions."
  – [05:25]

Key Segment Timestamps

• Russia fines telcos over surveillance non-compliance: [00:08–01:00]
• India’s new crypto KYC rules: [01:00–01:16]
• Vietnam’s app hardening mandate: [01:17–01:38]
• Polish power grid attack: [01:38–01:54]
• Target git server breach: [01:54–02:19]
• JP Morgan Chase / Goldman Sachs breach: [02:20–02:37]
• Indesa energy provider breach: [02:37–02:50]
• Kyowon ransomware attack: [02:50–03:09]
• Coupang breach/CEO fallout: [03:09–03:33]
• Avchek admin arrest: [03:33–03:56]
• MSPY/Stalkware leak: [03:56–04:19]
• Void Link Linux malware: [04:19–04:41]
• Laundry Bear espionage: [04:41–04:54]
• Instagram bug & data denial: [04:54–05:07]
• Vocal Bridge voice clone bypass: [05:07–05:27]

Takeaways

• Governmental demands for surveillance and compliance are intensifying, with heavy penalties for tech companies failing to cooperate.
• Critical infrastructure remains a top cyber target with escalating attack sophistication.
• Next-generation malware is evolving quickly, particularly for cloud/container environments.
• Voice privacy faces new threats as academic work tears down last-generation defenses.
• Trust in vendors and platforms is under continual strain as breach headlines spread from law firms to retailers to energy providers.

For comprehensive weekly cybersecurity news—delivered concisely and without hype—Risky Bulletin remains essential listening.