Transcript
A (0:04)
China sentences 11 scam compound operators to death the UK makes another request for Apple user data, an Iranian apt gets doxxed again and Microsoft launches a security store. This is the risky bulletin prepared by Catalyn Kimpanu and read by me, Claire aird. Today is the 3rd of October and this podcast episode is brought to you by Authentic China has handed death sentences to 11 people for running cyberscam compounds in Myanmar. Five others received suspended death sentences, while 23 individuals were sentenced to between five years and life in prison. All 39 are members of the infamous Ming crime family. The group ran multiple cyberscam compounds in the Kokang region of Myanmar. The compounds made $1.4 billion. The the severity of the sentencing reflects that 16 people died in the compound's call centres. In other news, A hacking group has stolen sensitive customer data from software giant Red Hat. The hack occurred two weeks ago when the Crimson Collective group stole the data from Red Hat's private git repositories. The data allegedly includes information about the internal networks of almost 800 customers. The group attempted to extort Red Hat, but the company did not respond. Microsoft will block inline SVG images from being displayed in Outlook the announcement comes after a recent increase in the abuse of SVG files by cybercriminals. Microsoft says it will impact less than 0.1% of images displayed in Outlook. This week's release of Google Chrome includes a feature to detect when malicious extensions intercept searches in the address bar. Chrome 141 also adds origin Isolation, which better isolates sites to prevent side channel attacks. A new feature in the Google Drive client app uses AI to counter ransomware attacks. The AI detects ransomware activity and prevents encrypted files from syncing to the server. Users will have the ability to restore affected files. The UK has renewed its attempt to access encrypted user data stored in Apple's cloud. The government sent its latest request to Apple in September. Its first request in January resulted in Apple turning off advanced data protection for UK users, according to the Financial Times. The new request is narrower in scope and only seeks to access UK citizens data. The signal messenger has threatened to leave the EU if the block passes its chat control legislation. The proposed law would require encrypted messengers to scan conversations client side for abusive material. Officials will vote on the proposal in mid October. Twelve of the bloc's 27 members are publicly backing the proposal and eight are against it. The rest remain undecided. Signal president Meredith Whittaker made similar threats when authorities in France Sweden and the UK considered encryption backdoor laws. Meantime, European MPs have raised concerns over some member states providing financial aid to spyware companies. At least four spyware companies have received funding or subsidies. The financing came to light last month following several new news reports. Russian hacktivist group Noname 057 was responsible for almost two thirds of reported cyber attacks in the EU in the last year. The Threat Landscape report released by EU Cyber Security Agency ANISA said almost 80% of all cyber attacks were ideologically motivated. Russian groups were the most active in both the cyber espionage and disinformation categories. Hackers have stolen $21 million worth of assets from SBI crypto. The stolen funds were quickly laundered via tornado cash, according to blockchain investigators. The hack has the characteristics of a North Korean heist. The CLOP extortion group is demanding ransom payments from Oracle customers. The group says it stole data from victims deployments of the Oracle E business suite. Google says hundreds of ransom demand emails have been sent, but no breaches have been confirmed so far. Sensitive data has been leaked from the Iranian cyber espionage group Charming Kittens, also known as APT35. An unknown group calling itself the Kitten Busters published details of the group's malware, previous attacks and alleged members. The leak includes the names of multiple individuals linked to APT 35. It also names the group's leader as Abbas Hossein. APT 35 has previously been linked to unit 1,500 of Iran's Islamic Revolutionary Guard Corps intelligence organisation. Draytek has released security updates for its Vigor routers. The update fixes a vulnerability that allowed attackers to hijack the routers via their web management interfaces. Valid credentials were not required. Academics have built a malicious memory module that can break the confidentiality of modern clouds. The battering ram research demonstrates an attack that compromises the security features of intel and AMD processors. It relies on hardware that's inserted between the memory modules and the rest of the computer system. According to the research team, they built the hardware for about $50. Equivalent commercial devices can exceed $100,000. The HackerOne bug bounty platform paid $81 million to security researchers over 12 months. The company received almost 85,000 valid reports between July 2024 and June 2025. The average reward payout was $1,090. AI product vulnerabilities were a RIS, with more than $2.1 million paid out. Most of the reports covered prompt injection attacks. And finally, Microsoft has launched a dedicated store for Azure security products. The Microsoft Security store will sell SaaS, security solutions and AI agents that integrate with the company's security products. Several security vendors are already shilling their wares in the store, and that is all for this podcast edition. Today's show is brought to you by Authentic. Find them at Goauthentic. I thanks to your company.