Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:

• Iran’s Intune-based wiper attack on medical device maker Stryker
• Qihoo 360’s AI publishes its own wildcard TLS cert private key
• Instagram is canning its end-to-end encrypted messaging
• What’s going on with mobile internet access in Moscow?
• The Xbox One’s bootloader gets voltage glitched into submission
• Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…)

This week’s episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique.

This episode is also available on Youtube.

Show notes

• Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems
• Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch
• Stryker attack raises concerns about role of device management tool | Cybersecurity Dive
• Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News
• How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks | WIRED
• U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued
• Risky Business Features: Being a Wartime CISO
• Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica
• China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key
• Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular
• Risky Business Features: MCP is Dead
• Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios
• Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios
• What is end-to-end encryption on Instagram | Instagram Help Center
• US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access | WIRED
• Website "whitelists" launched in Moscow | Forbes.ru
• Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters
• Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop
• Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica
• RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube
• CrackArmor: Multiple vulnerabilities in AppArmor