Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack
17 December 2025

Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack

Risky Business

About

In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:




    React2Shell attacks continue, surprising no one
    The unholy combination of OAuth consent phishing, social engineering and Azure CLI
    Venezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?!
    Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain
    Microsoft finally turns RC4 off by default in Active Directory Kerberos
    Traefik’s TLS verify=on … turns it off, whoopsie 🤡


This week’s episode is sponsored by Sublime Security, makers of an email filtering solution that’s up for dealing with modern problems. Founder and CEO Josh Kamdjou joins to talk about calendar invite phishing, and the extra steps they’ve had to take to reach into people’s calendars and fix the mess.



The Risky Business weekly show is taking holiday break, and will return on 14 January for its twentieth year! Good luck out there, internet friends.



This episode is also available on Youtube.





Show notes


    React2Shell attacks expand widely across multiple sectors | Cybersecurity Dive

    React issues new patches after security researchers flag additional flaws | Cybersecurity Dive

    ConsentFix: Browser-native ClickFix hijacks OAuth grants

    Hacking Endpoint to Identity (Microsoft 365): "ConsentFix" - YouTube

    Announced pick for No. 2 at NSA won’t get the job as another candidate surfaces | The Record from Recorded Future News

    Laura Loomer on X: "EXCLUSIVE: 🚨 White House Official Confirms Ongoing Search for NSA Deputy Director As Tim Kosiba's Deep State And Anti-Trump Ties Raise Red Flags 🚨"

    Senior official at Indo-Pacific Command is set to be Trump’s pick to lead Cyber Command, NSA | The Record from Recorded Future News

    Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg

    PdV says cyber attacks contained | Latest Market News

    Venezuela state oil company blames cyberattack on US after tanker seizure | The Record from Recorded Future News

    Office of Public Affairs | Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups | United States Department of Justice

    DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure | The Record from Recorded Future News

    vx-underground on X: "The United States government has indicted a state-sponsored Threat Actor named Victoria Eduardovna Dubranova"

    vx-underground on X: "I'm actually laughing. One of the compromises is so dumb"

    German parliament suffers suspected cyber attack during Zelenskyy’s visit

    Während Selenskyj-Besuch: Große Internet-Störung im Bundestag! | Politik | BILD.de

    Germany summons Russian ambassador over cyberattack, election disinformation | The Record from Recorded Future News

    Russische hackgroep had toegang tot openbare waterfontein in Nederland | de Volkskrant

    Most Parked Domains Now Serving Malicious Content – Krebs on Security

    PornHub extorted after hackers steal Premium member activity data

    Office of Public Affairs | Senior Manager for Government Contractor Charged in Cybersecurity Fraud Scheme | United States Department of Justice

    Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - Ars Technica

    CVE-2025-66491: Traefik's "Verify=On" Turned TLS Off | AISLE

    Dylan O'Donnell 🦋 on X: "This week I was rushed to hospital with a diagnosis of oesophageal cancer."