Tom Uren's Avatar

Tom Uren

@tom.risky.biz

Author of the Seriously Risky Business cyber security newsletter

3,503 Followers  |  208 Following  |  46 Posts  |  Joined: 15.05.2023  |  1.8186

Latest posts by tom.risky.biz on Bluesky

That didn't occur to me and I think it unlikely to be the *direct* cause. But there could be distrust because of the vibe surrounding export control and material from Snowden leaks etc.

Tbh, I was hoping someone might reply and tell me what the reason was!

19.05.2025 00:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Bonjour, Fellow IT Workers Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edit...

Good update from @tom.risky.biz about the evolving North Korea IT Worker threat and the pivot to Europe...and extortion.

03.04.2025 12:02 β€” πŸ‘ 19    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

Was great to get @tom.risky.biz’s thoughts on the Signal drama in today’s seriously risky biz

Audio: risky.biz/SRB114/
Video: risky.biz/video/srsly-...
Written analysis: risky.biz/the-signalga...

27.03.2025 02:46 β€” πŸ‘ 18    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0

thanks for your thoughts in this one Nathan!

20.03.2025 04:19 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Outside America, Musk's X is a Foreign Influence Threat Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edit...

Fantastic piece by @tom.risky.biz --couldn't agree more.

news.risky.biz/outside-amer...

13.03.2025 02:37 β€” πŸ‘ 16    πŸ” 6    πŸ’¬ 0    πŸ“Œ 2
Video thumbnail

Have you watched or listened to Between Two Nerds with @tom.risky.biz and @thegrugq.bsky.social yet? You should!

Deny, degrade, discombobulate!

Audio: risky.biz/BTN109/

Video: www.youtube.com/watch?v=XEXg...

25.02.2025 06:11 β€” πŸ‘ 27    πŸ” 6    πŸ’¬ 2    πŸ“Œ 0

Thanks Bill. The audio got out of sync during editing but we pushed out a fixed version. I guess that came out after you’d downloaded or listened. Sorry!

07.02.2025 08:04 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I suppose the broader point of the whole episode is that compromising telcos' lawful intercept was not necessary. I think you broadly agree? I hope the CSRB will be reconstituted and we might find out actually what happened.

06.02.2025 23:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Re: complete coverage. According to reporting Salt Typhoon has been very targeted. When your goal is intel from specific devices, lack of global coverage is neither here nor there. 3/4

06.02.2025 23:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Re: protocol stacks being different and undocumented. That's a problem sigint agencies deal with and overcome. When an agency has potential access to presidential-level comms, complex protocols are just something they deal with. 2/4

06.02.2025 23:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Hi Konrad,

thanks for this, I'm sure you are right and we undersold the difficulty of intercepting calls, contractors & detecting badness, etc and it is good to get feedback. 1/4

06.02.2025 23:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Srsly Risky Biz: Why two hats are better than two heads
YouTube video by Risky Business Media Srsly Risky Biz: Why two hats are better than two heads

My colleague @tom.risky.biz makes a compelling argument that two hats are better than two heads when it comes to how NSA and Cyber Command are run.

Written analysis:

risky.biz/two-hats-are...

Audio discussion:

risky.biz/SRB106/

Video discussion:

www.youtube.com/watch?v=RNw5...

19.12.2024 03:44 β€” πŸ‘ 12    πŸ” 2    πŸ’¬ 2    πŸ“Œ 0
Between Two Nerds: The evolution of Russia's cyber operations in Ukraine - Risky Business Between Two Nerds: The evolution of Russia's cyber operations in Ukraine

The Latest Between Two Nerds podcats with @tom.risky.biz and @thegrugq.bsky.social is out now:

risky.biz/BTN105/

16.12.2024 22:41 β€” πŸ‘ 22    πŸ” 4    πŸ’¬ 2    πŸ“Œ 1
Between Two Nerds: How loose is too loose?
YouTube video by Risky Business Media Between Two Nerds: How loose is too loose?

Between Two Nerds with @thegrugq.bsky.social and @tom.risky.biz is now available on YouTube as well as all audio podcast platforms!

www.youtube.com/watch?v=VFuh...

09.12.2024 22:35 β€” πŸ‘ 32    πŸ” 6    πŸ’¬ 3    πŸ“Œ 0
Preview
The PLA's Cyber Operations Go Dark The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at Russia's use of cybercriminals to support its war effort in Ukraine, new Australian cyber security legislation, and more. Read the weekly newsletter by @tom.risky.biz:

22.11.2024 14:39 β€” πŸ‘ 52    πŸ” 7    πŸ’¬ 1    πŸ“Œ 1
Preview
Expect More Covert Action Under Trump The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at what a second Trump term may mean for cybersecurity, a UN draft cybercrime treaty, why Italy is a hub for spyware, and more. Read the weekly newsletter by @tom.risky.biz:

15.11.2024 19:01 β€” πŸ‘ 93    πŸ” 26    πŸ’¬ 1    πŸ“Œ 0
Preview
Expect More Covert Action Under Trump Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edit...

This is a good read from @tom.risky.biz on Trump's expected cybersecurity policy initiatives during his 2nd term

news.risky.biz/r/dc1486a0?m...

14.11.2024 13:32 β€” πŸ‘ 8    πŸ” 5    πŸ’¬ 1    πŸ“Œ 1
Preview
Russia's GRU Thugs Double Down on Recruiting Cybercrooks The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at Russia's use of cybercriminals to support its war effort in Ukraine, new Australian cyber security legislation, and more. Read the weekly newsletter by @tom.risky.biz:

18.10.2024 14:51 β€” πŸ‘ 13    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Preview
RUnet Under Attack: Cyber Conflict Implications for Russia - Hitachi Center for Technology and International Affairs Please join the Hitachi Center on Wednesday, October 9th at 12pm in Cabot 206 to hear from Oleg Shakirov from Johns Hopkins SAIS's research on the repercussions of cyber warfare in Russia.

How is cyber conflict viewed from Russia and what implications does it have?

I'm presenting this Wednesday at the The Fletcher School at Tufts University Hitachi Center. Stop by if you are around Boston.

myfletcher.tufts.edu/hctia/rsvp_b...

07.10.2024 23:01 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Neutering Volt Typhoon to Deter China The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at Microsoft's update to its Secure Future Initiative, Indonesia's new cyber force, China's claim that Taiwan is running an influence campaign inside its borders, and more. Read the weekly newsletter by @tom.risky.biz:

27.09.2024 15:30 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
How Chinese Illegal Gambling Infiltrates European Football The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at how the Cyber Safety Review Board should investigate the CrowdStrike incident, the fragmenting of the ransomware ecosystem, Russian malware attacks against Ukraine, and more. Read the weekly newsletter by @tom.risky.biz:

26.07.2024 15:06 β€” πŸ‘ 8    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

Not just according to us!
www.foodrepublic.com/1318428/how-...

08.04.2024 22:43 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
White House's Software Engineering Advice + Child Safety and Encryption Bans The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

This week's Seriously Risky Business looks at the recent White House report on the adoption of memory-safe programming languages, a Β£350k fine for the U.K. Ministry of Defence, and more. Read the weekly newsletter by @tom.risky.biz.

01.03.2024 16:08 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

My take is that it is up to companies to use services that support proper archiving and storage. If Signal doesn't want to serve that market they don't have to do anything.

I know that AWS built that capability into Wickr, for example, so there are products that are tailored for that.

22.02.2024 04:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

This week's Seriously Risky Business:
- The PRC's freewheeling cyber espionage market
- Disruption kicks off
- How state cyber groups use AI

Thanks to Dakota Cary and Dr Huong Le Thu for their thoughts.

listen: podcasts.apple.com/au/podcast/s...
or read: news.risky.biz/risky-biz-br...

22.02.2024 04:19 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

@tom.risky.biz is following 20 prominent accounts