Risky Business Podcast
May 28, 2025
Risky Business #793 -- Scattered Spider is hijacking MX records
Presented by
Technology Editor
CEO and Publisher
In this week’s edition of Risky Business Dmitri Alperovitch and Adam Boileau join Patrick Gray to talk through the week’s news, including:
- EXCLUSIVE: A Scattered Spider-style crew is hijacking DNS MX entries and compromising enterprises within minutes
- The SVG format brings the all horrors of HTML+JS to image files, and attackers have noticed
- Brian Krebs eats a 6.3Tbps DDoS … ‘cause that’s how you demo your packet cannon
- Law enforcement takes out Lumma Stealer, Qakbot, Danabot and some dark web drug traffickers
- Iranian behind 2019 Baltimore ransomware mysteriously appears in North Carolina and pleads guilty
- CISA’s leadership is fleeing in droves, even though the US needs them more than ever.
This week’s episode is sponsored by Thinkst Canary. Long time friend of the show Haroon Meer joins and talks through where he feels the industry is at, having just returned home from the AI-fueled hype at this year’s RSA conference.
This episode is also available on Youtube.
Brought to you by Thinkst
Know. When it Matters!
Show notes
Risky Bulletin: SVG use for phishing explodes in 2025 - Risky Business Media
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – Krebs on Security
Microsoft leads international takedown of Lumma Stealer | Cybersecurity Dive
Oops: DanaBot Malware Devs Infected Their Own PCs – Krebs on Security
DOJ charges man allegedly behind Qakbot malware | The Record from Recorded Future News
USA: Crypto investor charged with kidnapping, torturing man in an NYC apartment
CISA loses nearly all top officials as purge continues | Cybersecurity Dive
White House dismisses scores of National Security Council staff - The Washington Post