Srsly Risky Biz: Living off the land is the new normal

PLUS: Why more service providers are critical than you think...

In this podcast Patrick Grey and Tom Uren talk about how threat actors abusing legitimate tools (aka living off the land) is the new normal. Everyone is doing it, from activists to cybercriminals to nation states. It’s a worry because defender’s standard practices really aren’t set up to detect and deal with that kind of behaviour.

They also discuss how cyber incidents in the US and UK amongst providers of key real estate services are disrupting house sales.

Risky Business #728 -- The Citrixbleed ransomware disaster

PLUS: Why we secretly stan DPRK APTs...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • The Citrixbleed ransomware crisis
  • Why the FBI hasn’t arrested Scattered Spider members
  • DPRK is in your supply chains
  • Microsoft has a brainwave and buys a HSM
  • When civil war meets pig butchering
  • Much, much more

This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Biz News: Chipmaker NXT hacked by Chinese APT group

PLUS: Russians issue arrest warrant for Facebook executive; EU holds election cybersecurity exercise; and three cryptocurrency exchanges lose a total of $161 million.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: Death by a thousand cuts

PLUS: Ransomware's latest troll

In this podcast Adam Boileau and Tom Uren talk the rise of the Indian hack-for-hire industry. It doesn’t get the same attention that high-profile iPhone ‘zero-click’ hacking does, but its a global scourge that undermines legal processes.

They also discuss the AlphV ransomware group reporting a company to the SEC for not disclosing a breach that it caused.

Risky Biz News: Fastly to block domain fronting in 2024

PLUS: Windows Hello authentication bypassed; Pegasus spyware found in Serbia; and 21 Chinese anti-censorship tools disappeared overnight.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu.

You can find the newsletter version of this podcast here.

Risky Biz Soap Box: Why o365 and Google Workspace are a security liability

How Material Security uses API magic to tackle Google Workspace and o365 security challenges...

In this Soap Box podcast Patrick Gray talks to Material Security’s CEO and co-founder Abhishek Agrawal about the security problems inherent to modern productivity suites.

Does it make sense that threat actors can authenticate to o365 and Workspace accounts and clean them out entirely? Years of mail, years of files?

Material Security has built a product that tackles this issue. It can lock up email archives behind MFA challenges, redact PII from inboxes, better control files share via Google Drive and OneDrive, and just generally limit the damage a threat actor can inflict when they compromise a cloud productivity account.

Even if you’re not interested in buying a product to tackle this, we think this one is a great listen.

Srsly Risky Biz: LockBit's disastrous success

PLUS: How to sneak by without regulation

In this podcast Adam Boileau and Tom Uren talk about two very significant cyber incidents. In the first, LockBit attacked the US arm of China’s biggest bank and the disruption left the bank owing USD$9bn at the end of the day. The other disrupted 40% of Australia’s port traffic.

They also examine the reasons why it makes sense for banks to do more regarding fraud.

Between Two Nerds: The Rules of War in cyberspace

Why talking about International Humanitarian Law is both pointless yet still worthwhile

In this edition of Between Two Nerds Tom Uren and The Grugq talk about International Humanitarian Law aka the Rules of War in cyberspace. These rules don’t really make sense in cyberspace, but despite that we think talking about them (and other norms of behaviour) is still worthwhile

Risky Biz News: Malay officials take down BulletProftLink

PLUS: UAE tricks and arrests BEC scam group; Australian ports crippled by a cyber attack, and Windows Server 2012 gets paid security updates.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu.

You can find the newsletter version of this podcast here.