In this podcast Patrick Gray and Tom Uren talk about what to do about commercial spyware. A new Google TAG report is a great primer on the ecosystem.
They also talk about Ukraine’s shift in cyber strategy. It is now carrying out and publicising that it is launching destructive cyber operations.
Finally, they look at all the reasons why banning ransomware payments is a bad idea.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
In this week’s sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren’t well equipped to deal with them.
In this edition of Between Two Nerds Tom Uren and The Grugq talk about why military doctrine in authoritarian states has an emphasis on cyber and information supremacy.
In this Soap Box interview Greynoise founder and absolute legend Andrew Morris joins the show to talk about:
It truly is a great conversation, we hope you enjoy it!
In this Risky Business News sponsored interview, Tom Uren talks to Proofpoint Senior Threat Researcher Greg Lesnewich. Greg explains how a North Korean group is using DMARC spoofing in its efforts to gather strategic intelligence.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this podcast Adam Boileau and Tom Uren talk about how the US has kicked off a campaign to combat Volt Typhoon, a PRC group that is positioning itself in US critical infrastructure to be able to disrupt it in the event of conflict.
They also discuss how changing attacker behaviour has led to CISA’s emergency directive to disconnect Ivanti Connect Secure devices.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
This week’s feature guest is Eric Goldstein, the executive assistant director for cybersecurity at CISA. He’s joining the show to talk about CISA’s demand that US government agencies unplug their Ivanti appliances. He also chimes in on why the US government is so rattled by Volt Typhoon and addresses a recent report from Politico that claims CISA’s Joint Cyber Defense Collaborative is a bit of a shambles.
This week’s sponsor guest is Dan Guido from Trail of Bits. He joins us to talk about their new Testing Handbook. Trail of Bits does a bunch of audit work and they’ve committed to trying to make bug discovery a one time thing – if you find that bug once, you shouldn’t have to manually find it on another client engagement. Semgrep for the win!
In this edition of Between Two Nerds Tom Uren and The Grugq talk about what up and coming countries should expect from a cyber command and whether they should invest in them.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this Risky Business News sponsor interview Tom Uren talks to Haroon Meer of Thinkst Canary. They discuss how network attackers win, how their tactics have changed over time and what this means for network defenders.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this podcast Patrick Gray and Tom Uren talk about how the NSA suffered collateral damage from the US’s lax data privacy environment.
They also discuss how to respond to aggressive adversaries, how the current SEC cyber security disclosure regime is pointless and finally admit they occasionally get things wrong.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
This week’s feature guest is Australia’s assistant foreign minister (and cybersecurity tragic) Tim Watts. He joins us to talk about why the Australian government sanctioned Aleksandr Ermakob.
Sublime Security founder and CEO Josh Kamdjou is this week’s sponsor guest. He joins us to talk about combating QR-code phishing.
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how the war in Ukraine is showing how useful mobile devices are in war. Using them is risky, but those risks need to be managed.
They refer to this report which examines location tracking in the battlefield.
NOTE: We initially published the wrong mp3 for this episode. It has been corrected!
In this Risky Business News sponsor interview, Catalin Cimpanu talks with Bradon Rogers, Chief Customer Officer at enterprise browser Island, on how a modern enterprise browser solution like Island can be used to replace, complement, or enhance some enterprise security tools or technology stacks.
