Podcasts

Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs.

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy.

In this Soap Box edition of the Risky Business podcast Patrick Gray sits down with Airlock Digital co-founders Daniel Schell and David Cottingham to talk about the role AI models could play in managing enterprise allowlists.

They also talk about the durability of allowlisting as a control. After 12 years in business, the Airlock product hasn’t really changed all that much. That’s a good thing! It also means the Airlock team have been able to spend some time doing deep engineering instead of chasing the latest attacker TTPs and writing detection rules for them.

This episode is also available on Youtube.

Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date.

They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret.

This episode is also available on Youtube.

Join James Wilson in this solo podcast as he takes a (ridiculously) deep dive into the Coruna exploit kit. James was a software engineer and senior manager at Apple for many years, so he has an intimate knowledge of iOS internals. He even worked alongside the people who wrote the software that the Coruna kit exploits!

This long-form solo podcast follows the chain of exploits from watering-hole website right through to full device compromise with many incredible leaps over security boundaries along the way. You’ve heard Coruna described as a sophisticated, nation state-grade exploit kit, and James will explain to you why that description is fitting.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• The Coruna exploits were L3 Harris, but it seems Triangulation… was not!
• Iran’s cyber HQ hit by Israeli (kinetic) strikes
• Trump’s cyber “strategy” is … well, all we’ve got is jokes cause there’s no serious content
• NSA and CyberCom finally get a leader after Lt Gen Joshua Rudd gets Senate nod
• DOGE (remember them?!) employee walked a social security database out on a USB stick

This episode is sponsored by open source cloud security scanner Prowler. Creator and CEO Toni de la Fuente talks to Pat about some of the enterprise features Prowler is growing, while remaining true to its open source roots.

This episode is also available on Youtube.

The Senate confirms a new CyberCom and NSA chief, the US will establish an inter-agency cyber unit, the UK’s Online Crime Centre will launch in April, and the Coruna iOS hacking kit was the work of L3Harris.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why an internet shutdown won’t stop US cyber operations in Iran.

This episode is also available on Youtube.

US federal agencies told to crack down on scams and cybercrime, the White House releases its new Cyber Strategy, suspected Chinese hackers breach the FBI’s wiretap network, and Romania’s largest meat exporter is insolvent after a ransomware attack.

In this Risky Business sponsor interview, Marco Slaviero, CTO of Thinkst, talks to Tom Uren about how the company ensures that it is a learning organisation.

The pair discuss the company’s investment in its Thinkst Labs, how it differs from other security research labs, and how it helps grow products and people.