Podcasts

In this Risky Bulletin sponsor interview Michael Leland, Field CTO of Island, talks about how Island manages risks from extensions, phishing and infostealers. Even when credentials are stolen, it is still not game over and there are still ways to prevent data loss and breaches.

Intellexa is alive and well despite US sanctions, Paragon spyware used a zero-click iMessage exploit, South Korea’s largest online bookstore gets ransomwared, and law enforcement takes down several cybercrime operations.

Tom Uren and Patrick Gray talk about how a Trump executive order has scaled back the government’s cyber security ambitions. The carrots and sticks that would have been used to encourage organisations to adopt stricter security standards are gone.

They also discuss North Korea’s use of AI in its IT worker scam and the emergence of espionage-as-a-service… perhaps.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• New York Times gets a little stolen Russian FSB data as a treat
• iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign
• Researcher figures out a trick to get Google account holders’ full names and phone numbers
• Major US food distributor gets ransomwared
• The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems
• Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar.

This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst.

This episode is also available on Youtube.

SentinelOne dodges a Chinese APT hack, anonymous sources point to more Salt Typhoon victims, a cyberattack disrupts grocery deliveries in the US, and 140 arrested in Kazakhstan for selling citizens’ data.

In this edition of Between Two Nerds Tom Uren and The Grugq take a look at the hackers of Unit 29155, Russian military intelligence’s sabotage and assassination group.

This episode is also available on Youtube.

The EU launches its own DNS service, Trump revises previous administrations’ cyber executive orders, a supply chain attack hits popular NPM packages, and mysterious iOS attacks spotted in the wild.

In this sponsored interview, Casey Ellis interviews Push Security co-founder and Chief Product Officer Jaques Louw about how good phishing crews have gotten at evading detection.

Attackers are hiding their payloads behind legitimate bot-detection tools to stop things like email security gateways from seeing them, as well as locking up phishing pages behind OAuth challenges.

Push sees all this because it’s installed as a browser plugin and sees what users see.

A hacking group goes after Salesforce data, the FBI takes down the BidenCash carding forum, China offers rewards for Taiwanese military hackers, and high risk bugs are patched in enterprise software from HPE and Infoblox.

Tom Uren and Patrick Gray talk about how Operation Endgame, the multinational law enforcement effort to tackle ransomware is approaching the problem holisitically. It’s tackling the enablers of ransomware and although it won’t eliminate the crime, it’ll make it harder for criminals.

They also discuss the spyware app that helped to dismantle the Syrian regime, at least maybe a little bit, and how Russian military intelligence’s sabotage and assasination unit got into cyber operations.

This episode is also available on Youtube.