Podcasts

News, analysis and commentary

Risky Bulletin: New phishing technique bypasses FIDO keys

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Hackers bypass FIDO keys with a new phishing technique, a mobile surveillance vendor deploys an SS7 exploit, ransomware hits South Korea’s largest insurance provider, and law enforcement agencies dismantle a pro-Kremlin DDoS group.

Risky Bulletin: New phishing technique bypasses FIDO keys
0:00 / 8:03

Srsly Risky Biz: Spain leaves key under mat for Huawei

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Amberleigh Jack talk about Huawei’s contract to manage storage for Spain’s lawful intercept system. News broke this week that Spain had signed a €12 million contract, but it turns out Huawei has been involved in the system since 2004!

They also discuss arrests in the UK of four individuals associated with Scattered Spider. The criminal resumés of two of the suspects support the idea that there are key individuals with outsize impact. But they also reinforce that the online communities they are involved in act as training grounds for cyber criminals. Arrests will slow hacks, not stop them.

This episode is also available on Youtube.

Srsly Risky Biz: Spain leaves key under mat for Huawei
0:00 / 21:23

Risky Bulletin: China breaches US National Guard

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Salt Typhoon breaches a US state’s National Guard, Ukrainian hackers wipe the servers of a Russian drone maker, the UK relocates Afghans caught up in a data leak, and Microsoft outsources some US government work to China.

Risky Bulletin: China breaches US National Guard
0:00 / 7:08

Between Two Nerds: Is US cyber espionage too careful?

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq examine whether US cyber operations are too stealthy. Could they get more bang for the buck if they adopted a devil may care attitude to getting busted?

This episode is also available on Youtube.

Between Two Nerds: Is US cyber espionage too careful?
0:00 / 31:30

Risky Biz Soap Box: Prowler, the open cloud security platform

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler.

Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community, and now a growing business with an as-a-service platform.

This episode is also available on Youtube.

Risky Biz Soap Box: Prowler, the open cloud security platform
0:00 / 32:08

Risky Bulletin: Radio equipment vulnerability can bring trains to sudden stops

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A radio equipment vulnerability can bring trains to sudden stops, researchers prevent a Lazarus crypto attack, Spain hands Huawei control over its phone wiretapping system, and CISA warns of ongoing CitrixBleed 2 attacks.

Risky Bulletin: Radio equipment vulnerability can bring trains to sudden stops
0:00 / 7:12

Sponsored: Should we ever trust AI?

Presented by

Casey Ellis
Casey Ellis

Founder, Bugcrowd

In this Risky Business sponsored interview, Zero Networks Field CTO, Chris Boehm discusses the everyone-gets-an-AI future with Casey Ellis. Zero Networks makes network microsegmentation achievable without simply handing an AI control of the network. Will generative artificial intelligence ever be trusted to make hard access control decisions?

Sponsored: Should we ever trust AI?
0:00 / 14:19

Risky Bulletin: Two billion eSIMs receive crucial security patch

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Two billion eSIMs receive crucial security patches, China’s cyber militias go on the offensive, four Scattered Spider members detained over UK retail attacks, and a Russian basketball player is arrested in a ransomware case.

Risky Bulletin: Two billion eSIMs receive crucial security patch
0:00 / 8:20

Srsly Risky Biz: Four key players drive Scattered Spider

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Amberleigh Jack talk about our developing understanding of the group that people call Scattered Spider. Independent security firms agree that there are a small number of key people that are driving the group’s outrageous success. That gives us hope that targeted action might stem the bleeding.

They also talk about data leaks from China’s cyber espionage ecosystem that are for sale on a data leak site. These look to contain actionable information from a counterintelligence point of view. And Tom wonders if a market for espionage-as-a-service will develop?

This episode is also available on Youtube.

Srsly Risky Biz: Four key players drive Scattered Spider
0:00 / 17:07

Risky Bulletin: Chinese APT member arrested in Italy

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Italy arrests a Chinese APT hacker, a Russian drone software group gets wiped, the SatanLock ransomware operation shuts down, and browser extensions power a web scraping botnet.

Risky Bulletin: Chinese APT member arrested in Italy
0:00 / 7:20