Risky Business Podcast

On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including:

• Hackers learn that trying to coerce a journalist just makes for … a great story?
• A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too.
• Adam fanboys over Watchtowr Labs while bemoaning Fortra.
• Academics pick apart Tile trackers and find them lacking
• CISA tells agencies to patch their damn Cisco gear

This episode is also available on YouTube.

On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including:

• Secret Service raids a SIM farm in New York
• MI6 launches a dark web portal
• Are the 2023 Scattered Spider kids finally getting their comeuppance?
• Production halt continues for Jaguar Land Rover
• GitHub tightens its security after Shai-Hulud worm

This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform.

This episode is also available on YouTube

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Shai-Hulud worm propagates via npm and steals credentials
• Jaguar Land Rover attack may put smaller suppliers out of business
• Leaked data emerges from the vendor behind the Great Firewall of China
• Vastaamo hacker walks free while appeal is underway
• Why is a senator so mad about Kerberos?

This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.

This week’s episode is also available on Youtube.

In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management.

With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network.

It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Apple ruins exploit developers’ week with fresh memory corruption mitigations
• Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack
• Salesloft says its GitHub was the initial entry point for its compromise
• Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”
• Rogue certs for 1.1.1.1 appear to be just (stupid) testing
• Jaguar Land Rover ransomware attackers are courting trouble

This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:

• Automated, AI-powered threat hunting with Nebulock

Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at.

• Runtime security for hypervisors from Vali Cyber

Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments.

• A secure mobile telco: Cape

The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce.

This episode is also available on Youtube

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The Salesloft breach and why OAuth soup is a problem
• The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
• Google says it will stand up a “disruption unit”
• Microsoft writes up a ransomware gang that’s all-in on the cloud future
• Aussie firm hot-mics its work-from-home employees’ laptops
• Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Australia expels Iranian ambassador
• Hackers sabotage Iranian shipping satcoms
• APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
• Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
• The Com’s King Bob gets ten years in the slammer
• It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.

This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.

This episode is also available on Youtube.

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.

Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Oracle’s long term CSO departs, and we’re not that sad about it
• Canada’s House of Commons gets popped through a Microsoft bug
• Russia degrades voice calls via Whatsapp and Telegram to push people towards Max
• South-East Asian scam compounds are also behind child sextortion
• Reports that the UK has backed down on Apple crypto are… strange
• Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!

This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!

This episode is also available on Youtube.