Videos

Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date.

They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret.

Photo credit: Gage Skidmore, Flickr, licence: https://creativecommons.org/licenses/by-sa/2.0/deed.en

In this Soap Box edition of the Risky Business podcast Patrick Gray sits down with Airlock Digital co-founders Daniel Schell and David Cottingham to talk about the role AI models could play in managing enterprise allowlists.

They also talk about the durability of allowlisting as a control. After 12 years in business, the Airlock product hasn’t really changed all that much. That’s a good thing! It also means the Airlock team have been able to spend some time doing deep engineering instead of chasing the latest attacker TTPs and writing detection rules for them.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• The Coruna exploits were L3 Harris, but it seems Triangulation… was not!
• Iran’s cyber HQ hit by Israeli (kinetic) strikes
• Trump’s cyber “strategy” is … well, all we’ve got is jokes cause there’s no serious content
• NSA and CyberCom finally get a leader after Lt Gen Joshua Rudd gets Senate nod
• DOGE (remember them?!) employee walked a social security database out on a USB stick

This episode is sponsored by open source cloud security scanner Prowler. Creator and CEO Toni de la Fuente talks to Pat about some of the enterprise features Prowler is growing, while remaining true to its open source roots. …

In this edition of Between Two Nerds Tom Uren and The Grugq talk about why an internet shutdown won’t stop US cyber operations in Iran.

Tom Uren and Amberleigh Jack talk about how cyber operations were used in the first hours of the US-Israeli attack on Iran. They were instrumental in the attack on Iranian Supreme Leader Ali Khamenei, but they didn’t last long. The Iranian regime implemented an internet blackout within four hours of the first bombs.

They also discuss how threat actors are using AI. It’s not game-changing so far, but it is very much altering the balance between attack and defence.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• The US-Israeli attack on Iran had a whole lot of cyber. It’s clearly in the playbook now!
• The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers
• So long Maddhu Gottumukkala, but CISA’s annus horribilis continues
• Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat
• ASD’s Cisco SD-WAN threat hunting guide is clearly borne of … experience

This week’s episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It’s methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes! …

In this edition of Between Two Nerds Tom Uren and The Grugq how the use of cyber operations in the war in Ukraine has evolved over time.

Tom Uren and Amberleigh Jack talk about the argy-bargy between the Pentagon and AI company Anthropic. US Defense Secretary Pete Hegseth is demanding that all safeguards are lifted from Claude, while Anthropic CEO Dario Amodei is insisting on protections against mass surveillance of Americans and use in lethal autonomous weapons.

They also discuss the return of Volt Typhoon, the Chinese hacker group prepositioning in critical infrastructure for sabotage in the event of a conflict over Taiwan. The group is still around, even though the US government declared victory against it last July.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• Low skill actors compromise 600 Fortinets with AI-generated playbooks
• Anthropic calls out Chinese AI firms over model distillation
• Meta’s director of AI safety tells her ClawdBot not to delete her mail… so of course it does
• Peter Williams cops 7 years in jail for selling L3 Harris Trenchant’s exploits to Russia
• Ivanti got hacked in 2021 via… bugs in Ivanti

This episode is sponsored by line-rate network capture system Corelight. CEO Brian Dye joins to discuss what AI can do for defenders, and what it can’t. …

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI