Between Two Nerds: Russia's Taurus missile leak

A masterclass in polishing a turd

In this edition of Between Two Nerds Tom Uren and The Grugq look at Russia’s recent leak of an intercepted German military discussion. From an intelligence point of view the content of the discussion is only moderately interesting, but Russia decided to leak it in an attempt to influence European attitudes towards providing military aid to Ukraine.

Sponsored: Kroll on the DPRK's foray into enterprise gear

Kroll's George Glass talks about Kimsuky's exploitation of ScreenConnect devices.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with George Glass, Senior Vice-President for Kroll’s Cyber Risk business. George covers the company’s latest report, a Kimsuky attack on ConnectWise ScreenConnect devices with a new malware strain named ToddlerShark.

Risky Biz News: Edge adds new sandbox escape protection

PLUS: Data breach impacts 43 million French citizens; E-Root admin sentenced to 3.5 years in prison; BlackByte ransomware returns.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: Does 'delete America' mean deleting China too?

PLUS: The Microsoft breach that won't end

In this podcast Patrick Gray and Tom Uren talk about ‘Document 79’, a PRC government document that calls for the Chinese companies in finance, energy and other sectors, to remove foreign software from their IT systems by 2027.

They also talk about the difficulties that Microsoft is facing in permanently removing SVR hackers from its systems.

Risky Business #740 -- Midnight Blizzard's Microsoft hack isn't over

PLUS: Why is the SEC action against Solarwinds making CISOs nervous?

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Weather forecast in Redmond is still for blizzards at midnight
  • Maybe Change Healthcare wasn’t just crying nation-state wolf
  • Hackers abuse e-prescription systems to sell drugs
  • CISA goes above and beyond to relate to its constituency by getting its Ivantis owned
  • VMware drinks from the Tianfu Cup
  • Much, much more

This week’s feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller’s chief of staff when he was FBI director.

John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He’ll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing.

Rad founder Jimmy Mesta will along in this week’s sponsor segment to talk about some really interesting work they’ve done in baselining cloud workloads. It’s the sort of thing that sounds simple that really, really isn’t.

Sponsored: The Passkey juggernaut

Yubico's Derek Hanson on how and why organisations are rolling out Passkeys

In this Risky Business News sponsored interview, Tom Uren talks to Derek Hanson, Yubico’s VP of Solutions Architecture and Alliances. Derek covers the different reasons organisations are investing in Passkeys, what organisations need to know to deploy them successfully, and warns that too often current deployments are too focused on authorisation rather than looking at the end user holistically.

Risky Biz News: Russian hackers stole Microsoft's source code

PLUS: CISA had Ivanti servers, so of course they got hacked; China has been secretly removing American technology; Malta will strip citizenship from spyware exec.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Crypto-fraud is now bigger than BEC

PLUS: UAC-0050 linked to low-tier Russian hacker-for-hire group; 85% of TeamCity servers have been hacked; and 41 US states ask Meta to fix its account hacking problem.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: German use of WebEx is fine, actually

PLUS: The data broker band aid

In this podcast Patrick Gray and Tom Uren talk about the recent kerfuffle in Germany after a WebEx discussion between senior air force officials was leaked by Russian propagandists. Its interesting to see Russia using raw intelligence to try and shape German actions and they conclude that WebEx would have been fine if it had been used properly.

They also talk about a new executive order aimed at preventing bulk sale of Americans’ sensitive personal data to countries of concern. This is the best short term option, but they contrast this with the ad tech ecosystem to explore what controls on the collection of data might look like.

Risky Business #739 -- ALPHV exit scams while Change Healthcare burns

PLUS: Intellexa and NSO both have an awful, no good week...

In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:

  • The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
  • Predator spyware maker getting a stern sanctioning
  • A German military WebEx meeting gets snooped
  • Mem-corrpution is still king
  • And much, much more

In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.

Between Two Nerds: Ukraine goes on the offensive

A drumbeat of cyber destruction

In this edition of Between Two Nerds Tom Uren and The Grugq look at the shift that has taken place in Ukraine’s cyber strategy as it has gone on the front foot and its cyber forces have launched multiple cyber strikes in the last few months. They discuss reasons why Ukraine might want to make this change and ask whether it makes sense.

Sponsored: The state of cloud security

Corelight's Vijit Nair on how and why cloud security is improving

In this Risky Business News sponsored interview, Tom Uren talks to Vijit Nair, Corelight’s VP of Product, about how cloud security was once an afterthought but is now on the improve.

Srsly Rizky Biz: The memory safety long game

Today's best practices are tomorrow's table stakes

In this podcast Patrick Gray and Tom Uren talk about the White House’s push for memory safe programming languages and software measurability. They also discuss Nevada’s moves against end to end encryption for children and the national security concerns with commercial data sales to geopolitical rivals.

You can find the newsletter version of this podcast here.

Risky Biz News: US sanctions Sandvine over Egypt sales

PLUS: Trend Micro confirms i-SOON link to Earth Lusca APT; NIST releases CSF 2.0; White House joins calls for use of memory-safe languages.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.