Risky Business #771 -- Palo Alto's firewall 0days are very, very stupid

PLUS: Microsoft teases some plausibly good post-Crowdstrike ideas...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Microsoft introduces some sensible sounding post-Crowdstrike changes
  • Palo Alto patches hella-stupid bugs in its firewall management webapp
  • CISA head Jen Easterly to depart as Trump arrives
  • AI grandma tarpits phone scammers in family-tech-support hell
  • Academic research supports your gut-reaction; phishing training doesn’t work
  • And much, much more.

This week’s episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise’ AI system truffle-pigged out of their data set.

This episode is also available on Youtube.

Between Two Nerds: Cyber weapons

What they are and why talking about them makes no sense

In this edition of Between Two Nerds Tom Uren and The Grugq talk about what cyber weapons really are and why use of the term is counterproductive.

They reference Defining Offensive Cyber Capabilities, a paper authored by Tom.

Risky Biz News: MSS now dominates China's cyber activity

PLUS: Prolific teenage swatter pleads guilty; Microsoft adds spoofing warning to Exchange; major breach at another data aggregator.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: How Trump will drive covert operations

PLUS: Canada's confusing TikTok ban

In this podcast Tom Uren and Patrick Gray talk about what to expect from President Trump’s second term. Trump is an activist president who believes in using state power, so intelligence agencies will be pushed to conduct more audacious or even outrageous covert operations.

They also discuss concerns about a new UN cybercrime treaty that is set for a vote at the General Assembly and the Canadian government’s curious decision to force the closure of TikTok’s local offices.

This episode is also available on Youtube.

Risky Business #770 -- A Russian IR guy discovers extremely cool spookware

PLUS: The FBI agent who arrested Ross Ulbricht joins the show...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Apple frustrates law enforcement with iOS auto-reboot
  • CISA says most KEV vulnerabilities in 2023 were first used as zero days
  • Russians roll incident response on some sweet Linux spookware
  • Regular users can create mailboxes in M365?
  • Tor tracks down the source of its joe-job abuse complaints
  • And much, much more.

This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.

This episode is sponsored by software supply chain security firm Socket.dev. Founder Feross Aboukhadijeh thinks that we need a CVE-like catalogue for supply-chain attacks, and he makes a solid argument.

The show is also available on Youtube.

Risky Biz Soap Box: Why black box email security is dead

Sublime Security co-founder Josh Kamdjou on building an email security platform from scratch...

In this edition of the Risky Business Soap Box we’re talking all about email security with Sublime Security co-founder Josh Kamdjou.

Email security is one of the oldest product categories in security, but as you’ll hear, Josh thinks the incumbents are just doing it wrong. He joins Risky Business host Patrick Gray for this interview about Sublime’s origin story and its new approach to email security.

Srsly Risky Biz: How Telegram makes criminal enterprise easy

PLUS: Sophos' five-year cyber knife fight

In this podcast Tom Uren and Patrick Gray talk about the Snowflake hack after the person allegedly responsible was arrested in Canada. Telegram is involved at all sorts of levels and Tom wonders if this crime would have occurred if Telegram didn’t exist.

They also discuss the impact of the Chinese hack of US telcos and Sophos’ five-year cyber knife fight with Chinese APT crews.

This episode is also available on Youtube.

Risky Business #769 -- Sophos drops implants on Chinese exploit devs

PLUS: Okta's password boo boo...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Sophos drops implants on Chinese firewall exploit devs
  • Microsoft workshops better just-in-time Windows admin privileges
  • Snowflake hacker arrested in Canada
  • Okta has a fun, but not very impactful auth-bypass bug
  • Russians bring dumb-but-smart RDP client attacks
  • And much, much more.

Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do.

This week’s episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network.

You can also watch this episode on Youtube

Risky Biz News: 1,000 detained in scam compound raid

PLUS: Okta's long username whoopsie; Microsoft to charge home users $30 for Windows 10 extended security updates; crypto-exchange reimburses users hours after major hack.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Sponsored: Nucleus Security on partners and integrations

Adam Dudley says C-suites are now interested and inquiring about vulnerability management more than practitioners.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Adam Dudley, Senior Director for Strategic Initiatives & Alliances at Nucleus Security, on how the company works with partners and customers to constantly improve its service. Adam also touches on how executives are now inquiring about vulnerability management more than low-level practitioners.

Risky Biz News: Sophos doxes Chinese exploit development centers

PLUS: US removes Sandvine from sanctions list after pinky promise; Vodafone fined for insecure wiretapping system; supply chain attack targets crypto-wallet users.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Business #768 -- CSRB will investigate China's Wiretap Hacks

PLUS: Crypto thieves return stolen US government crypto-booty...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • CSRB to investigate China’s telco-wiretapping hacks
  • Euro law enforcement takes down the Redline infostealer
  • Someone steals Fed crypto… and then tries to quietly sneak it back in
  • Russia sentences REvil guys to … jail? Really?
  • Apple private cloud compute gets a proper bug bounty program
  • And much, much more.

This week’s episode is sponsored by Material Security, who help navigate the mess of cloud productivity data security. Daniel Ayala - Chief Security and Trust Officer at Dotmatics - is a Material customer, and joins Pat and Material Security’s Rajan Kapoor to talk about how to wrangle securing data that ends up in corporate cloud email and file stores.

This episode is also available on Youtube.


SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: