A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast here.
In this podcast Tom Uren and Adam Boileau talk about how Microsoft’s reprioritisation of security after recent breaches and a scathing CSRB report seem to be influencing other companies. They are now touting their security chops, so could it be that security is actually becoming a competitive advantage?
They also talk about law enforcement trying to make life difficult for the LockBit ringleader and how the Change Healthcare disaster had deeper underlying causes beyond “no MFA on Citrix”.
Patrick dials in from RSA in San Francisco to discuss the week’s security news with Adam, including:
This week’s sponsor is Stairwell. Long time infosec researcher Silas Cutler joins us to talk through his adventures in attacker C2 systems, and how this feeds into Stairwell’s data.
* we’re still sceptical they’ll get it right, but they do at least seem to realise how deep the doo-doo they’re in is… Pat speculates they have … tentacles, and a regulatory-threat-gland.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast here.
In this edition of Between Two Nerds Tom Uren and The Grugq look at how different types of secrecy obsessed organisations learn.
The Grugq mentions the book Mafia Organisations: The Visible Hand of Criminal Enterprise by Maurizio Catino.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast here.
In this Risky Business News sponsored interview, Tom Uren talks to Marco Slaveiro, Thinkst’s CTO about staying current with modern attack trends and not falling for the trap of optimising to catch red teams.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast here.
In this podcast Tom Uren and Adam Boileau talk about how there is a growing consensus between regulators and lawmakers on the key problems of modern tech companies.
They also dive into how to deal with malicious foreign actors buying their way onto domestic cloud infrastructure and how drones are actually just like modern cars.
On this week’s show Patrick and Adam discuss the week’s security news, including:
This week’s sponsor is Zero Networks, who make a network micro-segmentation product that is actually usable. Zero Networks CEO Benny Lakunishok joins us to talk through why firewalling everything everywhere is finally workable.
* You’ll forgive us for being… a tad sceptical.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.
In this edition of Between Two Nerds Tom Uren and The Grugq look at the life cycle of 0days, dissect the conventional wisdom and talk about how 0days are never truly ‘burnt’.
In this edition of Snake Oilers we’ll be hearing from:
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.
In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more vulnerable to trust-based attacks (such as seen in XZ Utils) and discusses what can be done to defend against this type of supply chain subversion.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Patrick Gray. You can find the newsletter version of this podcast here.
In this podcast Adam Boileau and Tom Uren talk about what there is to learn from Mandiant’s report into the GRU Sandworm crew. Are the Russians a model for other actors, or just a get-‘er-done bunch of pragmatists?
They also talk about an attempt to build a World Cybercrime Index, assessing different national cybercrime specialisations.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey. You can find the newsletter version of this podcast here.
In this special edition of the Risky Business podcast Patrick Gray chats with former Facebook CSO Alex Stamos and founding CISA director Chris Krebs about sovereignty and technology.
China and Russia are doing their level best to yeet American tech from their supply chains – hardware, software and cloud services. They’ll be rebuilding these supply chains – for government systems, at least – from components that they have complete visibility into, and control over.
Meanwhile, America’s government faces different supply chain challenges. It has a supply chain that won’t be weaponised against it by its adversaries, but it lacks the same sort of visibility and control that its adversaries will eventually achieve over their supply chains. So where does this leave the west? Where does it leave China and Russia?
In this Risky Business News sponsored interview, Tom Uren talks to Dan Guido, the CEO of security research company Trail of Bits. Dan and Tom discuss DARPA’s upcoming AI cyber challenge, in which Trail of Bits will compete to solve very difficult bug discovery challenges. They also talk about Trail of Bits’ approach to making some of its own tools available to the community.
