Between Two Nerds: Good News, Bad News

Why ransomware is dying and what will replace it...

In this edition of Between Two Nerds Tom Uren and The Grugq have some good news for a change — ransomware has peaked and they examine why criminals will look for different sources of income. Of course, every silver lining has a cloud, and ransomware will be replaced by other types of cyber crime.

Srsly Risky Biz: Why TikTok is a genuine risk, inside the NSPM-13 changes

PLUS: A chat about the expected Executive Order on commercial spyware...

In this podcast Patrick Gray talks to Tom Uren about which national security concerns around TikTok are actually the “real ones” in light of Christopher Wray’s congressional testimony last week. They also talk about changes to NSPM-13, the rules governing Cyber Command operations and the looming Executive Order on commercial spyware. You can read the newsletter this podcast is based on here.

Risky Business #686 -- White House to move on spyware industry

PLUS: Why the EU is launching its own IP satellite constellation…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Half of all UK COBRA meetings are ransomware related
  • Ransomware biggest risk to US port security
  • White House to move on spyware industry
  • EU to launch its own Starlink equivalent
  • Much, much more

AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Biz Soap Box: How to get your developers invested in security

Snyk's Randall Degges joins the show…

In this podcast we speak with Randall Degges who leads the Developer Relations & Community team at Snyk. He’s here to talk to us about how to get developers enthusiastic about security, how to get them to use the right tooling, and how this tooling will evolve in the future to actually help developers fix bugs in their code.

Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor

In other news: Vanuatu government hit by ransomware; AWS shuts down free Wickr Me E2EE IM service; Zeppelin ransomware secretly decrypted for two years.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and presented by Claire Aird.You can find the newsletter version of this podcast here.

Between Two Nerds: Why regulating the 0day market won't stop mercenary spyware

The EU hates spyware, but by trying to stamp it out it could well make things worse...

In this edition of Between Two Nerds Tom Uren and The Grugq examine some recommendations in a recent draft report from a European Parliament inquiry into the use of Pegasus and similar spyware. The report contains an interesting overview of the European spyware market but makes some recommendations that are not just ineffective but positively counterproductive — they’ll actually make the world a less safe place.

Risky Business #685 -- Australia releases the hounds, and it might just work

Why the Australian government's announcement is more than bluster...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Australia lets ASD loose on ransomware crews, but will it work? (Tom Uren joins us to chat about this one)
  • Twitter’s wheels haven’t fallen off yet but they sure are wobbling
  • Hundreds of millions stolen from FTX mid implosion
  • Security researchers start looking at Mastodon and… yeah
  • Much, much more!

This week’s show is brought to you by Gigamon. George Sandford from Gigamon pops in for this week’s sponsor interview to talk about how to successfully stand up an NDR program.

Risky Business #684 -- DoJ seizes 50,000 stolen bitcoins from popcorn tin

PLUS: WaPo details root CA's shady links with surveillance industry…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • DoJ seizes 50k bitcoin stolen from Silk Road, charges thief
  • Australian health insurer Medibank refuses to pay ransom, data leaked
  • Inside Qatar’s $386m world cup espionage operation
  • EU Parliament report into spyware lands
  • SolarWinds settles shareholder lawsuit, faces SEC enforcement action
  • Much, much more

This week’s sponsor guest is Andrew Morris from Greynoise Intelligence.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Between Two Nerds: Why does Europe suck?

Why do European states suck at military cyber operations?

What’s the point of having military cyber capability? It seems that states in the European Union don’t know either. In this edition of Between Two Nerds Tom Uren and The Grugq discuss why states in the EU are no good at military cyber operations.