On this week’s show Patrick Gray, Adam Boileau and Lina Lau discuss the week’s security news. They cover:

• Microsoft’s 38TB oopsie
• MGM’s Okta compromised, was this what Okta was warning us about?
• Why we need a cyber knife fight
• Google Authenticator sync abused in the wild
• Much, much more

This week’s show is brought to you by Push Security. Co-founder Adam Bateman is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

In this edition of Seriously Risky Biz guest host Adam Boileau talks with Tom Uren about what Microsoft’s recent breach by a Chinese-based threat actor tells us about the company’s security culture. There were several serious governance failures that allowed this incident to happen.

They also look at a new UK government effort to reassure companies that they won’t be punished (as much) for seeking help from the NCSC.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• How Storm-0558 stole Microsoft’s signing key
• Cisco 0day being used by ransomware crews
• We were right about Elon stumbling into the Ukraine war
• Someone’s amazing image library 0day just got crushed
• Much, much more!

This week’s show is brought to you by Nucleus Security. Co-founder Scott Kuffer is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this edition of Between Two Nerds Tom Uren and The Grugq examine how AI can help cyber criminals and scammers.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Red Canary Principal Readiness Engineer Gerry Johansen about the need to prepare IR plans in advance and why that’s just as important as the IR playbook itself.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

In this edition of Snake Oilers you’ll hear product pitches from:

• ConductorOne: PAM, account cycle management and access auditing for cloud and SaaS accounts
• Bloodhound Enterprise: Enumerate attack paths in your environment and shut them down
• Zero Networks: Agentless: heavily automated microsegmentation and a VPN product that won’t get you insta-owned

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

In this podcast Patrick Gray and Tom Uren talk about a new UN report that says that hundreds of thousands of innocent people are being forced into working in online crypto and romance scams.

They also look at new age verification laws that aim to make it more difficult for children to see pornography. It’s a complex topic, but Australia’s eSafety office has done excellent work on it.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Why everyone should pay attention to some recent attacks on Okta customers
• Why third party comms apps are risky af
• Why are Russian espionage opps using Tor for C2?
• Surveillance firms abuse Fiji Telco Digicel’s SS7 access
• Much, much more!

This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this edition of Between Two Nerds Tom Uren and The Grugq look at how companies often make unilateral decisions that constrain states’ behaviour, for better and worse.

In this Risky Business News sponsor interview Tom Uren talks to Mike Fey, CEO and co-founder of Island about the idea of an ‘enterprise browser’. Tom and Mike discuss what an enterprise browser actually is, what problems it solves, and why browsers focussed on business requirements haven’t been a product category until now.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

In this podcast Patrick Gray and Tom Uren about proposed changes to the UK’s Investigatory Powers Act. Some pundits are saying the changes will clear the way for the government to prevent tech companies from rolling out security patches. They’re wrong.

They also look at a new Mandiant report that dives deeper into a recent Chinese group’s campaign that compromised Barracuda Email Security Gateways. The report provides a wonderful overview of the campaign.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• The FBI takes down Qakbot, steals operators’ bitcoins ha ha
• Danish hosting provider completely destroyed in ransomware attack
• Sophisticated Russian cyber attack on Polish trains. Well. Not really.
• Microsoft revokes cert then revokes its revocation
• Much, much more!

This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy Ryan Kalember is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.