Between Two Nerds: The rise of cyber persistence

Learning by doing or just damn good marketing

In this edition of Between Two Nerds Tom Uren and The Grugq talk about ‘cyber persistence theory’. They cover what it is, why it is increasingly popular amongst America’s allies, why we think the theory is right and also cover some critiques of the theory.

They refer to the article in CyberScoop ‘America’s allies are shifting: Cyberspace is about persistence, not deterrence’ in CyberScoop.

Risky Biz News: China wiretaps US wiretapping system

PLUS: Australia provides free cyber support for small businesses; Ukraine clears Vitiuk in corruption probe.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: Tackling election interference at warp speed

PLUS: The marriage between Evil Corp and Russian intelligence

In this podcast Tom Uren and Adam Boileau talk about how the US government’s response to Iranian election interference is proceeding at light speed. This allows other actors such as Meta to make decisions relating to interference with certainty.

They also discuss how Russian cybercrime group Evil Corp’s relationship with Russian intelligence was built on the founder’s marriage.

This episode is also available on Youtube.

Risky Biz News: New EvilCorp sanctions and LockBit arrests

PLUS: NIST backlog still there; Cambodia arrests journalist who exposed scam compounds; FCC fines T-Mobile for neverending data breaches.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Snake Oilers: Sandfly Security, Permiso and Wiz

Linux security, more identity security and Wiz moves on code scanning...

In this edition of Snake Oilers we hear pitches from three security vendors:

  • Sandfly Security: An agentless Linux security platform that actually sounds very cool
  • Permiso: An identity security platform founded by ex FireEye folks
  • Wiz: The cloud security giant is getting in on code security scanning

You can watch this edition of Snake Oilers on YouTube here.

Srsly Risky Biz: Neutering Volt Typhoon to deter China

PLUS: The lesson in Microsoft's security turnaround

In this podcast Tom Uren and Patrick Gray talk about the possibility of deterring Volt Typhoon, the Chinese group that is compromising US critical infrastructure to enable future disruption operations in the event of a conflict with US. Tom thinks it is not possible to deter Volt Typhoon, but things might work the other way. If the US can neuter Volt Typhoon and take away the PRC’s magic cyber bullet, it could make conflict less likely.

They also discuss the lessons for all companies in Microsoft’s security turnaround and how X and Telegram have folded in the face of government pressure.

The video version of this episode is also available on Youtube.

Risky Business #765 -- The Kaspersky switcheroo

PLUS: Elon Musk and Pavel Durov fold like cheap lawn furniture...

Patrick Gray and Adam Boileau discuss the week’s infosec news with everyone’s favourite ex-NSA big-brain, Rob Joyce. They talk through:

  • Musk and Durov bow to government pressure
  • Tiktok rushes to ban authoritarian propagandists
  • The US doesn’t want Chinese software in its cars
  • Kaspersky replaces itself with an AV no one has ever heard of
  • Aussie police chalk up another crimephone takedown
  • Press Win-R Ctrl-V to prove you’re human
  • And much, much more.

This week’s show is brought to you by Stairwell, and Stairwell’s founder Mike Wiacek will be along to talk about how people are using their platform to hunt down detection resistant malware.

A video version of this episode is also available on Youtube.

Risky Biz News: Stealer devs bypass Chrome's new cookie protection

PLUS: Sandvine to exit dozens of autocratic countries; Ukraine FINALLY bans Telegram on state devices; BingX hack is the 4th largest crypto-heist of the year.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: A flurry of law enforcement takedowns

PLUS: US links Chinese APT botnet to Chinese tech firm; Tor Project plays down deanon attacks in Germany; Russian disinfo group spams newsrooms and fact-checkers.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Business #764 -- Mossad expands into telecommunications services

PLUS: The US banhammers RT...

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

  • Hezbollah’s attempts to avoid SIGINT with pagers ends in explosions
  • The US shines many bright lights on RT’s disinfo role
  • Australia counters Chinese bullying in the Pacific
  • Valid accounts are the most prevalent entry point, says CISA’s data
  • Ivanti and Fortinet vie for worst vendor of the week
  • Krebs writes up the shift towards charging The Com with terrorism
  • And much, much more…

This week’s episode is sponsored by Push Security, who bring security visibility to where it needs to be these days – the browser. Luke Jennings joins this week’s show to discuss how phish-kit crews are driving the arms race forward, and how detection has to adapt and go where the users are.

This episode is also available on Youtube.


SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: