In this Risky Business News sponsor interview Tom Uren asks Proofpoint’s Selena Larson about how threat actors reacted en masse after Microsoft blocked various types of macros.
Cyber criminals used a variety of different techniques to evade these blocks. In part this happened quickly because of knowledge sharing by the cyber threat intelligence community.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
This week’s show is brought to you by Gigamon. Chaim Mazal, Gigamon’s CSO, is this week’s sponsor guest. He’s talking about how the company’s gear is acting as a data source for network security products.
In this edition of Between Two Nerds Tom Uren and The Grugq look at how cyber insurance should theoretically improve security and examine what actually happens in practice.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this Risky Business News sponsor interview Tom Uren asks Material Security’s Director of Security Chris Long about what ittakes to run a “modern” phishing workflow. Chris thinks there are opportunities to take identify and take advantage of “phishing superusers”, employees who are a cut above when it comes to uncovering phishing and other malicious activities. Phishing is also the “point of the spear” for defenders — it provides an entry point into attacker activities that enable all sorts of potential detection opportunities.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this edition of Snake Oilers:
Enjoy!
In this podcast Patrick Gray and Tom Uren take a whirlwind tour examining the different ways countries conduct cyber-enabled influence operations. Iran, China and the UK all have different approaches and we have our favourite.
China has a new counter-epsionage law and even though it hasn’t been formerly passed yet already foreign companies are getting in trouble for doing due diligence or corporate intelligence type work. The real point here is to tighten information control, and the wording is so broad that it leaves tremendous scope for the PRC to use the law whenever it wants to send a message.
Finally, the two discuss concrete examples of intelligence derived from Section 702 of the US FISA Act. 702 allows US intelligence agencies to compel service providers to help conduct targeted surveillance of foreigners outside the US and will expire at the end of the year unless Congress renews it.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
This week’s show is brought to you by Greynoise. Its founder and CEO Andrew Morris is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
In this edition of Between Two Nerds Tom Uren and The Grugq dive further into deterrence based on both reader feedback and recent news about Iranian destructive operations. One of the requirements for effective deterrence is transparency and people sometimes assume that states have good information about what their cyber operators are doing. But we discuss the universal incentives that encourage state actors to exaggerate their current operations. If this is happening deterrence won’t work because leaders will think they are already getting away with murder.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
In this podcast Patrick Gray talks to Tom Uren about North Korea’s “double” or “threaded” supply chain attack via Trading Technologies and 3CX. This type of “access begets access” approach makes total sense and Tom thinks it will likely be a standard approach for North Korea. Microsoft has released a couple of reports over the month that indicate Iran is increasingly willing to launch destructive cyber attacks. One Iranian group, Mango Sandstorm, has been destroying on-prem and cloud environments. Another, Mint Sandstorm, has been targeting a wide swathe of US critical infrastructure. It’s a worry.
Finally, Tom and Pat discuss cyber security company Team Cyrmu’s sale of netflow to US government agencies, which has been controversial in the press because of potential privacy violations. Tom spoke to the company and based on what we learnt there isn’t a privacy concern here. But the broader principle that data purchases be examined for privacy risks still stands.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.
You can find the newsletter version of this podcast click here.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
This week’s show is brought to you by Corelight. Brian Dye, Corelight’s CEO, is this week’s sponsor guest. He’s talking about the (actually sensible) ChatGPT-driven features Corelight has built into its NDR platform.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether cyber operations are any good at deterrence. Tom thinks that attributes of the domain mean that it is just no good for deterrence. The Grugq, however, thinks that it can be, although perhaps not in a state vs state context.
