Seriously Risky Biz #9 -- Albania suspends diplomatic ties with Iran over hack

PLUS: Why Cloudflare's non-policy on hate speech makes little sense…

In this edition of Seriously Risky Business Patrick Gray and Tom Uren talk about the Albanian government’s decision to break off diplomatic ties with Iran in the wake of a wiper attack in July. They also weigh in on the Fog Reveal tool that sells mobile location data to law enforcement agencies via a pretty interface. They also discuss Cloudflare’s ridiculous hate speech policies.

Risky Business #677 -- A day late and a dollar short: China doxxes NSA op

PLUS: The TikTok breach that wasn't...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • China’s super spies figure out Rob Joyce ran TAO ops
  • FBI, French authorities fly to Montenegro to investigate ransomware attack
  • NEWSFLASH: Cloudflare are still a bunch of Nazi cuddlers
  • SIM swap drama spills into real world shootings, firebombings
  • Yandex Taxi hack clogs Moscow streets
  • The TikTok breach that wasn’t
  • Project Raven veterans get wings clipped
  • Why recent BGP hijacks are getting a bit concerning
  • Much, much more

This week’s show is brought to you by Corelight, the company that maintains Zeek. Corleight’s Federal CTO Jean Schaffer joins us in this week’s sponsor interview to talk about whether or not the White House’s executive order on Zero Trust is actually changing anything.

Seriously Risky Biz #8 -- Why Western propaganda is good, actually

PLUS: Why the IC needs to take a leaf out of Bellingcat's book...

In this edition of Seriously Risky Business Patrick Gray and Tom Uren talk about why overt western propaganda is good, actually. They also talk about why western intelligence agencies should embrace the investigative methodologies pioneered by OSINT organisations like Bellingcat.

Risky Biz News: Greece tries to downplay its spyware scandal

PLUS: Cuba ransomware gang claims Montenegro attack; hacktivists release Lukashenko's passport scan as NFT; and Google launches bug bounty program for its FOSS projects.

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu.

You can find the newsletter version of this podcast here.

Risky Business #676 -- Okta, Authy users among Twilio hack targets

There's a one time password supply chain, and it got owned pretty hard...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • The Twilio breach was actually a big deal
  • How a Belarusian Cyber Partisans hack burned a GRU illegal
  • Who wants 25m hashed passwords from Russia?
  • An NFT we can get behind
  • How attackers are using game anti-cheat drivers to defeat EDR
  • Much, much more

This week’s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks.

Risky Biz News: Cybercrime groups got bored of RU/UA hacktivism

PLUS: In other news: Authy users affected by Twilio hack; Tykelab linked to SS7 attacks; and Moldova, Montenegro, and Slovenia deal with cyber-attacks.

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu.

You can find the newsletter version of this podcast here.

Risky Business #675 -- The problem with Mudge's whistleblowing complaint

Twitter's security is a trashfire, but Mudge's complaint has issues...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • A deep look at Mudge’s sensational whistleblower complaint against Twitter
  • Brazilian Federal Police raid Lapsus$ crew
  • NSO CEO to stand down (again), 100 staff to be let go
  • Signal users impacted in Twilio incident
  • Tornado Cash OFACs around and finds out
  • Much, much more

This week’s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don’t miss that one.

RBTALKS3: Vitali Kremez on the impending downfall of the RaaS ecosystem

PLUS: Ransomware gangs are slowly moving to corporate hack-steal-extort-or-leak schemes, with no encryption involved.

Vitali Kremez, CEO of Advanced Intelligence, talks to Risky Business about the impending downfall of the Ransomware-as-a-Service ecosystem, as major ransomware gangs are slowly moving to corporate hack-steal-extort-or-leak schemes, with no encryption involved.

Risky Biz News: Bitcoin ATMs hacked

PLUS: VIASAT hack impacted French emergency services; LockBit gang gets DDOSed; and NSO CEO resigns (again).

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu.

You can find the newsletter version of this podcast here.

Risky Biz News: CyberCom faces staffing issues

PLUS: Estonia reports record DDoS attacks; Brazil police conduct raids in Lapsus$ investigation; and Ryuk money launderer arrested.

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu.

You can find the newsletter version of this podcast here.