Risky Biz News: MSS now dominates China's cyber activity

PLUS: Prolific teenage swatter pleads guilty; Microsoft adds spoofing warning to Exchange; major breach at another data aggregator.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Srsly Risky Biz: How Trump will drive covert operations

PLUS: Canada's confusing TikTok ban

In this podcast Tom Uren and Patrick Gray talk about what to expect from President Trump’s second term. Trump is an activist president who believes in using state power, so intelligence agencies will be pushed to conduct more audacious or even outrageous covert operations.

They also discuss concerns about a new UN cybercrime treaty that is set for a vote at the General Assembly and the Canadian government’s curious decision to force the closure of TikTok’s local offices.

This episode is also available on Youtube.

Risky Business #770 -- A Russian IR guy discovers extremely cool spookware

PLUS: The FBI agent who arrested Ross Ulbricht joins the show...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Apple frustrates law enforcement with iOS auto-reboot
  • CISA says most KEV vulnerabilities in 2023 were first used as zero days
  • Russians roll incident response on some sweet Linux spookware
  • Regular users can create mailboxes in M365?
  • Tor tracks down the source of its joe-job abuse complaints
  • And much, much more.

This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.

This episode is sponsored by software supply chain security firm Socket.dev. Founder Feross Aboukhadijeh thinks that we need a CVE-like catalogue for supply-chain attacks, and he makes a solid argument.

The show is also available on Youtube.

Risky Biz Soap Box: Why black box email security is dead

Sublime Security co-founder Josh Kamdjou on building an email security platform from scratch...

In this edition of the Risky Business Soap Box we’re talking all about email security with Sublime Security co-founder Josh Kamdjou.

Email security is one of the oldest product categories in security, but as you’ll hear, Josh thinks the incumbents are just doing it wrong. He joins Risky Business host Patrick Gray for this interview about Sublime’s origin story and its new approach to email security.

Srsly Risky Biz: How Telegram makes criminal enterprise easy

PLUS: Sophos' five-year cyber knife fight

In this podcast Tom Uren and Patrick Gray talk about the Snowflake hack after the person allegedly responsible was arrested in Canada. Telegram is involved at all sorts of levels and Tom wonders if this crime would have occurred if Telegram didn’t exist.

They also discuss the impact of the Chinese hack of US telcos and Sophos’ five-year cyber knife fight with Chinese APT crews.

This episode is also available on Youtube.

Risky Business #769 -- Sophos drops implants on Chinese exploit devs

PLUS: Okta's password boo boo...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Sophos drops implants on Chinese firewall exploit devs
  • Microsoft workshops better just-in-time Windows admin privileges
  • Snowflake hacker arrested in Canada
  • Okta has a fun, but not very impactful auth-bypass bug
  • Russians bring dumb-but-smart RDP client attacks
  • And much, much more.

Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do.

This week’s episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network.

You can also watch this episode on Youtube

Risky Biz News: 1,000 detained in scam compound raid

PLUS: Okta's long username whoopsie; Microsoft to charge home users $30 for Windows 10 extended security updates; crypto-exchange reimburses users hours after major hack.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Sponsored: Nucleus Security on partners and integrations

Adam Dudley says C-suites are now interested and inquiring about vulnerability management more than practitioners.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Adam Dudley, Senior Director for Strategic Initiatives & Alliances at Nucleus Security, on how the company works with partners and customers to constantly improve its service. Adam also touches on how executives are now inquiring about vulnerability management more than low-level practitioners.

Risky Biz News: Sophos doxes Chinese exploit development centers

PLUS: US removes Sandvine from sanctions list after pinky promise; Vodafone fined for insecure wiretapping system; supply chain attack targets crypto-wallet users.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Business #768 -- CSRB will investigate China's Wiretap Hacks

PLUS: Crypto thieves return stolen US government crypto-booty...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • CSRB to investigate China’s telco-wiretapping hacks
  • Euro law enforcement takes down the Redline infostealer
  • Someone steals Fed crypto… and then tries to quietly sneak it back in
  • Russia sentences REvil guys to … jail? Really?
  • Apple private cloud compute gets a proper bug bounty program
  • And much, much more.

This week’s episode is sponsored by Material Security, who help navigate the mess of cloud productivity data security. Daniel Ayala - Chief Security and Trust Officer at Dotmatics - is a Material customer, and joins Pat and Material Security’s Rajan Kapoor to talk about how to wrangle securing data that ends up in corporate cloud email and file stores.

This episode is also available on Youtube.

Risky Biz News: Two arrests in Operation Magnus

PLUS: CSRB to look at China's telco hack; Japanese man sentenced for developing ransomware with AI; major hack at Canada's Revenue Agency.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz Soap Box: Thinkst Canary's decade of deception

A long chat with Thinkst's founder Haroon Meer...

In this Soap Box edition of the podcast Patrick Gray chats with Thinkst Canary founder Haroon Meer about his “decade of deception”, including:

  • A history of Thinkst Canary including a recap of what they actually do
  • A look at why they’re still really the only major player in the deception game
  • A look at what companies like Microsoft are doing with deception
  • Why security startups should have conference booths

Risky Biz News: Russia sends REvil gang members to prison

PLUS: Delta sues CrowdStrike; Chinese telco hack also targeted Trump and Harris phones; Satya Nadella asks for a pay cut after cybersecurity failures.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Fortinet bungles another zero-day disclosure

PLUS: US offers reward for suspected Tortoiseshell APT members; Linux removes Russian maintainers; Georgian authorities raid two Atlantic Council disinfo researchers.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.


SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: