In this podcast Patrick Gray talks to Tom Uren about the bizarre Chinese spy balloon story. There may be incremental intelligence gains for the PRC but they were far outweighed by the diplomatic fallout.

They also discuss an Iranian operation attacking French satiricial magazine Charlie Hebdo. States use cyber operations to pursue vastly different goals and most of them make sense for a state’s point of view. But some operations, like this one, and like the North Korean attack on Sony Pictures, are “vanity projects” that cater to the whims of the “dear leader”.

Finally, the Conti ransomware attack on the Irish public health system (HSE) is turning into the best ransomware case study. It brings together a detailed examination of the management failures with stories from staff, patients and also from inside the Conti group.

You can read the newsletter this podcast is based on here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Unpatched ESXi boxes are getting rinsed
• GoAnywhere MFT file transfer boxes are too
• Royal Mail data being ransomed by Lockbit
• Advanced materials manufacturer and finance company among latest rware victims
• Guilty plea in Ubiquiti case
• Much, much more

This week’s show is brought to you by Red Canary. Red Canary’s Adam Mashinchi is this week’s sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

In this edition of Between Two Nerds Tom Uren and The Grugq examine how states have different thresholds for compelling companies to act on their behalf. Where do those thresholds lie and is one approach better than another? Why do states have these different approaches?

Description: A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

In this podcast Patrick Gray talks to Tom Uren about a new Recorded Future report that collates evidence of Russian intelligence service links to cybercriminals. There’s a lot of circumstantial evidence, but it feels more like the state uses criminals opportunistically rather than systematically.

The FBI disruption and takedown of the Hive ransomware crew is a huge success and Tom and Patrick examine the tradeoffs about exactly when to seize Hive’s servers.

They also discuss the different approaches the US and Singapore government are taking to counter scam robocalls and SMS messages.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• A look at the Hive takedown
• UK’s Royal Mail still struggling
• GitHub’s code signing certificates stolen
• TSA misses the point on no-fly list theft
• Much, much more

This week’s show is brought to you by Remediant, which is now a part of Netwrix.

Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Google’s search results have become a malware-riddled sh*tshow
• Ransomware payment values dropped by 40% YoY in 2022
• Kraken takes over Solaris the old school way
• Grand Theft Auto RCE is wreaking havoc
• ManageEngine customers are all getting owned
• So you know, pretty much business as usual

This week’s show is brought to you by Kroll.

Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

In this edition of Between Two Nerds Tom Uren and The Grugq look at operations being ‘burnt’ from the adversary’s point of view. What do they do when an operation is burnt? What are the factors that go into the decisions that they make?

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

In this podcast Patrick Gray talks to Tom Uren about security researcher Jon DiMaggio infiltrating the LockBit ransomware group. DiMaggio’s report shows that there are numerous disruption operations.

They also cover a new Ukrainian report about Russia’s combined cyber, conventional and military operations. It doesn’t look like the Russians are deftly coordinating these different attacks to maximum effect so much as using a kitchen sink approach.

Finally, they look at a French general’s warning to other European countries that the US might use Cyber Command hunt forward operations as an intelligence gathering operation. We don’t think this is at all likely, but the general has hit on a fear that other countries will have.

Description: A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast click here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
• CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
• Cloudflare backs Mastodon
• Paul Nakasone: NSA did some great stuff! It was really good!
• Cisco won’t patch SMB routers sold in 2020
• Much, much more

This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.