Between Two Nerds: The ethical rules of espionage

When economic gerrymandering crosses a line...

In this edition of Between Two Nerds Tom Uren and The Grugq discuss reader feedback about whether the Five Eyes engage in economic espionage and look at allegations that Australia spied on the East Timorese government to get an edge in negotiations regarding an oil and gas negotiation. In various hypothetical scenarios we examine the ethics of the situation and what would have to change for that spying to be morally justified.

Srsly Risky Biz: We Need a More Conscious Decoupling

PLUS: Geofence Warrants Are Okay, With Oversight...

In this podcast Patrick Gray talks to Tom Uren about US-China technological decoupling and the lack of an observable strategy so far. They also find that the use of geofence warrants in the Capital riot seems perfectly reasonable, and examine how Chinese twitter uses trying to find news about recent Covid protests are being deluged with spam. You can read the newsletter this podcast is based on here.

Risky Business #687 -- Shady deeds in sunny places: Ransomware smashes Vanuatu, Guadeloupe

PLUS: What infosec can learn from Soviet era airliner manufacturing...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • UK, USA ban Chinese security cameras
  • What is the Boa webserver and why is it everywhere?
  • Vanuatu, Guadeloupe smashed by ransomware
  • REvil back with more dumps despite ASD attention
  • Much, much more

This week’s sponsor guest is Jake King from Elastic Security, who joins us to talk through the company’s most recent threat report. There’s a link to the report in our show notes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Between Two Nerds: Good News, Bad News

Why ransomware is dying and what will replace it...

In this edition of Between Two Nerds Tom Uren and The Grugq have some good news for a change — ransomware has peaked and they examine why criminals will look for different sources of income. Of course, every silver lining has a cloud, and ransomware will be replaced by other types of cyber crime.

Srsly Risky Biz: Why TikTok is a genuine risk, inside the NSPM-13 changes

PLUS: A chat about the expected Executive Order on commercial spyware...

In this podcast Patrick Gray talks to Tom Uren about which national security concerns around TikTok are actually the “real ones” in light of Christopher Wray’s congressional testimony last week. They also talk about changes to NSPM-13, the rules governing Cyber Command operations and the looming Executive Order on commercial spyware. You can read the newsletter this podcast is based on here.

Risky Business #686 -- White House to move on spyware industry

PLUS: Why the EU is launching its own IP satellite constellation…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Half of all UK COBRA meetings are ransomware related
  • Ransomware biggest risk to US port security
  • White House to move on spyware industry
  • EU to launch its own Starlink equivalent
  • Much, much more

AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Biz Soap Box: How to get your developers invested in security

Snyk's Randall Degges joins the show…

In this podcast we speak with Randall Degges who leads the Developer Relations & Community team at Snyk. He’s here to talk to us about how to get developers enthusiastic about security, how to get them to use the right tooling, and how this tooling will evolve in the future to actually help developers fix bugs in their code.

Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor

In other news: Vanuatu government hit by ransomware; AWS shuts down free Wickr Me E2EE IM service; Zeppelin ransomware secretly decrypted for two years.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and presented by Claire Aird.You can find the newsletter version of this podcast here.

Between Two Nerds: Why regulating the 0day market won't stop mercenary spyware

The EU hates spyware, but by trying to stamp it out it could well make things worse...

In this edition of Between Two Nerds Tom Uren and The Grugq examine some recommendations in a recent draft report from a European Parliament inquiry into the use of Pegasus and similar spyware. The report contains an interesting overview of the European spyware market but makes some recommendations that are not just ineffective but positively counterproductive — they’ll actually make the world a less safe place.

Risky Business #685 -- Australia releases the hounds, and it might just work

Why the Australian government's announcement is more than bluster...

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Australia lets ASD loose on ransomware crews, but will it work? (Tom Uren joins us to chat about this one)
  • Twitter’s wheels haven’t fallen off yet but they sure are wobbling
  • Hundreds of millions stolen from FTX mid implosion
  • Security researchers start looking at Mastodon and… yeah
  • Much, much more!

This week’s show is brought to you by Gigamon. George Sandford from Gigamon pops in for this week’s sponsor interview to talk about how to successfully stand up an NDR program.


SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: