On this week’s show Patrick and Adam discuss the week’s security news, including:

• Yep, it was Cyber Command
• Also Microsoft, Symantec, Lumen and others
• Norwegian parliament hack pinned on Russia
• We finally talk about “ethics in OST”
• More

A group of technology companies were ready to unveil a long-term plan to disrupt and impose costs on the operators of the TrickBot botnet, when some other parties started messing with it…

In this (wholly sponsored) edition of the Snake Oilers podcast, three vendors will drop by to pitch their sweet, sweet snake oil:

• Vaughan Shanks pitches the Cydarm SOC incident management platform
• Adrian Kitto introduces Detexian, a platform that audits SaaS accounts
• Eric Skinner from Trend Micro talks about XDR

On this week’s show Patrick and Adam discuss the week’s security news, including:

• The UHS ransomware attack
• Someone is messing with TrickBot: Did the USA release the hounds?
• US Treasury issues final warning on sanctioned ransomware crews
• Azerbaijan and Armenia going at it
• Fancy Bear owns US government department

This week alone, ransomware attacks have crippled several hundred US hospitals and inconvenienced scientists working on COVID-19 vaccines and treatments. The lines have been crossed so many times now: do lawmakers really need to wait until an attack changes patient outcomes before the hounds are released?

In this podcast you’ll hear an interview with former Australian prime minister Malcolm Turnbull. He joins Risky Business to talk through a bunch of issues from Huawei’s exclusion from Australia’s NBN and 5G builds, to political accountability and leadership in cybersecurity.

Okta’s director of technology strategy Sami Laine joins the show to talk about identity in 2020.

The US Department of Justice has doxxed over 50 state-sponsored hackers from China and Iran in a spree of indictments and sanctions.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Russia, China, Iran having a red hot go at US political orgs
• Crowdstrike drops report, telcos having a bad time
• MSS owning US government with dumb bugs
• DoJ indicts Iranian script kiddie because reasons
• Proposed TikTok-Oracle deal barely makes sense
• The mother of all Microsoft auth bugs, wow
• Much, much more…

Microsoft has outed attempts by GRU attackers to hack into the Office365 accounts of political campaigns.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Why integrity and availability are key to developing a COVID vaccine
• China closing the “cyber gap” with USA
• ASPI publishes research on TikTok, WeChat censorship
• Belarusian “news app” was tracking activists
• Julian Assange back in court to fight extradition
• Much, much more

Plus DDoS extortion surge, Norwegian Parliament inboxes under attack, US weighs up cost of replacing Huawei and more…

This is a sponsored podcast.

Today we’re chatting with a very special guest, Haroon Meer.

Haroon is the founder of Thinkst Canary. Some call it a deception company, but he doesn’t, as you’ll hear. He says Canary is a detection company and the distinction is important.

On this week’s show Patrick and Alex discuss the week’s security news, including:

• NZ stock exchange felled by DDoS attack
• DNI cancels in-person election security briefings for Democats
• Russians didn’t hack Michigan voter data
• Sendgrid having a bad time of its own making
• US to doxes historical DPRK crypto laundering infrastructure, processes

The US Government has stepped up its campaign to expose North Korea’s state-backed cybercrime operations, this week doxxing malware the DPRK uses to cash out attacks on banks and the techniques it uses to launder funds stolen from cryptocurrency exchanges.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Former Uber CSO Joe Sullivan charged with obstruction of justice
• Whitehouse to concede WeChat carveouts for US operations in China
• A bunch of news that sounds like it’s from 1997

A criminal complaint filed against Uber’s former chief security officer this week was an extraordinary event because Uber’s response to its 2016 breach was anything but ordinary. There are nonetheless some hard lessons in it for every CSO.

On this week’s show Patrick, Adam and Sherrod DeGrippo discuss the week’s security news, including:

• NSA and FBI doxx GRU malware. Lol.
• Malicious Azure app snags SANS staffer
• Oracle to acquire TikTok?
• Trump weighs Snowden pardon
• Much, much more

This week’s show is brought to you by Airlock Digital. They make allowlist/safelist software that is actually manageable at scale! David Cottingham, an Airlock co-founder, joins the show this week to talk through a few product updates.

If the SANS Institute can fall victim to OAuth phishing, what hope do most Microsoft customers have?

The Australian Government has unveiled plans for unprecedented interventions in the operations of critical infrastructure providers.