Podcasts

News, analysis and commentary

Srsly Risky Biz: FCC demands telcos improve security

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Patrick Gray
Patrick Gray

CEO and Publisher

In this podcast Tom Uren and Patrick Gray talk about the US Federal Communications Commission effort to get US telcos to lift their security game and compares it to UK and Australian efforts. The US is very late to the game, and improving security is a huge job.

They also talk about Chinese cyber actors continuing to pointlessly sow chaos and how an influence campaign in Romania is an absolute disaster for TikTok.

This episode is also available on Youtube.

Srsly Risky Biz: FCC demands telcos improve security
0:00 / 0:00

Risky Business #774 -- Cleo file transfer appliances under widespread attack

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Cleo file transfer products have a remote code exec, here we go again!
  • Snowflake phases out password-based auth
  • Chinese Sophos-exploit-dev company gets sanctioned
  • Romania’s election gets rolled back after Tiktok changed the outcome
  • AMD’s encrypted VM tech bamboozled by RAM with one extra address bit
  • Some cool OpenWRT research
  • And much, much more.

This week’s episode is sponsored by Thinkst, who love sneaky canary token traps. Jacob Torrey previews an upcoming Blackhat talk filled with interesting operating system tricks you can use to trigger canaries in your environment. You wont believe the third trick! Attackers hate him!

This episode is also available on Youtube.

Risky Business #774 -- Cleo file transfer appliances under widespread attack
0:00 / 0:00

Risky Biz News: Improperly patched Cleo bug exploited in the wild

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Improperly patched Cleo bug exploited in the wild
0:00 / 0:00

Between Two Nerds: Why the US is so uptight about cyber operations

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how states have very different approaches to controlling cyber operations.

At the very beginning they refer to this Microsoft Threat Intelligence post.

Between Two Nerds: Why the US is so uptight about cyber operations
0:00 / 0:00

Risky Biz News: Members of US Congress targeted by phishing op

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Members of US Congress targeted by phishing op
0:00 / 0:00

Risky Biz Soapbox: Enterprise Yubikeys can now be pre-registered

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this interview Patrick Gray talks to Yubico’s COO and President Jerrod Chong about a new Yubikey feature: pre-registration.

You can now ship pre-registered Yubikeys to your staff so you don’t need to rely on your staff to enrol them. They’ve achieved this with really slick Okta and Entra ID integrations.

Jerrod also talks about a recent trip to Singapore and concerns he has about the cybersecurity of critical infrastructure in the energy sector.

Risky Biz Soapbox: Enterprise Yubikeys can now be pre-registered
0:00 / 0:00

Sponsored: Proofpoint on the rise of ClickFix attacks

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Proofpoint senior threat intelligence analyst Selena Larson about the rise of Attacker-in-the-Middle phishing and ClickFix social engineering campaigns.

Sponsored: Proofpoint on the rise of ClickFix attacks
0:00 / 0:00

Risky Biz News: Salt Typhoon's telco hacking spree keeps getting bigger

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Salt Typhoon's telco hacking spree keeps getting bigger
0:00 / 0:00

Srsly Risky Biz: Why hack and leak is still a big deal

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Patrick Gray
Patrick Gray

CEO and Publisher

In this podcast Tom Uren and Adam Boileau talk about the continued importance of hack and leak operations. They didn’t really affect the recent US presidential election, but they are still a powerful tool for vested interests to influence public policy.

They also discuss the police bust of MATRIX, yet another encrypted messenger that is marketed to criminals and designed to resist police surveillance. The crimephone landscape is splintering due to the constant drumbeat of police success.

This episode is also available on Youtube.

Srsly Risky Biz: Why hack and leak is still a big deal
0:00 / 0:00

Risky Business #773 -- Cybercriminals are dropping like flies in Russia

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • The FTC decides its time to take another look at Microsoft
  • Exxon’s opponents targeted by hackers
  • Russian hackers keep getting sentenced and it confuses us
  • The Feds recommend Signal, because throwing hackers out of telcos ain’t gonna happen
  • A South Korean set-top-box manufacturer shipped a DDoS client for corpo-combat
  • And much, much more.

This week’s sponsor interview with Vijit Nair from Corelight. We talk to him about doing detection in cloud environments, and how the varied nature of cloud systems makes the old ways - network monitoring - useful in new and interesting ways.

If you’re in Sydney, Pat is recording a live episode of the Wide World of Cyber with Chris Krebs on 5 December. There might still be tickets left!

This episode is also available on Youtube.

Risky Business #773 -- Cybercriminals are dropping like flies in Russia
0:00 / 0:00