Podcasts

News, analysis and commentary

Srsly Risky Biz: Small beer surveillance firms escape crackdown, for now

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Amberleigh Jack talk about First Wap, a Jakarta-based company that is selling surveillance-as-a-service. The good news is that it appears that government and media attention has had an impact on high-profile spyware vendors like NSO Group. The bad news is that these smaller players are flying under the radar and aren’t afraid of selling to sketchy customers.

They also talk about how the Chinese government has harnessed the power of its exploit development community with hacking contests.

This episode is also available on Youtube.

Srsly Risky Biz: Small beer surveillance firms escape crackdown, for now
0:00 / 20:35

Risky Business #810 -- Data extortion attacks have a silver lining

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • FBI intervenes in Scattered Spider Salesforce leaksite
  • Clop loots Oracle E-Biz deployments
  • Plus so much more data extortion.. At least it’s not ransomware … we guess?
  • The US still can’t decide who’s gonna be in charge of NSA & Cybercom
  • Cambodian scam compounds get sanctioned and $15b in crypto is seized
  • NSO gets sold for pocket-lint-grade money
  • Bugs! Redis CVSS 10, Ivanti, Crowdstrike and… Internet Explorer?! zeroday?! In the wild?!!!?

This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow.

This episode is also available on Youtube.

Risky Business #810 -- Data extortion attacks have a silver lining
0:00 / 63:12

Risky Bulletin: Windows 10 reaches End-of-Life

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Windows 10 reaches End-of-Life, CISA cyber personnel avoided last week’s layoffs, the US seizes $15 billion dollars from a cyber-scam-compound operator, and a Secure Boot bypass impacts 200,000 Framework computers.

Risky Bulletin: Windows 10 reaches End-of-Life
0:00 / 8:39

Between Two Nerds: The Keyser Soze of Scattered Spider

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how different cybercriminal groups are after insiders to provide network access.

This episode is available on Youtube.

Between Two Nerds: The Keyser Soze of Scattered Spider
0:00 / 22:34

Risky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Microsoft revamps Edge-IE-Mode after zero-day attacks, the FBI seizes the extortion site targeting Salesforce, a new round of layoffs hits CISA, and Apple doubles its bug bounty rewards.

Risky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks
0:00 / 7:24

Sponsored: Fighting fire with fire

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

In this Risky Business sponsored interview, Tom Uren talks to Damien Lewke, CEO and founder of Nebulock about countering adversary use of AI… with AI. They talk about how threat actors are rapidly adopting AI and what defenders should be doing in response.

Sponsored: Fighting fire with fire
0:00 / 14:37

Risky Bulletin: EU scraps Chat Control vote

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

The EU scraps its upcoming vote on Chat Control, Ukraine establishes a Cyber Force, CISA workers are reassigned to immigration enforcement, and two teens are arrested over the UK nursery hacks.

Risky Bulletin: EU scraps Chat Control vote
0:00 / 6:36

Srsly Risky Biz: Clop is a big fish, but not worth hunting

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Amberleigh Jack talk about the Clop ransomware gang. It is interesting because the group has arrived at a strategy that rinses a whole lot of enterprises at once and comes with a decent pay day, But it’s actually the least damaging kind of ransomware. Tom wonders why can’t more gangs be like Clop?

They also discuss the US government having second thoughts about ignoring foreign influence operations. Its adversaries run them all the time, so perhaps just sticking its head in the sand isn’t the best strategy.

This episode is also available on Youtube.

Srsly Risky Biz: Clop is a big fish, but not worth hunting
0:00 / 16:47

Risky Bulletin: Redis vulnerability impacts all versions released in the last 13 years

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Redis patches a remote code execution vulnerability, Oracle out-of-band-fixes a zero-day used in a recent extortion campaign, Medusa ransomware group was behind a recent Fortra zero-day, and India fixes a tax filing system flaw;

Risky Bulletin: Redis vulnerability impacts all versions released in the last 13 years
0:00 / 6:16

Snake Oilers: Realm Security, Horizon3 and Persona

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of the Snake Oilers podcast, three vendors pop in to pitch you all on their wares:

  • Realm Security: A security focussed, AI-first data pipeline platform
  • Horizon3: AI hackers! Pentesting robots!! They’re coming fer yur jerbs!
  • Persona: Verify customer and staff identities with live capture

This episode is also available on Youtube.

Snake Oilers: Realm Security, Horizon3 and Persona
0:00 / 45:40