Podcasts

The FBI warns of online file converters that distribute malware, China backdoors Juniper router, a wave of ransomware hits Taiwan, and North Korean spyware slips into the Play Store.

Tom Uren and Patrick Gray discuss how X is actively engaging in political interference outside the US. The risks mirror those of TikTok. American legislators moved against TikTok because it could potentially be a powerful tool for the Chinese government to interfere with American political discourse. X is a realised threat, not a potential one, so we expect that foreign governments will start to consider a ban.

They also explore why mass firing of probationary employees in NSA and intelligence agencies is particularly damaging.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA.

They talk through:

• A realistic bluetooth-proximity phishing attack against Passkeys
• A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor
• The ESP32 backdoor that is neither a door nor at the back
• The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists
• Years later, LastPass hackers are still emptying crypto-wallets
• …and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice!

Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline.

This week’s episode is sponsored by SpecterOps, makers of the BloodHound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using BloodHound’s insight.

This episode is also available on Youtube.

A Pro Palestinian group claims credit for the X DDoS, CISA gets a new director as DOGE fires its red teams, and Asian scam compounds keep growing.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about what Europe should do given that US security guarantees are evaporating. Should Europe grow its cyber capabilities, what it would get out of it and how should it go about doing it?

This episode is also available on Youtube.

Mobile browsers patch a passkey phishing vector, researchers find undocumented commands in a common IoT chip, the US government cuts election security funding, and a hacker steals – and then returns – funds from DeFi platform 1inch.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Andrew Morris, founder of security firm GreyNoise. Andrew talks about the major trends in mass internet scanning and exploitation, as per GreyNoise’s yearly threat report.

The US indicts the i-Soon and APT27 hackers, the BADBOX botnet gets disrupted again,authorities seize the Garantex crypto exchange, and the FBI arrests hackers who stole Taylor Swift concert tickets.

In this podcast Tom Uren and Patrick Gray discuss how Starlink is providing an internet lifeline for scam compounds that have had their internet access cut by Thai authorities. Starlink has a very poor track record dealing with unauthorised use, but it is time for the company to develop the processes to keep on top of these problems.

They also discuss how President Trump’s actions that favour Russia will make Five Eyes partners take stock, particularly when it comes to HUMINT intelligence sharing.

Finally they examine the did-it-happen-or-not stand-down of US Cyber Command’s Russian operations.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Did the US decide to stop caring about Russian cyber, or not?
• Adam stans hard for North Korea’s massive ByBit crypto-theft
• Cellebrite firing Serbia is an example of the system working
• Starlink keeps scam compounds in Myanmar running
• Biggest DDoS botnet yet pushes over 6Tbps

This week’s episode is sponsored by network visibility company Corelight. Vincent Stoffer, field CTO at Corelight joins to talk through where eyes on your network can spot attackers like Salt and Volt Typhoon.

This episode is also available on Youtube.