Podcasts

News, analysis and commentary

Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
  • The ransomware ecosystem is finding life a bit tough lately
  • SAP Netweaver bug being used by Chinese APT crew
  • Academics keep just keep finding CPU side-channel attacks
  • And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?

This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future.

This episode is also available on Youtube.

Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys
0:00 / 57:52

Risky Bulletin: EU launches its own vulnerability database

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

The EU launches its own vulnerability database, a Turkish APT deploys a zero-day in Iraq, North Korea tasks an APT to Ukraine, and Spain will probe cyber’s role in last month’s energy grid collapse.

Risky Bulletin: EU launches its own vulnerability database
0:00 / 6:49

Between Two Nerds: Should US spies steal Chinese commercial secrets?

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq examine whether the US should steal intellectual property from Chinese companies.

This episode is also available on Youtube.

Between Two Nerds: Should US spies steal Chinese commercial secrets?
0:00 / 32:25

Risky Bulletin: Kaleidoscope ad fraud network infects 2.5m devices a month

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

The Kaleidoscope ad fraud network infects 2.5 million devices a month, Germany seizes the eXch crypto-mixing service, the US takes down the Anyproxy botnet, and Chrome will use on-device AI to detect tech support scams.

Risky Bulletin: Kaleidoscope ad fraud network infects 2.5m devices a month
0:00 / 5:50

Sponsored: What really goes down on Blackhat wifi networks

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

In this Risky Bulletin sponsor interview James Pope, Director of Technical Enablement, talks to Tom Uren about his experience running networks and security centres at Black Hat conferences around the world. Pope talks about the challenges of running a SOC at a hacker conference, how conference networks around the world have a different character and talks about all the weird and wonderful security snafus he has found.

Sponsored: What really goes down on Blackhat wifi networks
0:00 / 15:35

Risky Bulletin: France says Russia's influence operations are achieving results

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

France says Russia’s influence operations are achieving results, Crowdstrike lays off 5% of its staff, a hacker dumps LockBit’s ransomware database, and a ransomware attack slows production at a major US medical device maker.

Risky Bulletin: France says Russia's influence operations are achieving results
0:00 / 6:03

Wide World of Cyber: How state adversaries attack security vendors

Presented by

Alex Stamos
Alex Stamos

CISO, Sentinel One

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne’s Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them.

From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns.

This edition of the Wide World of Cyber was recorded in front of a live audience in San Francisco, with Patrick attending via Zoom.

The Wide World of Cyber podcast series is a wholly sponsored co-production between SentinelOne and Risky Business Media.

This episode is also available on Youtube.

Wide World of Cyber: How state adversaries attack security vendors
0:00 / 52:42

Srsly Risky Biz: US Cyber Command to be unleashed

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray talk about how the US is planning to take the gloves off in cyberspace and conduct much more aggressive offensive cyber operations. US responses to cyber espionage have not been very aggressive to date, but Tom is not convinced that cyber punches are required, so much as blows that really hurt.

The pair also discuss TeleMessage, the Signal clone the Trump cabinet has been using. The app managed to sidestep certification and assessment processes and ended up being used by various agencies in the US government. And the White House. It’s a mystery how this happened.

This episode is also available on Youtube.

Srsly Risky Biz: US Cyber Command to be unleashed
0:00 / 21:24

Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.
  • Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad
  • After six years dormant, a Magento eCommerce platform backdoor comes to life
  • The North Korean IT worker scam is truly webscale
  • NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?

This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube.

This episode is available on Youtube too.

Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate
0:00 / 56:12

Risky Bulletin: NSO ordered to pay Meta $167 million in WhatsApp lawsuit

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

NSO Group ordered to pay Meta $167 million dollars, the White House tells N-S-A to cut 8% of its civilian staff, the US sanctions a Myanmar militia group leader for cyber scams, and one of the Nomad Bridge hackers gets arrested in Israel.

Risky Bulletin: NSO ordered to pay Meta $167 million in WhatsApp lawsuit
0:00 / 5:37