Podcasts

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:

• Iran’s Intune-based wiper attack on medical device maker Stryker
• Qihoo 360’s AI publishes its own wildcard TLS cert private key
• Instagram is canning its end-to-end encrypted messaging
• What’s going on with mobile internet access in Moscow?
• The Xbox One’s bootloader gets voltage glitched into submission
• Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…)

This week’s episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique.

This episode is also available on Youtube.

The EU imposes cyber sanctions, an Iranian cyber chief was killed by US-Israeli strikes, the UK fixes a major bug in its company registry, and a US man phishes celebrity athletes while on home detention… for phishing.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how bombing Iran changes incentives for Iranian hacker groups. Destroying other ways that Iran might project power could force it to double down on cyber capabilities.

This episode is also available on Youtube.

Meta suspends Mexican cartel accounts, multiple vulnerabilities have been found in Linux AppArmour, Instagram will disable support for end-to-end encrypted messaging and a supply chain attack hits AppsFlyer.

In this Risky Business sponsor interview, Catalin Cimpanu talks with Alex Orleans, Head of Threat Intelligence at Sublime Security, about the increase in email attacks leveraging Zoom invites and other video conferencing tools.

Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs.

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy.

In this Soap Box edition of the Risky Business podcast Patrick Gray sits down with Airlock Digital co-founders Daniel Schell and David Cottingham to talk about the role AI models could play in managing enterprise allowlists.

They also talk about the durability of allowlisting as a control. After 12 years in business, the Airlock product hasn’t really changed all that much. That’s a good thing! It also means the Airlock team have been able to spend some time doing deep engineering instead of chasing the latest attacker TTPs and writing detection rules for them.

This episode is also available on Youtube.

Tom Uren and Amberleigh Jack talk about the newly released Trump Cyber Strategy for America. The ideas in it are fine and occasionally even game-changing, but many of its goals have been undercut by the administration’s actions to date.

They also discuss the Coruna exploit kit, which is now known to have leaked from a US defence contractor. Exploits are so valuable that it is unrealistic to expect they can be kept secret.

This episode is also available on Youtube.

Join James Wilson in this solo podcast as he takes a (ridiculously) deep dive into the Coruna exploit kit. James was a software engineer and senior manager at Apple for many years, so he has an intimate knowledge of iOS internals. He even worked alongside the people who wrote the software that the Coruna kit exploits!

This long-form solo podcast follows the chain of exploits from watering-hole website right through to full device compromise with many incredible leaps over security boundaries along the way. You’ve heard Coruna described as a sophisticated, nation state-grade exploit kit, and James will explain to you why that description is fitting.