Podcasts

News, analysis and commentary

Risky Business #775 -- Cl0p is back, SEC hack disclosures disappoint

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • The SEC’s cyber incident reporting isn’t very exciting after all
  • China Telecom on the way to being thrown out of the US
  • The NSA/Cybercom might get two separate hats
  • The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
  • (Yet another) File upload bug in Struts makes Java admins weep
  • And much, much more.

This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing.

This episode is also available Youtube.

Risky Business #775 -- Cl0p is back, SEC hack disclosures disappoint
0:00 / 61:06

Between Two Nerds: The evolution of Russia's cyber operations in Ukraine

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the evolution of Russian cyber operations during its invasion of Ukraine.

This episode is also available on Youtube.

Between Two Nerds: The evolution of Russia's cyber operations in Ukraine
0:00 / 29:28

Risky Bulletin: Secret ransomware campaign targeted DrayTek routers for a year

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

Risky Bulletin: Secret ransomware campaign targeted DrayTek routers for a year
0:00 / 7:42

Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of the Wild World of Cyber podcast Patrick Gray sits down with SentinelOne’s Chief Intelligence and Public Policy Officer Chris Krebs to talk all about Chinese cyber operations.

They look at the Salt Typhoon and Volt Typhoon campaigns, the last 20 years of Chinese operations, and the evolution of the cyber roles of China’s Ministry of State Security and People’s Liberation Army.

It’s a very dense hour of conversation!

This podcast was recorded in front of an audience at the Museum of Contemporary Art in Sydney.

This episode is also available on Youtube.

Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations
0:00 / 50:04

Risky Bulletin: Germany's BSI sinkhole BADBOX malware

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

Risky Bulletin: Germany's BSI sinkhole BADBOX malware
0:00 / 8:52

Srsly Risky Biz: FCC demands telcos improve security

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Patrick Gray
Patrick Gray

CEO and Publisher

In this podcast Tom Uren and Patrick Gray talk about the US Federal Communications Commission effort to get US telcos to lift their security game and compares it to UK and Australian efforts. The US is very late to the game, and improving security is a huge job.

They also talk about Chinese cyber actors continuing to pointlessly sow chaos and how an influence campaign in Romania is an absolute disaster for TikTok.

This episode is also available on Youtube.

Srsly Risky Biz: FCC demands telcos improve security
0:00 / 17:20

Risky Business #774 -- Cleo file transfer appliances under widespread attack

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Cleo file transfer products have a remote code exec, here we go again!
  • Snowflake phases out password-based auth
  • Chinese Sophos-exploit-dev company gets sanctioned
  • Romania’s election gets rolled back after Tiktok changed the outcome
  • AMD’s encrypted VM tech bamboozled by RAM with one extra address bit
  • Some cool OpenWRT research
  • And much, much more.

This week’s episode is sponsored by Thinkst, who love sneaky canary token traps. Jacob Torrey previews an upcoming Blackhat talk filled with interesting operating system tricks you can use to trigger canaries in your environment. You wont believe the third trick! Attackers hate him!

This episode is also available on Youtube.

Risky Business #774 -- Cleo file transfer appliances under widespread attack
0:00 / 62:28

Risky Biz News: Improperly patched Cleo bug exploited in the wild

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Improperly patched Cleo bug exploited in the wild
0:00 / 9:42

Between Two Nerds: Why the US is so uptight about cyber operations

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how states have very different approaches to controlling cyber operations.

At the very beginning they refer to this Microsoft Threat Intelligence post.

Between Two Nerds: Why the US is so uptight about cyber operations
0:00 / 30:05

Risky Biz News: Members of US Congress targeted by phishing op

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

Risky Biz News: Members of US Congress targeted by phishing op
0:00 / 6:01