Podcasts

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this podcast Tom Uren and Patrick Gray talk about the structure of the spyware ecosystem. It’s concentrated, with lots of vendors in India, Israel and Italy. And its a small pool of talent, with many companies being founded by just a few individuals.

They also talk about the US government’s actions against Russia’s disinformation ecosystem. The US very clearly linked different ‘layers’ of that ecosystem directly to the Russian government. Employing influencers via cutouts also shows how Russian disinformation has responded as social media platforms have countered interference efforts.

This episode is also available on Youtube.

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

• Russia’s disinformation peddlers face multifaceted sternness from the DoJ
• Telegram is now law enforcement’s bestest new pal, all of a sudden
• Iran’s banking industry arranges a payment plan for a ransom
• Columbia investigates how it sent private jets full of cash to pay for Pegasus
• Microsoft innovates with Un-Patch Tuesday
• And much, much more.

This week’s sponsor is Kroll Cyber, and one of their incident responders Paul Wells joins to discuss that one weird trick that actually helps - preparing for an incident before hand, rather than learning all those hard lessons in the middle of a crisis.

This week’s episode is also available on Youtube.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this edition of Between Two Nerds Tom Uren and The Grugq dissect an FBI advisory about North Korean groups targeting cryptocurrency firms with social engineering.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this Risky Business News sponsored interview, Tom Uren talks to Josh Kamdjou, founder and CEO of Sublime Security, about the spectrum of attacks that are taking advantage of generative AI. These range from taking basic attacks with a pinch of AI pixie dust to more complex attacks where AI is used to construct message threads with multiple personas.

Josh also talks about how different AI models can be used to identify these attacks even when they are novel.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this edition of Snake Oilers Patrick Gray gets pitches from three cybersecurity companies:

• Authentik, an open source identity provider that a lot of large organisations are deploying on prem as an alternative to cloud-based IDPs
• Dropzone AI, an LLM-based agent that can do the work of a Tier 1 SOC analyst
• SlashID, an identity security company that can crunch your logs to find attackers

You can watch this edition of Snake Oilers on YouTube here.

In this podcast Tom Uren and Patrick Gray discuss Russia’s use of exploits from commercial spyware vendors. Bought through a front, or stolen with other bugs?

The also discuss Iran’s counter-intelligence innovations - if you apply for a job thats very clearly an Israeli front, then perhaps you’re not that trustworthy after all?

This episode is also available on Youtube.