Podcasts

In this sponsored interview, Casey Ellis interviews Push Security co-founder and Chief Product Officer Jaques Louw about how good phishing crews have gotten at evading detection.

Attackers are hiding their payloads behind legitimate bot-detection tools to stop things like email security gateways from seeing them, as well as locking up phishing pages behind OAuth challenges.

Push sees all this because it’s installed as a browser plugin and sees what users see.

A hacking group goes after Salesforce data, the FBI takes down the BidenCash carding forum, China offers rewards for Taiwanese military hackers, and high risk bugs are patched in enterprise software from HPE and Infoblox.

Tom Uren and Patrick Gray talk about how Operation Endgame, the multinational law enforcement effort to tackle ransomware is approaching the problem holisitically. It’s tackling the enablers of ransomware and although it won’t eliminate the crime, it’ll make it harder for criminals.

They also discuss the spyware app that helped to dismantle the Syrian regime, at least maybe a little bit, and how Russian military intelligence’s sabotage and assasination unit got into cyber operations.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Cyber firms agree to deconflict and cross-reference hacker group names
• Russian nuclear facility blueprints gathered from public procurement websites
• Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
• Germany identifies the Trickbot kingpin
• Google spots China’s MSS using Calendar events for malware C2
• Meta apps abuse localhost listeners to track web sessions.

This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.

This episode is also available on Youtube.

A spyware app infected the Syrian Army’s soldiers before the regime collapsed, NSO appeals its WhatsApp verdict, Chrome and Qual-comm patch zero-days, and an Emergency services information sharing group shuts down;

In this edition of Between Two Nerds Tom Uren and The Grugq look at NSA’s take on information warfare, all the way back from 1997.

This episode is also available on Youtube.

Law enforcement agencies take down A-V-Check, four US Senators urge for the reinstatement of the Cyber Safety Review Board, Germany identifies the leader of the TrickBot gang, and an AI-vibe-coding platform leaks user data and API keys.

In this sponsored interview, Risky Business Media’s brand new interviewer Casey Ellis chats with runZero founder and CEO HD Moore about why vuln scanning tech is awful and broken. He also talks about how they’re trying to do something better by glueing their own discovery product to the nuclei open source vulnerability scanner.

Windows Update will deliver third party app updates, a public database exposed Russia’s nuclear secrets, US banks ask the SEC to rescind cyber breach disclosure rule, and ConnectWise discloses an APT breach.

Tom Uren and Patrick Gray talk about Russian DanaBot malware developers making a tailored variant of their malware specifically for espionage. This fills in some of the blanks on the exact relationship between Russian criminals and the country’s intelligence services.

They also discuss a US Director of National Intelligence initiative to centralise the purchase of commercially acquired information. Although this information can be used maliciously, having a one-stop-shop should make it easier to check that it is being used responsibly.

This episode is also available on Youtube.