Podcasts

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI.

This episode is available on Youtube.

An AI-driven hacking campaign breached 600 Fortinet devices, Ivanti was hacked via its own product, Wikipedia bans Archive-dot-Today for DDoS attacks, and Chinese hackers breached Italy’s police force.

In this Risky Business sponsor interview, Casey Ellis and Feross Aboukhadijeh discuss how AI is affecting open source, chat about a few attacks the company has seen in the wild and introduce Socket’s answer to the smouldering trashfire: Socket Firewall.

RPKI relies on vulnerable servers, the French Ministry of Economy discloses a data breach, the UK gives tech platforms 48 hours to remove revenge porn, and ClickFix-attacks are responsible for 50% of malware infections.

There’s a lethal trifecta of AI risks: access to private data, exposure to untrusted content, and external communication. In this conversation, Risky Business host Patrick Gray chats with Josh Devon, the co-founder of Sondera, about how to best address these risks.

There is no magic solution to this problem. AI models mix code and data, are non-deterministic, and are crawling around all over your enterprise data and APIs as you read this.

But in this sponsored interview, Josh outlines how we can start to wrap our hands around the problem.

This episode is also available on Youtube.

In this debut feature conversation in the Risky Business Features feed James Wilson sits down with Brad Arkin, the former CSO of Adobe, Cisco, and Salesforce, to talk all about AI pentesting.

Finding and fixing bugs is great, but does it materially improve the overall security of a product? What’s the point of a pentest if the tester can’t walk you through their findings when it’s over? Is “bugs per dollar spend” really the measure of value in security testing?

We hope you enjoy this podcast!

Tom Uren and Amberleigh Jack talk about a groundswell of calls from European officials to build cyber capabilities to strike back against adversaries. There are good reasons that countries should have their own cyber capabilities, but if you don’t have the political will to strike back, having a magic cyber weapon doesn’t really make a difference.

They also talk about ‘distillation attacks’. They are a way that AI developers can steal the secret sauce of advanced models just by asking questions. It looks like American companies need government assistance if the US wants to keep its AI lead.

This episode is also available on Youtube.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• Palo Alto threat researchers want to attribute to China, but management says shush
• An increasing proportion of ransomware is data extortion. Is this good?
• Cambodia says it’s going to dismantle scam compounds
• CISA sufferers through yet another shutdown
• Google Gemini’s training secrets are being systematically harvested to improve other LLMs
• Academics assess SaaS password managers’ resilience against a malicious server

This episode is sponsored by SSO-firewall integration vendor Knocknoc. Chief exec Adam Pointon joins to talk about the latest in defences… which is to say Knocknoc for Solaris/Sparc and HPUX on PA-RISC?! Okay also that other little known OS… Windows.

This episode is also available on Youtube.

A supply chain attack plants backdoors on Android tablets, the EU blocks AI from lawmakers’ devices, Cellebrite was used against a Kenyan politician, and a Chinese APT is exploiting a Dell zero-day.

AI agents are being deployed with the same trust-by-default architecture the early internet had. Same mistakes, MUCH faster timeline.

OpenClaw has hit 180K+ GitHub stars. But in the past week:

• 341 malicious skills on ClawHub were distributing Atomic Stealer
• ZeroPath disclosed a Browser Relay vuln enabling cross-tab cookie theft
• CrowdStrike, Cisco, and Bitdefender all published enterprise advisories
• VirusTotal partnered with ClawHub to scan uploads
• Korean tech firms (Kakao, Naver, Karrot) banned it on corporate networks
• 1,000+ Open PRs, 250+ less than 24 hours old.

But how does this thing actually work? Join James Wilson as he explains why banning these types of agents doesn’t work, why browser sessions are now API surfaces, and why your organisation needs to think of these issues early or be condemned to decades of catch-up programs.