Podcasts

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh goes over recent trends in email badness, such as the increase in QR code abuse and the rise of SVG smuggling.

Hacktivists sabotage over 100 Iranian ships, Iran calls out China for hacking, six new Paragon customers come to light, and North Korea creates a new cyber unit.

Tom Uren and Patrick Gray discuss how China’s Ministry of State Security is increasingly doxxing and threatening Taiwanese APT operators. In some ways this mirrors the US strategy of naming and shaming Chinese cyber operators in indictments that contain lots of supporting information. But although MSS statements are filled with propaganda rather than technical detail, naming Taiwanese military hackers has some bite.

They also discuss Russia’s ‘shadow war’ sabotage campaign across Europe. The Russian campaign mostly relies on traditional sabotage and finding local proxies to throw bombs. But it does make sense for Western governments to respond with destructive cyber operations.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Github Actions supply chain attack loots keys and secrets from 23k projects
• Why a VC fund now owns a minority stake in Risky Business Media (!?!?)
• China doxes Taiwanese military hackers
• Microsoft thinks .lnk file whitespace trick isn’t worth patching but APTs sure love it
• CISA delivers government efficiency by re-hiring fired staff… to put them on paid leave
• …and Google acquires Wiz for $32bn

This week’s show is sponsored by Zero Networks, and they have sent along a happy customer to talk about their experience. Aaron Steinke is Head of Infrastructure at La Trobe Financial, an asset management firm in Australia. Aaron talks through bringing modern zero-trust goodness to the reality of a technology environment that’s been around 40 years.

This episode is also available on Youtube.

Google buys Wiz for $32 billion, China attributes the Poison Ivy APT group to the Taiwanese Military, APT groups abuse a Windows zero-day and a judge tells CISA to reinstate fired workers.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how offensive cyber operations could do so much more than just ‘deny, disrupt, degrade and destroy’. Grugq thinks this thinking is rooted in military culture and he wonders why cyber operations are always so mean.

This episode is also available on Youtube.

A GitHub supply chain attack leaks secrets, the White House tells federal agencies to stop firing cyber staff, Germany exempts cybersecurity from debt limits, and the RCS standard adds support for end-to-end encryption.

In this Risky Bulletin sponsor interview Matt Muller, field CISO of Tines, explains how governments are using carrots and sticks to improve the security of enterprise software. Matt discusses CISA’s ‘Secure by Design’ pledge and the UK NCSC’s effort to quantify ‘unforgivable bugs’

The FBI warns of online file converters that distribute malware, China backdoors Juniper router, a wave of ransomware hits Taiwan, and North Korean spyware slips into the Play Store.

Tom Uren and Patrick Gray discuss how X is actively engaging in political interference outside the US. The risks mirror those of TikTok. American legislators moved against TikTok because it could potentially be a powerful tool for the Chinese government to interfere with American political discourse. X is a realised threat, not a potential one, so we expect that foreign governments will start to consider a ban.

They also explore why mass firing of probationary employees in NSA and intelligence agencies is particularly damaging.

This episode is also available on Youtube.