Podcasts

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

In this podcast Tom Uren and Patrick Gray talk about the likelihood that the incoming Trump administration will end the ‘dual-hat’ arrangement where a single officer leads both US Cyber Command and the National Security Agency. This would result in Cyber Command outranking NSA and could prioritise cyber disruption operations over intelligence collection. That would be a bad outcome.

They also talk about how changes to SEC disclosure rules have led to an outpouring of corporate drivel and how WhatsApp became an everything app.

This episode is also availble on Youtube.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The SEC’s cyber incident reporting isn’t very exciting after all
• China Telecom on the way to being thrown out of the US
• The NSA/Cybercom might get two separate hats
• The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
• (Yet another) File upload bug in Struts makes Java admins weep
• And much, much more.

This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing.

This episode is also available Youtube.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the evolution of Russian cyber operations during its invasion of Ukraine.

This episode is also available on Youtube.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

In this edition of the Wild World of Cyber podcast Patrick Gray sits down with SentinelOne’s Chief Intelligence and Public Policy Officer Chris Krebs to talk all about Chinese cyber operations.

They look at the Salt Typhoon and Volt Typhoon campaigns, the last 20 years of Chinese operations, and the evolution of the cyber roles of China’s Ministry of State Security and People’s Liberation Army.

It’s a very dense hour of conversation!

This podcast was recorded in front of an audience at the Museum of Contemporary Art in Sydney.

This episode is also available on Youtube.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

In this podcast Tom Uren and Patrick Gray talk about the US Federal Communications Commission effort to get US telcos to lift their security game and compares it to UK and Australian efforts. The US is very late to the game, and improving security is a huge job.

They also talk about Chinese cyber actors continuing to pointlessly sow chaos and how an influence campaign in Romania is an absolute disaster for TikTok.

This episode is also available on Youtube.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Cleo file transfer products have a remote code exec, here we go again!
• Snowflake phases out password-based auth
• Chinese Sophos-exploit-dev company gets sanctioned
• Romania’s election gets rolled back after Tiktok changed the outcome
• AMD’s encrypted VM tech bamboozled by RAM with one extra address bit
• Some cool OpenWRT research
• And much, much more.

This week’s episode is sponsored by Thinkst, who love sneaky canary token traps. Jacob Torrey previews an upcoming Blackhat talk filled with interesting operating system tricks you can use to trigger canaries in your environment. You wont believe the third trick! Attackers hate him!

This episode is also available on Youtube.