Podcasts

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

In this edition of Between Two Nerds Tom Uren and The Grugq look at the life cycle of 0days, dissect the conventional wisdom and talk about how 0days are never truly ‘burnt’.

In this edition of Snake Oilers we’ll be hearing from:

• Push Security: A browser plugin-based security company that combats identity-based attacks. (Much more compelling that it sounds in this description.)
• Knocknoc: The tool Risky Business uses to protect our own applications and services. (Restrict network/port access to users who are authenticated via SSO.)
• iVerify: Mobile security and threat hunting for iOS and Android. (Caught Pegasus in the wild!)

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more vulnerable to trust-based attacks (such as seen in XZ Utils) and discusses what can be done to defend against this type of supply chain subversion.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Patrick Gray. You can find the newsletter version of this podcast here.

In this podcast Adam Boileau and Tom Uren talk about what there is to learn from Mandiant’s report into the GRU Sandworm crew. Are the Russians a model for other actors, or just a get-‘er-done bunch of pragmatists?

They also talk about an attempt to build a World Cybercrime Index, assessing different national cybercrime specialisations.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey. You can find the newsletter version of this podcast here.

In this special edition of the Risky Business podcast Patrick Gray chats with former Facebook CSO Alex Stamos and founding CISA director Chris Krebs about sovereignty and technology.

China and Russia are doing their level best to yeet American tech from their supply chains – hardware, software and cloud services. They’ll be rebuilding these supply chains – for government systems, at least – from components that they have complete visibility into, and control over.

Meanwhile, America’s government faces different supply chain challenges. It has a supply chain that won’t be weaponised against it by its adversaries, but it lacks the same sort of visibility and control that its adversaries will eventually achieve over their supply chains. So where does this leave the west? Where does it leave China and Russia?

In this Risky Business News sponsored interview, Tom Uren talks to Dan Guido, the CEO of security research company Trail of Bits. Dan and Tom discuss DARPA’s upcoming AI cyber challenge, in which Trail of Bits will compete to solve very difficult bug discovery challenges. They also talk about Trail of Bits’ approach to making some of its own tools available to the community.