Podcasts

In this podcast Patrick Gray and Tom Uren talk about the US Securities Exchange Commission warning SolarWinds executives that it is planning to bring enforcement actions against them. This is a big deal and really signifies that the SEC wants companies to be much more open about cybersecurity incident disclosures.

They also discuss the outcomes from a European law enforcement operation against the EncroChat ‘crimephone’. It was an absolutely stunning success, but what does it mean for the future of the access debate?

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land.

The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively used so-called living off the land techniques.

So the question becomes – what can you do about an attacker in your environment who has privilege and isn’t using malware?

Guests David Cottingham and Daniel Schell, the CEO and CTO of Airlock Digital, join the show to talk it through.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this podcast Patrick Gray and Tom Uren talk about the PRC’s campaign compromising Barracuda Email Security Gateways. It doesn’t quite break international “norms”, but it is definitely on the nose.

They also discuss Albania’s police raid of an Iranian opposition refugee camp which is said to be hosting a hacking cell that targeted Iran’s government.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Albanian authorities raid MEK over Iran hacks
• Microsoft admits “Anonymous Sudan” took down its services
• US Government puts $10m bounty on CL0P
• A deeper look at the Barracuda hack campaign
• Much, much more

This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this edition of Between Two Nerds Tom Uren and The Grugq look at three different state operations that have recently been outed and what these operations tell us about how these states are behaving.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.