Podcasts

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this podcast Patrick Gray and Tom Uren talk about the PRC’s campaign compromising Barracuda Email Security Gateways. It doesn’t quite break international “norms”, but it is definitely on the nose.

They also discuss Albania’s police raid of an Iranian opposition refugee camp which is said to be hosting a hacking cell that targeted Iran’s government.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Albanian authorities raid MEK over Iran hacks
• Microsoft admits “Anonymous Sudan” took down its services
• US Government puts $10m bounty on CL0P
• A deeper look at the Barracuda hack campaign
• Much, much more

This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this edition of Between Two Nerds Tom Uren and The Grugq look at three different state operations that have recently been outed and what these operations tell us about how these states are behaving.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

In this podcast Patrick Gray and Tom Uren talk about a new report examining how the US intelligence communities uses data it buys. It finds that data you can buy now rivals or exceeds what intelligence agencies can collect, but the IC overall doesn’t treat the data with the sensitivity and care that it deserves. Fixing IC policy is one thing, but that won’t help at all with foreign adversaries or even local US law enforcement. US needs good data privacy law that cleans up the whole field.

They also look at new research that examines how lawyers’ incentives to protect clients mean that incident response is hamstrung when it comes to discovering root causes and learning lessons.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

You can find the newsletter version of this podcast here.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Fortinet 0day Groundhog Day
• CISA’s new binding directive on exposed management interfaces
• Confirmed: US intelligence buying commercially available data
• MOVEit drama rolls on
• Much, much more

This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.