Podcasts

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Jared Atkinson, CTO at SpecterOps. They discuss how SpecterOps is using classifying identities under two categories, identities at rest and identities in transit, what they are and how they should be treated differently.

America’s Government Accountability Office says the Pentagon employs more than 70,000 cyber personnel, hackers steal SonicWall firewall configs, DeepSeek returns insecure code for groups China doesn’t like, and two Scattered Spider members arrested in the UK.

Tom Uren and Amberleigh Jack talk about why it is good news that US investment in spyware vendors has skyrocketed.

They also discuss the in-principle agreement for TikTok to remain in the US. It’s a win-win: a win for China and a win for TikTok, but not so much a win for US national security.

This episode is also available on YouTube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Shai-Hulud worm propagates via npm and steals credentials
• Jaguar Land Rover attack may put smaller suppliers out of business
• Leaked data emerges from the vendor behind the Great Firewall of China
• Vastaamo hacker walks free while appeal is underway
• Why is a senator so mad about Kerberos?

This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.

This week’s episode is also available on Youtube.

Android will only issue monthly updates for high-risk vulnerabilities A self-replicating attack hits the npm registry; BreachForums’ admin resentenced on appeal; …and hackers breach Gucci’s parent company.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the limits of a state’s cyber power.

This episode is also available on YouTube

The US sues a crypto ATM operator for profiting from scams, SMS blasters make their way into Switzerland, the US and Portugal tussle over the extradition of the RaidForums admin, and Samsung patches a zero-day in its phones.

In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management.

With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network.

It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud.

This episode is also available on Youtube.

In this sponsored interview, Casey Ellis chats to David Cottingham and Daniel Schell from Airlock Digital. They discuss the challenge of browser extension management for enterprises, why it’s a priority and how Airlock can help.

Apple notifies French users of spyware attacks, China will increase fines for data breaches Google pays $1.6mil for cloud bugs at a hackathon event, and no more hacked free laundry for Dutch students