Risky Business Podcast

In this edition of Snake Oilers:

• Travis McPeak pitches Resourcely’s automagic Terraform cloud-provisioning technology
• Ken Westin pitches Panther – a cloud-native SIEM developed by former practitioners
• Brian Kenyon from Island talks about the company’s enterprise browser

Enjoy!

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Rob Joyce weighs in on AI and offsec
• Mysterious hacker doxes Russian intelligence agency bitcoin wallets
• Wired deep dives on SolarWinds
• AmeriCold food logistics giant suffers incident
• Iranian authorities roll low-tech spyware
• Much, much more

This week’s show is brought to you by Greynoise. Its founder and CEO Andrew Morris is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• The supply chain attack in the supply chain attack
• Russia has a China dependency problem
• Recent research into TLS resumption flaws
• Google and Intel team up on hardware hacking
• DHS will hack enterprise kit
• Much, much more

This week’s show is brought to you by Corelight. Brian Dye, Corelight’s CEO, is this week’s sponsor guest. He’s talking about the (actually sensible) ChatGPT-driven features Corelight has built into its NDR platform.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Snake Oilers isn’t our regular weekly podcast, it’s a wholly sponsored series we do at Risky.Biz where vendors come on to the show to pitch their products to you, the Risky Business listener. To be clear – everyone you hear in one of these editions, paid to be here.

We’ll hear from three vendors in this edition of Snake Oilers:

• Socket.dev, a software supply chain product that currently deploys as a GitHub addon
• Teleport, a company that makes a secure access gateway/single sign on product for engineers to securely access infrastructure
• Mandiant joins us to pitch its Purple Team engagement product

Enjoy!

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Why 3CX was the dumbest supply chain attack we’ve seen
• Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved
• How attackers are burning down cloud infrastructure
• The latest from the world of spyware
• Much, much more

This week’s show is brought to you by Nucleus Security. Chris Hughes from Aquia is this week’s sponsor guest. He appeared at Nucleus Security’s invitation.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this Soap Box edition of the show, Thinkst Canary founder Haroon Meer joins us to talk about why the sudden pullback in venture funding in infosec is actually a good thing.

He thinks this will give founders licence to slow down and actually focus on making good products, instead of trying to build a company around vapourware or a minimum viable product.

NOTE: Patrick’s audio is a bit degraded in a few parts of this episode. It’s still clear enough, but if you hear some degradation in parts then yes, it’s us, not you.

On this week’s show Patrick Gray, Adam Boileau and Tom Uren discuss the week’s security news. They cover:

• The Biden White House’s executive order on spyware
• Why the infosec community writ large is wrong on TikTok
• Clop campaign: it’s time to ditch your file transfer gateways
• Major Android app booted from store because it was full of 0day privesc exploits lol
• More detail on the BreachForums admin arrest
• Much, much more

This week’s show is brought to you by runZero. HD Moore, co-founder of runZero, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick, Adam and Tom on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news in front of a live audience at AISA’s CyberCon in Canberra.

They cover:

• Yevgeny Prigozhin’s entire enterprise got majorly owned
• Kremlin bans iPhones among President’s staff
• A look at those Android handset baseband bugs (woof)
• A discussion of the acropalypse issue
• Why you need to sort out your egress filtering in light of the latest Outlook bug
• Shanna Daly joins us on stage to talk about why the infosec industry sucks
• Plus much much more

This week’s show is sponsored by Stairwell. Mike Wiacek, Stairwell’s founder, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Threat actors are really enjoying home networks and BYOD these days…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Why our LastPass/DPRK hunch weakened
• CISA launches ransomware warning program
• Is the Ring data extortion real?
• White House flags cloud service security regulation
• Pig Butchering overtakes BEC as top cybercrime earner
• Much more!

Today’s soap box is an absolute cracker. We’re talking to Andy Robbins, the principal product architect at SpecterOps and one of the three original creators of the original open source version of Bloodhound.

If you don’t know what Bloodhound is, it’s a tool that grabs Active Directory information and turns it into a navigable graph. So if you’re an attacker you land on a network, enumerate directory information, and then map out a path to domain admin.

Bloodhound has been extremely popular with red teamers for years – to the point that it’s just a standard tool in the red team toolkit. But the team behind Bloodhound is now turning their attention to making Bloodhound a defensive tool as well as an offensive tool.