Risky Business Podcast

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Albanian authorities raid MEK over Iran hacks
• Microsoft admits “Anonymous Sudan” took down its services
• US Government puts $10m bounty on CL0P
• A deeper look at the Barracuda hack campaign
• Much, much more

This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Fortinet 0day Groundhog Day
• CISA’s new binding directive on exposed management interfaces
• Confirmed: US intelligence buying commercially available data
• MOVEit drama rolls on
• Much, much more

This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Russia’s FSB uncovers “NSA malware” on iPhones
• Cl0p mass harvests data from MOVEit file transfer servers
• ASD discloses a bunch of operations against ISIS, criminals
• Why China’s prepositioning is probably… prepositioning
• Much, much more

This week’s show is brought to you by Thinkst Canary. Marco Slaviero is this week’s sponsor guest and he joins us to talk about indirect LLM prompt injection and the latest Canary release.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• China’s lolbin-powered intrusions into critical infrastructure
• Trend Micro backs BlackBerry’s Cuba call
• Anonymous Sudan shakes down Scandanavian Airlines
• Iranian opposition party MEK publishes gargantuan leak
• Much, much more

This week’s show is brought to you by Kubernetes security company KSOC. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

In this Soap Box podcast Patrick Gray talks to George Glass, the threat intelligence operations leader in the Cyber Risk practice at Kroll.

They talk about all sorts of things, like:

• How the ransomware ecosystem is evolving into “ma and pa” operations
• Some killer detections they’ve figured out
• What separates the good networks from the bad ones
• Why EDR is of limited value if you’re not actually monitoring it
• Why not letting MDRs do the R part of their job is really, really, really dumb

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Germans charge FinFisher executives
• The got FBI busted misusing 702 data
• Special guest Chris Krebs talks China
• New research breaks Android fingerprint auth
• Much, much more

This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about the work Trail of Bits is doing in securing AI systems, and making them safe.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Wazawaka charged, sanctioned
• PlugwalkJoe extradited, pleads guilty
• BlackBerry thinks Cuba ransomware is a front for Russian intelligence
• Anonymous Sudan pops up in Israel
• Microsoft’s Outlook patch fail
• Much, much more

This week’s show is brought to you by Bloodhound Enterprise. Andy Robbins is this week’s sponsor guest. He talks about how graph theory could help us to uncover more lolbins.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Joe Sullivan’s sentencing
• MSI key material leak
• Merck to be paid in NotPetya claim
• The FBI takes down Turla’s Snake malware operation
• Much, much more

This week’s show is brought to you by Gigamon. Chaim Mazal, Gigamon’s CSO, is this week’s sponsor guest. He’s talking about how the company’s gear is acting as a data source for network security products.

In this edition of Snake Oilers:

• Travis McPeak pitches Resourcely’s automagic Terraform cloud-provisioning technology
• Ken Westin pitches Panther – a cloud-native SIEM developed by former practitioners
• Brian Kenyon from Island talks about the company’s enterprise browser

Enjoy!

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Rob Joyce weighs in on AI and offsec
• Mysterious hacker doxes Russian intelligence agency bitcoin wallets
• Wired deep dives on SolarWinds
• AmeriCold food logistics giant suffers incident
• Iranian authorities roll low-tech spyware
• Much, much more

This week’s show is brought to you by Greynoise. Its founder and CEO Andrew Morris is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.