Risky Business Podcast

Regular listeners to the podcast would know that for the last year or so, my cohost Adam Boileau and I have been talking a lot about how governments might involve non law enforcement agencies in a response to the big game ransomware epidemic. To discuss that, we’re joined by Bobby Chesney, the co-founder of the Lawfare blog and a very highly respected figure in US national security circles.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• German intelligence warns of widespread Russian infrastructure hacks
• NGOs urge COVID-19 hack de-escalation
• UK mulls total Huawei ban… we think it’s a done deal
• DHS warning on 5G “moronavirus”
• Wen jailbreak? NOW JAILBREAK
• iOS 14 leaks
• Much, much more…

On this week’s show Patrick and Adam discuss the week’s security news, including:

• easyJet breach linked to Chinese APT
• Israel claims credit for attack against Iranian port
• Chinese-linked crew behind Taiwan energy hax
• Crypto-wars reignite over Pensacola shooter’s phone
• Much, much more

This isn’t the normal, weekly Risky Business podcast, Soap Box is the wholly sponsored podcast series we do here at Risky.Biz where vendors pay us money to come on to the show and talk about topics that interest them.

Today we’re speaking with Jesse Rothstein, the co-founder and CTO of ExtraHop Networks. ExtraHop is a network security play, but they started off more in the application monitoring and performance space before gradually moving into security over time.

In this interview Jesse talks about network security monitoring, ExtraHop’s history, and what people are using the ExtraHop tech to do during the COVID-19 crisis.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• US takes aim at China over vaccine hax
• ??? takes aim at Iranian port infrastructure over ???
• Iran attacks Gilead pharma
• Zoom acquires Keybase
• Thunderbolt research discussed
• US to drop more DPRK malware
• Ransomware targets European hospital group
• Australian flu vaccine distribution disrupted by ransomware
• More!

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Salt framework 1Day wreaks havoc
• Toll Group hit with ransomware attack. Again.
• Germans indict APT28 operator
• Ransomware a key word in SEC filings
• Much, much more!

Snake Oilers isn’t the regular Risky Business podcast, if you’re looking for that just scroll back to one of the numbered episodes in our podcast feed. Snake Oilers is the wholly sponsored podcast series we do here at Risky.Biz where vendors give us money so they can come on to the show and pitch you their sweet, sweet Snake Oil.

In this edition of snake oilers we’ll hear from:

• David Cottingham of Airlock Digital pitches the Crowdstrike/Airlock two piece combo meal deal
• Marc Rogers of Okta talks passwordless authentication and pitches modern SSO generally
• John Emmitt of Kaseya pops in to pitch the VSA endpoint management agent

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Spy companies pitch ridiculously invasive approaches to contact tracing
• NSO Group busted running c2 boxes in USA according to WhatsApp lawsuit
• Australian government releases contact tracing app, no idea if it works
• Chinese telcos to get boot from USA
• Much, much more

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Czechs claim state-backed healthcare sector attack preparation
• Pompeo goes full cyber berserker
• New iOS exploit chain targets Uyghur diaspora
• Zoom 0day for $500k? Tell him he’s dreamin’

Snake Oilers is a wholly sponsored podcast series we do here at Risky.Biz where vendors come on to the show to pitch their wonderful, wonderful, magical snake oil to you, the listeners.

In today’s podcast you’ll hear from:

• Kenn White from MongoDB talking about client-side field level encryption
• AlphaSOC’s Chris McNab talking about their latest – they’re not just doing DNS analytics anymore
• SecureStack are making developer-friendly cloud security, provisioning and visibility tooling