Risky Business Podcast

On this week’s show Patrick and Alex discuss the week’s security news, including:

• NZ stock exchange felled by DDoS attack
• DNI cancels in-person election security briefings for Democats
• Russians didn’t hack Michigan voter data
• Sendgrid having a bad time of its own making
• US to doxes historical DPRK crypto laundering infrastructure, processes

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Former Uber CSO Joe Sullivan charged with obstruction of justice
• Whitehouse to concede WeChat carveouts for US operations in China
• A bunch of news that sounds like it’s from 1997

On this week’s show Patrick, Adam and Sherrod DeGrippo discuss the week’s security news, including:

• NSA and FBI doxx GRU malware. Lol.
• Malicious Azure app snags SANS staffer
• Oracle to acquire TikTok?
• Trump weighs Snowden pardon
• Much, much more

This week’s show is brought to you by Airlock Digital. They make allowlist/safelist software that is actually manageable at scale! David Cottingham, an Airlock co-founder, joins the show this week to talk through a few product updates.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• WeChat joins TikTok in the naughty corner
• TLS 1.3 with ESNI will have a massive impact on censorship AND security
• Belarus goes dark after dodgy election
• Capital One fined $80m
• Much, much more

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Trump’s war on TikTok (featuring guest Alex Stamos)
• Twitter hackers caught. Pretty embarrassing stuff, really.
• NSO implants target Easter Bunny
• Garmin may need a good OFAC lawyer (featuring comment from Dmitri Alperovitch)
• Blackberry cracked after five years leads to multiple arrests in Australia
• Much, much more

Soap Box is the wholly sponsored podcast series we do here at Risky.Biz. That means everyone you hear on this podcast paid to be here. In this podcast you’re going to hear my latest interview with Jerrod Chong, Yubico’s Chief Solutions Officer.

Hardware security keys like Yubikeys have come a long way, even over the last couple of years. The biggest change is that the support for hardware keys is borderline ubiquitous now. FIDO2 support is in all the major browsers. You can even use Yubikeys with Google apps on an iPhone. The plumbing is here, it’s arrived.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Two Chinese nationals charged with freelancing for MSS
• Russia, China hacking COVID-19 research
• The world dodged a bullet on the Windows DNS bug
• Twitter blue tick pwnapalooza
• Much, much more.

Normally these Soap Box podcasts – which are wholly sponsored – feature vendors trying to sell you stuff. But this time we’re doing something different: an interview with two of Facebook’s most senior engineers.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• The latest on the EncroChat hack-related arrests
• Details about the fresh F5 and Citrix bugs
• Natanz go boom
• Paying Wastedlocker ransoms violates Treasury sanctions
• North Korea embraces Magecart (lol)
• Much, much more…

This edition of the Soap Box podcast is brought to you by Proofpoint.

Today’s guest is Proofpoint’s EVP of Cybersecurity Strategy, Ryan Kalember, and the topic is business email compromise, or BEC.

BEC is a big deal, generating billions of dollars in losses every year across basically all industry verticals and levels of government. Until recently, there haven’t been many technical controls that help to mitigate it.