Risky Business Podcast

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Australia “under attack” - a wrap
• Microsoft releases more security protections for E5 customers
• US to introduce “anti encryption” bill
• Shady encrypted phone company owned by the cops
• NSA to offer filtered DNS services to defence industry
• MORE

Today we’re chatting with Citizen Lab Senior Researcher John Scott-Railton about the work they did investigating the Indian hacker-for-hire firm BellTrox.

For those of you who didn’t catch the news, The Citizen Lab, which operates out of the Munk School of Global Affairs at the University of Toronto, dropped a huge report a couple of weeks back that lays Belltrox’s operations bare. As you’ll hear this company attempted to hack tens of thousands of email accounts belonging to everyone from government officials to hedge fund managers and activists.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Facebook commissioned custom 0day to de-cloak child sex predator
• IP stack bugs to plague IoT, ICS for years
• Sandworm was doxxed by the NSA and hardly anyone noticed
• Congress demands answers on 2015 Juniper NetScreen back door investigation
• Amazon, Microsoft join moratorium on sale of facial recognition to police
• Much, much more

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Full scale of Indian hacker-for-hire firm revealed
• IBM exits facial recognition
• Contact tracing apps flop
• Much, much more

The Soap Box podcasts we run here at Risky.Biz are wholly sponsored affairs – everyone you hear in a soap box podcast, paid to be here.

The idea is vendors get to come on to the show and chat about their products, what their stuff does, the thinking behind it, so on and so on.

Today we’re hearing from Justin McCarthy of strongDM.

strongDM is a bit of a niche player – essentially what they do is make a product that provisions secure access to engineers who need to access various back end services.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Google TAG implicates Indian hacker-for-hire outfits in espionage
• NSA warns of Sandworm Exim exploitation
• Huawei CFO extradition process to continue
• Black lives matter
• F–k police brutality

Regular listeners to the podcast would know that for the last year or so, my cohost Adam Boileau and I have been talking a lot about how governments might involve non law enforcement agencies in a response to the big game ransomware epidemic. To discuss that, we’re joined by Bobby Chesney, the co-founder of the Lawfare blog and a very highly respected figure in US national security circles.

On this week’s show Patrick and Adam discuss the week’s security news, including:

• German intelligence warns of widespread Russian infrastructure hacks
• NGOs urge COVID-19 hack de-escalation
• UK mulls total Huawei ban… we think it’s a done deal
• DHS warning on 5G “moronavirus”
• Wen jailbreak? NOW JAILBREAK
• iOS 14 leaks
• Much, much more…

On this week’s show Patrick and Adam discuss the week’s security news, including:

• easyJet breach linked to Chinese APT
• Israel claims credit for attack against Iranian port
• Chinese-linked crew behind Taiwan energy hax
• Crypto-wars reignite over Pensacola shooter’s phone
• Much, much more

This isn’t the normal, weekly Risky Business podcast, Soap Box is the wholly sponsored podcast series we do here at Risky.Biz where vendors pay us money to come on to the show and talk about topics that interest them.

Today we’re speaking with Jesse Rothstein, the co-founder and CTO of ExtraHop Networks. ExtraHop is a network security play, but they started off more in the application monitoring and performance space before gradually moving into security over time.

In this interview Jesse talks about network security monitoring, ExtraHop’s history, and what people are using the ExtraHop tech to do during the COVID-19 crisis.