Videos

In this sponsored Soap Box edition of the show Patrick Gray talks to Island CEO Michael Fey about some of the cool tricks in the Island enterprise browser. You can use it to tick off so many compliance boxes, and not just cybersecurity boxes.

This is largely a conversation about compliance, but it’s actually interesting and fun. These are words we never thought we’d type!

You can find Island at https://island.io/

In this podcast Tom Uren and Patrick Gray talk about the likelihood that the incoming Trump administration will end the ‘dual-hat’ arrangement where a single officer leads both US Cyber Command and the National Security Agency. This would result in Cyber Command outranking NSA and could prioritise cyber disruption operations over intelligence collection. That would be a bad outcome.

They also talk about how changes to SEC disclosure rules have led to an outpouring of corporate drivel and how WhatsApps became an everything app.

In this product demo the Panther team join Patrick Gray to walk him through their new piped query language for incident response on the Panther SIEM platform.

Panther is a cloud-native SIEM capable of ingesting incredible amounts of data and applying detection-as-code to it in real time. With this new release they’ve moved into the threat hunting space as well.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The SEC’s cyber incident reporting isn’t very exciting after all
• China Telecom on the way to being thrown out of the US
• The NSA/Cybercom might get two separate hats
• The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
• (Yet another) File upload bug in Struts makes Java admins weep
• And much, much more.

This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing. …

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the evolution of Russian cyber operations during its invasion of Ukraine.

In this edition of the Wild World of Cyber podcast Patrick Gray sits down with SentinelOne’s Chief Intelligence and Public Policy Officer Chris Krebs to talk all about Chinese cyber operations.

They look at the Salt Typhoon and Volt Typhoon campaigns, the last 20 years of Chinese operations, and the evolution of the cyber roles of China’s Ministry of State Security and People’s Liberation Army.

It’s a very dense hour of conversation!

This podcast was recorded in front of an audience at the Museum of Contemporary Art in Sydney.

In this product demo Patrick Gray sits down with Ryan Kalember who walks him through Proofpoint’s Adaptive Email Security and Adaptive DLP products.

In short, these email security and DLP products learn about and adapt to individual customer environments to deliver better controls and alerts.

In this podcast Tom Uren and Patrick Gray talk about the US Federal Communications Commission effort to get US telcos to lift their security game and compares it to UK and Australian efforts. The US is very late to the game, and improving security is a huge job.

They also talk about Chinese cyber actors continuing to pointlessly sow chaos and how an influence campaign in Romania is an absolute disaster for TikTok.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Cleo file transfer products have a remote code exec, here we go again!
• Snowflake phases out password-based auth
• Chinese Sophos-exploit-dev company gets sanctioned
• Romania’s election gets rolled back after Tiktok changed the outcome
• AMD’s encrypted VM tech bamboozled by RAM with one extra address bit
• And much, much more…

This week’s episode is sponsored by Thinkst, who love sneaky canary token traps. Jacob Torrey previews an upcoming Blackhat talk filled with interesting operating system tricks you can use to trigger canaries in your environment. You wont believe the third trick! Attackers hate him!…

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how states have very different approaches to controlling cyber operations.

At the very beginning they refer to this Microsoft Threat Intelligence post here: https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/