Videos

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• FBI intervenes in Scattered Spider Salesforce leaksite
• Clop loots Oracle E-Biz deployments
• Plus so much more data extortion.. At least it’s not ransomware … we guess?
• The US still can’t decide who’s gonna be in charge of NSA & Cybercom
• Cambodian scam compounds get sanctioned and $15b in crypto is seized
• NSO gets sold for pocket-lint-grade money
• Bugs! Redis CVSS 10, Ivanti, Crowdstrike and… Internet Explorer?! zeroday?! In the wild?!!!?

This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow. …

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how different cybercriminal groups are looking for insiders to provide network access.

Tom Uren and Amberleigh Jack talk about the Clop ransomware gang. It is interesting because the group has arrived at a strategy that rinses a whole lot of enterprises at once and comes with a decent pay day. But it’s actually the least damaging kind of ransomware. Tom wonders why can’t more gangs be like Clop?

They also discuss the US government having second thoughts about ignoring foreign influence operations. Its adversaries run them all the time, so perhaps just sticking its head in the sand isn’t the best strategy.

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:

• Realm Security: A security focussed, AI-first data pipeline platform https://realm.security/
• Horizon3: AI hackers! Pentesting robots!! They’re coming fer yur jerbs! https://horizon3.ai/
• Persona: Verify customer and staff identities with live capture https://withpersona.com/

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the 0day mass exploitation of SharePoint and Exchange. This type of widespread hacking appears to be increasingly common… but is it?

Tom Uren and Amberleigh Jack talk about different ways foreign intelligence services are finding to recruit local proxies. These methods could be too risky for Western intelligence agencies, but for some state’s services they just make sense.

They also discuss a report into DOGE and how speed was prioritised over robust governance.

On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including:

• Hackers learn that trying to coerce a journalist just makes for … a great story?
• A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too
• Adam fanboys over Watchtowr Labs while bemoaning Fortra
• Academics pick apart Tile trackers and find them lacking
• CISA tells agencies to patch their damn Cisco gear

Show Notes:

‘You’ll never need to work again’: Criminals offer reporter money to hack BBC https://www.bbc.com/news/articles/c3w5n903447o…

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the power of cyber.

Tom Uren and Amberleigh Jack talk about how the funnel that turns kids into cyber criminals has evolved over the last decade. Cybercrime’s reach has broadened, it is more lucrative and more violent.

They also talk about new thinking about deterring America’s cyber adversaries.

On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including:

• Secret Service raids a SIM farm in New York
• MI6 launches a dark web portal
• Are the 2023 Scattered Spider kids finally getting their comeuppance?
• Production halt continues for Jaguar Land Rover
• GitHub tightens its security after Shai-Hulud worm

This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform. …