Videos

News, analysis and product demos

Srsly Risky Biz: Telegram is cooperating with authorities, for now

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray talk about how Telegram took down the two largest ever criminal marketplaces recently. They used Telegram for all their communications and had collectively sold over USD$30 billion in illicit products. The pair discuss why Telegram is now cooperating with authorities after historically being reluctant and whether this assistance will continue.

They also discuss how Meta is awash with scam advertisements and how Chinese mobile app encryption is suspiciously awful.

Risky Business Weekly (792 REPOST): Beware, Coinbase users. Crypto thieves are taking fingers now

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • TeleMessage memory dumps show up on DDoSecrets
  • Coinbase contractor bribed to hand over user data
  • Telegram does seem to be actually cooperating with law enforcement
  • Britain’s legal aid service gets 15 years worth of applicant data stolen
  • Shocking no one, Ivanti were weaseling when they blamed latest bugs on a third party library

This week’s episode is sponsored by Prowler, who make an open source cloud security tool. Founder and original project developer Toni de la Fuente joins to talk through the flexibility that open tooling brings. Prowler is also adding support for SaaS platforms like M365, and of course, an AI assistant to help you write checks!…

Between Two Nerds: Why hackers and spies don't mix

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq examine what makes it hard for even competent hackers to contribute to state-backed espionage agencies.

Risky Biz Soap Box: Push Security's browser-first twist on identity security

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security.

Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up.

It’s extremely difficult to bypass. That’s because when you’re in the browser it doesn’t matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it….

Srsly Risky Biz: Special guests Rob Joyce and Andy Boyd on offensive cyber

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

In this special edition of the Seriously Risky Business podcast Patrick Gray speaks with former NSA Cybersecurity Director Rob Joyce and former director of the CIA’s Center for Cyber Intelligence Andy Boyd.

The talk about what offensive cyber could look like under Trump 2.0, and the shake-up the intelligence community is going through under various White House initiatives.

Risky Business Weekly (791): Woof! Copilot for Sharepoint coughs up creds and keys

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
  • The ransomware ecosystem is finding life a bit tough lately
  • SAP Netweaver bug being used by Chinese APT crew
  • Academics keep just keep finding CPU side-channel attacks
  • And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?

This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future. …

Wide World of Cyber: How state adversaries attack security vendors

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Alex Stamos
Alex Stamos

CISO, Sentinel One

Chris Krebs
Chris Krebs

Chief Intelligence and Public Policy Officer, Sentinel One

In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne’s Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them.

From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns.

This edition of the Wide World of Cyber was recorded in front of a live audience in San Francisco, with Patrick attending via Zoom.

The Wide World of Cyber podcast series is a wholly sponsored co-production between SentinelOne and Risky Business Media.

Srsly Risky Biz: US Cyber Command to be unleashed

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray talk about how the US is planning to take the gloves off in cyberspace and conduct much more aggressive offensive cyber operations. US responses to cyber espionage have not been very aggressive to date, but Tom is not convinced that cyber punches are required, so much as blows that really hurt.

The pair also discuss TeleMessage, the Signal clone the Trump cabinet has been using. The app managed to sidestep certification and assessment processes and ended up being used by various agencies in the US government. And the White House. It’s a mystery how this happened.

Risky Business Weekly (790): Bye bye Signal-gate, hello TeleMessage-gate

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.
  • Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad
  • After six years dormant, a Magento eCommerce platform backdoor comes to life
  • The North Korean IT worker scam is truly webscale
  • NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?…