Videos

Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss:

• Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)
• She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)
• Four (alleged) Scattered Spider members arrested (and bailed) in the UK
• Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M
• Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things!…

In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether China’s ‘cyber militia’ make sense and what they could be good for.

Tom Uren and Amberleigh Jack talk about Huawei’s contract to manage storage for Spain’s lawful intercept system. News broke this week that Spain had signed a €12 million contract, but it turns out Huawei has been involved in the system since 2004!

They also discuss arrests in the UK of four individuals associated with Scattered Spider. The criminal resumés of two of the suspects support the idea that there are key individuals with outsize impact. But they also reinforce that the online communities they are involved in act as training grounds for cyber criminals. Arrests will slow hacks, not stop them.

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler.

Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community, and now a growing business with an as-a-service platform.

In this edition of Between Two Nerds Tom Uren and The Grugq examine whether US cyber operations are too stealthy. Could they get more bang for the buck if they adopted a devil may care attitude to getting busted?

Tom Uren and Amberleigh Jack talk about our developing understanding of the group that people call Scattered Spider. Independent security firms agree that there are a small number of key people that are driving the group’s outrageous success. That gives us hope that targeted action might stem the bleeding.

They also talk about data leaks from China’s cyber espionage ecosystem that are for sale on a data leak site. These look to contain actionable information from a counterintelligence point of view. And Tom wonders if a market for espionage-as-a-service will develop?

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how there is an opportunity for the US to expand its 0day and talent acquisition pool to Asia. They revisit a paper comparing the Chinese and American 0day acquisition strategies and have some quibbles.

In this product demo Knocknoc CEO Adam Pointon walks Patrick Gray through the Knocknoc secure access platform.

Knocknoc a platform that restricts network and service availability to authenticated users via existing network security equipment. Users don’t need to install an agent. It also has an identity aware proxy component that supports web applications and RDP.

Tom Uren and Patrick Gray discuss warnings about Iranian cyber attacks on US critical infrastructure. Despite many many warnings, there have been no actual attacks and they discuss the reasons why Iran would want to avoid escalatory cyber attacks.

They also talk about how the FBI is struggling to deal with the democratisation of surveillance and data analysis, what the agency calls Ubiquitous Technical Surveillance (UTS). A Department of Justice audit of the FBI’s response finds the threat from UTS is real and that sources have been murdered. But it seems that the FBI just doesn’t care.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Australian airline Qantas looks like it got a Scattered Spider-ing
• Microsoft works towards blunting the next CrowdStrike disaster
• Changes are coming for Microsoft’s default enterprise app consenting setup
• Synology downplays hardcoded passwords for its M365 cloud backup agent
• The next Citrix Netscaler memory disclosure looks nasty
• Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses

This week’s episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments. …