Videos

Tom Uren and Patrick Gray discuss warnings about Iranian cyber attacks on US critical infrastructure. Despite many many warnings, there have been no actual attacks and they discuss the reasons why Iran would want to avoid escalatory cyber attacks.

They also talk about how the FBI is struggling to deal with the democratisation of surveillance and data analysis, what the agency calls Ubiquitous Technical Surveillance (UTS). A Department of Justice audit of the FBI’s response finds the threat from UTS is real and that sources have been murdered. But it seems that the FBI just doesn’t care.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Australian airline Qantas looks like it got a Scattered Spider-ing
• Microsoft works towards blunting the next CrowdStrike disaster
• Changes are coming for Microsoft’s default enterprise app consenting setup
• Synology downplays hardcoded passwords for its M365 cloud backup agent
• The next Citrix Netscaler memory disclosure looks nasty
• Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses

This week’s episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments. …

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how Microsoft has embraced digital sovereignty and is bending over backwards to satisfy European tech supply chain concerns.

Tom Uren and Patrick Gray talk about a new report that compares Chinese and American 0day pipelines. The US is narrowly focussed on acquiring exquisitely stealthy and reliable exploits, while China casts a far broader net. That was fine in the past, but as 0days get harder and harder to find, the report argues that the US needs to change the way it goes about getting them.

The pair also talk about Cyber Command supporting the US bomb strikes against Iranian nuclear facilities. We like to believe in magic cyber capabilities, but we suspect the truth was far more mundane in this case.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• We roll our eyes over the “16 billion credentials” leak hitting mainstream news
• Some interesting cyber angles emerge from the conflict in Iran
• Opensource maintainer of libxml2 is fed up with this hacker crap
• Shockingly, there are yet more ways to trick people into pasting commands into Windows
• Veeam “patches” its backup software RCE like it’s 2002 … by breaking the public PoC

This week’s episode is sponsored by Internet-wide honeypot reconnaissance platform, Greynoise. Founder Andrew Morris joins to talk about their journey spotting Chinese ORB-builders hacking thousands of ASUS routers, and why they’re destined for the woodchipper….

Authentik is an open source identity provider that is also offered with paid enterprise features.

In this video Authentik’s CEO Fletcher Heisler and CTO Jens Langhammer walk Risky Business host Patrick Gray through an overview and a demo of the technology.

0:00 Introduction 1:08 Overview of the platform from CEO Fletcher Heisler 6:49 Demo begins with CTO Jens Hanghammer

In this edition of Between Two Nerds Tom Uren and The Grugq dive into the motivations and actions of Predatory Sparrow, a purported hacktivist group that has been attacking Iran for the last five years and has leapt into the Iran-Israel work.

Tom Uren and Patrick Gray talk about a Minnesota man who used people-search services to locate, stalk and eventually murder political targets.

They also discuss purported hacktivist group Predatory Sparrow weighing in on the Iran-Israel conflict. It has attacked Iran’s financial system including a bank associated with the Iranian Revolutionary Guard Corp and also burnt USD$90 million worth of cryptocurrency from an Iranian exchange

On this week’s show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the week’s cybersecurity news. They talk through:

• Israeli “hacktivists” take out an Iranian state-owned bank
• Scattered-spider and friends pivot into attacking insurers
• Securing identities in a cloud-first world keeps us awake at night
• Microsoft takes the “aas” out of SaaS for Europe, leaving us with just software!
• An AI prompt injection into M365 exfils corporate data

This week’s episode is sponsored by Kroll’s Cyber practice. Kroll Cyber Associate Managing Director George Glass is based in London and talks through his experiences helping organisations in the UK deal with the Scattered Spider attacks. …

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Dropzone AI founder Ed Wu about the role of LLMs in the SOC.

The debate about whether AI agents are going to wind up in the SOC is over, they’ve already arrived. But what are they good for? What are they NOT good for? And where else will we see AI popping up in security?