Videos

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

• Russia’s disinformation peddlers face multifaceted sternness from the DoJ
• Telegram is now law enforcement’s bestest new pal, all of a sudden
• Iran’s banking industry arranges a payment plan for a ransom
• Columbia investigates how it sent private jets full of cash to pay for Pegasus
• Microsoft innovates with Un-Patch Tuesday
• And much, much more.

This week’s sponsor is Kroll Cyber, and one of their incident responders Paul Wells joins to discuss that one weird trick that actually helps - preparing for an incident before hand, rather than learning all those hard lessons in the middle of a crisis….

In this edition of Snake Oilers Patrick Gray gets pitches from three cybersecurity companies:

• Authentik, an open source identity provider that a lot of large organisations are deploying on prem as an alternative to cloud-based IDPs
• Dropzone AI, an LLM-based agent that can do the work of a Tier 1 SOC analyst
• SlashID, an identity security company that can crunch your logs to find attackers

Subscribe to the Risky Business podcst at https://risky.biz/subscribe

NOTE: We had a bit of an audio/video sync glitch in this episode.. we’re trying to sort it out for the next one. Sorry!

In this podcast Tom Uren and Patrick Gray discuss Russia’s use of exploits from commercial spyware vendors. Bought through a front, or stolen with other bugs?

The also discuss Iran’s counter-intelligence innovations - if you apply for a job thats very clearly an Israeli front, then perhaps you’re not that trustworthy after all?

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

• Brazil’s supreme court bans X-formerly-Twitter,
• Iranian cyber teams cooperate with ransomware crews
• While North Koreans wield chrome-windows 0-day
• Yubikey cloning attack is impressive, but doesn’t have us binning our keys quite yet
• The White House is coming for your unsigned BGP announcements
• And much, much more.

This week’s episode is sponsored by Okta, and specifically their Identity Security Posture Management product. Okta recently acquired Spera Security, and co-founder Ariel Kadyshevitch joins to talk through the messy reality of modern identity. Pat even gets the giggles at how terrible everything is!…

Travis McPeak demonstrates how to set up controls so that deploying cloud infrastructure is secure and repeatable from the get go.

In this podcast Tom Uren and Patrick Gray talk about Telegram’s founder and CEO Pavel Durov being released on bail. They dive into the backstory behind the charges he’s facing and what it all might mean for other messaging platforms.

They also discuss a very handy list of straightforward ways to detect North Korean’s trying to sneak into remote work jobs.

Patrick Gray and Adam Boileau talk through all the week’s security news in this weekly episode of the Risky Business cybersecurity podcast. Links to items discussed in the pod:

Pavel Durov: Telegram CEO’s arrest part of larger investigation https://www.nbcnews.com/tech/tech-news/pavel-durov-telegram-ceo-macron-france-arrest-musk-snowden-rcna168212

Keep Pavel Durov LOCKED UP https://blog.thc.org/keep-pavel-durov-locked-up

Internet mogul Kim Dotcom to be extradited to the US, NZ justice minister says - ABC News…

In this podcast Tom Uren and Patrick Gray discuss an Australian government effort to bridge the gap between online and real identity across the whole economy. It addresses a real need, but Tom doesn’t think it will go smoothly.

They also discuss ongoing Chinese cyber espionage focussed on Russian targets. They may have a ‘no limits’ friendship, but spying between allies is remarkably common.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news including:

• Microsoft did a good thing! Soon all Azure admins will require MFA
• The three billion row National Public Data breach mess, courtesy Florida Man
• US govt confirms that it was Iran that hacked the Trump campaign
• Is TP-Link the next Huawei, or just not very good at computers?
• Major Chinese RFID card maker has hardcoded backdoors -And much, much more.

This week’s episode is sponsored by Specter Ops, makers of Bloodhound Enterprise. VP of Products Justin Kohler joins to talk about how they’ve joined their on-prem AD and cloud Entra attack path graphs, so you can map out that juicy, real-world attack surface….

In this conversation Risky Business host Patrick Gray speaks with SentinelOne’s Chris Krebs and Alex Stamos about what sort of cyber enabled interference we can expect in the 2024 US presidential race.

Alex was the CISO at Facebook during the 2016 election, and Chris Krebs was responsible for US election security as the director of CISA in 2020.