Videos

News, analysis and product demos

Between Two Nerds: Global critical infrastructure

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq look at the idea of global critical infrastructure. One common example is submarine cables, which are globally important but are vulnerable because they are hard to defend. But what about services from tech giants? Are they global critical infrastructure?

Wide World of Cyber: How the Trump admin is changing the cybersecurity landscape

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Alex Stamos
Alex Stamos

CISO, Sentinel One

Chris Krebs
Chris Krebs

Chief Intelligence and Public Policy Officer, Sentinel One

In this podcast, Patrick Gray chats with SentinelOne’s Chris Krebs and Alex Stamos about the huge changes afoot in the United States government and what they mean for the threat environment. From the director of NSA being fired to massive job cuts at CISA and huge foreign policy shifts, tomorrow’s threat environment is going to be very different to today’s. Tune in to hear analysis from two of the best in the business!

Srsly Risky Biz: MAGA's NSA purge will get messy

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray discuss Trump’s recent firing of General Timothy Haugh, the head of NSA and Cyber Command. Tom dives into the implications and thinks why this is not good news for the agencies.

They also discuss Europe losing faith in the US intelligence commitments that underpin transatlantic data flows. That would be bad news for US tech companies.

Risky Business Weekly (787): Trump fires NSA director, CISA cuts inbound

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • Oracle quietly cops to being hacked, but immediately pivots into pretending it didn’t matter
  • NSA and CyberCom leaders fired for not being MAGA enough
  • US Treasury had some dusty corners it hadn’t found China in yet, looked, found China in them
  • …which is a great time to discuss slashing CISA’s staffing
  • Ransomware crews and bullet proof hosting providers are getting rekt, and we love it
  • And Microsoft patches yet another logging 0-day being used in the wild.

This episode is sponsored by Yubico, makers of Yubikey hardware authentication tokens. Yubico’s Vice President of Solutions Architecture and Alliances Derek Hanson joins to discuss how the consumer-centric passkey ecosystem has become a real challenge for enterprises. One that Yubico is actually ideally positioned to solve. …

Between Two Nerds: Feast or famine

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq look at the idea of ‘false scarcities’ in cyber security. Are bugs and talent rare? Or is our thinking blinkered?

Srsly Risky Biz: North Korean IT workers head to Europe

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray discuss how North Korean IT worker scam is shifting towards Europe and employing tactics that make it more dangerous. They also discuss why Signalgate was a massive security failure. We learnt this week that US cabinet members were in multiple Signal groups discussing different topics. Phone hacking is not uncommon, an adversary states will be able to take advantage of the intelligence in these conversations.

Risky Business Weekly (786): Oracle is lying

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • Yes, Oracle Health and Oracle Cloud did get hacked
  • The fallout from Signalgate continues
  • North Korean IT workers pivot to Europe
  • Honeypot data suggests a storm is brewing for Palo Alto VPNs
  • Canadian Anon gets arrested for hacking Texas GOP

This week’s episode is sponsored by Trail of Bits. Tjaden Hess, a Principal Security Engineer at Trail of Bits who specialises in cryptography, joins the show this week to talk about what a responsible crypto-currency exchange cold wallet setup looks like, and … contrasts that with Bybit. …

Between Two Nerds: The 800lb gorilla

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The Grugq
The Grugq

Independent Security Researcher

In this edition of Between Two Nerds Tom Uren and The Grugq look at all the strands of evidence that make people think NSA is a top-tier cyber actor.

Srsly Risky Biz: The Signalgate clown show

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and Patrick Gray discuss how the Signalgate messages betray an alarming lack of security nous at the highest levels of the US natsec leadership. It’s head-scratchingly bad.

They also discuss the possibility the Trump Administration will reconstitute the CSRB. The Board wasn’t perfect, but in our view it is better to get it started again rather than waiting for reviews to determine its perfect form.

Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this Soap Box edition of Risky Business host Patrick Gray talks to Knocknoc CEO Adam Pointon about how to easily rein in attack surface by glueing your single sign-on service to your network controls.

Do your Palo Alto and Fortinet devices really need to be discoverable by ransomware crews? Does your file transfer appliance need to be open to the whole world? What about your SSH and RDP? Your Citrix? Your (gasp) Exchange Online servers??

You can do a lot with IP allowlisting and simple Identity Aware Proxies (IAPs) to minimise your exposure.

Knocknoc is a bit of a “Risky Business speci…