Videos

In this podcast Tom Uren and Patrick Gray discuss an Australian government effort to bridge the gap between online and real identity across the whole economy. It addresses a real need, but Tom doesn’t think it will go smoothly.

They also discuss ongoing Chinese cyber espionage focussed on Russian targets. They may have a ‘no limits’ friendship, but spying between allies is remarkably common.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news including:

• Microsoft did a good thing! Soon all Azure admins will require MFA
• The three billion row National Public Data breach mess, courtesy Florida Man
• US govt confirms that it was Iran that hacked the Trump campaign
• Is TP-Link the next Huawei, or just not very good at computers?
• Major Chinese RFID card maker has hardcoded backdoors -And much, much more.

This week’s episode is sponsored by Specter Ops, makers of Bloodhound Enterprise. VP of Products Justin Kohler joins to talk about how they’ve joined their on-prem AD and cloud Entra attack path graphs, so you can map out that juicy, real-world attack surface….

In this conversation Risky Business host Patrick Gray speaks with SentinelOne’s Chris Krebs and Alex Stamos about what sort of cyber enabled interference we can expect in the 2024 US presidential race.

Alex was the CISO at Facebook during the 2016 election, and Chris Krebs was responsible for US election security as the director of CISA in 2020.

In this discussion Tom Uren and Patrick Gray talk about a US government policy initiative to cover cyber insurance gaps while also improving security across the economy. Lofty goals, but Tom wonders if it is a difficult way to address security gaps.

They also talk about what appears to be a hack and leak operation targeting the Trump campaign and a recent US federal court decision which ruled that geofence warrants are unconstitutional.

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news and recap the best research presented at Black Hat and DEF CON in Las Vegas last week. They cover:

• Iran tries an election hack’n’leak like its still 2016
• Crowdstrike takes home the Pwnie for Epic Fail at Defcon
• UK healthcare SaaS faces six million pound fine for lack of MFA
• US circuit courts disagree on geofence warrants
• Our roundup of juicy Blackhat/Defcon research
• And much, much more.

This week’s episode is sponsored by Trail of Bits. CEO Dan Guido is fresh back from the DARPA AI Cyber Challenge at DEF CON, where the Trail of Bits team moved through to the finals. Dan talks through the challenge of finding, reporting and fixing bugs with AI systems….

In this sponsored product demo Okta’s Harish Chakravarthy and Brett Winterford walk through four new features Okta introduced in the wake of the emergence of modern attacker techniques targeting identity providers. These features will help you to prevent or limit the damage to your environment if an attacker manages to compromise a session token.

If you’re an Okta shop you should absolutely watch this video.

Patrick Gray and Risky Business Media’s policy and intelligence editor Tom Uren talk about the new counterintelligence strategy released by the US Director of National Intelligence.

The DNI seems somewhat alarmed by America’s data broking ecosystem and the cybersecurity risks it presents, but isn’t really in a position to ask Congress to write new laws to fix things.

You can read Tom’s analysis of the DNI report here:

https://news.risky.biz/americas-leaky-data-rattles-the-us-intelligence-community

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Crowdstrike talks loud in its postmortem, but says very little
• Digicert fears the CA-Browser Forum, gets lawsuit from a customer
• Dmitri Alperovitch joins the show to talk about the Russian prisoner swap
• Cloudflare continues to harbour scum and villainy
• Professional ransomware crew … is an improvement?
• And much, much more.

This week’s episode is sponsored by Thinkst Canary. Links to everything discussed are below:

Silverado Policy Accelerator chair Dmitri Alperovitch joined Risky Business host Patrick Gray to talk about Russia exchanging its “hostages” for criminals detained in the West. An excerpt of this interview was used in episode 759 of the Risky Business cybersecurity podcast. https://risky.biz/RB758

In this edition of the Seriously Risky Business podcast Patrick Gray talks to Tom Uren about government interference in Meta’s NSO Group lawsuit, why it’s good news that foreign adversaries are using commercial services to engage in election disinformation, and how the Pentagon issued a (half) apology to the Philippines over its vaccine disinformation.

Subscribe to the Seriously Risky Business newsletter at https://news.risky.biz/