Videos

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.
• Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad
• After six years dormant, a Magento eCommerce platform backdoor comes to life
• The North Korean IT worker scam is truly webscale
• NSO group owes Meta $168m for hacking WhatsApp

This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?…

In this extended interview the Vice Chair of the Senate Select Committee on Intelligence, Senator Mark Warner, joins Risky Business host Patrick Gray to talk about:

• The latest developments in the Signalgate scandal
• Why America needs to be more aggressive in responding to Volt Typhoon
• How tariffs are affecting American alliances
• Why the Five Eyes alliance is sacrosanct

In this sponsored product demo, Dropzone AI founder and CEO Edward Wu walks Risky Business podcast host Patrick Gray through the company’s AI SOC analyst.

Dropzone is an AI-powered agent that acts as a Level 1 SOC analyst, and it works way better than you’d expect. It can take all your SOC alerts, investigate them, dismiss or escalate them. There are a bunch of really cool use cases for this tech, from saving your staff from the most mind-numbingly boring SOC work, to building a 24/7 capability without having to have staff all over the world.

Request a Demo:

https://www.dropzone.ai/request-a-demo?utm_campaign=6762410-%5BVirtual%20Event%5D%20Risky%20Business%20Podcast&utm_source=sponsorship&utm_medium=podcast%20on%20Youtube&utm_content=demo%20request…

In this edition of Between Two Nerds Tom Uren and The Grugq talk about an in-depth report on a Ukrainian hacking control panel. The panel shows how the Ukrainian group thinks about hacking operations and the pair discuss why the report exists and what it achieves.

Tom Uren and Patrick Gray talk about a SentinelOne report about how it is constantly targeted by both cybercriminal and state-backed hackers. Security firms are high-value targets, so constant attacks on them are the new normal.

They also discuss an article that calls Signal “a kind of dark matter of American politics and media”. Many policy discussions occur on the app, and this explains the Trump administration’s extensive use of the app.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• British retail stalwart Marks & Spencer gets cybered
• South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat
• It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups
• Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)
• Anti-DOGE whistleblower sure sounds like he has a point

This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems. …

In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products:

• LimaCharlie: A public cloud for SecOps

https://limacharlie.io/

• Honeywell Cyber Insights: An OT security/discovery solution

https://process.honeywell.com/us/en/products/ot-cybersecurity/cyber-insights

• Fortra’s CobaltStrike and Outflank: Security tooling for red teamers

https://www.fortra.com/offensive-security-tools https://www.outflank.nl/…

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the Southeast Asian criminal syndicates that run online scam compounds. Should organisations like US Cyber Command or the UK’s National Cyber Force target these gangs with disruption operations?

Tom Uren and Adam Boileau talk about how scam compound criminal syndicates are responding to strong government action by moving operations overseas. It’s good they are being affected, but they are shifting into new countries that don’t have the ability to counter industrial-scale transnational organised crime.

They also discuss CISA’s Secure by Design initiative and that key people behind the program have left the organisation. Given prospective job cuts at CISA it is hard to see the initiative getting a lot of love, but international cyber security authorities should pick up the slack.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether cyber operations can be ‘strategic’ and affect the fate of nations.