Videos

In this product demo CEO Eoin Hinchy shows how Tines’ Workbench can integrate an LLM into security workflows to gather, analyse and act on data from both inside and outside your company. This demo includes grabbing IOCs from an external webpage, comparing them to your companies own incidents and taking actions like resetting passwords.

In this podcast Tom Uren and Patrick Gray talk about the possibility of deterring Volt Typhoon, the Chinese group that is compromising US critical infrastructure to enable future disruption operations in the event of a conflict with US.

Tom thinks it is not possible to deter Volt Typhoon, but things might work the other way around. If the US can neuter Volt Typhoon and take away the PRC’s magic cyber bullet, it could make conflict less likely.

They also discuss the lessons for all companies in Microsoft’s security turnaround and how X and Telegram have folded in the face of government pressure.

Patrick Gray and Adam Boileau discuss the week’s cybersecurity news with everyone’s favourite ex-NSA big-brain, Rob Joyce. They talk through:

• Musk and Durov bow to government pressure
• Tiktok rushes to ban authoritarian propagandists
• The US doesn’t want Chinese software in its cars
• Kaspersky replaces itself with an AV no one has ever heard of
• Aussie police chalk up another crimephone takedown
• Press Win-R Ctrl-V to prove you’re human
• And much, much more.

This week’s show is brought to you by Stairwell, and Stairwell’s founder Mike Wiacek will be along to talk about how people are using their platform to hunt down detection resistant malware….

On this week’s Risky Business cybersecurity podcast, Patrick Gray and Adam Boileau discuss the weeks security news, including:

Hezbollah’s attempts to avoid SIGINT with pagers ends in explosions The US shines many bright lights on RT’s disinfo role Australia counters Chinese bullying in the Pacific Valid accounts are the most prevalent entry point, says CISA’s data Ivanti and Fortinet vie for worst vendor of the week Krebs writes up the shift towards charging The Com with terrorism And much, much more…

This week’s episode is sponsored by Push Security, who bring security visibility to where it needs to be these days – the browser. Luke Jennings joins this week’s show to discuss how phish-kit crews are driving the arms race forward, and how detection has to adapt and go where the users are. …

In this podcast Tom Uren and Patrick Gray talk about the structure of the spyware ecosystem. It’s concentrated, with lots of vendors in India, Israel and Italy. And its a small pool of talent, with many companies being founded by just a few individuals.

They also talk about the US government’s actions against Russia’s disinformation ecosystem. The US very clearly linked different ‘layers’ of that ecosystem directly to the Russian government. Employing influencers via cutouts also shows how Russian disinformation has responded as social media platforms have countered interference efforts.

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

• Russia’s disinformation peddlers face multifaceted sternness from the DoJ
• Telegram is now law enforcement’s bestest new pal, all of a sudden
• Iran’s banking industry arranges a payment plan for a ransom
• Columbia investigates how it sent private jets full of cash to pay for Pegasus
• Microsoft innovates with Un-Patch Tuesday
• And much, much more.

This week’s sponsor is Kroll Cyber, and one of their incident responders Paul Wells joins to discuss that one weird trick that actually helps - preparing for an incident before hand, rather than learning all those hard lessons in the middle of a crisis….

In this edition of Snake Oilers Patrick Gray gets pitches from three cybersecurity companies:

• Authentik, an open source identity provider that a lot of large organisations are deploying on prem as an alternative to cloud-based IDPs
• Dropzone AI, an LLM-based agent that can do the work of a Tier 1 SOC analyst
• SlashID, an identity security company that can crunch your logs to find attackers

Subscribe to the Risky Business podcst at https://risky.biz/subscribe

NOTE: We had a bit of an audio/video sync glitch in this episode.. we’re trying to sort it out for the next one. Sorry!

In this podcast Tom Uren and Patrick Gray discuss Russia’s use of exploits from commercial spyware vendors. Bought through a front, or stolen with other bugs?

The also discuss Iran’s counter-intelligence innovations - if you apply for a job thats very clearly an Israeli front, then perhaps you’re not that trustworthy after all?

On this week’s show, Patrick Gray and Adam Boileau discuss the weeks security news, including:

• Brazil’s supreme court bans X-formerly-Twitter,
• Iranian cyber teams cooperate with ransomware crews
• While North Koreans wield chrome-windows 0-day
• Yubikey cloning attack is impressive, but doesn’t have us binning our keys quite yet
• The White House is coming for your unsigned BGP announcements
• And much, much more.

This week’s episode is sponsored by Okta, and specifically their Identity Security Posture Management product. Okta recently acquired Spera Security, and co-founder Ariel Kadyshevitch joins to talk through the messy reality of modern identity. Pat even gets the giggles at how terrible everything is!…

Travis McPeak demonstrates how to set up controls so that deploying cloud infrastructure is secure and repeatable from the get go.