News, analysis and product demos
Presented by
Policy & Intelligence
Independent Security Researcher
In this edition of Between Two Nerds Tom Uren and The Grugq talk about whether the cyber industry and intelligence agencies focus too much on technical details and ignore the bigger picture.
Presented by
Policy & Intelligence
Producer and Editor
Tom Uren and Amberleigh Jack talk about a recent hack of the US courts document management system. It’s about as bad as can be, with multiple threat actors including states and possibly even drug cartels rummaging around in there, possibly for years.
They also discuss Microsoft’s involvement in an Israeli surveillance system and the head of Australia’s security organisation’s blunt warning about espionage.
Presented by
CEO and Publisher
In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.
It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.
They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together. …
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.
This episode explores the rise of AI-powered bug hunting:
There’s also plenty of regular cybersecurity news to discuss:
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.
This episode explores the rise of AI-powered bug hunting:
There’s also plenty of regular cybersecurity news to discuss:
Presented by
Policy & Intelligence
Independent Security Researcher
In this edition of Between Two Nerds Tom Uren and The Grugq dissect the Belarusian Cyber Partisans hack of Russian airline Aeroflot. Despite the short-term impact, the airline will likely bounce back quite quickly. But it is still a big win for the Cyber Partisans.
Presented by
CEO and Publisher
In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.
Presented by
Policy & Intelligence
Producer and Editor
Tom Uren and Amberleigh Jack talk about how the recent SharePoint exploitation is a blow-by-blow repeat of the 2021 Microsoft Exchange mass compromise event. The international response to that clearly didn’t deter Chinese hackers, so it is time to try something different.
They also talk about recent cases where outsourcing IT services has come with increased risk. Convenient, cheap, secure, pick any two.
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
This week’s episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future….