By Risky.Biz
Regular cybersecurity news updates from the Risky Business team...
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.
In this podcast Tom Uren and Patrick Gray talk about continued discussion about the creation of a Cyber Force. It’s a discussion that won’t go away and shows there is an underlying feeling that Cyber Command could do better. They also...
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the role of the state in tackling ransomware. They discuss why action has been slow and ineffective, and what it will take to truly change the...
In this Risky Business News sponsored interview, Tom Uren talks to Justin Kohler, VP of the Bloodhound team at SpecterOps about ‘attack paths’, the ways that malicious actors maneuver through Active Directory to elevate their privileges. They discuss how and...
In this podcast Tom Uren and Patrick Gray talk about a UK government proposal that would see ransomware victims seek government approval before making ransom payments. They also talk about why governments need to be more proactive about defending democracy and...
In this edition of Between Three Nerds Tom Uren and The Grugq talk to Elena Grossfeld about the strategic culture of Russian intelligence organisations. In the discussion we refer to Elena’s paper on Russia’s declining satellite reconnaissance capability and she talks...
In this Risky Business News sponsor interview, Catalin Cimpanu talks with Proofpoint senior threat intelligence analyst Selena Larson about the latest changes in the threat actor landscape in the aftermath of several law enforcement takedowns and Microsoft tech stack changes.
In this podcast Tom Uren and Patrick Gray talk about Amnesty International’s research into Indonesia’s use of spyware implicated in human rights abuses. They also talk about proposed regulation that would dock payments to US hospitals that don’t meet minimum cyber...
The regular two nerds have the week off, but the former Director of the CIA’s Center for Cyber Intelligence Andy Boyd joins Patrick Gray for a rollicking conversation in front of a live audience in San Francisco. Grugq and Tom...
In this Risky Business News sponsored interview, Adam Boileau talks to Okta’s Cassio Sampaio about how cloud-native applications can move authorisation into a centralised model. This brings real benefits for consistency, control and auditing in distributed applications, beyond just the...
In this podcast Tom Uren and Adam Boileau talk about how Microsoft’s reprioritisation of security after recent breaches and a scathing CSRB report seem to be influencing other companies. They are now touting their security chops, so could it be...
In this edition of Between Two Nerds Tom Uren and The Grugq look at how different types of secrecy obsessed organisations learn. The Grugq mentions the book Mafia Organisations: The Visible Hand of Criminal Enterprise by Maurizio Catino.
In this Risky Business News sponsored interview, Tom Uren talks to Marco Slaveiro, Thinkst’s CTO about staying current with modern attack trends and not falling for the trap of optimising to catch red teams.
In this podcast Tom Uren and Adam Boileau talk about how there is a growing consensus between regulators and lawmakers on the key problems of modern tech companies. They also dive into how to deal with malicious foreign actors buying their...
In this edition of Between Two Nerds Tom Uren and The Grugq look at the life cycle of 0days, dissect the conventional wisdom and talk about how 0days are never truly ‘burnt’.
In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more...
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Patrick Gray. You can find the newsletter version of this podcast here.
In this podcast Adam Boileau and Tom Uren talk about what there is to learn from Mandiant’s report into the GRU Sandworm crew. Are the Russians a model for other actors, or just a get-‘er-done bunch of pragmatists? They also talk...
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey. You can find the newsletter version of this podcast here.
In this Risky Business News sponsored interview, Tom Uren talks to Dan Guido, the CEO of security research company Trail of Bits. Dan and Tom discuss DARPA’s upcoming AI cyber challenge, in which Trail of Bits will compete to solve...
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read today by Patrick Gray, as Claire Aird is unwell. You can find the newsletter version of this podcast here.
In this podcast Patrick Gray and Tom Uren talk about how open source software is inherently vulnerable to malicious ‘good samaritan’ attacks and what to do about it. They also talk about a recent breach at data analytics company Sisense, how...
In this edition of Between Two Nerds Tom Uren and The Grugq look at Google’s review of 0days in 2023. They discuss what this kind of information tells us and how Google’s perspective influences the report.
In this Risky Business News sponsored interview, Tom Uren talks to Daniel Schell and David Cottingham, the CTO and CEO of Airlock Digital. They discuss the security standard that drove innovation and the genesis of Airlock Digital and also how...
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here
In this podcast Patrick Gray and Tom Uren talk about how different states are transgressing what we want to be norms of online behaviour. They also look at the framing around new bipartisan privacy legislation and why vendors should have positive...
In this edition of Between Two Nerds Tom Uren and The Grugq look at the tradecraft used in the compromise of the XZ open source data compression project.
In this Risky Business News sponsor interview, Catalin Cimpanu talks with GreyNoise founder Andrew Morris about last year’s vulnerability exploitation trends, how the company’s AI system works, and Catalin makes a fool of himself because he can’t pronounce ‘abnormalities.’
In this podcast Patrick Gray and Tom Uren talk about the weighty tome of CISA’s critical infrastructure reporting legislation, CIRCIA, and compare different approaches to defining regulation. They also look at moves to better protect customers from being tracked by the...
Description: A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.