Today’s soap box is an absolute cracker. We’re talking to Andy Robbins, the principal product architect at SpecterOps and one of the three original creators of the original open source version of Bloodhound.

If you don’t know what Bloodhound is, it’s a tool that grabs Active Directory information and turns it into a navigable graph. So if you’re an attacker you land on a network, enumerate directory information, and then map out a path to domain admin.

Bloodhound has been extremely popular with red teamers for years – to the point that it’s just a standard tool in the red team toolkit. But the team behind Bloodhound is now turning their attention to making Bloodhound a defensive tool as well as an offensive tool.

Risky Biz Soap Box: Six degrees of Domain Admin

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Technology

Tech News

Podcasting

Gadgets

Software How-To

News

In this podcast SentinelOne’s Chief Trust officer Alex Stamos and its Chief Intelligence and Public Policy Officer Chris Krebs join Patrick Gray to talk all about AI.

It’s been a year and a half since ChatGPT landed and freaked everyone out. Since then, AI has really entrenched itself as the next big thing. It’s popping up everywhere, and the use cases for cybersecurity are starting to come into focus.

Threat actors and defenders are using this stuff already, but it’s early days and as you’ll hear, things are really going to change, and fast.

Wide World of Cyber: Krebs and Stamos on How AI Will Change Cybersecurity

This week Patrick Gray and Adam Boileau along special guest Lina Lau discuss the week’s news, including:


  The ongoing Ascension healthcare disruption, and
  Whether its reasonable for healthcare orgs to be pushing back
  Platforming cybercriminals for interviews
  Own the libs by… not using E2EE messaging?
  CISA’s secure by design, we want to believe!
  The $64billion scale of indusrialised fraud
  And much, much more.


This week’s sponsor is network discovery specialist, Run Zero. Director of research Rob King joins to talk about the weird and wonderful delights in their new Research Report.

Risky Business #748 -- New cyber rules for US healthcare are coming

Patrick dials in from RSA in San Francisco to discuss the week’s security news with Adam, including:


  The west doxxes LockbitSupp, who must now hide his hundred million dollars
  Revil hacker behind Kasaya breach gets 14 years
  Microsoft makes some positive sounding* noises on security
  A fun flaw in nearly all VPN clients
  Gitlab admins continue their never-ending incident response
  And much, much more.


This week’s sponsor is Stairwell. Long time infosec researcher Silas Cutler joins us to talk through his adventures in attacker C2 systems, and how this feeds into Stairwell’s data.

* we’re still sceptical they’ll get it right, but they do at least seem to realise how deep the doo-doo they’re in is… Pat speculates they have … tentacles, and a regulatory-threat-gland.

Risky Business #747 -- Lockbit Leader Has A Very Bad Day

On this week’s show Patrick and Adam discuss the week’s security news, including:


  Microsoft reassures* us that they take security very seriously*
  Cisco ASA firewalls get sneakily backdoored, but no one’s quite sure how
  Change Healthcare was 1FA Citrix all along
  The FTC, FCC and other government sticks get waved at tech
  Lizard Squad Finn who hacked the Vastaamo therapy chain gets sentenced
  And much, much more.


This week’s sponsor is Zero Networks, who make a network micro-segmentation product that is actually usable. Zero Networks CEO Benny Lakunishok joins us to talk through why firewalling everything everywhere is finally workable.

*  You’ll forgive us for being… a tad sceptical.

Risky Business #746 – Microsoft takes your security seriously*

In this edition of Snake Oilers we’ll be hearing from:


  Push Security: A browser plugin-based security company that combats identity-based attacks. (Much more compelling that it sounds in this description.)
  Knocknoc: The tool Risky Business uses to protect our own applications and services. (Restrict network/port access to users who are authenticated via SSO.)
  iVerify: Mobile security and threat hunting for iOS and Android. (Caught Pegasus in the wild!)

Risky Biz Soap Box: Six degrees of Domain Admin

Download our free app to listen on your phone