…
continue reading
In this edition of Snake Oilers you’ll hear product pitches from: Sublime Security: e-mail security for people who want to tune their detections Vulncheck: Provides vulnerability intelligence to governments, large enterprises and vendors Devicie: Manage your devices with Intune without pulling your hair out Show notes sumblime.security VulnCheck - …
…
continue reading
On this week’s show Patrick Gray, Adam Boileau and Lina Lau discuss the week’s security news. They cover: Microsoft’s 38TB oopsie MGM’s Okta compromised, was this what Okta was warning us about? Why we need a cyber knife fight Google Authenticator sync abused in the wild Much, much more This week’s show is brought to you by Push Security. Co-founde…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: How Storm-0558 stole Microsoft’s signing key Cisco 0day being used by ransomware crews We were right about Elon stumbling into the Ukraine war Someone’s amazing image library 0day just got crushed Much, much more! This week’s show is brought to you by Nu…
…
continue reading
In this edition of Snake Oilers you’ll hear product pitches from: ConductorOne: PAM, account cycle management and access auditing for cloud and SaaS accounts Bloodhound Enterprise: Enumerate attack paths in your environment and shut them down Zero Networks: Agentless: heavily automated microsegmentation and a VPN product that won’t get you insta-ow…
…
continue reading
R
Risky Biz

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Why everyone should pay attention to some recent attacks on Okta customers Why third party comms apps are risky af Why are Russian espionage opps using Tor for C2? Surveillance firms abuse Fiji Telco Digicel’s SS7 access Much, much more! This week’s show…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The FBI takes down Qakbot, steals operators’ bitcoins ha ha Danish hosting provider completely destroyed in ransomware attack Sophisticated Russian cyber attack on Polish trains. Well. Not really. Microsoft revokes cert then revokes its revocation Much, …
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: (NOTE: This podcast was initially pushed out into the Risky Business News podcast feed in error. Sorry about that!) US Government warnings to private space sector on cyber risk Ukrainian hackers dump the inbox of Russian Duma deputy chair Absentee voting…
…
continue reading
In this joint Risky Business and Geopolitics Decanted feature interview, Patrick Gray and Dmitri Alperovitch talk to Illia Vitiuk, the Head of the Department of Cyber and Information Security of the Security Service of Ukraine (SBU) about the cyber dimension to Russia’s invasion. From turning off Ukraine’s power grid with a cyber attack in 2015 to …
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: More victims identified in Chinese breach of Microsoft email accounts Cyber Safety Review Board to investigate Microsoft We got some stuff wrong last week More details on Viasat hack revealed Special guest Heather Adkins talks about the CSRB’s Lapsus$ re…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Tenable gives Microsoft a spray over Azure bug fix delay, quality Lateral movement fun via Azure Active Directory Cross-Tenant Synchronization Ransomware targets hospitals, special needs schools Japan’s cybersecurity has some catching up to do Much, much…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Ron Wyden’s “please explain” letter to Microsoft Chinese APT crews prepositioning to disrupt US military logistics China claims US hacked its seismology sensors Ivanti/MobileIron exploitation going vertical Much, much more This week’s show is brought to …
…
continue reading
In this interview Patrick Gray speaks to Australia’s Home Affairs and Cyber Security Minister Clare O’Neil and NCSC founding director Ciaran Martin about the government’s upcoming cybersecurity strategy, releasing the hounds and more.
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The dust-up between Microsoft and Wiz MobileIron/Ivanti 0day hoses Norwegian government agencies That’ll do TETRA, that’ll do… Microsoft finally agrees to offer decent logging without price gouging Much, much more This week’s show is brought to you by Re…
…
continue reading
This Soap Box edition of the podcast is sponsored by Proofpoint. Proofpoint offers email security and DLP products and services, and they’re probably best known for being the biggest email security company on the planet. That means they process a LOT of emails in the hopes of throttling the number of malicious emails that organisations have to deal…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Microsoft’s weasel-word response to the State Department email hack JumpCloud got owned, maybe by DPRK Citrix 0day is getting stuff rekt Two more spyware firms sanctioned by USA Scammers list fake phone numbers for major airlines on Google Maps Much, muc…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The SEC is targeting SolarWinds executives UK to make banks liable for fraud NSA issues advice on UEFI trojan Microsoft blocks 100+ dodgy drivers The US IC knew what Prihozhin was up to. But what FSB doing? Much, much more This week’s show is brought to …
…
continue reading
In this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land. The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively use…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Albanian authorities raid MEK over Iran hacks Microsoft admits “Anonymous Sudan” took down its services US Government puts $10m bounty on CL0P A deeper look at the Barracuda hack campaign Much, much more This week’s show is brought to you by Material Sec…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Fortinet 0day Groundhog Day CISA’s new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week’s show is brought to you by Red Canary. Chris Rothe is…
…
continue reading
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Russia’s FSB uncovers “NSA malware” on iPhones Cl0p mass harvests data from MOVEit file transfer servers ASD discloses a bunch of operations against ISIS, criminals Why China’s prepositioning is probably… prepositioning Much, much more This week’s show i…
…
continue reading