app_store_button

google_play_button

is Device Banner Block 894x1036

Stígðu inn í heim af óteljandi sögum

Hlustaðu og lestu

risky.biz

Regular cybersecurity news updates from the Risky Business team...

Risky Business News

Russia is hiring African freelancers for disinformation campaigns, the US is preparing to let contractors run offensive cyber operations, Germany blames Russia for the hack of its air traffic control agency, and Apple patches two WebKit zero-days.

 
 
 Show notes
 
 
 Risky Bulletin: African freelancers behind anti-US and anti-French disinfo campaigns

Risky Bulletin: African freelancers behind anti-US and anti-French disinfo campaigns

In this sponsored interview Casey Ellis is joined by Push Security’s Field CTO, Mark Orlando. They chat about the ways that browser-based attacks are evolving and how Push Security is finding and cataloging them.

 
 
 Show notes
 
 
 ConsentFix: Analysing a browser-native ClickFix-style attack that hijacks OAuth consent grants
 
 Introducing our guide to phishing detection evasion techniques

Risky Bulletin: EU has a problem attracting and retaining cyber talent

Linux adds PCIe encryption to help secure cloud servers, Europol cracks down on Violence-as-a-Service providers, the International Criminal Court prepares for cyber-enabled genocide, and Cambodia busts a warehouse full of SMS blasters.

 
 
 Show notes
 
 
 Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers

Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers

APTs go after the React2Shell vulnerability just hours after public disclosure. CISA remains without a director after the nomination stalls again, NSA is down 2,000 staff this year, and Intellexa is still active despite sanctions.

 
 
 Show notes

Risky Bulletin: APTs go after the React2Shell vulnerability within hours

Tom Uren and Patrick Gray discuss a new report proposing a framework for deciding when cyber operations raise red flags. It suggests seven red flags and could help clarify thinking about how to respond to different operations.

They also discuss Anthropic testifying to Congress and Iran using cyber intelligence to target missile strikes including by sharing it with Houthi rebels who fired at a specific ship.

And finally, we are not reassured by China’s white paper about being a good cyber citizen.

This episode is also available of Youtube.

 
 
 Show notes
 
 
 Assessing Irresponsibility in Cyber Operations
 
 AWS on state actors bridging cyber and kinetic warfare

Srsly Risky Biz: When cyber campaigns cross a line

In this edition of Between Two Nerds Tom Uren and The Grugq wonder whether it is possible to deter states from cyber espionage with doxxing and other disruption measures.

This episode is also available on Youtube.

 
 
 Show notes
 
 
 Department 40 exposed
 
 Charming Kitten exposed

Between Two Nerds: Beating back state espionage

In this Risky Business News sponsor interview, Mike Lashlee, CSO of Mastercard talks to Tom Uren about why the company got into threat intelligence.

Mike talks about bringing together payments insights with threat intel to get strong signals about fraud or crime, the benefits of international collaboration and when it makes sense for your CSO to also be the CISO.

 
 
 Show notes

Srsly Risky Biz: DeepSeek and Musk's Grok both toe the party line

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the differences between telcos and cloud companies. Does the nature of the business force cloud companies to be better at security?

This episode is also available on Youtube.

 
 
 Show notes
 
 
 FCC looks to torch Biden-era cyber rules sparked by Salt Typhoon mess
 
 Netflix's Chaos Monkey
 
 Brian in Pittsburgh
 
 BTN145
 
 Ultra

Risky Bulletin: APTs go after the React2Shell vulnerability within hours

Hlustaðu og lestu

Other podcasts you might like ...