Player FM - Internet Radio Done Right
99 subscribers
Checked 15h ago
Đã thêm cách đây ba năm
Inhoud geleverd door Risky.biz. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door Risky.biz of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Player FM - Podcast-app
Ga offline met de app Player FM !
Ga offline met de app Player FM !
Risky Bulletin
Markeer allemaal (on)gespeeld ...
Manage series 3343211
Inhoud geleverd door Risky.biz. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door Risky.biz of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Regular cybersecurity news updates from the Risky Business team...
…
continue reading
672 afleveringen
Markeer allemaal (on)gespeeld ...
Manage series 3343211
Inhoud geleverd door Risky.biz. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door Risky.biz of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Regular cybersecurity news updates from the Risky Business team...
…
continue reading
672 afleveringen
Alle afleveringen
×Researchers turn any Bluetooth device into an AirTag tracker, VMware patches three ESXi zero-days, France debates encryption backdoors, and a fifth of the stolen Bybit funds are now untraceable. Show notes
In this Risky Business Talks interview we invited Will Thomas to talk about the recent leak of internal chats from the Black Basta ransomware group. Will is a SANS Instructor, co-author of the SANS FOR589 course, and the co-founder of a community research project for CTI analysts called Curated Intelligence. Will walks us through the Black Basta leak and uses the group’s attack on US healthcare provider Ascension to break down how the gang operated. Show notes Risky Bulletin: BlackBasta implodes, internal chats leak online BlackBasta’s internal chats just got exposed BlackBasta Chat Logs BlackBastaGPT BlackBasta Leaks: Lessons from the Ascension Health attack Inside the Black Basta Leak: How Ransomware Operators Gain Access…
In this edition of Between Two Nerds Tom Uren and The Grugq take a deep dive into incident response reports from Chinese cybersecurity firms that attribute the hack of one of the country’s top seven defence universities to the US National Security Agency. These reports were collated and translated into English by the security researcher known as Inversecos (https://x.com/inversecos). This episode is also available on Youtube . Show notes NSA (Equation Group) TTPs from a Chinese lens Northwestern Polytechnical University at the China Defence Universities tracker Risky Business podcast discussion with Inversecos…
The Trump administration stops treating Russian hackers as a threat, Meta seeks a permanent NSO injunction, new Cellebrite zero-days come to light, and big name Russian cyber criminals get … home detention. Show notes
In this Risky Business News sponsor interview, Catalin Cimpanu talks with Toni de la Fuente, founder and CEO of cloud security firm Prowler. Toni talks about his company’s latest effort, the Open Cloud Security Movement, an initiative to get more cloud security vendors to open-source their core projects. Show notes Open Cloud Security Prowler on Github Risky Biz Product demo: Prowler, the free and open source cloud security platform…
Cellebrite bans Serbia from using its products, Chinese hackers breached the Belgian security service, the Republican National Committee hid a Chinese hack and Microsoft removes malicious extensions from the VSCode Marketplace. Show notes
Tom Uren and Patrick Gray talk about the White House apparently considering kicking Canada out of the Five Eyes intelligence alliance to apply pressure on the country. It’s a terrible idea and even thinking about it undermines the strength of the alliance. They also discuss Sweden’s proposed legislation that would order apps like WhatsApp and Signal to store messages so they could be provided under warrant to authorities. The story is a vignette of the ongoing encryption debate, but we think apps like Signal will leave the country rather than comply. Finally, they talk about how the illicit cryptocurrency ecosystem is evolving in response to government action such as takedowns and sanctions. This episode is also available on Youtube . Show notes…
Signal threatens to leave Sweden over backdoor request, the EU sanctions a North Korean general linked to two APTs, Australia bans Kaspersky products on government systems and Google will use QR codes for Gmail authentication. Show notes
In this edition of Between Two Nerds Tom, Uren and The Grugq examine the fundamental principles of network exploitation as described in Matthew Monte’s ‘Network Attacks and Exploitation: A Framework’ book using recent hacks as case studies. This episode is also available on Youtube . Show notes Network Attacks and Exploitation: A Framework Google's Signal hacking report Device code phishing…
North Korean hackers steal one and a half billion dollars from Bybit, Apple disables iCloud backup encryption in the UK, stream-jacking hits the e-sports world and Palau faces its third ransomware attack in six years. Show notes
In this Risky Business News sponsor interview, Catalin Cimpanu talks with Aaron Attarzadeh, Enterprise Security Engineer at Nucleus. Aaron goes into new concepts for the vulnerability management scene, such as asset correlation and asset linking. Show notes
The BlackBasta ransomware group implodes, Russian military hackers target Signal with QR codes, Microsoft patches a Power Pages zero-day, and Meta sues a man who hacked accounts and extorted users. Show notes
In this podcast Tom Uren and Patrick Gray talk about the idea of launching a retaliatory campaign to hack Chinese telcos in response to Salt Typhoon’s targeting of US ones. US Senator Mark Warner floated the idea as a way to persuade the Chinese government to pull back Salt Typhoon, but we think that kind of campaign has merit regardless. They also discuss how Samoa’s CERT calling out APT40 is a big deal. It’s striking to see a small country of 200,000 people calling out Chinese hacking. This episode is also available on Youtube . Show notes…
VC giant Insight Partners gets social engineered, OpenSSH patches an attacker-in-the-middle bug, Ecuador’s parliament hit by cyberattacks, and a Monero zero-day awaits a patch. Show notes
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the United State’s Vulnerabilities Equities Program, which balances the need for intelligence collection with the need to protect the public. The government recently revealed that in 2023 it released 39 vulnerabilities, but what does this really tell us? This episode is also available on Youtube . Show notes The unclassified VEP appendix Kim Zetter's Zero Day substack…
Welkom op Player FM!
Player FM scant het web op podcasts van hoge kwaliteit waarvan u nu kunt genieten. Het is de beste podcast-app en werkt op Android, iPhone en internet. Aanmelden om abonnementen op verschillende apparaten te synchroniseren.