Tuesday, March 2, 2021


Security. Some assembly required. Security is HARD, and ‘real security’ is a compromise between usability and security while knowing you’re still accepting risk. This podcast alternates between interesting interviews and news analysis every other week – tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.

DtSR Podcast

DtSR Episode 437 – TPA Healthcare IT Under Siege

Prologue This week, DJ McArthur joins James and Rafal to talk shop about his career in defending healthcare IT. The Cliff's Notes version is that it's more complex, more under siege, and more critical than ever. No problem, right?...
DtSR Podcast

DtSR Episode 436 – TPA A Dev Perspective on AppSec

Prologue Continuing what accidentally became a series of AppSec or Software Security focused episodes, #436 takes it from yet another direction. Rey joins us to talk about AppSec from his perspective - that of a life-long developer that's moved...
DtSR Podcast

File Progress DtSR Episode 435 – TPA WPScan and WordPress

Prologue Episode 435 is packed with OpenSource goodness, talking about WordPress and WPScan with Ryan Dewhurst. Ryan started WPScan (a tool you probably use as a security practitioner) and has now made a business out of it. He spends...
DtSR Podcast

DtSR Episode 434 – TPA Open Source Software Security

Prologue This week, Jennifer Fernick of NCC Group joins me to talk about her work with open source software and security. With a storied career, Jennifer is well-qualified to talk about some really interesting topics, but finding bugs in...
DtSR Podcast

DtSR Episode 433 – TPA Leading the Alliance

Prologue: This week, Gary Latham joins the podcast to talk about taking the reigns of the Security Advisor Alliance, at a pivotal time for the organization. If you don't know about the SAA, I highly encourage you to check it...
DtSR Podcast

DtSR Episode 432 – TPA Identity and Trust

Prologue On this week's episode of the podcast, boomerang guest Robb Rock joins Rafal to talk identity, trust, and what's happened since the last time Robb was on the show (which was in 2016!). Of course they talk about...
DtSR Podcast

DtSR Episode 431 – TPA Medical IOT

Prologue This week on DtSR, an old friend Jamison Utter joins Rafal to talk about medical IoT devices, and what makes them different -- and of course, how we can better protect them. Jamison's company, Medigate, is a healthcare security and...
DtSR Podcast

DtSR Episode 430 – TPA What We Learned in 9 Years

Prologue David was a guest on the podcast many years ago, back in episode 7. We had a great conversation and it's interesting to see how so many of the topics have evolved in the last nearly a decade....
DtSR Podcast

DtSR Episode 429 – YGHT Crowdsourcing Security Intel

You Gotta Hear This! This special edition of the Down the Security Rabbithole Podcast is the first of it's kind. For 2021 I've decided to throw in a bonus episode here and there that doesn't necessarily fit the...
DtSR Podcast

DtSR Episode 428 – TPA TIM-enabled NextGen SOC Platforms

Prologue Let's start 2021 off right with a returning guest whose name you will want to remember. Joep (pronounced like "soup" but with a "you") Gommers the founder and CEO of EclecticIQ joins Rafal to talk about threat intelligence...
DtSR Podcast

DtSR Episode 427 – TPA Security Beyond the RegExp

Prologue This week, on the last episode of 2020, Michael Coates joins Rafal to talk about wire-speed-data-protection. Sort of like CASB but more universal. Interestingly, Rafal and Michael talk through how DLP has evolved and into what, and some...
DtSR Podcast

DtSR Episode 426 – TPA Winning Intelligence Collecting Zombies

Prologue First and foremost, thank you to Prevailion for giving us some of Karim's time, and content for this episode. Adversary intelligence is critical to protection and defense, so the methods and means in which it's gathered, refined, and provided...
DtSR Podcast

DtSR Episode 425 – TPA Being Media Trained

Prologue This week, one of my old allies in the advocacy for sane media appearance joins James and me on the podcast. We talk about being a media liaison, managing speakers and security types with lots to say and...
DtSR Podcast

DtSR Episode 424 – SOC Fight 2020

Prologue Fill up your coffee cup, find a comfortable seat, and get ready to dive into this show! Richard & Anton join James and Rafal to discuss the SOC and it's evolution (or not) in today's enterprise. What...
DtSR Podcast

DtSR Episode 423 – TPA Malware and Other Bad Things

Prologue This week, virtually live from Enfuse 2020 we've invited Grayson Milbourne, who is the Director of Security Intelligence at OpenText (formerly Carbonite/Webroot), to the show to talk about his work, malware, and the ever-evolving battle between good and evil'ish. This...

Search crimes – how the Gootkit gang poisons Google searches

When a search result looks too good to be true - it IS too good to be true!

Dairy Giant Lactalis Targeted by Hackers

France-based dairy giant Lactalis revealed last week that it was targeted by hackers, but claimed that it had found no evidence of a data breach. The company said a malicious third party attempted to breach its computer network, but it...
Graham Cluley

Crypto firm Tether says it won’t pay $24 million ransom after being threatened with document leak

Controversial cryptocurrency developer Tether says it will not give in to extortionists who are demanding a 500 Bitcoin ransom payment (currently worth approximately US $24 million).
Bruce Schneier

Mysterious Macintosh Malware

This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload...

What Did I Just Read? A Conversation With the Authors of '2034'

Elliot Ackerman and Admiral James Stavridis discuss their inspirations, personal experiences, and what keeps them up at night.