Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Biz Soap Box: Why your EDR won't save you
In this Soap Box podcast Patrick Gray talks to George Glass,...
Risky Business #707 — Inside China's information lockdown with Chris Krebs
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Business #706 — Why BlackBerry thinks Cuba ransomware is a Russian front
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Business #705 — USA's Turla takedown marks a shift in tactics
On this week’s show Patrick Gray and Adam Boileau discuss the...
Snake Oilers: Resourcely, Panther and Island
In this edition of Snake Oilers:
Travis McPeak pitches <a...
Risky Business #704 — Why LLMs aren't an exploit bonanza
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Business #703 — Russia whines about its tech dependence on China
On this week’s show Patrick Gray and Adam Boileau discuss the...
Snake Oilers: Socket, Teleport and Mandiant's Purple Team
Snake Oilers isn’t our regular weekly podcast, it’s a wholly sponsored...
Risky Business #702 — 3CX: It's like SolarWinds, but stupider
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Biz Soap Box: Haroon Meer on why the VC apocalypse is great news
In this Soap Box edition of the show, Thinkst Canary founder...
Risky Business #701 — Why infosec is wrong about TikTok
NOTE: Patrick’s audio is a bit degraded in a few parts...
Risky Business #700 — Yevgeny Prigozhin's empire gets owned
On this week’s show Patrick Gray and Adam Boileau discuss the...
Risky Business #699 — BYOD risks ramp up
Threat actors are really enjoying home networks and BYOD these days…
On...
Risky Biz Soap Box: Six degrees of Domain Admin
Today’s soap box is an absolute cracker. We’re talking to Andy...
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites.
The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...
Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
Not to be confused with K-Pop sensation BLACKPINK, gang pops military, govt and education orgs Dark Pink, a suspected nation-state-sponsored cyber-espionage group, has expanded its list of targeted organizations, both geographically and by sector, and has carried out at...
Feds, you’ll need a warrant for that cellphone border search
Here's a story with a twist A federal district judge has ruled that authorities must obtain a warrant to search an American citizen's cellphone at the border, barring exigent circumstances.…
Smashing Security podcast #324: .ZIP domains, AI lies, and did social media inflame a riot?
height="315" class="aligncenter size-full wp-image-292324" />
ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?
All this and...
