Risky Business

Adam Boileau, a seasoned cybersecurity commentator, joins Simon Onyons, Managing Director at Kroll's Cyber and Data Resilience, to tackle the latest in cybersecurity. They dive into the alarming React2Shell vulnerability—scoring a CVSS 10—that's quickly exploited by Chinese APTs. Simon shares insights on demystifying cyber risk for boards and how to communicate it effectively. The episode also touches on Linux's PCIe encryption support and a controversial GrapheneOS case, illustrating the ongoing battle between security and exploitation.

Damien Lukey, CEO and founder of Nebulok, joins the discussion on AI-enabled threat hunting and enhancing MacOS security through Core Sigma Sigma rule development. The conversation dives into the implications of cosmic-ray bitflips affecting Airbus firmware, as well as a substantial data breach in South Korea impacting 65% of the population. Lukey sheds light on how improving macOS telemetry can bolster cybersecurity, while the hosts explore recent trends in malicious browser extensions and the risks of poor operational security among teens.

H.D. Moore, a renowned security researcher and creator of Metasploit, joins to discuss RunZero's innovative tools. He elaborates on integrating RunZero with Bloodhound-style graph databases to enhance security analysis. H.D. also dives into the exciting future of AI in cybersecurity, touching on the challenges of varied deployment models. Additionally, he highlights how exposure management and user experience are shifting in product development, making security more effective and accessible.

Andrew Morris, the founder of GreyNoise, joins the discussion to unveil how their technology can predict serious vulnerabilities up to 90 days in advance. He shares insights on the coordinated mass scanning activities that often precede big security disclosures. Andrew explains strategies for organizations to use early warning signals effectively, like auditing configurations and adopting a zero-trust mindset. He also touches on the challenges posed by residential proxies and IPv6 while advocating for tailored scanning methods to enhance security.

Urooj Burney, Mastercard's Senior VP of Cybersecurity, chats about the evolution of fraud and cybersecurity teams merging. She highlights the importance of a unified approach to tackle cyber-enabled payment risks. Urooj dives into how Mastercard's acquisition of Recorded Future enhances threat intelligence for fraud prevention. The conversation reveals insights on democratizing threat intel for fraud teams and the organizational models that best support this convergence. With real-world implications, this discussion is a wake-up call for the financial sector!

Haroon Meer, Founder of Thinkst Canary, emphasizes the need for transparency in vendor security practices. He argues that companies must demonstrate how they secure their architecture instead of relying on vague assurances. The discussion touches on the importance of accountability, with Meer advocating for pen tests and ongoing audits from vendors. They also explore innovative security designs like allowlisting and honeypots, highlighting recent updates to Thinkst Canary's cloud platforms.

In this engaging discussion, security journalist Adam Boileau sheds light on the recent drama between FFmpeg and Google over vulnerability disclosures. He advocates for clearer responsibilities among researchers and larger firms regarding bug fixes. The episode also explores OpenAI's Aardvark system and its innovative approach to bug hunting, alongside critical conversations about arrests of ransomware responders and the resurgence of notorious hackers. Adam's insights into the evolving landscape of cybersecurity make this chat both informative and captivating.

Adam Boileau, a security researcher known for his insights into cyber incidents, joins Matt Muller, Field CISO at Tines, to discuss the week’s biggest cybersecurity news. They tackle the shocking allegations against an L3Harris executive accused of selling exploits to Russia and dissect a serious patch exploit impacting Microsoft WSUS. Adam also unveils how predictable PRNG flaws have revived DNS cache poisoning threats. Meanwhile, Matt elaborates on Tines' innovative use of AI in streamlining SOC workflows and enhancing automation.

Jacques Louw, co-founder and Chief Product Officer at Push Security, dives into a LinkedIn phishing campaign that targeted CEOs. He explains how compromised contacts initiated complex phishing chains, exploiting Google and Microsoft services. Louw also highlights Push's browser-centric detection techniques, including session tracing that reconstructs user navigation, enhancing the early identification of similar attacks. The discussion emphasizes the importance of tracking origin links to sharpen detection capabilities and provide actionable insights.

In this discussion, cybersecurity experts Alex Stamos and Chris Krebs delve into the F5 hack and its implications. Stamos shares insights on why low-rated vulnerabilities can still pose serious threats. Krebs highlights the risks associated with private equity ownership of cybersecurity firms, underscoring potential exploitation. The two also address the importance of corporate response strategies post-breach and the role of AI in securing outdated codebases. Their dynamic dialogue sheds light on the evolving landscape of cybersecurity challenges and solutions.