On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
All content for Risky Business is the property of Patrick Gray and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access
Risky Business
30 minutes
1 month ago
Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access
In this Soap Box edition of Risky Business host Patrick Gray talks to Knocknoc CEO Adam Pointon about how to easily rein in attack surface by glueing your single sign-on service to your network controls.
Do your Palo Alto and Fortinet devices really need to be discoverable by ransomware crews? Does your file transfer appliance need to be open to the whole world? What about your SSH and RDP? Your Citrix? Your (gasp) Exchange Online servers??
You can do a lot with IP allowlisting and simple Identity Aware Proxies (IAPs) to minimise your exposure.
Knocknoc is a bit of a “Risky Business special”, too. Pat helped Knocknoc to raise a seed round through Decibel Partners where he’s a founder advisor. He also serves on Knocknoc’s board of directors.
This episode is also available on Youtube.
Risky Business
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
