Risky Business

Risky Business
By Patrick Gray
About this podcast
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Latest episodes
Nov. 15, 2017
On this week’s show we check in with Mara Tam. She’ll be telling us why the idea of a so-called “Digital Geneva Convention” is silly. Then, after that, Rich Smith of Duo Security will be in the sponsor chair. You may have heard about some recent research Duo Labs did into Apple EFI patches basically not working/sticking. Rich walks us through that research, why Duo did it, how they did it, and what it can tell us. It might be Mac research but the real worry, as you’ll hear, is around Wintel firmware. Adam Boileau pops by for this week’s news discussion. We’ll be covering: Facebook’s plan to combat “non-consensual intimate imagery” Wikileaks Vault8 leaks Assange sending a “guessed” password to Donald Trump Jnr NYTimes reports on the Shadowbears Cracking FaceID with a rubber mask MOAR Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Facebook Workers, Not an Algorithm, Will Look at Volunteered Nude Photos First to Stop Revenge Porn The Facts: Non-Consensual Intimate Image Pilot | Facebook Newsroom If Facebook Actually Wants to Be Transparent, It Should Talk to Journalists - Motherboard WikiLeaks Starts Releasing Source Code For Alleged CIA Spying Tools - Motherboard Donald Trump Jr. and WikiLeaks Talking Privately on Twitter Makes Perfect Sense | WIRED WikiLeaks on Twitter: "New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company https://t.co/EvE8GdyAmM https://t.co/geigDgIDsk" Donald Trump Jr. on Twitter: "Here is the entire chain of messages with @wikileaks (with my whopping 3 responses) which one of the congressional committees has chosen to… https://t.co/4C0d2vBOkq" Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core - The New York Times Hackers say they broke Apple’s Face ID. Here’s why we’re not convinced | Ars Technica Hackers Say Plastic Surgeon to the Stars Hacked Back at Them Uber drivers in Lagos, Nigeria use fake Lockito app to boost fares — Quartz CEO who presided over Mt. Gox’s collapse could end up with massive profits | Ars Technica Google Begins Removing Play Store Apps Misusing Android Accessibility Services | Hackbusters OnePlus inadvertently left a backdoor on its phones Muslim activists hack Isis mailing list hours after terrorists claimed it was unhackable | The Independent This AI Bot That Messes With Email Scammers As Long As Possible Is Brilliant - Digg The FBI Blindly Hacked Computers in Russia, China, and Iran Huddle's 'highly secure' work tool exposed KPMG and BBC files - BBC News Microsoft Provides Guidance on Mitigating DDE Attacks | Threatpost | The first stop for security news How AV can open you to attacks that otherwise wouldn’t be possible | Ars Technica Cryptojacking craze that drains your CPU now done by 2,500 sites | Ars Technica Crooks sending fake Apple emails in order to unlock stolen iPhones Hacker Wannabes Fooled by Backdoored IP Scanner Cyber Security | Global Cyber Security Services Provider About the security content of iOS 11 - Apple Support Microsoft's Smith adds 'cyber Red Cross' to his 'digital Geneva Convention' call thinkst Thoughts...: A Geneva convention, for Software thinkst Thoughts...: On anti-patterns for ICT security and international law The need for a Digital Geneva Convention - Microsoft on the Issues The Apple of Your EFI: Mac Firmware Security Research | Duo Security
Nov. 8, 2017
There’s no feature interview in this week’s edition, just a slightly longer news session with Adam Boileau, then it’s straight into this week’s sponsor interview. Adam and I will be speaking about: Charges against Russian officials involved in the DNC hack Confirmation of Russian involvement in Ukraine artillery targeting app Attribution claims in Bad Rabbit campaign “Hack Back” bill is picking up steam 1 million installations of counterfeit WhatsApp clone A properly awful Tor browser bug The cryptocurrency comedies/tragedies of the week MOAR Marco Slaviero is this week’s sponsor guest. He’ll be along with a radical marketing approach: He’ll be telling us what Canaries can’t do! But you know what? It’s a useful thought exercise. He’ll also update us on the latest stuff they’re doing in the cloud. They’ve got some new VMWare virtual canaries too. Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes US could charge six Russian officials over DNC email hacking Russia hackers had targets worldwide, beyond US election - The Washington Post Tracing Fancy Bear’s paw prints – Raphael – Medium The GRU-Ukraine Artillery Hack That May Never Have Happened How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts - Motherboard Ukraine blames infamous Russian hackers for 'BadRabbit' ransomware attack Chinese hackers starting to return focus to U.S. corporations 'Hack back' bill gains 7 new co-sponsors Ex-NSA Director Says Companies Should Never Hack Back Because They Could Start Wars - Motherboard How Level 3's Tiny Error Shut Off the Internet for Parts of the US | WIRED More Than 1 Million People Downloaded a Fake WhatsApp Android App - Motherboard Beating the iPhone X Face ID Is Hard. We Know, Because We Tried | WIRED Flaw crippling millions of crypto keys is worse than first disclosed | Ars Technica Critical Tor flaw leaks users’ real IP address—update now | Ars Technica Stuxnet-style code signing is more widespread than anyone thought | Ars Technica SEC warns that celebrity cryptocurrency endorsements may be illegal | Ars Technica Dan Guido on Twitter: "Parity likely did not think of their wallet as a classic contract. Their code is in a library, and they delegatecall to execute it directly." One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week - Motherboard More than two years after historic breach, OPM continues to struggle with cybersecurity Texas Shooter's Phone Encrypted | Threatpost | The first stop for security news Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own | Threatpost | The first stop for security news Patrick Gray on Twitter: "Oh my fucking god. https://t.co/oyyXcDQ5ie"
Nov. 6, 2017
In this edition of Snake Oilers we’re taking a look at two Australian companies and their solutions: Kasada and Haventec. Kasada’s product is a simple one – it’s bot prevention using proof of work and a couple of other things, and Haventech’s solution is a bit more out there. They’ve got a couple of products. One uses device fingerprinting plus a secret for authentication, but they’ve actually come up with something else that’ll be really interesting to people in the payment card processing space. Basically they’ve come up with a way to split credit card info into a few pieces so it can be stored in a distributed way. Part of the info with the user, part with the merchant and part with the processor. It’s a better approach than tokenisation, and will drastically reduce the liability and costs that comes with storing huge amounts of card data on the processor side. Oh, and they’ve solved the chargeback problem on that one too. Links to the companies profiled can be found below. I hope you enjoy the show! Show notes Kasada | Security Redefined Haventec | Revolutionising cyber security Home - Australian Cyber Security Growth Network
Nov. 1, 2017
On this week’s show we’re chatting with Zeynep Tufekci about how machine learning accelerates the dissemination of crazy s–t, basically. Zeynep’s September TED talk titled “We’re building a dystopia just to make people click on ads” is a must watch and has been doing the rounds on infosec Twitter over the last couple of weeks. She joins us this week to talk through what we might be able to do about the tendency of online platforms to send people down pretty warped rabbit holes. That’s a fascinating chat. This week’s show is brought to you by Senetas. Senetas is a Melbourne-based company that develops and manufactures layer 2 encryption gear. They also operate the SureDrop secure file sharing platform and are working on a bunch of cloud crypto tech as well. Julian Fay is CTO over at Senetas and he’s along this week to talk us through the bugs Matthew Green and his colleagues found in a bunch of FIPS-certified gear from Fortinet. It’s a really, really illuminating chat. I love it when Julian’s in the sponsor chair because I always learn a lot. Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Infrastructure for the ‘Bad Rabbit’ Ransomware Appears to Have Shut Down - Motherboard Global ransomware attacks tiptoed around Russian anti-virus products NotPetya ransomware cost Merck more than $310 million British security minister says North Korea was behind WannaCry hack on NHS | The Independent Worker who snuck NSA malware home had his PC backdoored, Kaspersky says | Ars Technica Proud to keep on protecting ' no matter the false allegations in the U.S. media. | Nota Bene: Eugene Kaspersky's Official Blog Equifax Was Warned - Motherboard China Tests the Limits of Its US Hacking Truce | WIRED Google: Chrome is backing away from public key pinning, and here's why | ZDNet YubiHSM 2 is here: Providing root of trust for servers and computing devices | Yubico Francisco Partners Acquires Comodo's SSL Security Business Google's reCaptcha Cracked Again | Threatpost | The first stop for security news Unexplained cyberattacks sow chaos among dark web markets The Fight Over Jordan Hamlett’s ‘Hack’ of Trump’s Tax Returns Facebook, Google, Twitter tell Congress their platforms spread Russian-backed propaganda | Ars Technica LSE Business Review – Blockchain and bitcoin: In search of a critique A Guide to Attacking Domain Trusts – harmj0y Fooling Neural Networks in the Physical World with 3D Adversarial Objects · labsix Training Zeynep Tufekci: We're building a dystopia just to make people click on ads | TED Talk | TED.com Attack of the week: DUHK – A Few Thoughts on Cryptographic Engineering Senetas - a leading provider of high-assurance encryption
Oct. 25, 2017
On this week’s show we’re catching up with Matt Tait. Matt’s better known as @pwnallthethings on Twitter. He’s joining us this week to talk about the claims various sources have made against Kaspersky. I say sources because up to this point the only thing we’ve seen is various officials saying people shouldn’t use it. There’s been no official statement from the government or the intelligence community that actually says “don’t use it”. And the situation is getting ridiculous. It’s as clear as mud right now, basically, so Matt will be along later to argue the US government really just needs to back the claims in an official way if they’re to be taken seriously. This week’s show is brought to you by Cylance. This week we’re chatting to Chris Coulter, a seasoned IR professional who’s recently moved from the services arm of Cylance to the product side. We’ll be talking to Chris about IR and where EDR software is going. That one is really worth listening to. It’s easy to look at Cylance today and just see another antivirus company. People have forgotten that they basically shook up the biggest market in infosec and I think they have a solid chance of doing the same thing with a few of their upcoming releases in the EDR and UBA space. So yeah, check out that sponsor interview with Chris Coulter, coming up towards the back of the show! Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes 'BadRabbit' ransomware spreading across Ukraine, Russia Reaper: Calm Before the IoT Security Storm? — Krebs on Security Cisco's Talos Intelligence Group Blog: “Cyber Conflict” Decoy Document Used In Real Cyber Conflict How Russian Firm Might Have Siphoned Tools From the NSA Senator questions DHS's handling of Kaspersky software ban in federal agencies Your ID number may be public - SA data leak is worse than you think - htxt.africa Revealed: the real source of SA's massive data breach - TechCentral Whois Maintainer Accidentally Makes Password Hashes Available For Download | Threatpost | The first stop for security news Beaumont Porg, Esq. on Twitter: "Remember the Word DDE issue found by @sensepost? Copy the DDE from Word into Outlook, then email it to somebody.. No attachment -> calc. https://t.co/jw03p5hTZV" DUHK Attack Exposes Gaps in FIPS Certification | Threatpost | The first stop for security news New OWASP Top 10 includes Apache Struts-type vulns, XXE and poor logging High-severity vulnerability found in SecureDrop system China's vulnerability disclosure system twice as fast as U.S. version The Dark Web’s Most Notorious Thief, Phishkingz, Gets Doxxed Hackers Steal Photos From Plastic Surgeon to the Stars, Claim Trove Includes Royals DHS Alert on Dragonfly APT Contains IOCs, Rules Likely to Trigger False Positives | Threatpost | The first stop for security news The hacker known as "Alex" — Operation Luigi: How I hacked my friend without her noticing
Oct. 18, 2017
On this week’s show we’re chatting with Daniel Gruss an infosec researcher doing a postdoc in the Secure Systems group at the Graz University of Technology in Austria. Daniel was one of the authors of a recent paper on a new Rowhammer technique. This one’s pretty clever, basically because it evades all known detection techniques by executing in an Intel SGX enclave. In this week’s feature interview we chat with Dan Guido from Trail of Bits. He’s along this week to talk about his experience in helping to build secure software and security tools for his clients. Of course the big news this week are the so-called “KRACK” attacks against WPA2. Adam’s done his homework on that and joins the news segment to tell you all how bad it is. We also look at the RNG bugs making life hard for smart card vendors and all the other news of the week! Links to everything are below. Oh, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes What You Should Know About the ‘KRACK’ WiFi Security Weakness — Krebs on Security Falling through the KRACKs – A Few Thoughts on Cryptographic Engineering Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible | Threatpost | The first stop for security news Millions of high-security crypto keys crippled by newly discovered flaw | Ars Technica 'Hacking back' legislation is back in Congress The World Once Laughed at North Korean Cyberpower. No More. - The New York Times North Korean Hackers Used Hermes Ransomware to Hide Recent Bank Heist Beaumont Porg, Esq. on Twitter: "Ukraine Intelligence Agency warning of planned large scale disk wiping attack using supply chain: https://t.co/Scm6kcgXSI https://t.co/EebTrrLwzu" October Price Adjustment — Steemit Secret F-35, P-8, C-130 data stolen in Australian defence contractor hack | ZDNet Cyberespionage Group Steps Up Campaigns Against Japanese Firms | Threatpost | The first stop for security news Middle Eastern hacking group is using FinFisher malware to conduct international espionage Exclusive: Microsoft responded quietly after detecting secret database hack in 2013 Equifax website borked again, this time to redirect to fake Flash update | Ars Technica Google’s strongest security, for those who need it most Russia Fines Telegram $14,000 for Not Giving FSB an Encryption Backdoor Web-connected household devices to face mandatory rating over spying fears Want to see something crazy? Open this link on your phone with WiFi turned off. Sexual assault allegations levied against high profile security researcher and activist - The Verge Leveraging the Analog Domain for Security (LADS) Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 KRACK Attacks: Bypassing WPA2 against Android and Linux - YouTube [1710.00551] Another Flip in the Wall of Rowhammer Defenses
Oct. 11, 2017
On this week’s show we’re taking a deep dive into the latest news about Kaspersky and its alleged ties to Russian security services. The New York Times has just published an absolutely blockbuster piece that claims Israeli intelligence infiltrated Kaspersky’s network in 2014 and uncovered slam dunk evidence the company was operating espionage campaigns on behalf of the Russian government. We’ll jump into that in a minute, then in this week’s feature I’ll chat with Dave Aitel of Immunity Inc and get his feelings on the Kaspersky controversy. Casey Ellis is this week’s sponsor guest. He’s joining us this week to talk about how people running their own bug bounties can avoid false negatives. A couple of weeks back we ran a feature here on the show about a guy who had a pretty hard time reporting a legitimate security bug to Microsoft. Casey will be along with some ideas on how companies might do better when managing a lot of inbound bug reports, many of which are bogus. How do you sort the wheat from the chaff. Links to everything are below. Oh, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes How Israel Caught Russian Hackers Scouring the World for U.S. Secrets - The New York Times Ex-NSA Hackers Are Not Surprised by Bombshell Kaspersky Report - Motherboard Office Depot, Best Buy Pull Kaspersky Products From Shelves Kaspersky and the Third Major Breach of NSA’s Hacking Tools – emptywheel Russia reportedly stole NSA secrets with help of Kaspersky—what we know now | Ars Technica Thread Reader Australian police posed as child abusers for a dark web sting North Korea hacked South's secret joint US war plans – reports | World news | The Guardian Hacking North Korea Won't Stop Its Nuclear Program | WIRED Report: Facebook removed references to Russia from fake-news report | Ars Technica Facebook’s security chief warns fake news is more dangerous and complex than people think | The Independent SEC hack came as internal security team begged for funding | Ars Technica Meet Danny, the Guy Authorities Say Is Selling Encrypted Phones to Organized Crime Cellebrite: Hacking into iPhones is harder than ever In-progress email threads were hacked to spearphish private companies, report says Disqus confirms 2012 database breach impacting 17.5 million users Report: John Kelly's personal phone was compromised for months Market Research Firm Forrester Says Hackers Stole Sensitive Reports Over 37,000 Chrome Users Installed a Fake AdBlock Plus Extension New NIST and DHS Standards Get Ready to Tackle BGP Hijacks Russia Says It Will Ban Cryptocurrency Exchanges ‘Dark Overlord’ Hackers Text Death Threats to Students, Then Dump Voicemails From Victims If macOS High Sierra shows your password instead of the password hint for an encrypted APFS volume - Apple Support Porn Site Becomes Hub for KovCoreG Group Malvertising Campaigns | Threatpost | The first stop for security news T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number - Motherboard Critical Windows DNS vulnerability gives hackers the 'keys to the kingdom' Manhattan U.S. Attorney Announces Charges Against Seven Iranians For Conducting Coordinated Campaign Of Cyber Attacks Against U.S. Financial Sector On Behalf Of Islamic Revolutionary Guard Corps-Sponsored Entities | USAO-SDNY | Department of Justice SensePost | Macro-less code exec in msword The confrontation that fueled the fallout between Kaspersky and the U.S. government - Cyberscoop Understanding the Equifax Data Breach | Anna Slomovic| Managing Personal Data Equation Group: The Crown Creator of Cyber-Espionage | Kaspersky Lab [1710.00551] Another Flip in the Wall of Rowhammer Defenses CyberTalks 2017
Oct. 4, 2017
There is no feature interview in this week’s show – it was a long weekend here in Australia plus a few things came up. But we’ve got a great show for you anyway. We’ll be discussing the week’s news headlines with Adam Boileau who’s back on deck after a short break, and then we’ll get straight into this week’s sponsor interview with Lee Weiner of Rapid7. He’s the Chief Product Officer there and he’s joining us this week to explain why so many vendors are suddenly so obsessed with automation and orchestration. It’s a trend that actually makes a bunch of sense for a bunch of reasons, but the key is 100% going to be in the execution. Links to everything are below. Oh, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Clapper: U.S. shelved 'hack backs' due to counterattack fears Trump signed presidential directive ordering actions to pressure North Korea - The Washington Post As US launches DDoS attacks, N. Korea gets more bandwidth—from Russia | Ars Technica 6 Fresh Horrors From Equifax CEO Richard Smith's Congressional Hearing | WIRED Joseph Cox on Twitter: "Former Equifax CEO says company scans failed to identify system that was vuln to Struts bug https://t.co/SMWTVgiOsz https://t.co/SnYLamAqlG" The Equifax Hack Has the Hallmarks of State-Sponsored Pros - Bloomberg Certification Revocation List – GeoTrust Facebook says 10 million U.S. users saw Russia-linked ads Russian Facebook ads featured anti-immigrant messages, puppies, women with rifles | Ars Technica Google admits citing 4chan to spread fake Vegas shooter news | Ars Technica After the Las Vegas Mass Shooting, Watch Out For Hoaxes and Bad Info | WIRED SEC.gov | SEC Announces Enforcement Initiatives to Combat Cyber-Based Threats and Protect Retail Investors White House wants to end Social Security numbers as a national ID | Ars Technica Every Yahoo account that existed—all 3 billion—was compromised in 2013 hack | Ars Technica Whole Foods Market Payment Card Investigation Notification - Whole Foods Market Newsroom ICANN Postpones Scheduled DNS Crypto Key Rollover | Threatpost | The first stop for security news Breaking DKIM - on Purpose and by Chance Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have - Motherboard Understanding the prevalence of web traffic interception Code-execution flaws threaten users of routers, Linux, and other OSes | Ars Technica Three WordPress Plugin Zero-Days Exploited in the Wild Net Neutrality Activists Targeted by Clever Pornhub-Themed Phishing Campaign Security Failure: EpiPen’s Database Of Everyone W... | ClickHole
Sept. 29, 2017
This isn’t the weekly show, this is a deep dive vendor podcast we do 10 times a year. All the vendors who appear in the Soap Box podcasts paid to be here, but you know what? Even though this is sponsored content, it’s really interesting. And this Soap Box edition is a double surprise, because we’re talking about one of the driest topics in infosec: email filtering. But this is actually a really engaging conversation. I was very surprised by how much I enjoyed talking to our guests in this special, Ryan Kalember and Christopher Iezzoni of Proofpoint. Proofpoint, among other things, is a huge player in email security and filtering. This conversation all hinges on a report Proofpoint published called “The Human Factor”. It made some really important observations. For example, the death of popular exploit kits like Angler has just pushed attackers into social engineering at scale as an attack vector. That can be straight up fraud, attached malware or macro stuff, and some of these campaigns involve really sophisticated mass personalisation. The days of exploit kits being used at scale might actually be over. I picked up The Human Factor report the day before we recorded this session and its findings are genuinely interesting. Proofpoint’s Ryan Kalember (SVP, Cybersecurity Strategy) and Christopher Iezzoni (Manager, Threat Research) joined me to discuss report and also to talk about why email filtering is actually interesting again. You can find The Human Factor report here. Show notes The Human Factor 2017 | Proofpoint
Sept. 27, 2017
On this week’s show we’re taking a look at a mediocre response from Microsoft’s security response centre in the face of a fairly run-of-the-mill bug report. Our guest today found some Microsoft software was failing to validate SSL certificates. He reported it, but Microsoft said it wasn’t a security issue because, drum roll please, the attacker would require man in the middle to exploit the failure. Ummm. What? It all got sorted out eventually, and by sorted out I mean silently patched with no note to customers. So if you have a script running somewhere that’s invoking this tool it’s probably not checking for valid certificates, so that’s fun. In this week’s show notes we’ll be talking with industry legend Jon Oberheide, co-founder of Duo Security, about a couple of things. We’ll be looking at the features platform vendors like Microsoft and Google are now baking into their operating systems that allow companies like Duo to be able to query the health of endpoints. We also have a general conversation about how it is actually the platform vendors who will solve the biggest problems, not so much the security industry. That’s this week’s sponsor interview, with big thanks to Duo Security. The Grugq is this week’s news guest. Links to everything discussed are below, and you can also follow Patrick or The Grugq on Twitter if that’s your thing. Show notes CCleaner malware outbreak is much worse than it first appeared | Ars Technica The CCleaner Malware Fiasco Targeted at Least 18 Specific Tech Firms | WIRED SEC Chairman reveals financial reporting system was hacked | Ars Technica SEC reveals it was hacked, information may have been used for illegal stock trades - The Washington Post Deloitte hit by cyber-attack revealing clients’ secret emails | Business | The Guardian Deloitte: 'Very Few Clients' Impacted by Cyber Attack | Threatpost | The first stop for security news Massive Equifax hack reportedly started 4 months before it was detected | Ars Technica Facebook revamps political-ad rules after discovering Russian ad buys | Ars Technica Obama tried to give Zuckerberg a wake-up call over fake news on Facebook Twitter Will Meet With Senate Intelligence Committee on Russia | WIRED Hundreds of Islamic State Supporters Could Be Giving Away Their Location on Instagram Use of personal devices widespread in Trump’s West Wing – POLITICO China disrupts WhatsApp ahead of Communist Party meeting - BBC News U.S. to Collect Social Media Data of Immigrants | Fortune.com Suspected Iranian Hackers Targeted U.S. Aerospace Sector Cloudflare Now Provides Unmetered DDoS Mitigation Without Extra Costs In a first, Android apps abuse serious “Dirty Cow” bug to backdoor phones | Ars Technica Proof-of-Concept Exploit Code Published for Remote iPhone 7 WiFi Hack Password-theft 0-day imperils users of High Sierra and earlier macOS versions | Ars Technica Adobe Private PGP Key Leak a Blunder, But It Could Have Been Worse | Threatpost | The first stop for security news Cassie Sainsbury’s Whole Defence Case Hinges On A Forgotten Phone Password CAGE's Muhammad Rabbani to appeal against court ruling | UK News | Al Jazeera Authentication Bypass Vulnerability in Citrix NetScaler ADC and NetScaler Gateway Management Interface Canadian Man Gets 9 Months Detention for Serial Swattings, Bomb Threats — Krebs on Security Hackers create memorial for a cockroach named Trevor | CSO Online The Trusted Access Company: Duo Security
About Listen Notes
Podcast search engine with 404,963 podcasts and 23,646,315 episodes. Built by a one-person team. Learn more.
Follow us
Monthly updates via email (past issues)