In this Risky Business News sponsor interview, Mike Lashlee, CSO of Mastercard talks to Tom Uren about why the company got into threat intelligence.
Mike talks about bringing together payments insights with threat intel to get strong signals about fraud or crime, the benefits of international collaboration and when it makes sense for your CSO to also be the CISO.
Show notes
--------
14:05
--------
14:05
Srsly Risky Biz: DeepSeek and Musk's Grok both toe the party line
Tom Uren and Amberleigh Jack talk about new research that shows the Chinese-made DeepSeek-R1 AI model produces insecure code when prompts include topics that the Chinese Communist Party dislikes. It’s interesting research, but the CCP doesn’t have a monopoly on imposing AI bias.
They also discuss the complete doxxing of the Iranian cyber espionage group known as APT35 or Charming Kitten.
This episode is also available on Youtube.
Show notes
--------
21:25
--------
21:25
Between Two Nerds: Telcos bad, Cloud good.
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the differences between telcos and cloud companies. Does the nature of the business force cloud companies to be better at security?
This episode is also available on Youtube.
Show notes
FCC looks to torch Biden-era cyber rules sparked by Salt Typhoon mess
Netflix's Chaos Monkey
Brian in Pittsburgh
BTN145
Ultra
--------
35:26
--------
35:26
Srsly Risky Biz: AI-Powered espionage will favor China
Tom Uren and Amberleigh Jack talk about Anthropic’s discovery of an “AI-orchestrated” cyber espionage campaign. To Tom, it feels a research project, but it’s pretty clear it will be really useful for threat actors that aren’t focussed on specific high-priority targets. Think ransomware, Chinese intellectual property theft and North Korean hackers. But it won’t be so good for Western intelligence agencies.
They also discuss Google’s legal disruption of the China-based Lighthouse phishing as a service operation. Surprisingly, it seems to be working!
Finally, they talk about why the memory safe Rust language has been a triple win for Android.
This episode is also available on Youtube.
Show notes
--------
21:28
--------
21:28
Between Two Nerds: Russia's cyber war on wheat
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the strategic “logic” of Russian wiper attacks on the Ukrainian grain sector.
This episode is also available on Youtube.
Show notes
ESET report
Soesanto and Gajos at Lawfare
Österreich