Between Two Nerds: Microsoft embraces digital sovereignty
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how Microsoft has embraced digital sovereignty and is bending over backwards to satisfy European tech supply chain concerns.
This episode is also available on Youtube.
Show notes
The New York Times on the ICC
Microsoft's 30 April Brad Smith post
Microsoft's 4 June Brad Smith post
-------- Â
22:13
Risky Bulletin: Scattered Spider targets the aviation sector
The Scattered Spider group targets the aviation sector, Russia throttles traffic from Cloudflare, a Mexican cartel hired hackers to track an FBI official, and Canada tells Hikvision to cease operations.
Show notes
-------- Â
8:31
Sponsored: Why Linux is the dark matter of the internet
In this Risky Bulletin sponsor interview Craig Rowland, CEO of Sandfly Security, talks to Tom Uren about the disconnect between how important Linux systems are and how much security attention they get. The pair discuss the variety of reasons that security teams underinvest in protecting Linux.
Show notes
-------- Â
17:08
Risky Bulletin: Phishers abuse forgotten Direct Send feature
A phishing group abuses a forgotten Exchange Online feature, a patient’s death is linked to the Synnovis ransomware attack, France arrests the BreachForums leadership, and Microsoft offers free Windows 10 Extended Security Updates … with a catch.
Show notes
-------- Â
7:35
Srsly Risky Biz: Comparing Chinese and American 0day pipelines
Tom Uren and Patrick Gray talk about a new report that compares Chinese and American 0day pipelines. The US is narrowly focussed on acquiring exquisitely stealthy and reliable exploits, while China casts a far broader net. That was fine in the past, but as 0days get harder and harder to find, the report argues that the US needs to change the way it goes about getting them.
The pair also talk about Cyber Command supporting the US bomb strikes against Iranian nuclear facilities. We like to believe in magic cyber capabilities, but we suspect the truth was far more mundane in this case.
This episode is also available on Youtube.
Show notes
Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace
USA