The Nerd Cartel Podcast is dedicated to all things nerd, pop culture, and whatever Jim and Peter feel like!Reviews on all types of media, reminiscing about nerdy things, and general bad-assery is kind of like all we do...
…
continue reading
The Nerd Cartel Podcasts
Regular cybersecurity news updates from the Risky Business team...
…
continue reading
A bi-weekly podcast where we sit down with brewers, owners, representatives and others in the craft beer industry to sip some brews, play some games, learn some things and talk about all the people and places that make the craft beer world the wonderful community that it is. On the road more often than not, we set up our mics in breweries, beer bars, at beer fests and even hop farms and malt houses to get to know the people that make great beer possible. Whether you’re a casual craft beer dr ...
…
continue reading
1
Risky Bulletin: Android switches to risk-based security updates
7:11
7:11
Play later
Play later
Lists
Like
Liked
7:11
Android will only issue monthly updates for high-risk vulnerabilities, a self-replicating attack hits the npm registry, BreachForums’ admin resentenced on appeal, and hackers breach Gucci’s parent company. Show notes Risky Bulletin: AI chatbot disinformation doubles in a year
…
continue reading
1
Between Two Nerds: The limits of cyber power
30:47
30:47
Play later
Play later
Lists
Like
Liked
30:47
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the limits of a state’s cyber power. This episode is also available on YouTube Show notes Dave Aitel's CyberSecPolitics post on cyber power metrics Lawfare Post BTN 117, The fate of nations BTN 120, Should US spies steal Chinese commercial secrets…
…
continue reading
1
Risky Bulletin: DC sues crypto ATM operator for profiting from scams
6:41
6:41
Play later
Play later
Lists
Like
Liked
6:41
The US sues a crypto ATM operator for profiting from scams, SMS blasters make their way into Switzerland, the US and Portugal tussle over the extradition of the RaidForums admin, and Samsung patches a zero-day in its phones. Show notes Risky Bulletin: US largest crypto ATM operator sued for profiting from scams…
…
continue reading
1
Sponsored: The challenge of managing browser extensions
19:50
19:50
Play later
Play later
Lists
Like
Liked
19:50
In this sponsored interview, Casey Ellis chats to David Cottingham and Daniel Schell from Airlock Digital. They discuss the challenge of browser extension management for enterprises, why it’s a priority and how Airlock can help. Show notes
…
continue reading
1
Risky Bulletin: Apple notifies French users of spyware attacks
7:08
7:08
Play later
Play later
Lists
Like
Liked
7:08
Apple notifies French users of spyware attacks, China will increase fines for data breaches Google pays $1.6mil for cloud bugs at a hackathon event, and no more hacked free laundry for Dutch students Show notes Risky Bulletin: Most UK school hacks are caused by their own students
…
continue reading
1
Srsly Risky Biz: Exploiting authorisation sprawl is the new black
17:54
17:54
Play later
Play later
Lists
Like
Liked
17:54
Tom Uren and Amberleigh Jack talk about the Salesloft Drift incident. It is a great example of the sprawling impact that the breach of a single service provider can have. We expect these single-compromise-large-blast-radius attacks will become the new norm. They also talk about Apple’s Memory Integrity Enforcement, which promises to be a big step f…
…
continue reading
1
Risky Bulletin: White House to keep CyberCom and NSA dual role
8:38
8:38
Play later
Play later
Lists
Like
Liked
8:38
The White House will keep the CyberCom and NSA dual-hat leadership arrangement, the US charges a major ransomware figure, Apple ships a memory safety protection feature and yet another supply chain attack hits the npm world. Show notes Risky Bulletin: US charges major ransomware figure
…
continue reading
1
Between Two Nerds: The death of the exploit
25:47
25:47
Play later
Play later
Lists
Like
Liked
25:47
In this edition of Between Two Nerds Tom Uren and The Grugq talk about the trend toward outrageously complicated exploits and what it means for hacking and cyber espionage. This episode is also available on YouTube Show notes
…
continue reading
1
Risky Bulletin: New APT group turns out to be a phishing test
7:51
7:51
Play later
Play later
Lists
Like
Liked
7:51
A new APT group turns out to be a phishing test, Qantas cuts executives’ bonuses after a recent breach, Anthropic stops selling AI tools to Chinese firms, and Nepal blocks 26 social media sites. Show notes Risky Bulletin: APT report? No, just a phishing test!
…
continue reading
1
Sponsored: Why prompt injection is an intractable problem
16:30
16:30
Play later
Play later
Lists
Like
Liked
16:30
In this sponsored interview Casey Ellis chats with Keith Hoodlet from Trail of Bits. Keith is Trail of Bits’ director of engineering for AI, machine learning and application security and he joined Casey to talk about why prompt injection attack techniques that target AI are an unsolvable problem. Show notes…
…
continue reading
1
Risky Bulletin: Cyberattack disrupts Bridgestone tyre factories across North America
9:00
9:00
Play later
Play later
Lists
Like
Liked
9:00
A cyberattack disrupts Bridgestone tyre factories in North America, a new infostealer takes your photo while you watch porn, bad certificates for Cloudflare infrastructure went undetected for more than a year, and Brazil deals with another payment system hack. Show notes Risky Bulletin: Chrome 140 comes with new hardened cookies…
…
continue reading
1
Srsly Risky Biz: Google sharpens its cyber knife
17:38
17:38
Play later
Play later
Lists
Like
Liked
17:38
Tom Uren and Amberleigh Jack talk about Google starting a cyber disruption unit. It’s a sign of the times but could also point the way forward for policymakers looking to involve the private sector in government-endorsed efforts to strike back in cyberspace. They also talk about cyber security authorities from 13 different countries pegging Salt Ty…
…
continue reading
1
Risky Bulletin: YouTubers unmask and help dismantle Chinese scam ring
4:24
4:24
Play later
Play later
Lists
Like
Liked
4:24
Two YouTube channels help dismantle a Chinese scam operation, Cloudflare, Zscaler, and Palo Alto disclose Salesloft-related breaches, a ransomware attack disrupts vehicle production at Jaguar Land Rover, and we have a new record DDoS attack. Show notes Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring…
…
continue reading
1
Between Two Nerds: How threat actors are using AI to run wild
32:17
32:17
Play later
Play later
Lists
Like
Liked
32:17
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how cyber threat actors are using AI tools to fill in resource and skills gaps that they have. This episode is also available on Youtube. Show notes Anthropic's August 2025 Threat Report BTN episode 50
…
continue reading
1
Risky Bulletin: Noem fires FEMA IT team over alleged cybersecurity failures
5:54
5:54
Play later
Play later
Lists
Like
Liked
5:54
FEMA’s IT staff fired over an alleged breach, WhatsApp patches a zero-day, the Salesloft breach impacted more than just Salesforce, and a scammer steals $1.5 million dollars from the city of Baltimore. Show notes Risky Bulletin: Noem fires FEMA IT team over alleged cybersecurity failures
…
continue reading
1
Sponsored: Push Security on the evolution of phishing techniques
18:05
18:05
Play later
Play later
Lists
Like
Liked
18:05
In this sponsored interview Casey Ellis chats with Push Security co-founder Jacques Louw. Push’s browser plugin gives a unique level of visibility into how users interact with the web and the attacks they face. Jacques talks through what they’re seeing, and their recently published taxonomy of phishing attacks. It’s on Github for everyone to contri…
…
continue reading
1
Risky Bulletin: npm attack uses AI prompts to steal creds, crypto-wallet keys
7:38
7:38
Play later
Play later
Lists
Like
Liked
7:38
An npm supply chain attack uses AI to steal credentials and crypto-wallet keys, Google establishes a cyber disruption unit, a ransomware attack disrupts more than 200 Swedish municipalities, and Salt Typhoon hacks have now hit more than 80 countries. Show notes Risky Bulletin: npm attack uses AI prompts to steal creds, crypto-wallet keys…
…
continue reading
