Risky Business

Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)

75 snips
Jan 14, 2026
Guest
David Cottingham
David Cottingham, co-founder of Airlock Digital and expert in cybersecurity, discusses the risks associated with Microsoft’s ClickOnce application deployment. He explains how attackers exploit ClickOnce to load malicious code and the effectiveness of allow-listing in mitigating these threats. The conversation also dives into the challenges EDR technologies face in detecting such attacks. Additionally, there's a fascinating debate on the potential for AI to enhance allow-list management while maintaining human oversight.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Choose Competent Cyber Leadership Quickly

  • Prioritize competence over pedigree when appointing cyber leaders to quickly stabilize organizations.
  • Confirm nominees with relevant technical and management scrutiny to avoid governance gaps.
ANECDOTE

Port Hack Used To Smuggle Cocaine

  • A Belgian hacker bribed an insider, used a USB for initial access, and gained port control to smuggle cocaine.
  • The attacker received a seven-year sentence after exploiting weak port and OT separations.
INSIGHT

Residential Proxies Are Built From Compromised IoT

  • Residential proxy networks are built from compromised consumer devices (Android TV sticks, photo frames) and abused via DNS rebinding.
  • These ecosystems show botnets, proxy operators, and customers intermingling in a messy, hostile marketplace.
Get the Snipd Podcast app to discover more snips from this episode
Get the app