Risky Business

Adam Poynton, CEO of Knock Knock, a maker of SSO-firewall integration and legacy OS agents. He discusses building agents for Solaris/SPARC and HPUX, a new Windows agent, and self-defending hosts. The conversation also covers orchestration across cloud and SaaS allow-lists, vendor trust and supply-chain tradeoffs, and why old-school platforms still matter.

Brandon Dixon, founder and CEO of Ent.AI and serial security entrepreneur, joins to discuss AI’s role in protecting endpoints. He digs into endpoint-centric world models and embeddings. Short takes cover contextual detection, AI-generated explanations, and neurosymbolic autonomous defenses. The conversation sketches how language-based understanding and deterministic safeguards could reshape security.

Fletcher Heisler, CEO and co-founder of Authentik, talks about an open-source IDP and a new endpoint agent. James Wilson, technologist and enterprise tech editor, breaks down AI-agent chaos and supply-chain drama. They cover Notepad++ compromises, Moltbook/Clawdbot risks, agent safety vs encryption, and a string of high-severity infrastructure flaws.

Brian Baskin, threat research lead at Sublime Security, explains how AI is supercharging email impersonation and thread-hijacking. Short takes on deepfakes undermining voice/video verification. Discussion of attackers abusing legitimate services to evade detection. Practical focus on why layered email defenses matter as AI-driven scams scale.

Joe Tidy, BBC World Service's cybersecurity correspondent and author of Control Alt Chaos, dives into the complexities of U.S. cyber operations and their implications. He discusses the evolving teen hacker culture shaped by social media and cryptocurrency. Haroon Meer, founder of Thinkst, shares insights on deception tools and their recent acquisition efforts, alongside the exciting work at the South African Computer Olympiad. Together, they explore the future of cybersecurity, the risky world of Amazon Web Services exploits, and the challenges of communicating these themes to the public.

David Cottingham, co-founder of Airlock Digital and expert in cybersecurity, discusses the risks associated with Microsoft’s ClickOnce application deployment. He explains how attackers exploit ClickOnce to load malicious code and the effectiveness of allow-listing in mitigating these threats. The conversation also dives into the challenges EDR technologies face in detecting such attacks. Additionally, there's a fascinating debate on the potential for AI to enhance allow-list management while maintaining human oversight.

Jon Callas, a former software engineer at Digital Equipment Corporation, discusses the early social norms of the ARPANET and the communal spirit among early hackers. Mark Rasch, who prosecuted the Morris Worm case, highlights the challenges in establishing new computer crime laws. Tony Sager shares insights on NSA's initial ambivalence toward hacking and its eventual embrace of cybersecurity. They explore the 414s’ curious exploration, the media's role in shaping public perception, and the Cuckoo's Egg, which tracks espionage by German hackers.

Josh Kamdjou, CEO of Sublime Security, dives into the evolving landscape of phishing, particularly focusing on calendar invite threats. He uncovers how these invites can bypass traditional email defenses, turning into a medium for malware distribution. Kamdjou also discusses Sublime's innovative solutions to combat these attacks and enhance user safety. The conversation highlights the alarming rise in industrial control systems phishing and the need for agile responses in a rapidly changing threat environment.

In a captivating discussion, Jared Atkinson, CTO of SpecterOps and a key player behind BloodHound, dives into the fascinating world of cross-platform attack path enumeration. He reveals how OpenGraph can identify intricate vulnerabilities, like linking GitHub accounts to Active Directory breaches. Jared shares insights into modeling permissions and discusses the importance of extending defenses beyond traditional platforms. He also highlights innovative community extensions and real-world examples of thwarting cyber threats, underscoring why an expansive view of attack surfaces is essential.

Adam Boileau, a seasoned cybersecurity commentator, joins Simon Onyons, Managing Director at Kroll's Cyber and Data Resilience, to tackle the latest in cybersecurity. They dive into the alarming React2Shell vulnerability—scoring a CVSS 10—that's quickly exploited by Chinese APTs. Simon shares insights on demystifying cyber risk for boards and how to communicate it effectively. The episode also touches on Linux's PCIe encryption support and a controversial GrapheneOS case, illustrating the ongoing battle between security and exploitation.