Add by RSS Feed
Get the Android app
Get the iOS app
Two Guys and an Opinion
The RANt Group
An irreverent take on the world. May include interesting views on cybersecurity, data privacy and GRC stuff. But mainly two middle-aged men chewing the fat.
Oct 11, 2021
'I Can't Wait for Passwords to Die!'
This week's episode is (nearly) all about those pesky passwords that won't go away and how one industry giant told Richard how he can't wait for them to 'Die'! We explore the concept of the 'password-less' future, how Coinbase got hacked by some rascals bypassing MFA and why you should listen to Michael McIntyre on the subject too. See below! Show Links: Michael McIntyre - You should probably change your password!
Sep 10, 2021
🎵 REvil's back... back again! 🎵
Back by zero demand, as if they never went away, REvil's back and up to their old tricks. Was it as simple as a nice summer break or something more sinister? Also - is it time we rewrite the rules of business continuity and incidence recovery processes? Should be be placing more focus on the ability to deflect, rather the ability to recover, from a cyber incident? Listen to find out!
Sep 3, 2021
In this week's roundup of our industry's SNAFU's, we delve into the 'Worst Vulnerability Ever Found' in a cloud provider, the largest fine ever dealt out by the Irish Data Protection Commission, and LockBit strikes again! Notes: * The WhatsApp story. * The ChaosDB story. * The Lockbit story.
Aug 19, 2021
SEASON 2 baby! Ransomware RANts, lazy CISOs, soggy budgets etc....
*SEASON 2! We're back and we're bold! And bald.... * Vlad and Richard pick from where they left off at the end of Season 1. But now with added edginess! Unlike the rest of the world, the bad guys don't seem to have taken a summer break; the most noteworthy event being the Accenture hack by a LockBit affiliate last week. Also, Vlad relives his time at Black Hat Las Vegas... well, he didn't actually get to Las Vegas, but his interviewer, Dany Appelgate, Co-Founder of rThreat was there!! We also attempt to wring out the soggy middle in an effort to help meet the latest craze of net-zero IT budgets... That'll all make sense when you listen!
Jul 19, 2021
In this final episode of the season, we cover two of the most notable cyber incidents in recent weeks; PrintNightmare and the Kaseya breach. As a result, we lament the problem of the 'soggy middle' taking the 'tickbox' approach to cybersecurity. Also Vlad and Richard go through several 'triggered' moments trying once again to get security leaders and marketeers to drop the cheese, engage the business, and get the cybersecurity agenda on the board table before you become the next headline! We even go as far as telling you how to do it!
Jul 1, 2021
VENDOR SPOTLIGHT: KnowBe4
VENDOR SPOTLIGHT:KnowBe4 In another of our sub-series where we focus on a particular vendor in our portfolio, we welcome Javvad Malik, a Security Awareness Advocate from KnowBe4. It's a given that the majority of successful cybersecurity breaches start with a social engineering attack; the majority of them being a Phishing email. So, how do we help people avoid being caught out? Training, testing, training, testing, training, repeat.... But: not all users are alike and not all user-awareness training schemes are alike and so a carefully designed and deployed program is the only way to really make a difference. Javvad does a great job of trying to use more analogies than Richard in the pursuit of bringing the KnowBe4 capabilities to life, but it's safe to say: this is the podcast for you if you ever needed help to justify a program of awareness training in your organisation!
Jun 25, 2021
A.I. - Actual Ignorance?
This week we talk about the concept of 'SOC Burnout' and the need for companies to recognise the condition and support the analysts. Tenuously related to SOC burnout, we examine (destroy!), the 'Artificial Intelligence' myth that Cybersecurity vendors peddle on a daily basis. It's machine-learning, people! *Open invitation:* Any Cybersecurity vendor that would like to come on the show and explain how their product is 'intelligent' - we would love to have you on! Notes: * The article concerning 'SOC burnout': https://www.helpnetsecurity.com/2021/06/23/soc-burnout-is-real/
Jun 11, 2021
What the Fastly!?
This week's episode is dominated by the snafu at Fastly that brought the Internet to its knees. And following the news this week that the FBI was able to 'recover' a significant portion of the ransom paid to the DarkSide gang after the incident at Colonial Pipeline, we ask the rather fundamental question, 'is anything safe anymore?!' Vlad dons his foil hat and ends up down several rabbit holes whilst contemplating the answer!
Jun 4, 2021
VENDOR SPOTLIGHT: Agari
In this second episode of our sub-series of 'VENDOR SPOTLIGHT's, we introduce Agari - a leading vendor delivering enterprise email security by leveraging unique AI technology to protect your organisation and your inbox. We're joined by Chris Spencer - one of Agari's Email Security Practitioners to discuss the product suite and it's capabilities. We demystify DMARC and the holy grail of 'p=reject'. And we couldn't go through an entire episode without talking about ransomware! Agari Brand Protection (ABP) and Agari Phishing Defence (APD) offer an unrivalled antidote to the scourge plaguing organisations globally.
May 27, 2021
In this episode we cover the cybersecurity news from the past two weeks which is again dominated by more ransomware attacks wreaking havoc across the private and public sector alike... However, in a break from the norm Vlad and I go toe-to-toe over a thorny issue that divided the camp at The RANt Group office. We'd love to hear your opinion: hello@TheRANtGroup.com. The most considered argument will get you a mention in the next episode.
May 14, 2021
VENDOR SPOTLIGHT: rThreat
In a break from the norm, this week we're focussing purely on a single vendor that recently joined our portfolio: rThreat. We're delighted to be joined by Dany Applegate, their Co-Founder and Head of Marketing. rThreat specialises in Breach and Attack Emulation (BAE - see episode 12), allowing companies to safely detonate REAL known and unknown malware into your endpoints and networks. The capability couldn't be a more perfect fit for our continuing mission to enable companies to achieve a Permanent State of Readiness. How else are you going to be able to validate your investment in your cybersecurity defences without testing them with REAL-world malware?! www.rThreat.com
May 7, 2021
Ransomware Task Force
In this episode we discuss one heck of an 'own-goal' that leads to a rather embarrassing situation for an unlucky student. And could we actually see the beginning of the end for Ransomware? We cover the newly formed Ransomware Task Force and how effective we think their approach may be. *Episode Notes: * The NCSC early warning service: https://www.earlywarning.service.ncsc.gov.uk/ The NCSC mitigating malware paper: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks
Apr 30, 2021
In this episode we discuss this week's New Kids on the Block-chain; QLocker and their rather well-executed and profitable Ransomware debut. Also covered is the no. 1 attack vector for these increasingly well-organised gangs and what your organisation should be doing to thwart their efforts. As always - get in touch to understand how you can reach a Permanent State of Readiness! firstname.lastname@example.org
Apr 23, 2021
Breaking news this week: A Pulse Secure VPN zero-day vulnerability found with NO FIX! We unpack what that means for the thousands of customers out there and what measures could be put in place to be in a Permanent State of Readiness should you get breached by a vulnerability such at this. And of course we couldn't let the Facebook incident go without an honorable mention along with their take on how to handle the PR of such a huge leak... Get in touch for an inside scoop on how you can protect your organisation from zero-day threats. email@example.com
Apr 16, 2021
Now you may be forgiven for thinking that this episode is a montage of 3 or 4 of our previous podcasts... but alas, no... We do however visit some old friends like SolarWinds, Travelex and HAFNIUM as they all become topical again following the US/UK sanctions imposed on Russia this week. Of course Russia, 'does not conduct offensive operations in the cyber domain', but we unpick what is being reported anyway, and again arrive at two indubitable facts of cyber-readiness.....
Apr 9, 2021
BAE. No, not the aerospace company, your kid's bestie or the Danish for 'poop', but in fact an exciting and emerging capability in the war on cybercrime. Breach and Attack Emulation. This is the real deal. It may sound crazy, but we're saying we're going to deploy REAL malware into your network (safely of course!), to see what happens. What better way to validate your cyber-defence budget than emulating a real attack!? We'd love to hear from you if you think this is a good idea or would like to see it in action! Get in touch. Hello@therantgroup.com
Apr 6, 2021
In a shocking turn of events, Richard gets triggered regarding the seemingly inexorable rise and rise of Ransomware attacks on organisations big and small. Vlad stays uncharacteristically calm! We discuss the facts and figures of cyber breaches during 2020 and also attempt to fix the whole sorry problem with a few off-piste thought experiments...
Mar 26, 2021
In this episode we're joined by James Linton, AKA Sinon_reborn, AKA the Email Prankster. James shot to fame in 2017 following a series of audacious and outrageous email scams that targeted international banking institutions, high-profile politicians and even the Trump administration! We quiz James on his motivations, methods and how his email scamming spree led to him landing a dream job at Agari's Cyber Intelligence Division (ACID). James now uses his social engineering powers and acquired knowledge to help organisations master email security awareness. Links: * Agari's Cyber Intelligence Division (ACID) * James Linton
Mar 19, 2021
Yes, yes... you DO need another acronym! Or more specifically, an initialism! In this episode we introduce the concept of P.S.R. A 'Permanent State of Readiness'. Achieving PSR from an information and / or cybersecurity point of view should be seen as the holy grail of your cyber combat status. It won't be easy getting there and every day you need to ensure your PSR is maintained, but nonetheless, once achieved, you stand the greatest chance of minimising the negative impact of a cybersecurity incident. Also, we leak details of a very cool guest joining us on the next episode, be sure to listen to find out who!
Mar 12, 2021
BREAKING NEWS! This week's brief podcast is recorded live from the front line of a potentially breached customer. Following on from last week's announced 'HAFNIUM' attacks on vulnerable Microsoft Exchange on-premise servers, we perform in-depth analysis on a potentially breached system. Also - Vlad gets triggered... again...
Mar 5, 2021
With the fallout of the Solarwinds breach continuing to grab the headlines, we discuss the concept of 'supply-chain compromise' and why it's such a favoured attack vector. Also covered is the highly sophisticated zero-day exploit chaining attack perpetrated by a Chinese state-sponsored group called HAFNIUM against on-premise MS Exchange servers. Oh, and Richard craves a beer-garden..... *Show notes:* As mentioned in this episode, the critical MS Exchange CVEs are: * *CVE-2021-26855** *is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server. * *CVE-2021-26857* is an insecure deserialization vulnerability in the Unified Messaging service. Insecure deserialization is where untrusted user-controllable data is deserialized by a program. Exploiting this vulnerability gives an attacker the ability to run code as SYSTEM on the Exchange server. This requires administrator permissio…
Feb 26, 2021
An action packed week in the world of cyber incidents leads us to explore what a DDOS attack is and what happens when you're not prepared! Vlad gets uncomfortable with 5000 firemen and in the end it was Agatha all Along! Notes: Agatha All Along!
Feb 18, 2021
This week we feature our first guest speaker, Michael Stout. Michael is an internationally focused information security consultant, lecturer, and mentor. With a background in ethical hacking and senior management, he specialises in helping companies and directors understand, define, and implement their cybersecurity strategy. He has taught and consulted at the NATO Joint Warfare Centre, the Dutch Police Academy, the police force of the Republic of Ireland along with 'other' government organisations, businesses and high-profile private individuals. So who better to shoot the breeze with about cyber warfare!? Michael regales us with life and death stories from the digital frontline, what must -have reads have landed on his desk this week and Vlad reminisces over spy games! Links: * This Is How They Tell Me The World Ends. * The Cuckoo's Egg * The Grand Seal, aka The Thing
Feb 11, 2021
This week's episode provides an antidote to last week's main story; well we get about half way anyway! We're imparting our hard won experience and war stories concerning vulnerability management programs and how to hopefully get it right first time! Again, Richard rambled and we ran out of time, but part two of this story shall complete the picture. We also reveal some VERY exciting news about next week's episode, so be sure to stay listening until the end.. Or just skip to good bit, whatever...!
Feb 5, 2021
In this episode we study in detail, (apologies, Richard rambled!), the shocking story of the demise of Travelex due in no small part to a highly successful ransomware attack. We cover just how avoidable these incidents are by dealing with those pesky vulnerabilities! And the drinking word this week sounds like you're already half-cut when you say it.... *Show Notes:* * Apple - *iOS and iPadOS 14.4.* - iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and the 7th generation iPod touch. Apple also issued security updates for one of the vulnerabilities across a range of its other offerings, including Apple Watch (watchOS 7.3) and Apple TVs (tvOS 14.4). * CVE-2021-1782. Attackers could use the application to gain additional privileges in the device’s operating system, which would allow them to wreak all kinds of havoc. * CVE-2021-1871 and CVE-2021-1870, reside in the WebKit component, Apple’s open-source web browser engine used by the Safari browser, could be e…
Jan 30, 2021
Just when you thought you'd heard enough about GDPR - it's back! And there's now two of them! Who knew? Also in this episode we introduce you to a new drinking game and a shocking development in the war against ransomware.
Jan 22, 2021
It's our first podcast! Woot! This episode's ramblings cover our opinions on the last day of Trump, company culture regarding cybersecurity, the Solarwinds incident, ransomware, risk, phishing and other matters!