Risky Business #615 -- Dependency confusion is, uh, pretty bad

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: USA floats new sanctions against Russia TikTok, WeChat get stay of execution Dependency confusion is ugh US indicts Lazarus crypto-thieves France ties Sandworm crew to Centreon intrusion MORE This week’s show is brought to you by Thinkst Canary. Thinkst’s founder Haroon Meer is this week’s sponsor guest and he joins us to have a very Haroon-style conversation. We talk about how security controls and detections often fall over when things happen that take place outside of our assumptions: trojaned software updates, attackers hiding in unconventional places like monitors, things like that. That’s a great conversation. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Om Podcasten

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.