Risky Business - Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)
Episode Date: January 14, 2026Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including: Santa brings hackers MongoDB memory leaks for... Christmas Vercel pays out a million bucks to improve its React2Shell WAF defences 39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPG Cambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for him Krebs picks apart the Kimwolf botnet and residential proxy networks So many healthcare data leaks that we have a roundup section This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code! This episode is also available on Youtube. Show notes US, Australia say ‘MongoBleed’ bug being exploited | The Record from Recorded Future News Merry Christmas Day! Have a MongoDB security incident. | by Kevin Beaumont | Dec, 2025 | DoublePulsar Inside Vercel’s sleep-deprived race to contain React2Shell | CyberScoop gpg.fail Hacktivist deletes white supremacist websites live onstage during hacker conference | TechCrunch Chinese attackers exploiting zero-day to target Cisco email security products | The Record from Recorded Future News Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs ServiceNow patches critical AI platform flaw that could allow user impersonation | CyberScoop Alleged cyber scam kingpin arrested, extradited to China | The Record from Recorded Future News FCC IoT labeling program loses lead company after China probe | Cybersecurity Dive Trump picks Lt. Gen. Joshua Rudd to lead NSA spy agency - The Washington Post NSA cyber directorate gets new acting leadership | The Record from Recorded Future News Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years | The Record from Recorded Future News ECLI:NL:GHAMS:2026:22, Amsterdam Court of Appeal, 23-003218-22 The Kimwolf Botnet is Stalking Your Local Network – Krebs on Security Who Benefited from the Aisuru and Kimwolf Botnets? – Krebs on Security Coupang recovers smashed laptop that alleged data leaker threw into river | The Record from Recorded Future News Ransomware responders plead guilty to using ALPHV in attacks on US organizations | The Record from Recorded Future News Nearly 480,000 impacted by Covenant Health data breach | The Record from Recorded Future News Illinois health department exposed over 700,000 residents' personal data for years | TechCrunch Tech provider for NHS England confirms data breach | TechCrunch Hacker claiming to be behind ManageMyHealth breach: ‘I do it for the money and I’m in negotiations to get it’ - NZ Herald
Transcript
Discussion (0)
Hey everyone and welcome back to Risky Business for another year.
This is in fact the 20th year of the Risky Business podcast.
My name of course is Patrick Gray and we've got a great show for you as always this week.
We'll be chatting with Adam Boilow about all of the week's security news.
And then we'll be hearing from this week's sponsor in this week's show is brought to you by Aerlock Digital.
who make a absolutely terrific allow listing technology
which can operate at massive scale
and the founders, two of the founders of Aerlock Digital
are joining us this week, David Cottingham and Daniel Schell,
the CEO and CTO respectively of Aerlock.
And they're going to talk to you about a wonderful thing
called ClickOnce applications in Windows
which are being combined with some code reflection techniques
to get people owned in a pretty sort of hard to detect
and kind of unexpected way.
That's actually a really interesting interview
and it is coming up after this week's news, which starts now.
And Adam, we go on holiday.
You know, the joke is usually something bad happens.
And, you know, we got a really bad MongoDB bug this time around.
So that was fun.
Yeah, yeah.
I mean, it's not the world's worst thing that's happened while we've been on holiday,
but it's still a pretty good bug.
MongoDB is a, you know, like document, store database thing.
And kind of historically, people put it on the internet with no worth,
because, like, that was originally how it was.
written. So we've had a lot of data breaches that come out of Mongo over the years, but this is
a like a memory leak bug, kind of in the style of heartbleed, Citrix Bleeds, it's called Mongo
Bleed, unsurprisingly. And we've seen a bunch of active exploitation of this. Someone dropped an exploit,
like a proof of concept exploit for this on, I think, Christmas Day, which, you know, a little bit,
little bit rude.
Yeah, well, someone did a write-up with a whole bunch of details on it on Christmas Eve,
and then the pock dropped on Christmas Day, which is, yeah, rude, very rude.
Little bit rude.
Anyway, so net result is you can kind of send a query structure up to the Mongo that includes, like, lengths.
So it involves compression where basically you lie about the size of the compressed data
and you end up leaking un-initialized memory,
and the exploit script kind of rummages through
and dumps out a bit, dumps out, you know,
contents of memory in certain locations.
And if you get lucky, you might get credentials,
you might get tokens, you might get passwords.
And so, yeah, people have been using that.
Like, there's quite a lot of MongoDB exposed on the internet,
and, you know, people are getting compromised.
It's, I guess, somewhat mitigated by the fact that,
like, what data you get out of it
is a somewhat non-deterministic.
So it's not like Insta-pop-a-shell kind of thing,
but people have been using it,
and I'm sure plenty of people are, you know,
are getting themselves compromised one way or the other.
So that's been fun.
Yeah.
Seven cloud access tokens and a partridge in a petri.
I was a little bit disturbed, though.
I've got to say to see this paragraph appears by John Gregg in the record,
but he wrote,
The bug was dubbed Mongo Bleed in reference to several previous fundabilities,
including the Citrix bleed bug.
see 19th year it's been 19 years of risky business this being its 20th year so I can be old
and cummugently and say come on man heartbleed's the one you're going to reference there not
Citrix bleed the original bleed old man yells at cloud now look speaking of bugs that required a bit
of a bit of a response and caused a bit of a splash of course last year we had the react to shell
bugs which were very interesting for a number of reasons you know one of which was the
was the scale of, you know, how many, how many, you know, the number of places where this thing
sort of popped up, interesting places as well. There's an interesting write-up here from Matt Capco
over at CyberSoup. You found this one, which looks at Versel's response to this. And Vercell is the
sort of maintainer and owner of Nextjs, which is a big user of React. And there's some really
interesting stuff in here. Yeah, yeah. There's kind of talks through a little bit of the,
like, having to roll 24 by 7 response whilst they deal with the scale.
of that problem because Next AS was one of the bigger platforms that was directly impacted
and Versal runner hosting platform as well for NextJS applications.
So there's a little bit about their response and it's always interesting seeing the
insides of that kind of process, like what it's like being on the receiving end of these
kinds of disclosures because we as hackers often don't really think about the poor people
who have to actually fix these bugs.
But one of the bits that I thought was interesting about this response was because they also
run a hosting platform and fixing React to Shell basically involved kind of rebuilding your
next JS apps and republishing them. In the interim, they decided to deploy web application
firewall rules in front of their hosting platform to protect their customers. And they rolled out
some Waf rules. And then they actually brought in, they started the bug bounty program on Hacker 1
to test their Waf rules. And so they said, we're going to pay, you know, between 25 and 50 grand
US for bypasses of their Waf rules. And they ended up blowing through a million.
billion bucks worth bounty payouts of people figuring out fun ways to bypass their waft.
And I actually thought that's really cool.
Like that's a legitimately good use of bug bounty programs.
And waft bypasses are kind of a class of thing that normally in bug bounty programs,
you don't really care about except inso much as it gets you to the bugs you're actually going
to find the port.
Well, I mean, this is what I was going to say is like if you want to find some people who are really
good at bypassing wafts, it's going to be bug bounty participants because they have to go around them.
Yes, exactly.
So that's why I thought this was a really neat kind of thing.
And I liked, I mean, normally solving problems with a WAF, you know, is a last ditch.
Like it's a thing you do as an interim and, you know, obviously they're using the WAF,
the way that beardy people like you say WAFs should be used, which is as an interim Band-Aid and not as a permanent countermeasure.
Exactly, because there are so many ways to weasel past.
And Bug Bandi Gids are so good at weaseling past, you know, waft rules and things.
And so yeah, I just thought this was a great combo.
I think this is a lesson for other big platforms to look at and go like, okay,
if we're going to roll out Waf rules, let's go get them battle tested by the kind of people
who know how to use them.
So yeah, I think, you know, big ups for their sell from this.
And I enjoyed this write-up.
So yeah, thanks to Matt over at CyberScoop.
I mean, if your pockets are deep enough to throw a million bucks to get the unwashed
of the bug bounty scene to come and find Waf bypasses, I mean, hey, yeah, why not?
Yeah.
If you've got a million bucks to burn, it's a million bucks to burn,
a good way to burn it. Yeah, exactly. Now, we've got some research here from, what was it, 39C3,
looking at GPG. I didn't go too deep on this one because I figured it was going to like make my
brain fatigued and then I wouldn't do a good job hosting the podcast here. But walk us
through this research because you got all in a titter about it. Yeah, so I was rummaging through
the talks from 39C3, a chaos communications conference in Germany, which,
often has really interesting kind of talks.
And this one was a couple of European,
I guess they feel like university CTF playing kids,
looking at GPG.
And the particular kind of things that you become good at finding
when you're a CTF player are often not particularly relevant
for regular everyday hacking,
but this is a great counter example.
So they were looking at floors in GPG
and like not just like technical flaws,
they did find some like mem corruption and stuff like that,
but like also flaws in the context in which GPG is used.
And in particular, like bypassing signature validation
because GPG has relied on a lot in software distribution
and especially in free software distributions like validate, you know,
packages you've downloaded or ISO files you've downloaded.
And so they have a whole kind of range of bugs,
most of which are at the kind of intersection of the implementation of GPG
being kind of old and rough and also the way that people,
people use it. So one of the bugs that they talked about was like including extra text and
headers that get displayed like from a signature, they get displayed by GPG when you're in the
process of validation, which can be used to kind of confuse users. So kind of like, for example,
they had a trick where they would include extra and see control sequences, which would then
prime your terminal to execute code when you smack enter and then they have a message.
that convinces you to press enter to continue
and you get a total execution from...
I lied a little bit because I did look at that bit
and it reminded me of like antsy bombs from the 90s, right?
I was like, oh my God, antsy bombs are back
and now in GPG and I'm like, wow.
Yeah, I mean, and GPG is from the 90s
so it can't make sense that 90s level bugs would show up here.
Anyway, they've got like 14 different bugs,
some of which have been patched,
some of which were like kind of decided to be won't fixed
by the maintainers.
but the net result of all of this was a pretty comprehensive look at how people actually rely on GPG
in various ways that you can break it.
And I just thought it was great research.
And because despite it being nasty 90s code, we do still, especially in the open source world,
rely on it a lot.
So that was great work.
And I think, you know, the talk is funny and kind of well worth the watch if you're into,
you know, 90s, Unix style bugs.
Yeah, I mean, it feels like, you know, they're keeping it.
They're keeping it at old school in Germany, as evidenced by this next talk.
Yes.
Where someone got up dressed as a Power Ranger, the pink Power Ranger,
and deleted a bunch of white supremacist websites during the talk,
including what looks to be like a Tinder clone but only for white people.
And I just think this is what should happen at hacker conferences.
You know, I feel like in, you know, the places you and I go to, maybe in Australia,
in the United States, everything's got a little bit too tame.
Like, it's good to see this.
Go the Germans.
That's what I reckon, you know.
Exactly. Like, go the Germans. And this was, so this talk had the pink power ranger character.
Like Martha Root was the pseudonym used and a couple of other people. And they talked about infiltrating a bunch of these kind of Nazi white supremacist, white supremacist kind of social sites.
They used some like AI tricks to, you know, kind of astroturf their way around and confused and blah, blah, blah.
Net result of all of this was they broke into the infrastructure. And yeah, at the end of the talk, someone, I'm assuming a,
plant asked the question, have the authorities done anything with the data that you've
released? Because they released a bunch of the data that they'd stolen from these sites to, you know,
for investigators to use and so on. So they said, like, has anyone shut these guys down?
And then they immediately segue into, well, actually, and then they go ahead and, you know,
shut down a bunch of the sites, delete their email accounts, etc., etc., which is, as a hackercon
organizer, exactly the sort of talk that I want to book, because you know it's going to get
a bunch of attention, it's going to get some laughs and be funny, you know, a bit of performative
hacking on stage is always fun.
And the actual hacking in question is
like hidden behind a Python script
that's just sort of, you know, making it look nice.
And I assume that they actually
had all this stuff prime to go in advance.
So I don't know like how real time it was.
But still, I like the show on the Germans.
They bring it, you know?
Yeah, pulling the trigger on stage, pretty good.
They should have workshoped this joke a little bit,
which is they, you know, imagine calling yourselves
the master race, but forgetting to secure your own website,
maybe try mastering to host WordPress
before world domination.
And you could do better with that sort of joke.
You could say master race,
can't even master WordPress.
You know,
keep it simple.
That would be my only advice there.
But yes,
I'm all for the white supremacists being RMRF.
To me,
it feels like a victimless crime.
And I would like to encourage anyone out there listening
who can to go forth and do that with your God-given skills.
Moving on to another one from John Greig
are over at the record
and yeah we're only including this one
because oh my God
so there's some bugs in
Cisco's like secure email gateway thing
right which is bagat from
iron port okay so really what we're talking about
here is bugs in iron port
email security which
you know you think okay there's bugs in iron port
no surprises there that's pretty old tech
but then you see that like Chinese
APT crews are actually using these bugs
and you just think man like
what are we even doing? What are we even doing?
Like it means the people who are serious enough to be targeted by Chinese APTs.
And I think, look, as far as I remember, I think there's a lot of iron port left in government as well,
which makes sense, Cisco big company, you know, with those sort of relationships and whatever.
But like, oh man, doesn't it just like, did it, does it just depress you as well?
It does, yeah.
I mean, you see a bunch of iron port also in like a financial institutions they were pretty big in.
So, yeah, this is like it's just depressing, seeing ancient,
old school crappy bugs in software that honest to God is 20 years past its used by date,
as you say, in organizations that probably do kind of care about security.
But, you know, security is the thing you have to keep doing,
not just buy the iron port 20 years ago and then leave it there.
And this was like, I think command exec in the like web interface for the email quarantine thing.
So like when it quarantines your attachments and you have to click through to go release them,
whatever else.
And that also feels like very old tech, old workflow, old life.
So yeah, this whole thing just, you know, makes me feel A, old and be depressed.
So good job.
It's funny that you mentioned that it's like 20 years past it's used by date,
given that Cisco bought it 19 years ago.
So timing's probably right, you know.
It's a risky business episode one grade bug.
From something very, very old to something very, very new.
What's really funny in this write-up of this bug,
it's in something called
N8N
and there's a part of this write-up
that says
unless you've been living
under a rock for the last year
you've probably heard of N8N
and I have not been living under a rock
in fact Adam for the last year
never heard of it
so if you could give me a bit of a primer
on what this thing is
I understand that it's a big deal in AI
but until you put this advisory
in front of me I'd never heard of it
so what is N8N
so it's kind of an automation platform
and I guess by comparison to our sponsors,
times is the direct kind of comparison.
It's something kind of like that
where you build workflows out of components
and bodge them into your existing enterprise structure.
These kinds of frameworks, of course, are very configurable
because you're plugging in all sorts of components.
They, by design, want to be able to reach out and touch all sorts of things,
expose all sorts of functionality.
So pretty ripe place for bugs.
This particular set of bugs,
it's a CVS-10, but like,
like this kind of workflow platform implies,
it's kind of be dependent on the workflows that are configured.
So this particular floor exploits bugs
and how it handles file attachments.
So very modern platform, very old problem,
can we put file names and file attachments?
So if you have a workflow that's configured in this thing
that accepts a file upload from the user,
then there may be ways to kind of manipulate that
into returning file, returning back file contents,
from other files on the file system.
And in this exploit flow, they leverage that.
They kind of use that to steal credentials
and then from there, turn it back into code exec
and onwards from there.
So hence for the CBS10 kind of severity
once you chain it all together.
There is quite a lot of N8N on the internet
and kind of vulnerable patterns of it,
like accepting file uploads is a pretty kind of common
sort of thing you would do.
Like think, you know, people emailing in CVs for Joe applications.
web form accepts a file upload of CV and then kicks off a flow that, you know, sends it off
around the organization or does whatever else. So like not unrealistic, but, you know, it does require,
like it's not going to be like point click, pop a shell kind of expert's going to require a little
bit of thought. But yeah, these kinds of platforms are, you know, increasing in prominence and
kind of dangerous because they do all this, you know, important functionality. And the write-ups also
kind of funny. So, like, good work to the researchers behind it.
Man, it's a bug-heavy edition of the show this week.
This one just snuck in today.
There's some sort of Service Now bug that looks like a pretty big deal too.
Yeah, so this one I shoved in the list because, like, yes, it's a bug and it's like a CVSS 9.
Something something, something, and Service Now is a big name company.
But what's interesting is this is actually a prompt injection.
So they have bodged some AI into their products.
So we'll create tickets and service now when certain things happen.
And I guess this is, you know, sort of.
previewing things, you know, foreshadowing the rest of the year, right?
We're going to be seeing high CVSS prompt injection bugs because prompt injection is not really a thing that you can solve.
So the bug itself kind of not very interesting.
You know, service now in particular context.
You can prompt inject and do stuff from that.
But it's just how do we talk about prompt injection bugs generally,
because they're kind of different than regular security bugs.
But if the outcome is the same, then I guess it's still relevant to our interests.
Yeah, so it looks like they actually fixed this bug last year,
but they're just talking about it now.
And we've linked through to a Cibrecoop write-up from Greg Otto.
What else have we got?
Now, this one's interesting, right?
James Reddick has the write-up for the record about this, you know,
fraud kingpin who was arrested in Cambodia and has been extradited to China.
This guy's name is Chenji-Wazi, unsure, Z-H-I,
who's the head of the Prince Group conglomerate
and the alleged mastermind between a multi-billion-dollar scam empire.
Now, the interesting thing is here, too.
I believe the Americans were after him as well,
and he's wound up being extradited to China.
China is executing these people.
So I think it's really interesting that we've got a situation
where everyone's trying to get their hands on him.
He's wound up going over to China.
Now, I don't know there's, you know,
funny stuff can happen in China with corruption and whatever,
but I don't know that there's anything to indicate that here.
they keep sentencing these people to the firing squad.
So it's one of those rare instances where I think someone's probably sitting there going,
oh, please don't extradite me to China.
Please extradite me to America.
Please extradite me to America.
Because then they can just lounge about in a federal prison through their sentence
instead of being, you know, ready and fire,
which seems to be China's approach to this, right?
Yeah, I mean, it's interesting because the, you know,
clearly the situation in Cambodia and in Southeast Asia,
generally with scamcom, it's kind of had to come to a head.
And we saw, so the Prince group that this guy is behind were also involved with the like
$15 billion worth of crypto that the US seized.
And then there was a bunch of subsequent arguing between China and the US is about
whose actual Bitcoin that ought to be.
And whether it came from a previous mining pool theft, like it was tied up with the
Lubian mining pool theft, many, many, many moons ago now.
So the US has definitely had an interest in this guy.
There has been some commentary which suggests that maybe the camera.
Cambodians felt like extraditing some, like some, they need to do something to preserve some face
and, you know, get some, make it show like they're doing something.
They need to have a sacrificial lamb.
This guy is a legit kingpin probably should take some of the fall.
But they send him to China in preference of the US because the Chinese investigation was likely
more, as you say, ready aim fire.
Unless, you know, in the US, that investigation might point more fingers at actual Cambodian leadership
and their involvement and all of the kind of like other.
corruptness that comes from, as you say, the, you know, these scam empires being bigger than the
economies of the countries that they operate out of. So like maybe sending him to China is a way to
kind of avoid some of that extra attention that a trial in the US and all of that would lead to.
So, you know, it's always chicanery and wheels within wheels with this kind of stuff.
But we don't have to see what actually happens to this guy now that he's in China.
Yeah. I mean, I don't think he's going to have a good time.
man.
I think so either.
Yeah, and honestly, no sympathy.
I mean, his kidneys are already on organ bay, you know?
It's not good.
It's really not good.
All right.
Moving on.
I remember that's my second organs joke for the Chinese.
I've got to stop making organ.
You're keen on the organs jokes.
Organ sale jokes.
Oh, here we go.
Now to some insanity in the US, as is the way.
And underwriters, underwriting labs, is that the proper name, UL?
Is it underwriters?
Underwriters' labs.
They have left the FCC's like cybersecurity labelling program for IoT devices.
And, you know, they're a pretty critical part of it.
But they've withdrawn after the FCC has started investigating them
because they have labs in China.
And apparently this makes the US government very mad.
and, you know, in particular, Brendan Carr, who runs the FCC,
and I don't know if you've seen this guy, but he seems like a proper certified 10 out of 10 whack job,
Adam.
And, you know, I would see that stuff this guy would post on Twitter before he ran the FCC,
and he is a proper, like, looneychunes dude who is now running the FCC.
And, you know, it looks like this scheme is falling apart, I think, is the TLDR.
Yeah, this was the, it's called the CyberTrustmark program,
and it's kind of a Biden-era attempt.
to, like, can we introduce product labeling and testing for, like testing and labeling for
IoT devices so that when you go to Walmart and you buy a $30 router, that the Z's got a sticker
that says, hey, I don't ever get upgrades and my admin password is admin. And, you know, we've been
talking about product labeling, you know, as a way to deal with very low-cost devices for a while.
Now, and, you know, this program has been kind of a long time coming. And, I mean, to my mind,
probably kind of make sense.
It's a good idea.
But then the idea that Underwaters Labs,
which is like, what, 150-year-old
American company,
was getting tarred as a, like,
you know,
tool of the Chinese Communist Party
or something by various margar types
on social media.
Like, it's all a bit bonkers.
And, yeah, like, clearly they have just gone,
you know what, nope, we're done with this trash.
We don't want to be involved.
And they've, you know,
they said a letter to the FCC,
which said, we don't want to run.
Because they were, they had won the tender
to operate the entire program,
like the testing regime, the labelling, the administration at all.
And they wrote a letter that said,
actually, you know what,
best of luck with you.
Like, I hope the program goes well,
but, you know, don't feel like we need to be involved anymore,
thanks very much, which, yeah, is a little bit bonkers.
And, you know, I don't know whether it is going to be a super effective control,
but it seems better than having pre-installed botnets on everything.
Yeah, but you and I were chatting about this.
And, like, at least if you're operating a major retail chain
in the United States, you can say, well, we're not going to sell anything that's under four stars.
You know what I mean?
So it is kind of, I think it's worth having.
Is it game changing?
No, probably not.
Is this the end of the world?
No, probably not.
But it is a shame to see years of this work just sort of thrown into the toilet.
You know what I mean?
That's the thing about it, I just sort of think, for no reason.
Yeah.
I mean, like at the very least, I think things like, we've got the story coming out where Krebbs is looking at with like botnets on Android T-Dv
devices and you know basically every crappy Android TV device you buy you you know buy on
Walmart or Amazon or whatever to get you know like free sports streaming or whatever are pre-back
doored with botnet components on them so like that's the kind of thing that this sort of labeling
program would at least deal to because like very very cheap Android TV sticks is the sort of thing
that ought to come with a really crappy trust mark sticker on them so you know there was some
utility for this and it is a pity to see as you say years of work thrown under the bus
just the kind of stupid reasons that everything else seems to be happening in the US lately as well.
Yeah, well, at least they've picked a nominee to run Cyber Command and the NSA,
who's a proper Delta Force dude.
Apparently, his name is Joshua Rudd.
Doesn't appear to have any cybersecurity experience, which seems, I think, you know, less than ideal.
I mean, it seems like he's a very accomplished military person,
and, you know, hey, maybe he's going to do a great job,
but you would think it would be preferable.
to have someone who at least has some history in the space.
Yeah, I mean, yeah, like I think it's possible to do a good job without that experience,
but it would really quite help, I feel, like if you, you know, knew a bit about computers and hacking
and kind of the, you know, the world in which cyber and the security aspects of it operate.
But, you know, at this point, having anyone lead Cybercom and the NSA is probably a good choice.
So, you know, just get someone in there that's competent, regardless of whether they're the perfect person,
the job because it's just been a mess so far let's see let's see if they get to a senate confirmation
hearing and then just start saying that's true yes we jump the gun there yes you know i'm not going to
say anyone's better than no one when you've got people like r fk junior bringing you know doing
their best to bring back polio in the united states right so that's that's a solid argument i will
i will give you that one sir that is a yes yes we don't want cyber polio back but it does it does look
like there's new leadership headed to the cyber security directorate uh this is
the part of NSA that is you know really out there trying to help secure
the defense department and the and the defense industrial base and they do a lot of
very important work Rob Joyce and Morgan was it Morgan Story was over there
there's a few over there very talented people and they've been leader leaderless
for a bit so we've got David in Bordino who is a NSA senior executive
who's currently the deputy chief there and we've also got Holly Baroudi
who is a senior official at NSA as well,
who's just finished up working in the UK on behalf of NSA
and she'll be taking up the deputy position there.
So that's good.
What else have we got here?
We got one from Dorina Antenukh over at the record.
I think we spoke about this guy before,
but he's been through the courts.
He's been through an appeal, this 44-year-old guy.
He's been sentenced to seven years in prison
for hacking a major port company in Belgium
to smuggle cocaine into the Netherlands.
So it looks like what he did.
did is he bribed someone to, you know, put a USB stick in, actually execute something on there,
and then off he went into the computer systems there, which gave him a lot of control over port
facilities. Somewhat concerning, actually, the level of control that this guy did have,
and he also was, you know, conspiring to do importations of his own. So, yeah, he's in a bunch of
trouble. Seven years seems like he's getting off pretty light. But I think the interesting thing
is here that, you know, this activity happened in 2020 and 2021. So we're already in this
situation where we've got traditional criminal networks using cyber capabilities for the importation
of drugs. I think that's interesting. I also think it's interesting because the average
computer network at the average port is not particularly secure, which I think maybe some people
listening might be surprised by, but they're typically pretty bad. What were your thoughts here?
Yeah, I mean this story, I guess the guy, we saw some reporting and said that he originally entered, I think, to the port of Antwerp, but I think it's the same port company was involved in Rotterdam and some other European ports.
So that initial access via, you know, getting someone to plug a USB stick and looks like it got escalated to really quite privileged access.
I'm going to go ahead and assume domain admin.
And then from there onwards to, you know, being able to control cameras and shipping manifests and, you know, have enough information to really help with managing.
I think it was large-scale cocaine importation.
I think the scheme unraveled as part of the Dutch law enforcement going after the Sky ECC,
the encrypted messenger slash kind of crime firm operation.
So I think that was how they originally figured out what was going on here.
But yeah, the security of port and shipping infrastructure,
I mean, my experience in dealing with those kind of environments is that, you know,
the corporate side of it is no different than anywhere else.
and the like industrial, you know, all of the cranes and, you know, other, you know, moving parts,
the O.T infrastructure, you know, is like OT infrastructure everywhere else.
Like it's fine, so long as you don't get near it.
Like when it's air, it happens in separate and on separate environments, then great.
But the moment you start putting it over radio, wireless networks or letting people get near it,
then really it's not very flash.
And, of course, there's quite a lot of mobile infrastructure in ports,
so they tend to be very reliant on radio stuff.
So, yeah, kind of a mess.
and the hard bit is how do you leverage that to make money or use it for your own good?
And obviously importing drugs is one very good way to do that.
Yeah, yeah, that's right.
And when you say it's like any other corporate environment,
you don't mean like a good one, like a bank.
Just to be clear.
I mean the bad sort, which is to say, the bad sort.
The bad place.
Now, look, we mentioned Crabs has written a bunch of articles about these residential proxy networks,
which appear like it looks like one of the ways that these
residential proxy networks are assembled.
And these, of course, are the ones that allow you to buy access to other people's IPs
and tunnel your traffic through somebody's home connection.
It looks like one of the ways that happens is with these like Android TV boxes, right,
that come sort of, they pre-ship with the malware on them.
But he's also turned up something.
So he's got a bunch of a, he's got a whole ride up on that whole ecosystem, which is interesting enough.
But one thing that I found really interesting is in one of the other stories that he's written about this.
he's looked at how one of these operators essentially staged like kind of like a hostile takeover of another one that was operating out of China because the Chinese one, it didn't look like they'd done a good enough job of filtering the requests that customers of the residential IP network, the IP proxy network, what their customers could do in terms of like getting onto local IPs on the networks where.
these devices existed, right? So there's some person who's got a set-top box or a digital
picture frame that is being used by this Chinese, you know, residential proxy network.
And then one of the customers just starts hitting up 10. Whatever. And they did it with
a DNS trick, which I'll let you explain. But very quickly, you know, very quickly you had a
situation where one of the other operators was owning internal devices on all of these other networks.
And it's, you know, it's just a cool story. Yeah, yeah, it is a great write-up.
So he was looking at the Kim Wolf botnet, which was behind a bunch of DDoS attacks that happened towards the end of last year.
And the relationship between that and one of the residential proxy networks and some researchers found that there was a heap of overlap in terms of where this particular botnet was coming from and IPs that were available in the residential proxy network pool.
And it turned out that, yeah, there was a trick where they were using basically DNS rebinding, where you set up a DNS name that,
answer, you know, that the answer to the DNS query is a local IP address, like I want
and 2168 or a 10, you know, 10 slash 8 address. And then you use that to bypass
restrictions on what can leave the proxy component. Because normally the proxy component is going
to say, if I see a request where the destination, you know, address is 1 and 2168 or something,
then filter it. So what they do is make a DNS name. So you say, you know, please connect to, you know,
naughty hacker.com, but that DNS name resolves to, 19168, you know, 1 to 1 to 1
or something, and you do that at scale and you can connect to people's local networks. So DNS
rebinding is a pretty well-known trick for bypassing these types of controls, but seeing it
being used at scale, you know, like millions of deployments of this Kim Wolfbotnet were done,
you know, using these kinds of tricks to compromise local network devices. So pretty cool trick.
and I think one of the researchers that was kind of looked at how this was happening
went and tried to report it to the various residential proxy networks as well
because like responsible disclosures are a thing you want to do,
but then, you know, residential proxy networks are also not entirely legitimate businesses as well.
So like responsible disclosure starts to fall apart a little bit there.
But, you know, the result of all of this was Krebs has this write-up
and like it is quite funny seeing the push and pull because in some cases the
Kim Wolf botnet or other botnets that were using these tricks
were then also selling their bots back into residential proxy networks
so there's sort of this whole sort of a robberous of fail
where you end up with sort of wars between various proxy operators
and botnet operators all feeding into and providing services to each other
and it's just a horrible big mess and you feel bad for people who just want to display
pictures of their grandkids on a photo frame and now they're part of
you know the modern version of irc
seen wars over
people's residential proxy access networks
they're oblivious who cares you know what I mean
like it's almost like a victim of crime
like it's it's fine
I mean not really you know but you know what I'm saying
like it's yeah yeah it's
all the bad things that happen on the internet
it's on the lower end of you know
of being you know being bad for the actual victims
compared to having your life savings saving stolen by a pig woodchrow
yeah 100% 100% all right so
We've got one here from Alexander Martin over at the record.
Where, I guess the interesting thing here is that there was an investigation into this huge data breach in South Korea at that organization called Kupang, where 33.7 million customer accounts got stolen and whatever.
So it looks like this incident wasn't quite as big as all of that.
So that data was taken, but it looks like the actual breach was pretty contained.
And they tracked down the guy who walked it out.
And as part of the investigation, they wound up locating one of his computers, which he threw into a river.
and Mandian and some others,
Mandiant Palo Alto Networks and Ernst & Young,
were able to recover data off the laptop,
even though it was wet,
which I guess is the interesting part of this story, Adam,
they recovered data from a wet MacBook air.
Yeah, I mean, if anything, it says nice things about Apple's engineering, I suppose.
There's actually a picture in the record story of the laptop,
which was shoved in a company branded bag,
so that's a nice touch,
with a bunch of bricks after the guy had smashed it
sort of, you know, smashed the screen
like in the movies.
You know when he wanted to destroy the computer
you smash the screen because that's where the data is.
Anyway, it smashed it up a little bit,
put it in a bag with some bricks and threw it in the river.
And yeah, I guess good work to whoever was,
you know, doing the forensics job,
recovering the data from the SSD on that thing.
I'm glad it didn't turn into a pile of lithium smoke.
But yeah, you know, mostly that's just,
that's the story for us is the, you know,
hey, funny, wet laptop.
Yeah, we had a, there was a talk at B-side
years ago. I think I might have interviewed the guy. I can't even remember it was that long ago.
But they, I didn't see the talk, but I heard about it, which was the guy from CASA, which is the
civil aviation safety authority. It's like, what do they call it in the US? The NTSB. It's like our
NTSB. Yeah. But he did a really interesting talk about like, you know, having to recover data
from badly damaged bits of airplane, you know, and did part of the talk about like removing
these chips and like having to piece it all back together. It was very interesting.
and apparently. Like everyone loved that talk. They just said it was really cool. So,
so there you go. There is a, there is a whole discipline of, you know, recovering data off stuff
from, that's been, you know, spend a bit of time in the bottom of a creek. We've got a guilty plea
from the cyber security guys in the United States who started doing Russian ransomware stuff
with Alfie Black Hat. I mean, we talked about these guys, Ryan Goldberg and Kevin Martin. They've
each pleaded guilty to one count of conspiracy to obstruct commerce by extortion. And a
which sounds like, oh what, they knocked it down to one charge,
but they're facing up to 20 years in prison,
and the sentencing is scheduled for March 12.
So, yeah, Goldberg is 40 years old and from Georgia,
worked for an incident response firm, Signeur,
and the other guy is 36 years old from Texas
and was a ransomware negotiator for digital mint.
So, losers, man.
Yeah, I mean, really, like, surely you get paid enough
during those jobs that you don't need to then go also run criminal conspiracies on the side.
Like it just seems like a bad move.
What are you doing?
What are you doing?
What are you doing?
I guess you're going to jail is what you're doing.
Yeah.
And another thing that happened while we're on break is a whole bunch of health care.
Breaches, Adam.
There was one, what is it, Covenant Health.
Covenant health.
That's a Catholic healthcare organization, I think, in the United States.
They lost 480,000 records.
We had one in Illinois, 700,000 residents, personal data.
a number of years of data.
There we also had, what is it, some processor,
like a data processor for the NHS in England.
DXS International, they had an incident as well.
They experienced a security incident
affecting its office servers
discovered on December 14,
immediately contained the breach,
working with NHS, blah, blah, blah, blah, blah.
But then there's this other one,
which is relevant directly to you, Adam,
which hit a bunch of,
of people in New Zealand, pretty limited data set you managed to actually be in there,
so congratulations. And what I find most remarkable about this one is the guys out there bragging
about it and his ransom demand is $60,000 US dollars, which I'm sorry to say something a little
bit like about your country here, but it's a sign of the scale of New Zealand that the money
they're demanding is $60,000, you know.
Yeah, this was a lot.
a company called Manage My Health that makes software used by like medical practices for managing
patient records and other things. And yeah, they got themselves data breached. I think most of the
data came from like when you were importing documents into the system or they were sharing
documents with patients. It was like in the document management system. It feels like, you know,
direct object reference is probably what it was. I don't know any technical specifics of it.
But yeah, the attacker who did it, as you say, is a husking for $60,000.
which isn't very much.
And has also been doing a lot of work talking to local media
and the combination of it happening over the Christmas break
when most of the senior leadership
but media organizations are away.
And, you know, cyber's just not being particularly,
you know, well reported in this country.
There's been a lot of really,
like I would say kind of shonky journalism,
like straight up talking to the attackers,
quoting them directly, treating them like their legitimate businessman,
you know, treating this guy like he's the CEO of ransomware,
organization who's just trying to do business with management health, shake them down for
$60,000.
I don't know if they've paid, but it has kind of gone quiet.
And as you say, $60,000 is really not very much.
And I would not be surprised if the ransom got paid.
Yeah, but it feels a bit.
Who knows?
It feels a bit school kid.
It really does.
It feels super amateur.
And to be honest, having used managed my health myself, I didn't pen test it, but boy, oh boy,
it looks old and clunky.
Like it's not the sort of, you know, it really does give you old dot net like, you know, enterprise app vibe.
It's not familiar with confidence at all.
But hey, what are you going to do, right?
You want to book an appointment at your doctor.
You've got to use their system.
So tough, tough for me and tough for everyone else, New Zealand that had its stuff comprises.
Like in New Zealand, this is probably the biggest of the medical practice management software packages.
Like it's something like 1.8 million New Zealanders, which to your point of it being a small company,
It's still quite a big proportion of our country.
So yeah, it sucks to be New Zealand.
And yeah, the quality of the reporting has not been fantastic.
So boo to them.
Yes.
All right, mate.
Well, that is actually it for this week's news.
I've missed you, man.
It's good to be back.
It's good to be back to be chatting about this stuff every week.
And, yeah, I'll look forward to doing it again next week.
But we're getting here from this week's sponsor.
You actually had a listen to this interview as well because this is our lock digital.
Talking about a new way to get you owned, which is three.
these like dot application click once things that Microsoft has created in its wisdom,
which first of all seem like kind of like a bad idea.
But then attackers are combining like a code reflection technique with these dot application
things to own people pretty effectively.
And I just, I mean, I asked you to have a listen to this interview because I'm like,
this sounds actually very cool to me.
Is it also very cool to you?
And you're like, yes, this seems actually quite cool.
Yeah.
It's a funny technique.
Like the click once thing is like Microsoft's sort of early dot net application packaging tech.
And I guess to my mind, it's kind of comparable to like Java, what Java Webstart was,
a way to package up applications.
And yeah, the fact that someone has gone, like this is an old trick.
This is not the modern way that you would package dot net applications.
So like the fact that someone's gone back, you know, found some like legit binaries that you can package using this technique.
And then alter their behavior by giving them extra, you know, dotnet runtime.
starting their assembly at runtime.
Like, that's pretty cool work, honestly.
Like, whoever started doing this, like, you know,
my hat's off, good quality hackin.
So, yeah, it's a fun interview.
And, yeah, the airlock guys are always good, weren't they?
Because they see such, you know, weird Windows gubbins
that, you know, nerds always enjoy hearing about.
So, yeah, it's a great interview worth listening to.
Yeah, all right, mate.
Well, with that, we will roll on to this interview now
with the airlock guys, but thanks a lot for your time, Adam.
Appreciate it.
Yeah, thanks.
I'll talk to you next.
week, Pat. Okay, so here's David Cottingham from Ailock Digital to start things off, and then you'll hear from
Daniel Shell as part of the same interview. So we are talking about these Click Once applications.
That's the first half of this interview. And then the second half, we do talk a bit about AI,
because funnily enough, like, AILOC's not doing much, really with AI at the moment in terms of
giving an AI agent control over what is added or removed from an allow list. For an interesting
philosophical reason, you'll hear Dave describe it, but basically he thinks,
the whole point of allow listing is that you do have that human control.
You do have that human context.
And once you strip that away, are you really doing, you know,
are you really fulfilling your promise of actually giving people, you know, direct control?
It's a very interesting conversation.
I think that I definitely see Dave's point.
There's going to be a lot of customers who do not want to hand over control of their allow lists
to an AI agent.
But I think there's also a whole market of other people who would want to do that.
But it's very interesting conversation nonetheless.
So here it is this week's sponsored of you with David Cottingham and Daniel Schell talking all about, yeah, Click Once and then AI and applying AI to allow listing. Enjoy.
Yeah, so Click Once is basically a capability built into Windows that allows applications to deploy it seamlessly with a single click.
It's like a file which is called dot application.
It's basically an XML config that describes the application, all those dependencies and how those dependencies are obtained.
So when a user runs this, and there'll be through a link or something like that,
it loads up the deployment application service,
and then it prompts the user to install or don't install the application.
I haven't come across it much in sort of like legitimate practice,
but so I'm not really sure of the prevalence out there in organizations,
but we're seeing this being used in campaigns,
particularly across our financial clients quite extensively.
If users do click install, it will download all the components of those applications,
place it in a user profile folder,
doesn't require admin to install.
And there's a config file,
which is the interesting part about this.
So let's say, for example,
you install an application
and it contains a Dell binary
that's written in dot net.
It's signed, it's smart screen approved,
it's entirely legitimate.
When the application is run,
this config file will give that
Dell binary some instructions,
and the Dell binary will actually go,
oh, I need all these things in order to run, and it will actually go down and download malicious
code from the internet itself and reflect it into memory, which is really, really difficult to see.
So it just grabs a whole bunch of DLs and like starts, Bing, Bing, Bing, Bing, Bing, Bing, Bing,
bong, bong, as Donald Trump would say.
Pretty much. And the thing is they don't have to have the extension of a DL file either,
so it could be a JS and it could actually be sort of assembly code, which is reflected.
And it's not a normal library load, so you can't, it's really, it's really,
difficult to see unless you're looking for.net assembly loads. So you basically have a situation
with these applications where you have a legitimate signed application. That could be whatever the attacker
chooses. They just pick a dot net binary of some vendor. It's all signed. It's not going to be
detected as malicious. And there's this config file giving it instructions that's not going to be
detected as malicious because it's a legitimate XML just saying with instructions telling the dotnet binary
what to do. So this isn't new. There's been a lot of
lot written about Clicker Once, but what's novel is that attackers have chained this with a legitimate
binary that's actually doing the work, which really sort of changes the way that EDR and other
behavioral tools look at it because they're like, well, it's just a legitimate app doing its thing.
Yeah.
Yeah, and there's a good reputation with every component, essentially.
So it's just changing.
So out of the box, default config, were you stopping this?
Yes.
Yeah.
Yeah, so because, like, years ago, we invested heavily in just the dotnet reflection part,
by default, it turned out we just proactively blocked this.
A lot of people would think that this sort of dynamic dot net reflection is like a
fileless malware.
But these files, but they are actually written, like in this case, to the user's internet temp cache folder,
and it's run from there.
So we would then intercept that.
You know, with airlock, you'd see the Dell application where we chose like this.
We'd try to open a handle to the dotnet assembly, which is malicious,
and it would be prevented from running.
So, you know, the questions that, like, the reason we found out is we're starting to get support tickets for many customers saying,
how do I control dot application files?
It's not the application file, though.
That's the problem.
It's, you know, the downstream components.
Right.
So they were aware that this was of risk, and they were asking you, how can we use your tool to stop it?
And you're like, well, good news, everyone, basically.
Yeah, well, it's sort of started in this weird thing where we were saying, well, why do you want to block application files?
They're not actual execute or code.
So it becomes this conversation like, don't you want these trust?
signed files and they're like, well, there's some malicious components and a couple of our customers
were like, I'll send you some artifacts and then we looked at it and went, oh, wait, this is much
worse than anyone that, you know, the customer didn't understand it properly. And it's the first
time we've seen it and that just turned into a big sort of research piece as well or being like,
well, what's actually going on here? And then, you know, because it's really a combination. You've got the
click one stuff that's been around forever. Like in Visual Studio, you can just go compile this to a
published website to deploy this app. It's just a deployment method. And the dot net assembly
reflection config file stuff has been known for like five years and sort dropped off a bit. But what they've
really done here is they've combined both of them by making the dot config file also a dependency.
And it really brings any dot net assembly like trusted file can become a loader stage a launcher
for malware. So it's um, you know, it's together it's that's where the, what the novel stuff is.
And are they having, well, I've got two questions, which are what type of attackers we talking about here?
Are they sort of, you know, ransomware, APTs, like, what, do we even know?
Are they like the modern equivalent of like Finn 7, financial fraud actors?
And my other question there would be, are they having any luck against EDR?
So yeah, who's doing this?
And are they actually able to sidestep EDRs, the majors, anyway?
Sure.
So who's doing this?
I'm not sure.
Customers would definitely be sensitive about sharing that information.
And we're not a threat intelligence house, I guess.
We don't have to be, which is one of the wonderful things about allow listing.
But anyway.
Yeah, I think I did a presentation as recently at the end.
It's like, well, who wasn't?
What wasn't?
Like, my answer was, I don't care.
We default prevented this type of tradecraft.
I would say...
Customer can go down that path, right?
I would say where we see this pop up continually, though, is financial customers.
Yeah.
It's very heavy on that.
You know, that's quite a big data point.
So this feels like the Finn 7 style actor kind of, you know, trying to get into a bank.
Yeah, very targeted spearfishing templated emails that, you know, are branded as the bank, all that stuff, right?
And is this getting around?
I mean, you would think, first of all, those spearfishing emails, you would hope your mail gateways would do a decent job of stopping them.
But of course, stuff can slip through and people can drop fishing links into what, into, you know, LinkedIn messages or teams or whatever, right?
So, so, okay.
But how is EDR dealing with this?
Or why is EDR not dealing with this well?
which seems to be what you were implying earlier.
So, yeah, the challenge of, I think, in this is,
because a lot of people think that there's DLs,
like we say DLs interchangeably,
but the traditional old, like, portable executable DL format is very different.
And there's a lot of visibility on that.
Any vendor, any AV vendor, us are going to hook into load library,
this Windows function to load DLs.
However, since these are actually not really those sorts of DLLs,
their dotnet assemblies with a dot DL extension,
which could be a dot JLL,
extension or whatever in this case,
they are just, it's just more like the dot net
application itself just has that functionality built
in to suck that up. So you're not
hooking it, the application itself has that capability.
So there's very little visibility
and yeah, vendors will be like
to do, like they'll try to trace loads in different ways,
but because this is all happening within the application
itself, there's nothing to hook.
Yeah, and also because again,
the attackers are using legitimate
signed binaries from different vendors.
So it has a signature, their binary
itself has a good reputation and that naturally goes towards contributing
a score score for behaviour.
Yeah, so what's the actual behaviour that you're stopping there, Dave?
Yeah, so it's the actual loading.
So you take a binary and then when that binary is downloaded some new bit of code,
which is the actual malicious bit that it wants to run in the process,
we're actually stopping the load of that.
So we're seeing that legitimate process load basically untrusted code into its
And we're blocking that because it's not explicitly trusted because we take a deny-by-default approach.
And we happen to hook all of those dot and monitor those dot-net assembly reflection mechanisms that are quite non-standard.
Yeah, nice, nice, very nice.
All right, so I want to talk about one more thing while you were here.
But congratulations on that win, too.
We'd love to hear a good winning story.
But the other thing I wanted to talk to you about is AI, right?
because everybody's AI, I've seen,
you guys actually have been around long enough
and validated allow listing enough these days
that you actually have a couple of competitors now.
And you go to their websites and they're like,
AI, allow listing, pooh, pew, pew, phew,
you know, it's all finger guns and AI.
You guys, not so much.
I mean, I would have thought
there's some huge potential
to use AI to do things
like automatically manage the allow lists
and evaluate binaries on first execution,
evaluate files when the first time
they pop up into an environment,
But you seem a little bit circumspect about a lot of this, this, you know, fancy AI stuff.
So I, what's your thinking on AI and where I can plug into your stuff?
Because I would have thought it was a slam duck.
Yeah.
So look, and there's certainly opportunity and applicability to type of deny by default product for AI.
You know, I think you've really got to look at where does the security for allow listing application control come from.
and that is just this foundationally black and white sort of approach to,
you trust this, you don't trust that, right?
And it's always human driven,
and the human is the person that has the context to decide what they allow
inside their organization, right?
Now, the thing with AI is, okay, do you trust a standard operator
to make those decisions better than AI?
And I think a standard operator will generally have a sense of what is expected,
or not expected from their point of view in their org.
So they know what applications they use
and they can make a judgment call from that point of view.
But a human operator will not be as good
as necessarily saying is this particular piece of code
potentially malicious, right?
They'll just, they overindex on context,
whereas AI will overindex on sort of the sensitivity of code.
And what we're sort of thinking in terms of our approach
and where it can add the most value
is providing context to the operator
to make better decisions ultimately.
It's looking at the data set that's coming in, what files are being executed, and really
answering what, and distilling down data sets into some clarity of here's what's here,
here's what applications are associated with, and here's the types of decisions that you should make.
So providing a bit of assistance to actually go forward and define what you trust ultimately,
but without fully handing over the capability to trust files itself, because then all we're doing,
we feel is just sort of like a reverse EDR in a way.
in terms of utilizing those trust decisions, which get messy.
Well, I mean, they do, but I sort of feel like the products that are really well suited to AI
tend to be the ones that are designed day-to-day to be process-driven, right?
So you look at companies like sublime security, right?
You do email security, email gateway security, and, well, it's more of a cloud-based product now.
But, you know, the whole point is there's detection as code, and they've got a really nice process
for people to be able to manage that.
So it turns out when you've got to,
when you've developed your whole product
to allow a human operator to work within a process, right?
Which is somewhat repetitive and a little bit annoying,
but it's a very well-defined process.
Turns out AI is really good at taking over the human workload bit of that.
And, you know, the whole key of Aerlock's success over the years
is you have taken allow listing and made it a process at scale.
I mean, you have customers with 150,000 endpoints, right?
last I checked, could be more now, right?
Like, yeah, but the point is you've boiled all of that down to a process.
And I just would have thought at some point, the AI stuff is going to wind up just being more accurate than the human operator.
And at that point, who cares if you're a reverse EDR?
Like, it's a win.
What, no, you're, and you're totally right.
I think the, you know, what problem are you trying to solve, right?
And really, you've got to push the operator to make decisions at speed.
as fast as possible without fully handing over that control because I think that, you know,
we're fairly principled in making sure that the customer is in complete control of what they
trust because that provides ultimately the best security outcome.
The biggest thing is you can't understand in many cases why an LLM made a particular decision,
right?
Like if you had, oh, suddenly you've got these, you know, 300 computers in your organization
suddenly have this binary on them.
Okay, well, prevalence would dictate that then it's probably something legitimate, right?
And you sort of add those things together and then you end up sort of in a scoring model again
where you just need to get over that threshold in order to get the trust.
And also, I think one thing that where a law listening gets really unwieldy is if you don't
understand what is actually your definition of trust anymore.
If you've got this thing that's making decisions for you on your behalf,
then it can kind of get, you just go, oh, well, the system added it.
And then from us as a vendor point of view, it starts to come up against really interesting
questions, which is like, well, hang on, your software made that choice and trusted it.
So, you know, who's in control here?
You know, so it's, look, there is totally applicability here, and we are working through,
you know, sort of testing the efficacy and accuracy of.
these types of things in our trust workflows to make the operator as fast as possible.
But I still just feel like you come back to the principle of what makes a law listing
effective.
And that is just the human context of should we be using this application or not?
Not, you know, is this application necessarily malicious?
It's a slightly different question.
Yeah, no, I really impact.
Yeah.
I understand.
100% what you're saying. It's like, you know, does this belong here?
There's a deception piece as well, right? Like the malware offers are trying to look like
other files or stuff like that. So can AI work out the slight difference? Yeah.
But then you get an interesting question, which is can operate and tell the difference.
And that that's where as much, that's where context is the richest thing that you can provide
based on all of these different sources to come to a good conclusion ultimately.
All right, Dave Cottingham, Daniel Schell. That is all we have time for. Thanks to
both of you for helping us kick off risky business for another year. It's 20th year in 2020,
2026. Great to see you both. Yeah. Thanks, Patrick. Cheers, Patrick. That was David Cottingham and
Daniel Schell there from Airlock Digital. I'm a huge fan of Airlock Digital, as regular listeners
would know, and I think basically every enterprise should be using it. If you're operating at any
sort of scale, it's just a really, really good tool. But yeah, that's it for this week's show. I do
hope you enjoyed it. We'll be back in this feed, the main feed, next week with more
risky biz for you. And don't forget, we also published news bulletins and other podcasts
into the risky bulletin feed. My colleagues have a bunch of podcasts they published there.
But yeah, I'll catch you all next week. And until then, I've been Patrick Gray. Thanks for listening.