ConversingLabs Podcast ReversingLabs

In this episode of the ConversingLabs podcast, host Paul Roberts chats with Daniel Adamitis, a Principal Information Security Engineer at Lumen Technologies’ Black Lotus Labs. They discuss his team’s discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers, which is being used by a Chinese nation-state backed APT group as a covert data transfer network. The group, known as Volt Typhoon, is also well known for targeting U.S. critical infrastructure. 

In this episode, host Paul Roberts chats with Kevin Fu, an Electrical & Computer Engineering Professor at Northeastern University, about the new federal standards for the cybersecurity of medical devices, which includes the submission of software bills of materials (SBOMs) to the FDA. The two will discuss the new mandates for medical device manufacturers, as well as key takeaways for how these organizations can improve their software supply chain security programs. 

In this episode, host Paul Roberts chats with Ali Khan, Field CISO at ReversingLabs, about the recent takedown of the LockBit ransomware group, which is considered to be one of the most prolific cybercrime groups globally.

In this episode, host Paul Roberts chats with Karlo Zanki, a Reverse Engineer at ReversingLabs, about the state of software supply chain security in 2024. The two will review key findings on the software supply chain threat landscape in 2023, as well as what security and development teams can expect from malicious actors in 2024. Zanki will also highlight several of the major software supply chain security incidents discovered by RL threat researchers in the past year.

In this episode, host Paul Roberts chats with Mikaël Barbero, Head of Security at the Eclipse Foundation, about the state of open source software security. Eclipse has been around for more than two decades and has for a long time prioritized the mitigation of threats to open source projects. In their conversation, Mikaël chats with Paul about where Eclipse stands today, what current threats are being posed to open source repositories, as well as how nation-states and international organizations are working to combat these threats.  

In this episode, host Paul Roberts chats with Devin Byrd, Director of Threat Intelligence at Kandji on the sidelines of the 2023 Black Hat USA conference. In their conversation, Byrd discusses how Kandji has grown into a major security provider for macOS users, and how the attack vector for macOS and iOS users has increased in recent years. He explains that only dealing with adware and junkware on these devices was a thing of the past, but now, macOS devices are being targeted with malicious back doors and even software supply chain attacks.