September 10, 2025

Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal

Listen Later

51 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

Apple ruins exploit developers’ week with fresh memory corruption mitigations

Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack

Salesloft says its GitHub was the initial entry point for its compromise

Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”

Rogue certs for 1.1.1.1 appear to be just (stupid) testing

Jaguar Land Rover ransomware attackers are courting trouble

This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.

Show notes

Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research

Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive

CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News

SAP warns of high-severity vulnerabilities in multiple products - Ars Technica

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica

Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News

Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News

Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive

Qantas penalizes executives for July cyberattack | The Record from Recorded Future News

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News

GOP Cries Censorship Over Spam Filters That Work – Krebs on Security

Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media

Post by @patrick.risky.biz — Bluesky

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

362362 ratings

September 10, 2025

Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal

Listen Later

51 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

Apple ruins exploit developers’ week with fresh memory corruption mitigations

Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack

Salesloft says its GitHub was the initial entry point for its compromise

Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”

Rogue certs for 1.1.1.1 appear to be just (stupid) testing

Jaguar Land Rover ransomware attackers are courting trouble

This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.

Show notes

Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research

Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive

CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News

SAP warns of high-severity vulnerabilities in multiple products - Ars Technica

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica

Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News

Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News

Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive

Qantas penalizes executives for July cyberattack | The Record from Recorded Future News

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News

GOP Cries Censorship Over Spam Filters That Work – Krebs on Security

Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media

Post by @patrick.risky.biz — Bluesky

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

2,001 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

Hacked by Hacked

Hacked

185 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,017 Listeners

Smashing Security by Graham Cluley

Smashing Security

321 Listeners

Click Here by Recorded Future News

Click Here

415 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,978 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

176 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

188 Listeners

Hacking Humans by N2K Networks

Hacking Humans

316 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

133 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners

The AI Fix by Graham Cluley and Mark Stockley

The AI Fix

33 Listeners