Risky Business News

Risky Business News episodes:

• 05.06.2024

  Risky Biz News: Microsoft ties security goals to executive compensation

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 05.05.2024

  Sponsored: How Thinkst stays on top of attack trends

  In this Risky Business News sponsored interview, Tom Uren talks to Marco Slaveiro, Thinkst’s CTO about staying current with modern attack trends and not falling for the trap of optimising to catch red teams.

  
• 05.03.2024

  Risky Biz News: New router malware intercepts traffic to steal credentials

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 05.02.2024

  Srsly Risky Biz: The problem with big tech

  In this podcast Tom Uren and Adam Boileau talk about how there is a growing consensus between regulators and lawmakers on the key problems of modern tech companies. They also dive into how to deal with malicious foreign actors buying their...

  
• 04.30.2024

  Risky Biz News: Change Healthcare blames it all on a Citrix password

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.29.2024

  Between Two Nerds: Busting 0day Myths

  In this edition of Between Two Nerds Tom Uren and The Grugq look at the life cycle of 0days, dissect the conventional wisdom and talk about how 0days are never truly ‘burnt’.

  
• 04.29.2024

  Risky Biz News: Cyber Partisans hack Belarus KGB

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.28.2024

  Sponsored: Open source software's increasing vulnerability

  In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more...

  
• 04.25.2024

  Risky Biz News: Cisco zero-day fun time is here!

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Patrick Gray. You can find the newsletter version of this podcast here.

  
• 04.25.2024

  Srsly Risky Biz: Sandworm an inspiration for hostile actors

  In this podcast Adam Boileau and Tom Uren talk about what there is to learn from Mandiant’s report into the GRU Sandworm crew. Are the Russians a model for other actors, or just a get-‘er-done bunch of pragmatists? They also talk...

  
• 04.24.2024

  Risky Biz News: First US spyware visa ban hammer falls on 13 individuals

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey. You can find the newsletter version of this podcast here.

  
• 04.21.2024

  Sponsored: Pushing back the frontiers of vulnerability research

  In this Risky Business News sponsored interview, Tom Uren talks to Dan Guido, the CEO of security research company Trail of Bits. Dan and Tom discuss DARPA’s upcoming AI cyber challenge, in which Trail of Bits will compete to solve...

  
• 04.21.2024

  Risky Biz News: File transfer system hacking spree continues with a CrushFTP zero-day

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read today by Patrick Gray, as Claire Aird is unwell. You can find the newsletter version of this podcast here.

  
• 04.19.2024

  Risky Biz News: Authorities take down LabHost PhaaS

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.18.2024

  Srsly Risky Biz: Why the compromise of open source projects is inevitable

  In this podcast Patrick Gray and Tom Uren talk about how open source software is inherently vulnerable to malicious ‘good samaritan’ attacks and what to do about it. They also talk about a recent breach at data analytics company Sisense, how...

  
• 04.17.2024

  Risky Biz News: PuTTY crypto bug exposes private keys

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.15.2024

  Between Two Nerds: 0days in 2023

  In this edition of Between Two Nerds Tom Uren and The Grugq look at Google’s review of 0days in 2023. They discuss what this kind of information tells us and how Google’s perspective influences the report.

  
• 04.15.2024

  Risky Biz News: Palo Alto Networks scrambles to push zero-day RCE patch

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.14.2024

  Sponsored: When standards drive innovation

  In this Risky Business News sponsored interview, Tom Uren talks to Daniel Schell and David Cottingham, the CTO and CEO of Airlock Digital. They discuss the security standard that drove innovation and the genesis of Airlock Digital and also how...

  
• 04.12.2024

  Risky Biz News: CISA sounds alarm on Sisense breach

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here

  
• 04.11.2024

  Srsly Risky Biz: States behaving badly

  In this podcast Patrick Gray and Tom Uren talk about how different states are transgressing what we want to be norms of online behaviour. They also look at the framing around new bipartisan privacy legislation and why vendors should have positive...

  
• 04.10.2024

  Risky Biz News: Ukraine suspends SBU cyber chief

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.08.2024

  Between Two Nerds: The human side of the XZ supply chain attack

  In this edition of Between Two Nerds Tom Uren and The Grugq look at the tradecraft used in the compromise of the XZ open source data compression project.

  
• 04.07.2024

  Risky Biz News: Backdoor found in 92k D-Link NAS devices

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.07.2024

  Sponsored: GreyNoise on last year's vulnerability exploitation trends

  In this Risky Business News sponsor interview, Catalin Cimpanu talks with GreyNoise founder Andrew Morris about last year’s vulnerability exploitation trends, how the company’s AI system works, and Catalin makes a fool of himself because he can’t pronounce ‘abnormalities.’

  
• 04.04.2024

  Risky Biz News: Ukraine wants Sandworm hackers tried at The Hague

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.03.2024

  Srsly Risky Biz: The heavy weight of CIRCIA regulation

  In this podcast Patrick Gray and Tom Uren talk about the weighty tome of CISA’s critical infrastructure reporting legislation, CIRCIA, and compare different approaches to defining regulation. They also look at moves to better protect customers from being tracked by the...

  
• 04.02.2024

  Risky Biz News: CSRB drops scathing Microsoft report

  Description: A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 04.01.2024

  Between Two Nerds: The asymmetry of 'information warfare'

  In this edition of Between Two Nerds Tom Uren and The Grugq look at how states have very different views about manipulating the information environment aka ‘information warfare’.

  
• 03.31.2024

  Risky Biz News: Epic supply chain attack on Linux SSH

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.31.2024

  Sponsored: Resourcely on how it manages its secure templates

  In this Risky Business News sponsor interview, Catalin Cimpanu talks with Resourcely co-founder and CEO Travis McPeak about how the DevOps ecosystem has evolved and ushered the need for DevSecOps, and how the company provides and manages its secure-by-default templates.

  
• 03.28.2024

  Risky Biz News: Spyware vendors behind 24 zero-days last year

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.27.2024

  Srsly Risky Biz: China hacking for more than just IP

  In this podcast Patrick Gray and Tom Uren talk about recent US and UK action including indictments and sanctions levied on PRC Ministry of State Security related hackers. In contrast to previous indictments, this one focuses a lot on the...

  
• 03.26.2024

  Risky Biz News: China called out over hacks, again

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.24.2024

  Risky Biz News: EU bans anonymous crypto payments

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.24.2024

  Sponsored: Sublime Security on attack surface reduction for email

  In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh describes how Sublime implemented the concept of attack surface reduction to email security last year, how it works, and what...

  
• 03.21.2024

  Risky Biz News: US sanctions Russian disinfo peddlers in LATAM

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.20.2024

  Srsly Risky Biz: Microsoft deserves the stick

  Normal Seriously Risky Biz correspondent Tom Uren is on leave this week, so there’s some lunatics-running-the-asylum energy in the episode. Patrick Gray wrote this week’s newsletter, and Adam Boileau asks him what exactly we are to do with Microsoft? They’re...

  
• 03.19.2024

  Risky Biz News: New DoS loop attack impacts 300,000 systems

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.18.2024

  Between Two Nerds: Russia's Taurus missile leak

  In this edition of Between Two Nerds Tom Uren and The Grugq look at Russia’s recent leak of an intercepted German military discussion. From an intelligence point of view the content of the discussion is only moderately interesting, but Russia...

  
• 03.17.2024

  Risky Biz News: Edge adds new sandbox escape protection

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.17.2024

  Sponsored: Kroll on the DPRK's foray into enterprise gear

  In this Risky Business News sponsor interview, Catalin Cimpanu talks with George Glass, Senior Vice-President for Kroll’s Cyber Risk business. George covers the company’s latest report, a Kimsuky attack on ConnectWise ScreenConnect devices with a new malware strain named ToddlerShark.

  
• 03.14.2024

  Risky Biz News: NIST stopped curating the CVE database a month ago

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.13.2024

  Srsly Risky Biz: Does 'delete America' mean deleting China too?

  In this podcast Patrick Gray and Tom Uren talk about ‘Document 79’, a PRC government document that calls for the Chinese companies in finance, energy and other sectors, to remove foreign software from their IT systems by 2027. They also talk...

  
• 03.12.2024

  Risky Biz News: Tor launches new WebTunnel anti-censorship protocol

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.11.2024

  Between Two Nerds: How to disrupt ransomware groups

  In this edition of Between Two Nerds Tom Uren and The Grugq look at recent efforts to disrupt ransomware gangs and discuss what could make these efforts more effective.

  
• 03.10.2024

  Risky Biz News: Russian hackers stole Microsoft's source code

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.10.2024

  Sponsored: The Passkey juggernaut

  In this Risky Business News sponsored interview, Tom Uren talks to Derek Hanson, Yubico’s VP of Solutions Architecture and Alliances. Derek covers the different reasons organisations are investing in Passkeys, what organisations need to know to deploy them successfully, and...

  
• 03.07.2024

  Risky Biz News: Crypto-fraud is now bigger than BEC

  A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here.

  
• 03.06.2024

  Srsly Risky Biz: German use of WebEx is fine, actually

  In this podcast Patrick Gray and Tom Uren talk about the recent kerfuffle in Germany after a WebEx discussion between senior air force officials was leaked by Russian propagandists. Its interesting to see Russia using raw intelligence to try and...