Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.7

341341 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 546 episodes available.

Risky Business episodes:

November 20, 2024Risky Business #771 -- Palo Alto's firewall 0days are very, very stupid
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Microsoft introduces some sensible sounding post-Crowdstrike changes

Palo Alto patches hella-stupid bugs in its firewall management webapp

CISA head Jen Easterly to depart as Trump arrives

AI grandma tarpits phone scammers in family-tech-support hell

Academic research supports your gut-reaction; phishing training doesn’t work

And much, much more.
This week’s episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise’ AI system truffle-pigged out of their data set.
This episode is also available on Youtube.

Show notes
Windows security and resiliency: Protecting your business | Windows Experience Blog

Microsoft revamps how it will disclose vulnerabilities | Cybersecurity Dive

NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474

Palo Alto Networks customers grapple with another actively exploited zero-day | Cybersecurity Dive

Unpatched zero-days in Fortinet and Palo Alto Networks software

Palo Alto Networks’ customer migration tool hit by trio of CVE exploits | Cybersecurity Dive

Readout of President Joe Biden’s Meeting with President Xi Jinping of the People’s Republic of China | The White House

Easterly to step down from CISA director role on Inauguration Day | Cybersecurity Dive

Top White House cyber official urges Trump to focus on ransomware, China

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz

1,400 Pegasus spyware infections detailed in WhatsApp’s lawsuit filings

NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents | TechCrunch

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Ohio man behind Helix cryptocurrency mixer gets 3-year sentence

O2 unveils Daisy, the AI granny wasting scammers’ time - Virgin Media O2

Understanding the Efficacy of Phishing Training in Practice

Bunnings facial recognition cameras breach Privacy Act, retailer to challenge ruling | news.com.au — Australia’s leading news site

Nudity, punches in newly released Bunnings CCTV as company found to breach Privacy Act | news.com.au — Australia’s leading news site

Bitfinex Hack Launderer Heather 'Razzlekhan' Morgan Sentenced to 18 Months in Prison
...more
1h 2min
November 13, 2024Risky Business #770 -- A Russian IR guy discovers extremely cool spookware
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Apple frustrates law enforcement with iOS auto-reboot

CISA says most KEV vulnerabilities in 2023 were first used as zero days

Russians roll incident response on some sweet Linux spookware

Regular users can create mailboxes in M365?

Tor tracks down the source of its joe-job abuse complaints

And much, much more.
This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.
This episode is sponsored by software supply chain security firm Socket.dev. Founder Feross Aboukhadijeh thinks that we need a CVE-like catalogue for supply-chain attacks, and he makes a solid argument.
The show is also available on Youtube.

Show notes
Jason Koebler: "New: We’ve confirmed Apple quietly introduced a feature in the new iOS that is preventing cops from hacking iPhones that they have confiscated as evidence. Apple really did say ACAB www.404media.co/apple-quietl..." — Bluesky

Apple Quietly Introduced iPhone Reboot Code Which is Locking Out Cops

Exclusive | U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack - WSJ

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

The Elusive GoblinRAT: How a Linux Backdoor Infiltrated Government Infrastructures

Microsoft Bookings – Facilitating Impersonation | Cyberis Limited

TrustedSec | EKUwu: Not just another AD CS ESC

Russia’s internet watchdog blocks thousands of websites that use Cloudflare's privacy service

Defending the Tor network: Mitigating IP spoofing against Tor | The Tor Project

Law enforcement operation takes down 22,000 malicious IP addresses worldwide - Ars Technica

Press Conference - Parliament House, Canberra | Prime Minister of Australia

DHS nominee Kristi Noem stood alone for rejecting department cyber grants to state, local governments | CyberScoop

Patrick Gray: "Allies will feel comfortable until these guys get fired in their first 100 days for opposing Trump’s proposed annexation of Iceland or something. People have forgotten… Trump is out of his gourd" — Bluesky
...more
1h 4min
November 11, 2024 Risky Biz Soap Box: Why black box email security is dead
In this edition of the Risky Business Soap Box we’re talking all about email security with Sublime Security co-founder Josh Kamdjou.
Email security is one of the oldest product categories in security, but as you’ll hear, Josh thinks the incumbents are just doing it wrong. He joins Risky Business host Patrick Gray for this interview about Sublime’s origin story and its new approach to email security.
...more
37min
November 06, 2024Risky Business #769 -- Sophos drops implants on Chinese exploit devs
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Sophos drops implants on Chinese firewall exploit devs

Microsoft workshops better just-in-time Windows admin privileges

Snowflake hacker arrested in Canada

Okta has a fun, but not very impactful auth-bypass bug

Russians bring dumb-but-smart RDP client attacks

And much, much more.
Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is
available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do.
This week’s episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network.
You can also watch this episode on Youtube

Show notes
Okta AD/LDAP Delegated Authentication - Username Above 52 Characters Security Advisory

Does bcrypt have a maximum password length? - Information Security Stack Exchange

Local Administrator Protection | Privilege Protection

Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED

A Deeper Look at FortiJump (FortiManager CVE-2024-47575) | Bishop Fox

Man Arrested for Snowflake Hacking Spree Faces US Extradition | WIRED

Google uses large language model to discover real-world vulnerability

GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI

Thousands of hacked TP-Link routers used in yearslong account takeover attacks - Ars Technica

CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files | Cybersecurity Dive

Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns

India-Canada row: Canadian officials confess to leaking 'intel' against India to Washington Post - India Today

Amid diplomatic row, Canada names India in ‘cyberthreat adversary’ list, accuses it of ‘likely spying’ | World News - The Indian Express

The Untold Story of Trump's Failed Attempt to Overthrow Venezuela's President | WIRED

Risky Biz News: The mystery at Mango Park

North Korean hackers seen collaborating with Play ransomware group, researchers say
...more
57min
October 30, 2024Risky Business #768 -- CSRB will investigate China's Wiretap Hacks
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
CSRB to investigate China’s telco-wiretapping hacks

Euro law enforcement takes down the Redline infostealer

Someone steals Fed crypto… and then tries to quietly sneak it back in

Russia sentences REvil guys to … jail? Really?

Apple private cloud compute gets a proper bug bounty program

And much, much more.
This week’s episode is sponsored by Material Security, who help navigate the mess of cloud productivity data security. Daniel Ayala - Chief Security and Trust Officer at Dotmatics - is a Material customer, and joins Pat and Material Security’s Rajan Kapoor to talk about how to wrangle securing data that ends up in corporate cloud email and file stores.
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Apple 10 day certificates

" rel="noopener noreferrer">Chinese hackers said to have collected audio of American calls

" rel="noopener noreferrer">U.S. Panel to Probe Cyber Failures in Massive Chinese Hack of Telecoms

" rel="noopener noreferrer">How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware

" rel="noopener noreferrer">Operation Magnus

" rel="noopener noreferrer">Hacker Returns $19.3 Million to Drained US Government Crypto Wallet

" rel="noopener noreferrer">Meet ZachXBT, the Masked Vigilante Tracking Down Billions in Crypto Scams and Thefts | WIRED

" rel="noopener noreferrer">Radar systems in Iran breached prior to Israel's Saturday counter-strike - report

" rel="noopener noreferrer">Delta sues CrowdStrike after widespread IT outage that caused thousands of cancellations

" rel="noopener noreferrer">Tens of thousands of taxpayer accounts hacked as CRA repeatedly paid out millions in bogus refunds

" rel="noopener noreferrer">Microsoft CEO asked board to cut pay in connection with security overhaul | Cybersecurity Dive

" rel="noopener noreferrer">Four REvil members sentenced to more than four years in prison

" rel="noopener noreferrer">Russia says it might build its own Linux community after removal of several kernel maintainers

" rel="noopener noreferrer">Nigerian court drops charges against detained Binance executive Tigran Gambaryan

" rel="noopener noreferrer">Apple will pay security researchers up to $1 million to hack its private AI cloud | TechCrunch

" rel="noopener noreferrer">SonicWall firewalls the common access point in spreading ransomware campaign | Cybersecurity Dive

" rel="noopener noreferrer">Fortinet zero-day attack spree hits at least 50 customers | Cybersecurity Dive

" rel="noopener noreferrer">Cisco warns actively exploited CVE can lead to DoS attacks against VPN services | Cybersecurity Dive

" rel="noopener noreferrer">Chinese influence operation targets US down-ballot races, Microsoft says | Reuters

" rel="noopener noreferrer">Exclusive: Accused Iranian hackers successfully peddle stolen Trump emails | Reuters

" rel="noopener noreferrer">Viral video of ripped-up Pennsylvania ballots is fake and Russian-made, intelligence agencies say

Product Demo: Securing M365 and Google Workspace with Material Security
...more
52min
October 28, 2024Risky Biz Soap Box: Thinkst Canary's decade of deception
In this Soap Box edition of the podcast Patrick Gray chats with Thinkst Canary founder Haroon Meer about his “decade of deception”, including:
A history of Thinkst Canary including a recap of what they actually do

A look at why they’re still really the only major player in the deception game

A look at what companies like Microsoft are doing with deception

Why security startups should have conference booths
...more
38min
October 23, 2024Risky Business #767 – SEC fines Check Point, Mimecast, Avaya and Unisys over hacks
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
SEC fines tech firms for downplaying the Solarwinds hacks

Anonymous Sudan still looks and quacks like a Russian duck

Apple proposes max 10 day TLS certificate life

Oopsie! Microsoft loses a bunch of cloud logs

Veeam and Fortinet are bad and should feel bad

North Koreans are good (at hacking)

And much, much more.
This week’s episode is sponsored by Proofpoint. Chief Strategy Officer Ryan Kalember joins to talk about their work keeping up with prolific threat actor SocGholish.
This episode is also available on Youtube.

Show notes
Four cyber companies fined for SolarWinds disclosure failures

U.S. charges Sudanese men with running powerful cyberattack-for-hire gang

Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals | WIRED

Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious

Microsoft confirms partial loss of security log data on multiple platforms | Cybersecurity Dive

Risky Biz News: Apple wants to reduce the lifespan of TLS certificates to 10 days

Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police

Crypto platform Radiant Capital says $50 million in digital coins stolen following account compromises

North Korean hackers use newly discovered Linux malware to raid ATMs - Ars Technica

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Security

Here’s how SIM swap in alleged bitcoin pump-and-dump scheme worked - Ars Technica

Critical Veeam CVE actively exploited in ransomware attacks | Cybersecurity Dive

FortiGate admins report active exploitation 0-day. Vendor isn’t talking. - Ars Technica

Hackers reportedly impersonate cyber firm ESET to target organizations in Israel

The latest in North Korea’s fake IT worker scheme: Extorting the employers
...more
1h 3min
October 16, 2024Risky Business #766 – China hacks America's lawful intercept systems
On this week’s show Patrick Gray and Adam Boileau discuss the week’s infosec news, including:
Chinese spooks all up in western telco lawful intercept

Jerks ruin the Internet Archive’s day

Microsoft drops a great report with a bad chart

The feds make their own crypto currency and get it pumped

Forti-, Palo- and Ivanti-fail

And much, much more.
This week’s episode is sponsored by detection-as-code vendor Panther. Casey Hill, Panther’s Director Product Management joins to discuss why the old “just bung it all in a data lake and… ???… “ approach hasn’t worked out, and what smart teams do to handle their logs.
This episode is also available on [Youtube].(https://youtu.be/86zy6DcwtbE)

Show notes
White House forms emergency team to deal with China espionage hack - The Washington Post

DDoS attacks on Internet Archive continue after data breach impacting 31 million

Microsoft Digital Defense Report 2024

Ransomware encryption down amid surge of attacks, Microsoft says | CyberScoop

Russian court websites down after breach claimed by pro-Ukraine hackers

Ukrainian anti-corruption agency reportedly finds no violations in disclosures of top cyber official

Trump campaign turns to secure hardware after hacking incident | Reuters

FBI creates its own crypto token to nab suspects in alleged fraud scheme

District of Massachusetts | Eighteen Individuals and Entities Charged in International Operation Targeting Widespread Fraud and Manipulation in the Cryptocurrency Markets | United States Department of Justice

Critical CVE in 4 Fortinet products actively exploited | Cybersecurity Dive

Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024

Palo Alto Expedition: From N-Day to Full Compromise

Ivanti up against another attack spree as hackers target its endpoint manager | Cybersecurity Dive

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies · GitHub

Recently-patched Firefox bug exploited against Tor browser users

Two never-before-seen tools, from same group, infect air-gapped devices - Ars Technica

A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security

Opinion | The Cyber Sleuth - Washington Post
...more
54min
October 01, 2024Snake Oilers: Sandfly Security, Permiso and Wiz
In this edition of Snake Oilers we hear pitches from three security vendors:
Sandfly Security: An agentless Linux security platform that actually sounds very cool

Permiso: An identity security platform founded by ex FireEye folks

Wiz: The cloud security giant is getting in on code security scanning
You can watch this edition of Snake Oilers on YouTube here.
...more
41min
September 25, 2024Risky Business #765 -- The Kaspersky switcheroo
Patrick Gray and Adam Boileau discuss the week’s infosec news with everyone’s favourite ex-NSA big-brain, Rob Joyce. They talk through:
Musk and Durov bow to government pressure

Tiktok rushes to ban authoritarian propagandists

The US doesn’t want Chinese software in its cars

Kaspersky replaces itself with an AV no one has ever heard of

Aussie police chalk up another crimephone takedown

Press Win-R Ctrl-V to prove you’re human

And much, much more.
This week’s show is brought to you by Stairwell, and Stairwell’s founder Mike Wiacek will be along to talk about how people are using their platform to hunt down detection resistant malware.
A video version of this episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Elon Musk backs down in his fight with Brazilian judges to restore X | Elon Musk | The Guardian

" rel="noopener noreferrer">Telegram says it will share phone numbers and IP addresses of ‘bad actors’ to authorities

" rel="noopener noreferrer">Jane Lytvynenko on X: "Ukrainian cybersecurity officials are limiting the use of Telegram for military, critical infrastructure, and other authorities. Budanov said he has “substantiated data” on Ru authorities having access to personal messages on TG, including removed ones. https://t.co/xOcnf7am9R" / X

" rel="noopener noreferrer">TikTok blocks dozens of Kremlin-backed media accounts

" rel="noopener noreferrer">Biden administration proposes rule banning Chinese, Russian connected vehicles and parts

" rel="noopener noreferrer">Some Kaspersky customers receive surprise forced-update to new antivirus software | TechCrunch

" rel="noopener noreferrer">Russian cyber firm Dr.Web says services are restored after ‘targeted cyberattack’

" rel="noopener noreferrer">Police announce takedown and arrest mastermind behind criminal comms platform 'Ghost'

" rel="noopener noreferrer">Turning Everyday Gadgets into Bombs is a Bad Idea « bunnie's blog

" rel="noopener noreferrer">Iranian-linked election interference operation shows signs of recent access | CyberScoop

" rel="noopener noreferrer">Republicans demand FBI hearing on Iran theft of Trump documents

" rel="noopener noreferrer">Ermittlungen im Darknet: Strafverfolger hebeln Tor-Anonymisierung aus | tagesschau.de

" rel="noopener noreferrer">DOJ charges hackers for stealing $230 million in crypto from individual

" rel="noopener noreferrer">This Windows PowerShell Phish Has Scary Potential – Krebs on Security

You can now use Apple’s best iPhone Mirroring feature on your Mac and iPhone | TechRadar
...more
1h 6min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 546 episodes available.

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,921 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

610 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

359 Listeners

Hacked by Hacked

Hacked

160 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

986 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

301 Listeners

Click Here by Recorded Future News

Click Here

382 Listeners

Malicious Life by Malicious Life

Malicious Life

914 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,659 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

139 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

185 Listeners

Hacking Humans by N2K Networks

Hacking Humans

298 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

67 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

109 Listeners

Risky Business News by risky.biz

Risky Business News

35 Listeners