Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.6

362362 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 604 episodes available.

Risky Business episodes:

October 07, 2025Snake Oilers: Realm Security, Horizon3 and Persona
In this edition of the Snake Oilers podcast, three vendors pop in to pitch you all on their wares:
Realm Security: A security focussed, AI-first data pipeline platform

Horizon3: AI hackers! Pentesting robots!! They’re coming fer yur jerbs!

Persona: Verify customer and staff identities with live capture
This episode is also available on Youtube.

Show notes
...more
46min
October 01, 2025Risky Business #809 -- Hackers try to pay a journalist for access to the BBC
On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including:
Hackers learn that trying to coerce a journalist just makes for … a great story?

A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too.

Adam fanboys over Watchtowr Labs while bemoaning Fortra.

Academics pick apart Tile trackers and find them lacking

CISA tells agencies to patch their damn Cisco gear
This episode is also available on YouTube.

Show notes
'You'll never need to work again': Criminals offer reporter money to hack BBC

Government to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdown

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on Security

UK authorities arrest man in connection with cyberattack against aviation vendor | Cybersecurity Dive

Chinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoin

Cyberattack on Japanese beer giant Asahi limits shipping, call center operations | The Record from Recorded Future News

Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care | The Record from Recorded Future News

Tile trackers are a stalker's dream, say Georgia Tech researchers

Intel and AMD trusted enclaves, the backbone of network security, fall to physical attacks - Ars Technica

Supermicro server motherboards can be infected with unremovable malware - Ars Technica

China-linked hackers use ‘BRICKSTORM’ backdoor to steal IP | The Record from Recorded Future News

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

Federal agencies given one day to patch exploited Cisco firewall bugs | The Record from Recorded Future News

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability

Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035)

It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2
...more
40min
September 24, 2025Risky Business #808 -- Insane megabug in Entra left all tenants exposed
On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including:
Secret Service raids a SIM farm in New York

MI6 launches a dark web portal

Are the 2023 Scattered Spider kids finally getting their comeuppance?

Production halt continues for Jaguar Land Rover

GitHub tightens its security after Shai-Hulud worm
This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform.
This episode is also available on YouTube

Show notes
U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly

MI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future News

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens | dirkjanm.io

Github npm changes

Flights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity Dive

Major European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future News

When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on | DataBreaches.Net

UK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity Dive

Alleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future News

Las Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoop

DOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future News

vx-underground on X: "Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says "Cost of BTC at time was $36M" - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google "Ransomware, November, 2023" - omfg.exe https://t.co/uv2EzbL5HT" | X

JLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55% | The Record from Recorded Future News

Jaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity Dive

New plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future News

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive
...more
53min
September 17, 2025Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Shai-Hulud worm propagates via npm and steals credentials

Jaguar Land Rover attack may put smaller suppliers out of business

Leaked data emerges from the vendor behind the Great Firewall of China

Vastaamo hacker walks free while appeal is underway

Why is a senator so mad about Kerberos?
This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.
This week’s episode is also available on Youtube.

Show notes
Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security

Jaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisis

Jaguar Land Rover production shutdown could last until November

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ

How China’s Propaganda and Surveillance Systems Really Operate | WIRED

Mythical Beasts: Diving into the depths of the global spyware market - Atlantic Council

Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal | The Record from Recorded Future News

US national charged in Finnish psychotherapy center extortion | The Record from Recorded Future News

BreachForums administrator given three-year prison stint after resentencing | The Record from Recorded Future News

Microsoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national | The Record from Recorded Future News

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars Technica

Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters

Israel announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch
...more
54min
September 15, 2025Risky Biz Soap Box: runZero shakes up vulnerability management
In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management.
With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network.
It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud.
This episode is also available on Youtube.

Show notes
...more
35min
September 10, 2025Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Apple ruins exploit developers’ week with fresh memory corruption mitigations

Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack

Salesloft says its GitHub was the initial entry point for its compromise

Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”

Rogue certs for 1.1.1.1 appear to be just (stupid) testing

Jaguar Land Rover ransomware attackers are courting trouble
This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!
This episode is also available on Youtube.

Show notes
Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research

Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive

CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News

SAP warns of high-severity vulnerabilities in multiple products - Ars Technica

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica

Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News

Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News

Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive

Qantas penalizes executives for July cyberattack | The Record from Recorded Future News

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News

GOP Cries Censorship Over Spam Filters That Work – Krebs on Security

Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media

Post by @patrick.risky.biz — Bluesky
...more
52min
September 08, 2025Snake Oilers: Nebulock, Vali Cyber and Cape
In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:
Automated, AI-powered threat hunting with Nebulock
Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at.
Runtime security for hypervisors from Vali Cyber
Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments.
A secure mobile telco: Cape
The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce.
This episode is also available on Youtube

Show notes
...more
47min
September 03, 2025Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
The Salesloft breach and why OAuth soup is a problem

The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed

Google says it will stand up a “disruption unit”

Microsoft writes up a ransomware gang that’s all-in on the cloud future

Aussie firm hot-mics its work-from-home employees’ laptops

Youtube scam baiters help the feds take down a fraud ring
This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security

" rel="noopener noreferrer">Salesloft: The Leading AI Revenue Orchestration Platform

" rel="noopener noreferrer">Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive

" rel="noopener noreferrer">The impact of the Salesloft Drift breach on Cloudflare and our customers

" rel="noopener noreferrer">China used three private companies to hack global telecoms, U.S. says

" rel="noopener noreferrer">CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF

" rel="noopener noreferrer">Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop

" rel="noopener noreferrer">Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News

" rel="noopener noreferrer">Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News

" rel="noopener noreferrer">Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog

" rel="noopener noreferrer">The Era of AI-Generated Ransomware Has Arrived | WIRED

" rel="noopener noreferrer">Between Two Nerds: How threat actors are using AI to run wild - YouTube

" rel="noopener noreferrer">Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security

" rel="noopener noreferrer">UK sought broad access to Apple customers’ data, court filing suggests

" rel="noopener noreferrer">ICE reactivates contract with spyware maker Paragon | TechCrunch

" rel="noopener noreferrer">WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch

" rel="noopener noreferrer">Safetrac turned staff laptops into covert recording devices to monitor WFH

" rel="noopener noreferrer">Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media
...more
1h 2min
August 27, 2025Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador

Hackers sabotage Iranian shipping satcoms

APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?

Trail of Bits uses image-downscaling to sneak prompts into Google Gemini

The Com’s King Bob gets ten years in the slammer

It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.

Show notes
Embassy staff flee Canberra in dead of night | news.com.au — Australia’s leading news site for latest headlines

Swedish security service says Iran uses criminal networks in Sweden | Reuters

Risky Bulletin: Hackers sabotage Iranian ships at sea, again - Risky Business Media

Microsoft scales back Chinese access to cyber early warning system | Reuters

Microsoft Didn’t Disclose Key Details to U.S. Officials of China-Based Engineers, Record Shows — ProPublica

.:: Phrack Magazine ::.

Uncovering the Chinese Proxy Service Used in APT Campaigns

Weaponizing image scaling against production AI systems -The Trail of Bits Blog

FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive

CrowdStrike warns of uptick in Silk Typhoon attacks this summer | CyberScoop

Kevin Beaumont: "There’s a bunch of new Netscal…" - Cyberplace

US charges Oregon man in vast botnet-for-hire operation | Cybersecurity Dive

South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities | The Record from Recorded Future News

SIM-Swapper, Scattered Spider Hacker Gets 10 Years – Krebs on Security

Chinese national who sabotaged Ohio company’s systems handed four-year jail stint | The Record from Recorded Future News

Nevada state offices close after wide-ranging 'network security incident' | Reuters

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security

Russia weighs Google Meet ban as part of foreign tech crackdown | The Record from Recorded Future News

Kremlin-Mandated Messaging App Max Is Designed To Spy On Users

Иеромонах РПЦ Макарий призвал помолиться за мессенджер MAX
...more
54min
August 25, 2025Wide World of Cyber: Microsoft's China Entanglement
The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.
Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!
This episode is also available on Youtube.

Show notes
...more
46min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 604 episodes available.

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

2,000 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

370 Listeners

Hacked by Hacked

Hacked

185 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,016 Listeners

Smashing Security by Graham Cluley

Smashing Security

320 Listeners

Click Here by Recorded Future News

Click Here

414 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,965 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

175 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

188 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners

The AI Fix by Graham Cluley and Mark Stockley

The AI Fix

33 Listeners