Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.6

364364 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

Risky Business episodes:

October 29, 2025Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate

Microsoft WSUS bug being exploited in the wild

Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG

SpaceX finally starts disabling Starlink terminals used by scammers

Garbage HP update deletes certificates that authed Windows systems to Entra
This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation.
This episode is also available on Youtube.

Show notes
US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunch

Attackers bypass patch in deprecated Windows Server update tool | CyberScoop

CVE-2025-59287 WSUS Unauthenticated RCE | HawkTrace

CVE-2025-59287 WSUS Remote Code Execution | HawkTrace

Catching Credential Guard Off Guard - SpecterOps

Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica

Uncovering Qilin attack methods exposed through multiple cases

Safety on X: "By November 10, we’re asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one. A reminder: if you enroll a new security key, any" / X

SpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds | The Record from Recorded Future News

SpaceX: Update Your Inactive Starlink Dishes Now or They'll Be Bricked

How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist

Former Polish official indicted over spyware purchase | The Record from Recorded Future News

HP OneAgent Update Broke Entra Trust on HP AI Devices

Windows' Built-in OpenSSH for Offensive Security

How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED
...more
1h 7min
October 22, 2025Risky Business #811 -- F5 is the tip of the crap software iceberg
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years

Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system

Salesforce hackers use their stolen data trove to dox NSA, ICE employees

Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah

Adam gets humbled by new Linux-capabilities backdoor trick

Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.

Show notes
Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks | WIRED

Breach at US-based cybersecurity provider F5 blamed on China, sources say | Reuters

Network security devices endanger orgs with ’90s era flaws | CSO Online

China claims it caught US attempting cyberattack on national time center | The Record from Recorded Future News

Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials

Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials

ICE amps up its surveillance powers, targeting immigrants and antifa - The Washington Post

John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt

US court orders spyware company NSO to stop targeting WhatsApp, reduces damages | Reuters

Apple alerts exploit developer that his iPhone was targeted with government spyware | TechCrunch

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones | WIRED

GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog

European police bust network selling thousands of phone numbers to scammers | The Record from Recorded Future News

Stephan Berger on X: "We recently took over an APT investigation from another forensic company. While reviewing analysis reports from the other company, we discovered that the attackers had been active in the network for months and had deployed multiple backdoors. One way they could regain root" / X

Linux Capabilities Revisited | dfir.ch

CVE-2025-59287 WSUS Remote Code Execution | HawkTrace

TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware | Edera Blog

Browser threat detection & response | Push Security | Push Security

How Push stopped a high risk LinkedIn spear-phishing attack
...more
52min
October 21, 2025Wide World of Cyber: A deep dive on the F5 hack
In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag.

Show notes
...more
40min
October 16, 2025Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business
In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space.
After listening to this interview you’ll understand why the credit card company spent $2.65b on threat intelligence vendor Recorded Future!
This episode is also available on Youtube.

Show notes
...more
31min
October 15, 2025Risky Business #810 -- Data extortion attacks have a silver lining
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
FBI intervenes in Scattered Spider Salesforce leaksite

Clop loots Oracle E-Biz deployments

Plus so much more data extortion.. At least it’s not ransomware … we guess?

The US still can’t decide who’s gonna be in charge of NSA & Cybercom

Cambodian scam compounds get sanctioned and $15b in crypto is seized

NSO gets sold for pocket-lint-grade money

Bugs! Redis CVSS 10, Ivanti, Crowdstrike and… Internet Explorer?! zeroday?! In the wild?!!!?
This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow.
This episode is also available on Youtube.

Show notes
FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak | The Record from Recorded Future News

Dozens of Oracle customers impacted by Clop data theft for extortion campaign | CyberScoop

Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882)

Clop is a Big Fish, But Not Worth Hunting - Risky Business Media

ShinyHunters Wage Broad Corporate Extortion Spree – Krebs on Security

The company Discord blamed for its recent breach says it wasn't hacked

Qantas confirms cybercriminals released stolen customer data | The Record from Recorded Future News

Red Hat confirms breach of GitLab instance, which stored company’s consulting data | CyberScoop

Risky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks - Risky Business Media

Teenagers arrested in England over cyberattack on nursery chain Kido | The Record from Recorded Future News

Acting US Cyber Command, NSA chief won’t be nominated for the job, sources say | The Record from Recorded Future News

Layoffs, reassignments further deplete CISA | Cybersecurity Dive

Trump’s scandalous directive to AG Pam Bondi reached the public by accident

Feds sanction Cambodian conglomerate over cyber scams, seize $15 billion from chairman | The Record from Recorded Future News

US Congress committee investigating Musk-owned Starlink over Myanmar scam centres | Myanmar | The Guardian

Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data | WIRED

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia | The Record from Recorded Future News

Spyware maker NSO Group confirms acquisition by US investors | TechCrunch

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits | WIRED

Wiz Finds Critical Redis RCE Vulnerability: CVE‑2025‑49844 | Wiz Blog

SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal | CyberScoop

SonicWall SSLVPN devices compromised using valid credentials | Cybersecurity Dive

Issues Affecting CrowdStrike Falcon Sensor for Windows

ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities - SecurityWeek

Jaguar Land Rover launches phased restart at factories after cyber-attack | Jaguar Land Rover | The Guardian

Windows 10 support ends today — here's who's affected and what you need to do
...more
1h 4min
October 07, 2025Snake Oilers: Realm Security, Horizon3 and Persona
In this edition of the Snake Oilers podcast, three vendors pop in to pitch you all on their wares:
Realm Security: A security focussed, AI-first data pipeline platform

Horizon3: AI hackers! Pentesting robots!! They’re coming fer yur jerbs!

Persona: Verify customer and staff identities with live capture
This episode is also available on Youtube.

Show notes
...more
46min
October 01, 2025Risky Business #809 -- Hackers try to pay a journalist for access to the BBC
On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including:
Hackers learn that trying to coerce a journalist just makes for … a great story?

A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too.

Adam fanboys over Watchtowr Labs while bemoaning Fortra.

Academics pick apart Tile trackers and find them lacking

CISA tells agencies to patch their damn Cisco gear
This episode is also available on YouTube.

Show notes
'You'll never need to work again': Criminals offer reporter money to hack BBC

Government to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdown

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on Security

UK authorities arrest man in connection with cyberattack against aviation vendor | Cybersecurity Dive

Chinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoin

Cyberattack on Japanese beer giant Asahi limits shipping, call center operations | The Record from Recorded Future News

Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care | The Record from Recorded Future News

Tile trackers are a stalker's dream, say Georgia Tech researchers

Intel and AMD trusted enclaves, the backbone of network security, fall to physical attacks - Ars Technica

Supermicro server motherboards can be infected with unremovable malware - Ars Technica

China-linked hackers use ‘BRICKSTORM’ backdoor to steal IP | The Record from Recorded Future News

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

Federal agencies given one day to patch exploited Cisco firewall bugs | The Record from Recorded Future News

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability

Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035)

It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2
...more
40min
September 24, 2025Risky Business #808 -- Insane megabug in Entra left all tenants exposed
On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including:
Secret Service raids a SIM farm in New York

MI6 launches a dark web portal

Are the 2023 Scattered Spider kids finally getting their comeuppance?

Production halt continues for Jaguar Land Rover

GitHub tightens its security after Shai-Hulud worm
This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform.
This episode is also available on YouTube

Show notes
U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly

MI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future News

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens | dirkjanm.io

Github npm changes

Flights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity Dive

Major European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future News

When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on | DataBreaches.Net

UK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity Dive

Alleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future News

Las Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoop

DOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future News

vx-underground on X: "Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says "Cost of BTC at time was $36M" - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google "Ransomware, November, 2023" - omfg.exe https://t.co/uv2EzbL5HT" | X

JLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55% | The Record from Recorded Future News

Jaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity Dive

New plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future News

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive
...more
53min
September 17, 2025Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Shai-Hulud worm propagates via npm and steals credentials

Jaguar Land Rover attack may put smaller suppliers out of business

Leaked data emerges from the vendor behind the Great Firewall of China

Vastaamo hacker walks free while appeal is underway

Why is a senator so mad about Kerberos?
This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.
This week’s episode is also available on Youtube.

Show notes
Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security

Jaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisis

Jaguar Land Rover production shutdown could last until November

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ

How China’s Propaganda and Surveillance Systems Really Operate | WIRED

Mythical Beasts: Diving into the depths of the global spyware market - Atlantic Council

Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal | The Record from Recorded Future News

US national charged in Finnish psychotherapy center extortion | The Record from Recorded Future News

BreachForums administrator given three-year prison stint after resentencing | The Record from Recorded Future News

Microsoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national | The Record from Recorded Future News

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars Technica

Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters

Israel announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch
...more
54min
September 15, 2025Risky Biz Soap Box: runZero shakes up vulnerability management
In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management.
With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network.
It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud.
This episode is also available on Youtube.

Show notes
...more
35min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

More shows like Risky Business

Hacked by Hacked

Hacked

184 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,000 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

370 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,018 Listeners

Smashing Security by Graham Cluley

Smashing Security

322 Listeners

Click Here by Recorded Future News

Click Here

417 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,010 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

175 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

44 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

169 Listeners