Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.6

358358 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 596 episodes available.

Risky Business episodes:

August 27, 2025Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador

Hackers sabotage Iranian shipping satcoms

APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?

Trail of Bits uses image-downscaling to sneak prompts into Google Gemini

The Com’s King Bob gets ten years in the slammer

It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.

Show notes
Embassy staff flee Canberra in dead of night | news.com.au — Australia’s leading news site for latest headlines

Swedish security service says Iran uses criminal networks in Sweden | Reuters

Risky Bulletin: Hackers sabotage Iranian ships at sea, again - Risky Business Media

Microsoft scales back Chinese access to cyber early warning system | Reuters

Microsoft Didn’t Disclose Key Details to U.S. Officials of China-Based Engineers, Record Shows — ProPublica

.:: Phrack Magazine ::.

Uncovering the Chinese Proxy Service Used in APT Campaigns

Weaponizing image scaling against production AI systems -The Trail of Bits Blog

FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive

CrowdStrike warns of uptick in Silk Typhoon attacks this summer | CyberScoop

Kevin Beaumont: "There’s a bunch of new Netscal…" - Cyberplace

US charges Oregon man in vast botnet-for-hire operation | Cybersecurity Dive

South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities | The Record from Recorded Future News

SIM-Swapper, Scattered Spider Hacker Gets 10 Years – Krebs on Security

Chinese national who sabotaged Ohio company’s systems handed four-year jail stint | The Record from Recorded Future News

Nevada state offices close after wide-ranging 'network security incident' | Reuters

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security

Russia weighs Google Meet ban as part of foreign tech crackdown | The Record from Recorded Future News

Kremlin-Mandated Messaging App Max Is Designed To Spy On Users

Иеромонах РПЦ Макарий призвал помолиться за мессенджер MAX
...more
54min
August 25, 2025Wide World of Cyber: Microsoft's China Entanglement
The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.
Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!
This episode is also available on Youtube.

Show notes
...more
46min
August 20, 2025Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Oracle’s long term CSO departs, and we’re not that sad about it

Canada’s House of Commons gets popped through a Microsoft bug

Russia degrades voice calls via Whatsapp and Telegram to push people towards Max

South-East Asian scam compounds are also behind child sextortion

Reports that the UK has backed down on Apple crypto are… strange

Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!
This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs

" rel="noopener noreferrer">Oracle CSO blasted over anti-security research rant - iTnews

" rel="noopener noreferrer">New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News

" rel="noopener noreferrer">Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme – Krebs on Security

" rel="noopener noreferrer">How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch

" rel="noopener noreferrer">UK has backed down on demand to access US Apple user data, spy chief says

" rel="noopener noreferrer">DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for"

" rel="noopener noreferrer">Hackers target Workday in social engineering attack

" rel="noopener noreferrer">Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News

" rel="noopener noreferrer">Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News

" rel="noopener noreferrer">Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News

" rel="noopener noreferrer">US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive

" rel="noopener noreferrer">FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970)

" rel="noopener noreferrer">U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge"

" rel="noopener noreferrer">493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED

" rel="noopener noreferrer">.:: Phrack Magazine ::.

" rel="noopener noreferrer">Accenture to buy Australian cyber security firm CyberCX - iTnews
...more
59min
August 14, 2025Risky Biz Soap Box: How to measure vulnerability reachability
In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.
It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.
They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.
This episode is also available on Youtube.

Show notes
...more
36min
August 13, 2025Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
CISA warns about the path from on-prem Exchange to the cloud

Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are

Everyone and their dog seems to have a shell in US Federal Court information systems

Google pays $250k for a Chrome sandbox escape

Attackers use javascript in adult SVG files to … farm facebook likes?!

SonicWall says users aren’t getting hacked with an 0day… this time.
This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together.
This episode is also available on Youtube.

Show notes
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability | The Record from Recorded Future News

Advanced Active Directory to Entra ID lateral movement techniques

Consent & Compromise: Abusing Entra OAuth for Fun and Access to Internal Microsoft Applications

Cartels may be able to target witnesses after major court hack

Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’ | The Record from Recorded Future News

Citrix NetScaler flaws lead to critical infrastructure breaches | Cybersecurity Dive

DARPA touts value of AI-powered vulnerability detection as it announces competition winners | Cybersecurity Dive

Buttercup is now open-source!

HTTP/1.1 must die: the desync endgame

US confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms | The Record from Recorded Future News

North Korean cyber-espionage group ScarCruft adds ransomware in recent attack | The Record from Recorded Future News

Adult sites are stashing exploit code inside racy .svg files - Ars Technica

Google pays 250k for Chromium sandbox escape

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day | Cybersecurity Dive

Two groups exploit WinRAR flaws in separate cyber-espionage campaigns | The Record from Recorded Future News

Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge | The Record from Recorded Future News

Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home | WIRED

Malware in Open VSX: These Vibes Are Off

How attackers are using Active Directory Federation Services to phish with legit office.com links

Introducing our guide to phishing detection evasion techniques

The State of Attack Path Management
...more
1h 0min
August 06, 2025Risky Business #801 -- AI models can hack well now and it's weirding us out
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.
This episode explores the rise of AI-powered bug hunting:
Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects

The XBOW AI bug hunting platform sees success on HackerOne

Is an AI James Kettle on the horizon?
There’s also plenty of regular cybersecurity news to discuss:
On-prem Sharepoint’s codebase is maintained out of China… awkward!

China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?

SonicWall advises customers to turn off their VPNs

Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs

Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.

The Russian government pushes VK’s Max messenger for everything
This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch

" rel="noopener noreferrer">Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop

" rel="noopener noreferrer">James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!

" rel="noopener noreferrer">Risky Bulletin: China with the accusations again - Risky Business Media

" rel="noopener noreferrer">美情报机构频繁对我国防军工领域实施网络攻击窃密

" rel="noopener noreferrer">SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica

" rel="noopener noreferrer">China fears Nvidia chips could track, trace and shut down its AIs - Asia Times

" rel="noopener noreferrer">SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News

" rel="noopener noreferrer">Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity

" rel="noopener noreferrer">ReVault! When your SoC turns against you…

" rel="noopener noreferrer">Nearly 100,000 ChatGPT Conversations Were Searchable on Google

" rel="noopener noreferrer">Microsoft catches Russian hackers targeting foreign embassies - Ars Technica

" rel="noopener noreferrer">The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED

" rel="noopener noreferrer">Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog

" rel="noopener noreferrer">Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News
...more
1h 7min
August 01, 2025Soap Box: Why AI can't fix bad security products
In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.
This episode is also available on Youtube.

Show notes
...more
38min
July 30, 2025Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Did the SharePoint bug leak out of the Microsoft MAPP program?

Expel retracts its FIDO bypass writeup

The mess surrounding the women-only dating-safety app Tea gets worse

Broadcom customers struggle to get patches for VMWare hypervisor escapes

Aeroflot gets hacked by the Cyber Partisans, disrupting flights
This week’s episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future.
This episode is also available on Youtube.

Show notes
Microsoft Probing Whether Cyber Alert Tipped Off Chinese Hackers

Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News

What we know about the Microsoft SharePoint attacks | Cybersecurity Dive

An important update (and apology) on our PoisonSeed blog

Tea User Files Class Action After Women’s Safety App Exposes Data

A Second Tea Breach Reveals Users’ DMs About Abortions and Cheating

Top Lawyer for National Security Agency Is Fired

From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

VMware prevents some perpetual license holders from downloading patches

Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel - Ars Technica

КИБЕРУДАР ПО АЭРОФЛОТУ РФ!v

Treasury sanctions North Koreans involved in IT-worker schemes | Cybersecurity Dive

Minnesota governor activates National Guard amid St. Paul cyberattack | StateScoop

Outage was result of cyberattack, Post Luxembourg says

Clorox files $380 million suit blaming Cognizant for 2023 cyberattack | Cybersecurity Dive

Cisco network access security platform vulnerabilities under active exploitation | CyberScoop

Arizona woman sentenced to 8.5 years for running North Korean laptop farm | The Record from Recorded Future News

Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch
...more
54min
July 23, 2025Risky Business #799 -- Everyone's Sharepoint gets shelled
Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss:
Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)

She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)

Four (alleged) Scattered Spider members arrested (and bailed) in the UK

Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M

Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things!
This week’s episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system.
This episode is also available on Youtube.

Show notes
Update on DOD’s cloud services

Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review

A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers

While DOD policy bans unauthorized apps like TikTok from being on employees phones over national security risks

Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security

National Guard was hacked by China's 'Salt Typhoon' group, DHS says

Suspected contractor for China’s Hafnium group arrested in in Italy | Cybersecurity Dive

Singapore accuses Chinese state-backed hackers of attacking critical infrastructure networks | The Record from Recorded Future News

UK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on Security

Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods

Brazilian police arrest IT worker over $100 million cyber theft | The Record from Recorded Future News

At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds | WIRED

Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment | The Record

Indian crypto exchange CoinDCX says $44 million stolen from reserves | The Record

Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record

PoisonSeed bypassing FIDO keys to ‘fetch’ user accounts

Risky Bulletin: Browser extensions hijacked for web scraping botnet

A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors

A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunch

Ukrainian hackers wipe databases at Russia's Gazprom in major cyberattack, intelligence source says

File transfer company CrushFTP warns of zero-day exploit seen in the wild | The Record

HPE warns of hardcoded passwords in Aruba access points

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257)

Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw | Cybersecurity Dive

Google finds custom backdoor being installed on SonicWall network devices - Ars Technica

Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
...more
1h 14min
July 14, 2025Risky Biz Soap Box: Prowler, the open cloud security platform
In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler.
Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community, and now a growing business with an as-a-service platform.
This episode is also available on Youtube.

Show notes
...more
33min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 596 episodes available.

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,986 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

370 Listeners

Hacked by Hacked

Hacked

183 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,020 Listeners

Smashing Security by Graham Cluley

Smashing Security

317 Listeners

Click Here by Recorded Future News

Click Here

405 Listeners

Malicious Life by Malicious Life

Malicious Life

925 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,971 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

173 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

77 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

129 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners