Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.6

364364 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

Risky Business episodes:

June 28, 2024 Risky Biz Soap Box: Why AI shouldn't really change your security controls
This is a sponsored Soap Box edition of the Risky Business podcast.
Abhishek Agrawal is the CEO and co-founder of Material Security, an email security company that locks down cloud email archives. Attackers have been raiding mailspools since hacking has existed, and with those mailspools now in the cloud with services like o365 and Google Workspace, guess where the attackers are going?
Material built a product that helps you lock up your email data, to archive and redact sensitive information. The idea is to really just limit what an attacker can do with email data if they pop an account.
Abhishek joined me to talk about a few things, like how non phishing resistant MFA is basically dead, how email content is very useful to security programs, and about how the gen AI won’t really change much on the defensive control side.
...more
36min
June 26, 2024Risky Business #754 -- Assange pleads guilty to espionage, walks free
On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news, including:
Julian Assange finally cuts a deal, pleads guilty, and goes free

USA to ban Kaspersky - even updates

Car dealer SaaS provider CDK contemplates paying a ransom

Intolerable healthcare ransomware attacks continue

We revisit Windows proximity bugs via wifi and bluetooth

And much, much more.
This week’s episode is sponsored by enterprise browser maker Island. Crowdstrike co-founder Dmitri Alperovitch is an investor in Island, and joins on its behalf to discuss why an enterprise browser is really starting to make sense.

Show notes
Julian Assange released from prison and has left UK, WikiLeaks says

US to ban Kaspersky Lab software nationwide later this year

Cyberattack on CDK Global stymies work at car dealerships across US

Almost 200 cancer operations postponed as ransomware group publishes London hospitals data

UK government weighs action against Russian hackers over NHS records theft

South Africa’s national health lab hit with ransomware attack amid mpox outbreak

Ransomware victims are becoming less likely to pay up | Cybersecurity Dive

Lawmakers in Philippines push for probe into Pentagon's anti-vax propaganda operation | Reuters

Telegram says it has 'about 30 engineers'; security experts say that's a red flag | TechCrunch

Two bluetooth vulnerabilities in Windows

Thread on reversing the patch

Basic concept for the latest windows wifi driver CVE
...more
57min
June 19, 2024Risky Business #753 – Congress and vuln researchers maul Microsoft
On this week’s retreat special, the entire Risky Business team is together in a tropical paradise for the first time. The team takes a break from the infinity pool to discuss the week’s security news:
Microsoft recalls Recall, but why did it have to be such a mess

And a Windows kernel wifi code-exec, really?

Passkeys and identity are hard

Scattered Spider bigwig arrested in Spain

The pentagon runs a deeply flawed info-op

Is it time E2E crypto nerds accept their place in the world?

And much, much more.
This week’s show is brought to you by Corelight… Corelight’s CEO Brian Dye will be along in this week’s sponsor interview to make a really compelling case for something that shouldn’t exist… which is NDR in cloud environments.

Show notes
Microsoft shelves Recall feature release after security uproar

Microsoft’s Recall puts the Biden administration’s cyber credibility on the line | CyberScoop

Microsoft’s cybersecurity vulnerabilities endanger America

US lawmakers grill Microsoft president over China ties, hacks | Reuters

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack — ProPublica

CVE-2024-30078 - Security Update Guide - Microsoft - Windows Wi-Fi Driver Remote Code Execution Vulnerability

Security bug allows anyone to spoof Microsoft employee emails | TechCrunch

Patrick Gray on X: "I was wrong about some things I said about iCloud accounts in this week’s show and I’ll tell you all exactly how I was wrong in next week’s show"

Passkeys in Microsoft Authenticator and Entra ID

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake | WIRED

MFA plays a rising role in major attacks, research finds | Cybersecurity Dive

Luke Jennings on LinkedIn: saas-attacks/techniques/ghost_logins/description.md at main ·…

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested – Krebs on Security

EXPOSED: Identities of Iranian Hackers Targeting Israel and Other Countries Revealed | Matzav.com

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating | Ars Technica

Windows flaw may have been exploited with Black Basta ransomware before it was patched

Crown Equipment Corporation victim of a Ransomware attack | Born's Tech and Windows World

City governments in Michigan, New York face shutdowns after ransomware attacks

Cleveland confirms ransomware attack as City Hall remains closed

Authorities investigating extended ‘network outage’ at organization that runs TheBus

Pentagon ran secret anti-vax campaign to incite fear of China vaccines

Shashank Joshi on X: "Just finished “Information Operations”, a new book by @TathamSteve. Includes this anecdote on a British effort to stop children throwing stones at a base in Afghanistan. “LRGR was the abbreviation for the Long-Range Gonad Reducer.” https://t.co/zmoxb45Cgz"

Dmitri Alperovitch on X: "@shashj They also allegedly hacked the email of the lieutenant leading the medical service of the 960th unit and retrieved the medical certificates of 150 officers and enlisted personnel"

Signal president Meredith Whittaker criticizes EU attempts to tackle child abuse material
...more
1h 4min
June 12, 2024Risky Business #752 -- Apple announcements thrill and terrify at the same time
On this week’s show Patrick Gray and Adam Boileau are joined by long-time NSA boffin Rob Joyce. Now Rob’s left the government service, he’s hobnobbing with us pundits, talking through the week’s news:
Apple announces a big leap for confidential cloud computing into the mass market

While at the same time, letting you just mosey around your iPhone from your Mac

Mandiant reports in about the Snowflake breach

Moody’s say credit ratings might consider cyber incidents

Microsoft fixes an Azure flaw with a… “comprehensive documentation update”

And much, much more.
This week’s show is sponsored by Yubico, maker of the Yubikey hardware authentication token. Jerrod Chong, Yubico’s COO and President joins to talk about the challenges of the passkey and hardware authenticator ecosystem.

Show notes
Apple makes a password manager play in a heavily targeted market | Cybersecurity Dive

macOS Sequoia takes productivity and intelligence on Mac to new heights - Apple

The Wiretap: Apple’s AI Announcement Promises Big Security Boosts–Not Everyone Is Convinced

Matthew Green on X: "Ok there are probably half a dozen more technical details in the blog post. It’s a very thoughtful design. Indeed, if you gave an excellent team a huge pile of money and told them to build the best “private” cloud in the world, it would probably look like this. 14/" / X

Risky Biz News: Microsoft budges on Windows 11 Recall

Tenable finds an Azure flaw, Microsoft calls it a feature • The Register

LendingTree confirms that cloud services attack potentially affected subsidiary

Hackers steal “significant volume” of data from hundreds of Snowflake customers | Ars Technica

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope | Ars Technica

Urgent call for O-type blood donations following London hospitals ransomware attack

Darknet site for Qilin gang, suspected in London hospitals ransomware attack, goes down

Cyberattacks pose mounting risks to creditworthiness: Moody’s | Cybersecurity Dive

Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Lab

FCC moves ahead on internet routing security rules | CyberScoop

House Republicans propose eliminating funding for election security | CyberScoop

New DJI policy: No flight record syncing for US drone pilots

Semiconductor giants Nvidia and Arm warn of new flaws in their graphics processors

Critical PHP CVE is under attack — research shows it’s easy to exploit | Cybersecurity Dive

A US Company Enabled a North Korean Scam That Raised Money for WMDs | WIRED
...more
1h 5min
June 05, 2024Risky Business #751 -- Snowflake, operation Endgame and Microsoft's looming FTC problem
On this week’s show Patrick Gray and Mark Piper discuss the week’s security news, including:
What on earth happened at Snowflake?

A look at operation Endgame

Check Point’s hilarious adventures with dot dot slash

Report says the FTC is looking at Microsoft’s security product bundling

More ransomware hits Russia

Much, much more
404 Media co-founder Joseph Cox is this week’s feature guest. He joins us to talk about his new book, Dark Wire, which is all about the FBI’s Anom sting.
This week’s show is brought to you by Resourcely. If your Terraform is a mess or your CSPM dashboards are lighting up with insane and stupid things, you should check out Resourcely. Its founder and CEO Travis McPeak will be along in this week’s sponsor interview to talk about all things Terraform.

Show notes
The Snowflake breach and the need for mandatory MFA

Snowflake at centre of world’s largest data breach | by Kevin Beaumont | Jun, 2024 | DoublePulsar

Cloud company Snowflake denies that reported breach originated with its products

‘Operation Endgame’ Hits Malware Delivery Platforms – Krebs on Security

Treasury Sanctions Creators of 911 S5 Proxy Botnet – Krebs on Security

TikTok warns of exploit aimed at 'high-profile accounts’

SEC clarifies intent of cybersecurity breach disclosure rules after initial filings | Cybersecurity Dive

SEC.gov | Disclosure of Cybersecurity Incidents Determined To Be Material and Other Cybersecurity Incidents[*]

Nurses at Ascension hospital in Michigan raise alarms about safety following ransomware attack

London hospitals declare emergency following ransomware attack | Ars Technica

North Korea’s ‘Moonstone Sleet’ using fake tank game, custom ransomware in attacks

OpenAI models used in nation-state influence campaigns, company says

National Vulnerability Database | NIST

More than 600,000 routers knocked out in October by Chalubo malware

Hackers steal $305M from DMM Bitcoin crypto exchange | TechCrunch

Germany's main opposition party hit by ‘serious’ cyberattack

Cyberattack disrupts operations of supermarkets across Russia

Rare earths miner targeted in cyber attack prior to removal of Chinese investors - ABC News

Check Point - Wrong Check Point (CVE-2024-24919)

Kevin Beaumont: "The latest Risky Business epis…" - Infosec Exchange

This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI | WIRED

FTC-industry talks over possible Microsoft probe raised recent hacking incidents - Nextgov/FCW

Tim Schofield 🏴󠁧󠁢󠁥󠁮󠁧󠁿 🇬🇧 🇪🇺🗺: "@riskybusiness @metlstorm I d…" - Infosec Exchange

Dark Wire: The Incredible True Story of the Largest Sting Operation Ever: Cox, Joseph: 9781541702691: Amazon.com: Books

Distant Field Labs
...more
1h 5min
May 29, 2024Risky Business #750 -- Why Microsoft's Recall is an attacker's best friend
On this week’s show Patrick and Adam discuss the week’s security news, including:
Russian delivery company gets ransomware-wiper’d

A supply-chain attack targets video software used in US courts

Checkpoint firewalls get hacked, details as clear as mud

Microsoft Recall delights hackers

Aussie telco Optus gets told its IR report isn’t legal advice

Cyber insurer says you’re 5x more likely to get rekt if you have a Cisco ASA

And much, much more.
This week’s episode is sponsored by Kroll Cyber. Alex Cowperthwaite, Kroll’s technical director research and development for offence joins to talk about how his team attacks AI models, in ways both classic and new.

Show notes
Major Russian delivery company down for three days due to cyberattack

Stark Industries Solutions: An Iron Hammer in the Cloud – Krebs on Security

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog

Check Point Software customers targeted by hackers using old, local VPN accounts | Cybersecurity Dive

US pharma giant Cencora says Americans' health information stolen in data breach | TechCrunch

Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’ | WIRED

Kevin Beaumont: "I got ahold of the Copilot+ so…" - Cyberplace

Kevin Beaumont: "For those who aren’t aware, Mi…" - Cyberplace

Patrick Gray on X: "You know it’s coming… Microsoft Defender Advanced Security for Recall"

Microsoft Edge for Business: Revolutionizing your business with AI, security and productivity - Microsoft Edge Blog

Optus loses appeal to keep Deloitte report on cyberattack secret

Optus says it will defend allegations it failed to protect confidential details of 9 million customers in cyber attack - ABC News

Nearly 3 million affected by Sav-Rx data breach

Spyware app pcTattletale was hacked and its website defaced | TechCrunch

#F**kStalkerware pt. 6 - tattling on pcTattletale

Spyware maker pcTattletale shutters after data breach | TechCrunch

Jeremy Kirk: "Cyber insurer Coalition releas…" - Infosec Exchange

Coalition_2024-Cyber-Claims-Report

TikTok says it disrupted 15 influence operations this year — including one from China

Israeli private eye accused of hacking was questioned about DC public affairs firm, sources say | Reuters

RansomHub claims attack on Christie’s, the world’s wealthiest auction house

Open-Source Assessments of AI Capabilities: The Proliferation of AI Analysis Tools, Replicating Competitor Models, and the Zhousidun Dataset

Shashank Joshi on X: "Additionally, OpenAI will retain and consult with other safety, security, and technical experts to support this work, including former cybersecurity officials, Rob Joyce [@RGB_Lights], who advises OpenAI on security, and John Carlin."
...more
1h 2min
May 23, 2024Risky Business #749 -- Google answer to Microsoft's insecurity? Buy Google stuff!
This week’s episode was recorded in front of a live audience at AusCERT’s 2024 conference. Pat and Adam talked through:
Google starts using security as a marketing tool against Microsoft, along with steep discounts

Microsoft announces a creepy desktop recording AI

UK govt proposes ransom payment controls

Arizona woman runs a laptop farm for North Korea

Julian Assange just keeps on with his malarky

And much, much more
This week’s episode is sponsored by Tines. Its CEO Eoin Hinchy joins the show to talk about how AI can be genuinely useful in automation.

Show notes
(1) Dina Bass on X: "Google is offering deep discounts to government and corporate customers to entice them to switch from Microsoft Office as it attacks Microsoft's cybersecurity over recent breaches, citing US gov't cybersecurity review board report https://t.co/43sIJmBWi5" / X

Microsoft president set to testify before Congress on ‘security shortcomings’ | Cybersecurity Dive

Chairman Green, Ranking Member Thompson Announce Microsoft President Will Testify on Company’s Security Shortcomings Following Hack of Government Accounts – Committee on Homeland Security

Google leverages Microsoft’s cyber gaps to woo Workspace customers | Cybersecurity Dive

CSRB report highlights the need for a new approach to security

(1) vx-underground on X: "tl;dr Microsoft introduces 24/7 surveillance functionality for the NSA and/or CIA but markets it as a feature that you'll like" / X

Everything You Need to Know About Windows 11's Recall Feature

Australian government warns of 'large-scale ransomware data breach'

(1) National Cyber Security Coordinator on X: "The Australian Government continues to assist MediSecure, an electronic prescriptions provider, respond to a cyber incident. We are still working to build a picture of the size and nature of the data that has been impacted by this data breach impacting MediSecure. This https://t.co/oyNeRonurZ" / X

HHS offering $50 million for proposals to improve hospital cybersecurity

Remote-access tools the intrusion point to blame for most ransomware attacks | Cybersecurity Dive

UK insurance industry begins to acknowledge role in tackling ransomware

Exclusive: UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments

Hacktivists turn to ransomware in attacks on Philippines government

Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies | Ars Technica

US offers $5 million for info on North Korean IT workers involved in job fraud

FCC might require telecoms to report on securing internet's BGP technology

FCC to probe ‘grave’ weaknesses in phone network infrastructure

EPA says it will step up enforcement to address ‘critical’ vulnerabilities within water sector

EPA takes steps to address cybersecurity weaknesses at water utilities

British signals agency to protect election candidates’ phones from cyberattacks

Feds seize BreachForums platform, Telegram page

Dark web narcotics market’s alleged leader arrested and charged in New York

WikiLeaks’ Julian Assange Can Appeal His Extradition to the US, British Court Says | WIRED
...more
55min
May 17, 2024 Wide World of Cyber: Krebs and Stamos on How AI Will Change Cybersecurity
In this podcast SentinelOne’s Chief Trust officer Alex Stamos and its Chief Intelligence and Public Policy Officer Chris Krebs join Patrick Gray to talk all about AI.
It’s been a year and a half since ChatGPT landed and freaked everyone out. Since then, AI has really entrenched itself as the next big thing. It’s popping up everywhere, and the use cases for cybersecurity are starting to come into focus.
Threat actors and defenders are using this stuff already, but it’s early days and as you’ll hear, things are really going to change, and fast.
...more
45min
May 15, 2024Risky Business #748 -- New cyber rules for US healthcare are coming
This week Patrick Gray and Adam Boileau along special guest Lina Lau discuss the week’s news, including:
The ongoing Ascension healthcare disruption, and

Whether its reasonable for healthcare orgs to be pushing back

Platforming cybercriminals for interviews

Own the libs by… not using E2EE messaging?

CISA’s secure by design, we want to believe!

The $64billion scale of indusrialised fraud

And much, much more.
This week’s sponsor is network discovery specialist, Run Zero. Director of research Rob King joins to talk about the weird and wonderful delights in their new Research Report.

Show notes
Federal agencies assisting Catholic health network amid cyberattack

After Ascension ransomware attack, feds issue alert on Black Basta group

As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted

Stolen children’s health records posted online in extortion bid

Guidance for organisations considering payment in... - NCSC.GOV.UK

How Did Authorities Identify the Alleged Lockbit Boss? – Krebs on Security

In interview, LockbitSupp says authorities outed the wrong guy

A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities | WIRED

UK 'increasingly concerned' about Russian intelligence links to hacktivists

Civil society under increasing threats from ‘malicious’ state cyber actors, US

Elon Musk Weighs in on the Encryption Wars Between Telegram and Signal

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch

Christie's Website Offline For A Fifth Day And The Company Is Still Silent On The Extent Of Last Week's Security Breach

68 tech, security vendors commit to secure-by-design practices | Cybersecurity Dive

UK government urges caution over blaming China for Ministry of Defence breach

Black Basta group spam-bombs victims and then calls to help

Southeast Asian scam syndicates stealing $64 billion annually, researchers find

The $2.3 Billion Tornado Cash Case Is a Pivotal Moment for Crypto Privacy | WIRED

ADVANCED APT EMULATION LABS

Download the runZero Research Report
...more
1h 3min
May 08, 2024Risky Business #747 -- Lockbit Leader Has A Very Bad Day
Patrick dials in from RSA in San Francisco to discuss the week’s security news with Adam, including:
The west doxxes LockbitSupp, who must now hide his hundred million dollars

Revil hacker behind Kasaya breach gets 14 years

Microsoft makes some positive sounding* noises on security

A fun flaw in nearly all VPN clients

Gitlab admins continue their never-ending incident response

And much, much more.
This week’s sponsor is Stairwell. Long time infosec researcher Silas Cutler joins us to talk through his adventures in attacker C2 systems, and how this feeds into Stairwell’s data.
* we’re still sceptical they’ll get it right, but they do at least seem to realise how deep the doo-doo they’re in is… Pat speculates they have … tentacles, and a regulatory-threat-gland.

Show notes
'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks | WIRED

Andy Greenberg: "@metlstorm @riskybusiness no w…" - Infosec Exchange

U.S. Charges Russian Man as Boss of LockBit Ransomware Group – Krebs on Security

Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware

Microsoft ties security goals to exec compensation

China suspected of hacking British military payment system, reports say

Germany recalls ambassador to Russia over cyberattacks

Blinken unveils State Dept. strategy for ‘vibrant, open and secure technological future’

Microsoft plans to lock down Windows DNS like never before. Here’s how. | Ars Technica

Novel attack against virtually all VPN apps neuters their entire purpose | Ars Technica

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics | WIRED

Dropbox says hacker accessed passwords, authentication info during breach

Maximum-severity GitLab flaw allowing account hijacking under active exploitation | Ars Technica

Our new research: Enhancing blockchain analytics through AI

Reconstructing the Mind’s Eye: fMRI-to-Image with Contrastive Learning and Diffusion Priors

Kevin Collier on X: "Oh my God. @riskybusiness is already the name of what is by a longshot the most established cyber podcast. There are a million possible names out there and Mr Decision Making over here went with one that's been in use for more than 15 years."
...more
56min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

More shows like Risky Business

Hacked by Hacked

Hacked

184 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,000 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,017 Listeners

Smashing Security by Graham Cluley

Smashing Security

322 Listeners

Click Here by Recorded Future News

Click Here

416 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,012 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

174 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

44 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

169 Listeners