Risky Business

By Patrick Gray

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for informati... more

4.6

364364 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

Risky Business episodes:

September 10, 2025Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Apple ruins exploit developers’ week with fresh memory corruption mitigations

Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack

Salesloft says its GitHub was the initial entry point for its compromise

Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”

Rogue certs for 1.1.1.1 appear to be just (stupid) testing

Jaguar Land Rover ransomware attackers are courting trouble
This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!
This episode is also available on Youtube.

Show notes
Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research

Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive

CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News

SAP warns of high-severity vulnerabilities in multiple products - Ars Technica

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica

Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News

Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News

Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive

Qantas penalizes executives for July cyberattack | The Record from Recorded Future News

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News

GOP Cries Censorship Over Spam Filters That Work – Krebs on Security

Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media

Post by @patrick.risky.biz — Bluesky
...more
52min
September 08, 2025Snake Oilers: Nebulock, Vali Cyber and Cape
In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:
Automated, AI-powered threat hunting with Nebulock
Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at.
Runtime security for hypervisors from Vali Cyber
Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments.
A secure mobile telco: Cape
The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce.
This episode is also available on Youtube

Show notes
...more
47min
September 03, 2025Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
The Salesloft breach and why OAuth soup is a problem

The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed

Google says it will stand up a “disruption unit”

Microsoft writes up a ransomware gang that’s all-in on the cloud future

Aussie firm hot-mics its work-from-home employees’ laptops

Youtube scam baiters help the feds take down a fraud ring
This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security

" rel="noopener noreferrer">Salesloft: The Leading AI Revenue Orchestration Platform

" rel="noopener noreferrer">Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive

" rel="noopener noreferrer">The impact of the Salesloft Drift breach on Cloudflare and our customers

" rel="noopener noreferrer">China used three private companies to hack global telecoms, U.S. says

" rel="noopener noreferrer">CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF

" rel="noopener noreferrer">Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop

" rel="noopener noreferrer">Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News

" rel="noopener noreferrer">Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News

" rel="noopener noreferrer">Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog

" rel="noopener noreferrer">The Era of AI-Generated Ransomware Has Arrived | WIRED

" rel="noopener noreferrer">Between Two Nerds: How threat actors are using AI to run wild - YouTube

" rel="noopener noreferrer">Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security

" rel="noopener noreferrer">UK sought broad access to Apple customers’ data, court filing suggests

" rel="noopener noreferrer">ICE reactivates contract with spyware maker Paragon | TechCrunch

" rel="noopener noreferrer">WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch

" rel="noopener noreferrer">Safetrac turned staff laptops into covert recording devices to monitor WFH

" rel="noopener noreferrer">Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media
...more
1h 2min
August 27, 2025Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador

Hackers sabotage Iranian shipping satcoms

APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?

Trail of Bits uses image-downscaling to sneak prompts into Google Gemini

The Com’s King Bob gets ten years in the slammer

It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.

Show notes
Embassy staff flee Canberra in dead of night | news.com.au — Australia’s leading news site for latest headlines

Swedish security service says Iran uses criminal networks in Sweden | Reuters

Risky Bulletin: Hackers sabotage Iranian ships at sea, again - Risky Business Media

Microsoft scales back Chinese access to cyber early warning system | Reuters

Microsoft Didn’t Disclose Key Details to U.S. Officials of China-Based Engineers, Record Shows — ProPublica

.:: Phrack Magazine ::.

Uncovering the Chinese Proxy Service Used in APT Campaigns

Weaponizing image scaling against production AI systems -The Trail of Bits Blog

FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive

CrowdStrike warns of uptick in Silk Typhoon attacks this summer | CyberScoop

Kevin Beaumont: "There’s a bunch of new Netscal…" - Cyberplace

US charges Oregon man in vast botnet-for-hire operation | Cybersecurity Dive

South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities | The Record from Recorded Future News

SIM-Swapper, Scattered Spider Hacker Gets 10 Years – Krebs on Security

Chinese national who sabotaged Ohio company’s systems handed four-year jail stint | The Record from Recorded Future News

Nevada state offices close after wide-ranging 'network security incident' | Reuters

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security

Russia weighs Google Meet ban as part of foreign tech crackdown | The Record from Recorded Future News

Kremlin-Mandated Messaging App Max Is Designed To Spy On Users

Иеромонах РПЦ Макарий призвал помолиться за мессенджер MAX
...more
54min
August 25, 2025Wide World of Cyber: Microsoft's China Entanglement
The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.
Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!
This episode is also available on Youtube.

Show notes
...more
46min
August 20, 2025Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Oracle’s long term CSO departs, and we’re not that sad about it

Canada’s House of Commons gets popped through a Microsoft bug

Russia degrades voice calls via Whatsapp and Telegram to push people towards Max

South-East Asian scam compounds are also behind child sextortion

Reports that the UK has backed down on Apple crypto are… strange

Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!
This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs

" rel="noopener noreferrer">Oracle CSO blasted over anti-security research rant - iTnews

" rel="noopener noreferrer">New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News

" rel="noopener noreferrer">Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme – Krebs on Security

" rel="noopener noreferrer">How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch

" rel="noopener noreferrer">UK has backed down on demand to access US Apple user data, spy chief says

" rel="noopener noreferrer">DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for"

" rel="noopener noreferrer">Hackers target Workday in social engineering attack

" rel="noopener noreferrer">Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News

" rel="noopener noreferrer">Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News

" rel="noopener noreferrer">Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News

" rel="noopener noreferrer">US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive

" rel="noopener noreferrer">FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970)

" rel="noopener noreferrer">U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge"

" rel="noopener noreferrer">493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED

" rel="noopener noreferrer">.:: Phrack Magazine ::.

" rel="noopener noreferrer">Accenture to buy Australian cyber security firm CyberCX - iTnews
...more
59min
August 14, 2025Risky Biz Soap Box: How to measure vulnerability reachability
In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.
It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.
They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.
This episode is also available on Youtube.

Show notes
...more
36min
August 13, 2025Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
CISA warns about the path from on-prem Exchange to the cloud

Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are

Everyone and their dog seems to have a shell in US Federal Court information systems

Google pays $250k for a Chrome sandbox escape

Attackers use javascript in adult SVG files to … farm facebook likes?!

SonicWall says users aren’t getting hacked with an 0day… this time.
This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together.
This episode is also available on Youtube.

Show notes
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability | The Record from Recorded Future News

Advanced Active Directory to Entra ID lateral movement techniques

Consent & Compromise: Abusing Entra OAuth for Fun and Access to Internal Microsoft Applications

Cartels may be able to target witnesses after major court hack

Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’ | The Record from Recorded Future News

Citrix NetScaler flaws lead to critical infrastructure breaches | Cybersecurity Dive

DARPA touts value of AI-powered vulnerability detection as it announces competition winners | Cybersecurity Dive

Buttercup is now open-source!

HTTP/1.1 must die: the desync endgame

US confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms | The Record from Recorded Future News

North Korean cyber-espionage group ScarCruft adds ransomware in recent attack | The Record from Recorded Future News

Adult sites are stashing exploit code inside racy .svg files - Ars Technica

Google pays 250k for Chromium sandbox escape

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day | Cybersecurity Dive

Two groups exploit WinRAR flaws in separate cyber-espionage campaigns | The Record from Recorded Future News

Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge | The Record from Recorded Future News

Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home | WIRED

Malware in Open VSX: These Vibes Are Off

How attackers are using Active Directory Federation Services to phish with legit office.com links

Introducing our guide to phishing detection evasion techniques

The State of Attack Path Management
...more
1h 0min
August 06, 2025Risky Business #801 -- AI models can hack well now and it's weirding us out
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.
This episode explores the rise of AI-powered bug hunting:
Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects

The XBOW AI bug hunting platform sees success on HackerOne

Is an AI James Kettle on the horizon?
There’s also plenty of regular cybersecurity news to discuss:
On-prem Sharepoint’s codebase is maintained out of China… awkward!

China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?

SonicWall advises customers to turn off their VPNs

Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs

Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.

The Russian government pushes VK’s Max messenger for everything
This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.
This episode is also available on Youtube.

Show notes
" rel="noopener noreferrer">Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch

" rel="noopener noreferrer">Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop

" rel="noopener noreferrer">James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!

" rel="noopener noreferrer">Risky Bulletin: China with the accusations again - Risky Business Media

" rel="noopener noreferrer">美情报机构频繁对我国防军工领域实施网络攻击窃密

" rel="noopener noreferrer">SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica

" rel="noopener noreferrer">China fears Nvidia chips could track, trace and shut down its AIs - Asia Times

" rel="noopener noreferrer">SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News

" rel="noopener noreferrer">Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity

" rel="noopener noreferrer">ReVault! When your SoC turns against you…

" rel="noopener noreferrer">Nearly 100,000 ChatGPT Conversations Were Searchable on Google

" rel="noopener noreferrer">Microsoft catches Russian hackers targeting foreign embassies - Ars Technica

" rel="noopener noreferrer">The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED

" rel="noopener noreferrer">Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog

" rel="noopener noreferrer">Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News
...more
1h 7min
August 01, 2025Soap Box: Why AI can't fix bad security products
In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.
This episode is also available on Youtube.

Show notes
...more
38min

FAQs about Risky Business:

How many episodes does Risky Business have?

The podcast currently has 609 episodes available.

More shows like Risky Business

Hacked by Hacked

Hacked

184 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,000 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

370 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,018 Listeners

Smashing Security by Graham Cluley

Smashing Security

322 Listeners

Click Here by Recorded Future News

Click Here

417 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,010 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

175 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

44 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

169 Listeners