DiscoverRisky Business
Claim Ownership
Risky Business
Author: Patrick Gray
Subscribed: 10,174Played: 234,902Subscribe
Share
© Copyright 2007-2024 Patrick Gray
Description
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
456 Episodes
Reverse
On this week’s show Patrick and Adam discuss the week’s security news, including:
Weather forecast in Redmond is still for blizzards at midnight
Maybe Change Healthcare wasn’t just crying nation-state wolf
Hackers abuse e-prescription systems to sell drugs
CISA goes above and beyond to relate to its constituency by getting its Ivantis owned
VMware drinks from the Tianfu Cup
Much, much more
This week’s feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller’s chief of staff when he was FBI director.
John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He’ll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing.
Rad founder Jimmy Mesta will along in this week’s sponsor segment to talk about some really interesting work they’ve done in baselining cloud workloads. It’s the sort of thing that sounds simple that really, really isn’t.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
Predator spyware maker getting a stern sanctioning
A German military WebEx meeting gets snooped
Mem-corrpution is still king
And much, much more
In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
LockBit gets back up after takedown
Russia arrests Medibank hacker… for something else
ConnectWise gives out free updates, but customers aren’t happy
Microsoft gives in to demands for more logs
Sandvine gets entity-listed
And much much more.
Dmitri Alperovitch also joins the show to discuss Starlink, Starshield and a row with Congress about its availability in Taiwan.
In this week’s sponsor interview, Airlock Digital’s Daniel Schell talks about his adventures with WDAC, and Dave Cottingham predicts Windows 12 will go all in on signed code.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
LockBit has been taken down by law enforcement
Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON
GRU gets its Moobot network shutdown
Signal adding usernames is… complicated
Much, much more
In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Windows policies are set and forget, but sadly, this is not so.
The need to properly secure Entra ID tenants has been made pretty obvious this year thanks to a large-scale attack on them by Russia’s SVR intelligence agency. In this interview Andy Robbins from SpecterOps, the maker of Bloodhound Enterprise, talks through how he thinks those attacks actually went down, about how if you’re an o365 customer you’re using Entra ID whether you like it or not, and about how you can lock down your Entra ID tenant.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
Somehow there are still more Ivanti and Fortinet exploits
Volt Typhoon have been at it for years
Starlink in Ukraine gets complicated
Canadians hate poor Flipper
Much, much more…
In this week’s sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren’t well equipped to deal with them.
In this Soap Box interview Greynoise founder and absolute legend Andrew Morris joins the show to talk about:
Why Greynoise hasn’t seen a substantial drop off in Volt Typhoon’s network of compromised routers after the US Government’s takedown action
How vendors are using Greynoise as an early warning system to identify exploitation of their products
How he’s using large language models to reverse exploitation attempts into actual exploits
It truly is a great conversation, we hope you enjoy it!
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
Thought eels were slippery? Check out AnyDesk’s PR!
Why Microsoft’s 365 is a nightmare to secure
Cloudflare’s needlessly hostile blog post
US Government introduces “Disneyland ban” for spyware peddlers
Much, much more…
This week’s feature guest is Eric Goldstein, the executive assistant director for cybersecurity at CISA. He’s joining the show to talk about CISA’s demand that US government agencies unplug their Ivanti appliances. He also chimes in on why the US government is so rattled by Volt Typhoon and addresses a recent report from Politico that claims CISA’s Joint Cyber Defense Collaborative is a bit of a shambles.
This week’s sponsor guest is Dan Guido from Trail of Bits. He joins us to talk about their new Testing Handbook. Trail of Bits does a bunch of audit work and they’ve committed to trying to make bug discovery a one time thing – if you find that bug once, you shouldn’t have to manually find it on another client engagement. Semgrep for the win!
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
More details on sanctioned Medibank hacker Aleksandr Ermakov
More details on alleged Scattered Spider hacker Noah Michael Urban
RUMINT that the number of Microsoft customers impacted by the SVR oauth/365 campaign is huge
Ron Wyden did something useful…
…then did something stupid
Ivanti’s clown car collides with dumpster fire
Much, much more
This week’s feature guest is Australia’s assistant foreign minister (and cybersecurity tragic) Tim Watts. He joins us to talk about why the Australian government sanctioned Aleksandr Ermakob.
Sublime Security founder and CEO Josh Kamdjou is this week’s sponsor guest. He joins us to talk about combating QR-code phishing.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news.
Microsoft honks its clown car horn
Australia’s hounds, released, catch their man
The beginning of the end for Scattered Spider
SEC was SIM swapped but had MFA off any way
Ivanti learns a lesson…
… while Progress does not
and much more
DHS undersecretary for policy and Cyber Safety Review Board head Rob Silvers is this week’s feature guest. He joins the show to talk about how the CSRB handles possible conflicts of interests from board members with industry day jobs.
In this week’s sponsor interview Resourcely’s founder Travis McPeak talks about why we need to help developers with “paved roads” instead of relying on dashboard products to tell us when things have gone wrong.
On this week’s SURPRISE edition, Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
Their disappointment over last week’s SEC Twitter hack
China rainbow-tables Airdrop
Enterprise bugs galore…
… and why patching fast is hard when there isn’t even a patch yet
UEFI flaws get trad-BIOS-era vendor response
and much, much more…
This week’s show is unsponsored, we’re just here for the fun of it.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
SEC Twitter account hack moves bitcoin price
Kaspersky admires Triangulation hackers’ fine work
Telcos hacked all over
Israel hacks Iranian gasoline pumps again
Iran up in Albania, Sudan, Egypt and Tanzania
and much, much more…
This week’s show is brought to you by Nucleus Security. Co-founder Scott Kuffer joins us to talk about why patch management is more nuanced than just “patch fast!”
In this week’s edition of the show Patrick Gray and guest co-host Dmitri Alperovitch discuss:
Major telco in Ukraine taken down by Russia
Apple and Facebook go all in on e2ee
Why 702 reauthorisation is looking a bit sketchy
The USG wants your push notifications
The year in review, plus some predictions for 2024
This week’s show is brought to you by Thinkst Canary. Haroon Meer, Thinkst’s founder, is this week’s sponsor guest. He joins us to talk about APT groups pivoting to living-off-the-land techniques.
In this Soap Box edition of the Risky Business podcast Patrick Gray talks to Island’s Bradon Rogers about security-focussed, enterprise browsers.
You can use Island to do stuff like grant third parties access to corporate applications on unmanaged devices in a not insane way – that’s a huge pain point for a lot of CISOs, and something that is bringing a lot of new customers through Island’s doors. Obviously for devices you do manage, you can roll Island out as your default enterprise browser. There are a lot of security benefits to doing that.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
Iran-linked attacks on US water infrastructure
Why the ownCloud bug isn’t the end of the world
The D-Link 0day that… never existed?
In defence of Okta
Much, much more
This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of Cybersecurity Strategy, is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
The Citrixbleed ransomware crisis
Why the FBI hasn’t arrested Scattered Spider members
DPRK is in your supply chains
Microsoft has a brainwave and buys a HSM
When civil war meets pig butchering
Much, much more
This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
In this Soap Box podcast Patrick Gray talks to Material Security’s CEO and co-founder Abhishek Agrawal about the security problems inherent to modern productivity suites.
Does it make sense that threat actors can authenticate to o365 and Workspace accounts and clean them out entirely? Years of mail, years of files?
Material Security has built a product that tackles this issue. It can lock up email archives behind MFA challenges, redact PII from inboxes, better control files share via Google Drive and OneDrive, and just generally limit the damage a threat actor can inflict when they compromise a cloud productivity account.
Even if you’re not interested in buying a product to tackle this, we think this one is a great listen.
On this week’s show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss:
The SEC enforcement action against Solarwinds’ CISO
The White House AI Executive Order
CitrixBleed exploitation goes wide
How Kaspersky captured some (likely) Five Eyes iOS 0day
Elon Musk’s Gaza Strip adventures
Much, much more
This week’s show is brought to you by Greynoise. Andrew Morris, Greynoise’s founder and CEO, is this week’s sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic.
In this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell.
Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place.
But as you’ll hear, Stairwell is broadening out the use cases for its platform. You don’t want to forward files from every system? You don’t have to. It’s still very useful as an analysis platform. It’s sort of like VirusTotal, but private and with a bunch more bells and whistles. There’s also a bunch of sharing tools in the platform, which gives it a “social network for CTI nerds” flavour.
On this week’s show Patrick Gray talks through the news with Dmitri
Alperovitch, NSA Cybersecurity director Rob Joyce and NSA CCC director
Morgan Adamski. They discuss:
The Okta breach
40-50k feral Ciscos
Why the http/2 protocol flaw is a real headache
The Ragnar Locker takedown
What the NSA CCC has been thinking about
This week’s show is brought to you by Socket. Socket’s founder Feross
Aboukhadijeh joins us this week to talk about their actually-not-crazy
use of large language models in their product.
🔴💚Really Amazing ️You Can Try This💚WATCH💚ᗪOᗯᑎᒪOᗩᗪ👉https://co.fastmovies.org
More Dimitry please, that was fun!