Claim OwnershipRisky Business
Subscribed: 10,625Played: 266,515
Subscribe
© Copyright Risky Business Media 2007-2025
Description
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
538 Episodes
Reverse
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
New York Times gets a little stolen Russian FSB data as a treat
iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign
Researcher figures out a trick to get Google account holders’ full names and phone numbers
Major US food distributor gets ransomwared
The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems
Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar.
This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
In this week’s edition of Risky Business Dmitri Alperovitch and Adam Boileau join Patrick Gray to talk through the week’s news, including:
EXCLUSIVE: A Scattered Spider-style crew is hijacking DNS MX entries and compromising enterprises within minutes
The SVG format brings the all horrors of HTML+JS to image files, and attackers have noticed
Brian Krebs eats a 6.3Tbps DDoS … ‘cause that’s how you demo your packet cannon
Law enforcement takes out Lumma Stealer, Qakbot, Danabot and some dark web drug traffickers
Iranian behind 2019 Baltimore ransomware mysteriously appears in North Carolina and pleads guilty
CISA’s leadership is fleeing in droves, even though the US needs them more than ever.
This week’s episode is sponsored by Thinkst Canary. Long time friend of the show Haroon Meer joins and talks through where he feels the industry is at, having just returned home from the AI-fueled hype at this year’s RSA conference.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
TeleMessage memory dumps show up on DDoSecrets
Coinbase contractor bribed to hand over user data
Telegram does seem to be actually cooperating with law enforcement
Britain’s legal aid service gets 15 years worth of applicant data stolen
Shocking no one, Ivanti were weaseling when they blamed latest bugs on a third party library
This week’s episode is sponsored by Prowler, who make an open source cloud security tool. Founder and original project developer Toni de la Fuente joins to talk through the flexibility that open tooling brings. Prowler is also adding support for SaaS platforms like M365, and of course, an AI assistant to help you write checks!
This episode is also available on Youtube.
In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security.
Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up.
It’s extremely difficult to bypass. That’s because when you’re in the browser it doesn’t matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it.
There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it’s enrolled into your SSO, are you sure that’s how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable?
This is a fun one!
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
The ransomware ecosystem is finding life a bit tough lately
SAP Netweaver bug being used by Chinese APT crew
Academics keep just keep finding CPU side-channel attacks
And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?
This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future.
This episode is also available on Youtube.
In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne’s Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them.
From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns.
This edition of the Wide World of Cyber was recorded in front of a live audience in San Francisco, with Patrick attending via Zoom.
The Wide World of Cyber podcast series is a wholly sponsored co-production between SentinelOne and Risky Business Media.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow.
Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad
After six years dormant, a Magento eCommerce platform backdoor comes to life
The North Korean IT worker scam is truly webscale
NSO group owes Meta $168m for hacking WhatsApp
This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars?
This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube.
This episode is available on Youtube too.
In this extended interview the Vice Chair of the Senate Select Committee on Intelligence, Senator Mark Warner, joins Risky Business host Patrick Gray to talk about:
The latest developments in the Signalgate scandal
Why America needs to be more aggressive in responding to Volt Typhoon
How tariffs are affecting American alliances
Why the Five Eyes alliance is sacrosanct
This episode is available on Youtube
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
British retail stalwart Marks & Spencer gets cybered
South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat
It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups
Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)
Anti-DOGE whistleblower sure sounds like he has a point
This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems.
Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉
This episode is also available on Youtube.
In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products:
LimaCharlie: A public cloud for SecOps
Honeywell Cyber Insights: An OT security/discovery solution
Fortra’s CobaltStrike and Outflank: Security tooling for red teamers
This episode is also available on Youtube.
In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech:
Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud)
Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff.
Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/snakeoilers)
Are you running a MISP server on some old hardware under a desk in your SOC? There’s a better way! Cosive can run it for you on AWS so you can just use it instead of wrestling with maintaining it. They also do some CTI consulting to help you get better use out of MISP.
Sysdig: A Linux runtime security platform (https://sysdig.com/)
The modern Windows network is an all-singing, all-dancing, perfectly orchestrated, EDR-protected ballet. The modern Linux production environment… isn’t. Find out how Sysdig can help you get some visibility and control over your Linux fleet.
This episode is also available on Youtube.
On this week’s show Patrick Gray talks to former NSA Cybersecurity Director Rob Joyce about Donald Trump’s unprecedented, unwarranted and completely bonkers political persecution of Chris Krebs and his employer SentinelOne.
They also talk through the week’s cybersecurity news, covering:
Mitre’s stewardship of the CVE database gets its funding DOGE’d
The US signs on to the Pall Mall anti-spyware agreement
China tries to play the nationstate cyber-attribution game, but comedically badly
Hackers run their malware inside the Windows sandbox, for security against EDR
This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins to talk through the increasing sprawl of the identity ecosystem.
This episode is also available on Youtube.
In this podcast, Patrick Gray chats with SentinelOne’s Chris Krebs and Alex Stamos about the huge changes afoot in the United States government and what they mean for the threat environment. From the director of NSA being fired to massive job cuts at CISA and huge foreign policy shifts, tomorrow’s threat environment is going to be very different to today’s. Tune in to hear analysis from two of the best in the business!
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Oracle quietly cops to being hacked, but immediately pivots into pretending it didn’t matter
NSA and CyberCom leaders fired for not being MAGA enough
US Treasury had some dusty corners it hadn’t found China in yet, looked, found China in them
…which is a great time to discuss slashing CISA’s staffing
Ransomware crews and bullet proof hosting providers are getting rekt, and we love it
And Microsoft patches yet another logging 0-day being used in the wild.
This episode is sponsored by Yubico, makers of Yubikey hardware authentication tokens. Yubico’s Vice President of Solutions Architecture and Alliances Derek Hanson joins to discuss how the consumer-centric passkey ecosystem has become a real challenge for enterprises. One that Yubico is actually ideally positioned to solve.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Yes, Oracle Health and Oracle Cloud did get hacked
The fallout from Signalgate continues
North Korean IT workers pivot to Europe
Honeypot data suggests a storm is brewing for Palo Alto VPNs
Canadian Anon gets arrested for hacking Texas GOP
This week’s episode is sponsored by Trail of Bits. Tjaden Hess, a Principal Security Engineer at Trail of Bits who specialises in cryptography, joins the show this week to talk about what a responsible crypto-currency exchange cold wallet setup looks like, and … contrasts that with Bybit.
This episode is also available on Youtube.
1In this Soap Box edition of Risky Business host Patrick Gray talks to Knocknoc CEO Adam Pointon about how to easily rein in attack surface by glueing your single sign-on service to your network controls.
Do your Palo Alto and Fortinet devices really need to be discoverable by ransomware crews? Does your file transfer appliance need to be open to the whole world? What about your SSH and RDP? Your Citrix? Your (gasp) Exchange Online servers??
You can do a lot with IP allowlisting and simple Identity Aware Proxies (IAPs) to minimise your exposure.
Knocknoc is a bit of a “Risky Business special”, too. Pat helped Knocknoc to raise a seed round through Decibel Partners where he’s a founder advisor. He also serves on Knocknoc’s board of directors.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Yes, the Trump admin really did just add a journo to their Yemen-attack-planning Signal group
The Github actions hack is smaller than we thought, but was targeting crypto
Remote code exec in Kubernetes, ouch
Oracle denies its cloud got owned, but that sure does look like customer keymat
Taiwanese hardware maker Clevo packs its private keys into bios update zip
US Treasury un-sanctions Tornado Cash, party time in Pyongyang?
This week’s episode is sponsored by runZero. Long time hackerman HD Moore joins to talk about how network vulnerability scanning has atrophied, and what he’s doing to bring it back en vogue. Do you miss early 2000s Nessus? HD knows it, he’s got you fam.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Github Actions supply chain attack loots keys and secrets from 23k projects
Why a VC fund now owns a minority stake in Risky Business Media (!?!?)
China doxes Taiwanese military hackers
Microsoft thinks .lnk file whitespace trick isn’t worth patching but APTs sure love it
CISA delivers government efficiency by re-hiring fired staff… to put them on paid leave
…and Google acquires Wiz for $32bn
This week’s show is sponsored by Zero Networks, and they have sent along a happy customer to talk about their experience. Aaron Steinke is Head of Infrastructure at La Trobe Financial, an asset management firm in Australia. Aaron talks through bringing modern zero-trust goodness to the reality of a technology environment that’s been around 40 years.
This episode is also available on Youtube.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA.
They talk through:
A realistic bluetooth-proximity phishing attack against Passkeys
A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor
The ESP32 backdoor that is neither a door nor at the back
The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists
Years later, LastPass hackers are still emptying crypto-wallets
…and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice!
Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline.
This week’s episode is sponsored by SpecterOps, makers of the BloodHound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using BloodHound’s insight.
This episode is also available on Youtube.
Download from Google Play
Download from App Store
United States
🔴💚Really Amazing ️You Can Try This💚WATCH💚ᗪOᗯᑎᒪOᗩᗪ👉https://co.fastmovies.org
More Dimitry please, that was fun!