Risky Business
297 episodes - English - Latest episode: 3 days ago - ★★★★★ - 339 ratingsRisky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Special Edition: Chris Krebs, Alex Stamos and Patrick Gray
April 24, 2024 00:03 - 45 minutes - 41.6 MBIn this special edition of the Risky Business podcast Patrick Gray chats with former Facebook CSO Alex Stamos and founding CISA director Chris Krebs about sovereignty and technology. China and Russia are doing their level best to yeet American tech from their supply chains – hardware, software and cloud services. They’ll be rebuilding these supply chains – for government systems, at least – from components that they have complete visibility into, and control over. Meanwhile, America’s gov...
Risky Business #745 – Tales from the PANageddon
April 17, 2024 05:35 - 58 minutes - 53.3 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: Palo Alto’s firewalls have a ../ bad day Sisense’s bucket full of creds gets kicked over United Healthcare draws the ire of congress FISA 702 reauthorisation finally moves forward Apple warns about “mercenary exploitation” but what’s the India link? And much, much, more This week’s sponsor is Panther, a platform that does detection as code on massive amounts of data. Panther’s founder Jack Naglieri is t...
Risky Business #744 -- Ransomware upstarts jostle in Lockbit's absence
April 10, 2024 08:00 - 58.9 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: Ransomware: down but not out Zero day prices on the rise… … and what it means for enterprise software Geopolitical conflict comes to computers in Palau Ukraine cyber chief Illia Vitiuk suspended More x86 microarchitectural bad times And much much more Proofpoint’s chief strategy officer Ryan Kalember is this week’s sponsor guest. He takes aim at some recent vendor trends, like security companies descri...
Snake Oilers: Kodex, ClearVector and Censys
April 04, 2024 13:00 - 42 minutes - 38.5 MBIn this edition of Snake Oilers you’ll hear pitches from three companies: Kodex: Makes a platform companies can use to interact with law enforcement (Solves the law enforcement impersonator problem, among others.) ClearVector: Cloud security startup from former FireEye/Mandiant SVP/CTO John Laliberte Censys: Scans the entire internet, identifies assets you didn’t know were yours, helps you track attacker infrastructure like C2
Risky Business #743 -- A chat about the xz backdoor with the guy who found it
April 03, 2024 08:00 - 57 minutes - 52.8 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: The SSH backdoor that dreams (or nightmares) are made of Microsoft gets a solid spanking from the CSRB Ukraine uses an old Russian WinRAR bug to hack Russia Push-notifications and social-engineering combined-arms vs Apple And much, much more. We have a special guest in this week’s show, Andres Freund, the Postgres developer who discovered the backdoor in the xz Linux compression library. This week’s sho...
Risky Business #742 -- China bans AMD and Intel, pivots to Linux on the desktop
March 26, 2024 13:00 - 1 hour - 59.9 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: FVEY protests China’s widespread hacking of western politicians China bans western CPUs, Windows and databases Apple’s leaky M-chip prefetcher Nigeria holds ex-IRS investigator hostage in Binance stoush Researchers bring Rowhammer to AMD Zen and DDR5 And much, much more. This week’s show is brought to you by Thinkst Canary. Its founder Haroon Meer joins this week’s show to make a passionate case that se...
Risky Biz Soap Box: Why Azure vulns should get CVEs
March 21, 2024 13:00 - 33 minutes - 30.9 MBIn this Soap Box edition of the podcast Patrick Gray talks to Nucleus Security co-founder Scott Kuffer about whether or not cloud service vulnerabilities should get CVEs, what on earth is happening with NIST’s National Vulnerability Database (NVD) and more.
Risky Business #741 -- The Mintlify breach and modern supply chains
March 19, 2024 13:00 - 52 minutes - 48.5 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: Turns out AI is still bad code review after all, Mintlify loses a bunch of Github tokens, Everything old is new again with the UDP loop DoS, Know-your-(recon satellite)-customer is hard, Microsoft takes away Russia’s powershell, solving living off the land, And much, much more This week’s show is brought to you by Material Security. In this week’s sponsor interview we speak with Material’s Rajan Kapoor,...
Risky Business #740 -- Midnight Blizzard's Microsoft hack isn't over
March 12, 2024 13:00 - 1 hour - 58.8 MBOn this week’s show Patrick and Adam discuss the week’s security news, including: Weather forecast in Redmond is still for blizzards at midnight Maybe Change Healthcare wasn’t just crying nation-state wolf Hackers abuse e-prescription systems to sell drugs CISA goes above and beyond to relate to its constituency by getting its Ivantis owned VMware drinks from the Tianfu Cup Much, much more This week’s feature guest is John P Carlin. He was principal associate deputy attorney general ...
Risky Business #739 -- ALPHV exit scams while Change Healthcare burns
March 05, 2024 13:00 - 59 minutes - 54.4 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve...
Risky Business #738 -- LockBit is down but not out. Yet.
February 27, 2024 13:00 - 55 minutes - 50.8 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: LockBit gets back up after takedown Russia arrests Medibank hacker… for something else ConnectWise gives out free updates, but customers aren’t happy Microsoft gives in to demands for more logs Sandvine gets entity-listed And much much more. Dmitri Alperovitch also joins the show to discuss Starlink, Starshield and a row with Congress about its availability in Taiwan. In this week’s ...
Risky Business #737 -- LockBit gets absolutely rekt
February 20, 2024 13:00 - 58 minutes - 53.5 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: LockBit has been taken down by law enforcement Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON GRU gets its Moobot network shutdown Signal adding usernames is… complicated Much, much more In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Wind...
Soap Box: A deep dive on how Russia's SVR is hacking Microsoft 365 tenants
February 18, 2024 13:00 - 39 minutes - 36.5 MBThe need to properly secure Entra ID tenants has been made pretty obvious this year thanks to a large-scale attack on them by Russia’s SVR intelligence agency. In this interview Andy Robbins from SpecterOps, the maker of Bloodhound Enterprise, talks through how he thinks those attacks actually went down, about how if you’re an o365 customer you’re using Entra ID whether you like it or not, and about how you can lock down your Entra ID tenant.
Risky Business #736 -- Azure misconfigurations are 2024's looming threat
February 13, 2024 13:00 - 53 minutes - 48.8 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: Somehow there are still more Ivanti and Fortinet exploits Volt Typhoon have been at it for years Starlink in Ukraine gets complicated Canadians hate poor Flipper Much, much more… In this week’s sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren’t well equ...
Soap Box: How to dismantle Volt Typhoon-style relay networks
February 11, 2024 13:00 - 37 minutes - 34.4 MBIn this Soap Box interview Greynoise founder and absolute legend Andrew Morris joins the show to talk about: Why Greynoise hasn’t seen a substantial drop off in Volt Typhoon’s network of compromised routers after the US Government’s takedown action How vendors are using Greynoise as an early warning system to identify exploitation of their products How he’s using large language models to reverse exploitation attempts into actual exploits It truly is a great conversation, we hope you enj...
Risky Business #735 -- AnyDesk fails the transparency test
February 06, 2024 13:00 - 1 hour - 57.2 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: Thought eels were slippery? Check out AnyDesk’s PR! Why Microsoft’s 365 is a nightmare to secure Cloudflare’s needlessly hostile blog post US Government introduces “Disneyland ban” for spyware peddlers Much, much more… This week’s feature guest is Eric Goldstein, the executive assistant director for cybersecurity at CISA. He’s joining the show to talk about CISA’s demand that US govern...
Risky Business #734 -- The number of hacked Microsoft 365 customers is skyrocketing
January 30, 2024 13:00 - 1 hour - 57.2 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: More details on sanctioned Medibank hacker Aleksandr Ermakov More details on alleged Scattered Spider hacker Noah Michael Urban RUMINT that the number of Microsoft customers impacted by the SVR oauth/365 campaign is huge Ron Wyden did something useful… …then did something stupid Ivanti’s clown car collides with dumpster fire Much, much more This week’s feature guest is Australia’s as...
Risky Business #733 -- Say cheese, motherf---er
January 23, 2024 13:00 - 1 hour - 57.7 MBIn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. Microsoft honks its clown car horn Australia’s hounds, released, catch their man The beginning of the end for Scattered Spider SEC was SIM swapped but had MFA off any way Ivanti learns a lesson… … while Progress does not and much more DHS undersecretary for policy and Cyber Safety Review Board head Rob Silvers is this week’s feature guest. He joins the show to talk about how the CSRB handles possible...
Risky Business #732 — We are CRUSHED
January 16, 2024 13:00 - 41 minutes - 37.7 MBOn this week’s SURPRISE edition, Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Their disappointment over last week’s SEC Twitter hack China rainbow-tables Airdrop Enterprise bugs galore… … and why patching fast is hard when there isn’t even a patch yet UEFI flaws get trad-BIOS-era vendor response and much, much more… This week’s show is unsponsored, we’re just here for the fun of it. Show notes The SEC’s Official X Account Was ‘Compromised’ and Used to...
Risky Business #731 -- SEC Twitter hack moves Bitcoin price
January 09, 2024 13:00 - 1 hour - 60 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: SEC Twitter account hack moves bitcoin price Kaspersky admires Triangulation hackers’ fine work Telcos hacked all over Israel hacks Iranian gasoline pumps again Iran up in Albania, Sudan, Egypt and Tanzania and much, much more… This week’s show is brought to you by Nucleus Security. Co-founder Scott Kuffer joins us to talk about why patch management is more nuanced than just “patch fast!” ...
Risky Business #730 -- Apple, Facebook go all in on e2ee
December 12, 2023 13:00 - 56 minutes - 52 MBIn this week’s edition of the show Patrick Gray and guest co-host Dmitri Alperovitch discuss: Major telco in Ukraine taken down by Russia Apple and Facebook go all in on e2ee Why 702 reauthorisation is looking a bit sketchy The USG wants your push notifications The year in review, plus some predictions for 2024 This week’s show is brought to you by Thinkst Canary. Haroon Meer, Thinkst’s founder, is this week’s sponsor guest. He joins us to talk about APT groups pivoting to living-off-...
Risky Biz Soap Box: Why enterprise browsers are good, actually
December 11, 2023 13:00 - 34 minutes - 31.4 MBIn this Soap Box edition of the Risky Business podcast Patrick Gray talks to Island’s Bradon Rogers about security-focussed, enterprise browsers. You can use Island to do stuff like grant third parties access to corporate applications on unmanaged devices in a not insane way – that’s a huge pain point for a lot of CISOs, and something that is bringing a lot of new customers through Island’s doors. Obviously for devices you do manage, you can roll Island out as your default enterprise brows...
Risky Business #729 -- Why patching faster won't save us
December 05, 2023 13:00 - 53 minutes - 49.3 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Iran-linked attacks on US water infrastructure Why the ownCloud bug isn’t the end of the world The D-Link 0day that… never existed? In defence of Okta Much, much more This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of Cybersecurity Strategy, is this week’s sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on ...
Risky Business #728 -- The Citrixbleed ransomware disaster
November 28, 2023 13:00 - 1 hour - 59.3 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The Citrixbleed ransomware crisis Why the FBI hasn’t arrested Scattered Spider members DPRK is in your supply chains Microsoft has a brainwave and buys a HSM When civil war meets pig butchering Much, much more This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests. Links to everything that we discussed are below and you can...
Risky Biz Soap Box: Why o365 and Google Workspace are a security liability
November 15, 2023 13:00 - 39 minutes - 36.6 MBIn this Soap Box podcast Patrick Gray talks to Material Security’s CEO and co-founder Abhishek Agrawal about the security problems inherent to modern productivity suites. Does it make sense that threat actors can authenticate to o365 and Workspace accounts and clean them out entirely? Years of mail, years of files? Material Security has built a product that tackles this issue. It can lock up email archives behind MFA challenges, redact PII from inboxes, better control files share via Goog...
Risky Business #727 -- Mr Gray goes to Washington
October 31, 2023 13:00 - 58 minutes - 53.3 MBOn this week’s show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds’ CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk’s Gaza Strip adventures Much, much more This week’s show is brought to you by Greynoise. Andrew Morris, Greynoise’s founder and CEO, is this week’s sponsor guest. He talks about how Greynoi...
Risky Biz Soap Box: Stairwell will offer platform to researchers
October 29, 2023 13:00 - 29 minutes - 27.4 MBIn this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell. Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place. But as you’ll hear, Stairwell is broadening out the use cases for its platform. You don’t want to...
Risky Business #726 -- Okta owned while Cisco takes a massive L
October 24, 2023 13:00 - 56 minutes - 52.2 MBOn this week’s show Patrick Gray talks through the news with Dmitri Alperovitch, NSA Cybersecurity director Rob Joyce and NSA CCC director Morgan Adamski. They discuss: The Okta breach 40-50k feral Ciscos Why the http/2 protocol flaw is a real headache The Ragnar Locker takedown What the NSA CCC has been thinking about This week’s show is brought to you by Socket. Socket’s founder Feross Aboukhadijeh joins us this week to talk about their actually-not-crazy use of large language model...
Risky Biz Soap Box: Preventing MFA reset attacks
October 12, 2023 13:00 - 31 minutes - 28.7 MBPatrick Gray speaks to Yubico’s Jerrod Chong about how organisations can better verify the identities of users when performing MFA resets. In other words, how to not get MGM’d. He also talks about the chain-of-trust issues inherent to synchronisable passkey implementations.
Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
October 10, 2023 13:00 - 44 minutes - 40.6 MBOn this week’s show Patrick Gray and Lina Lau discuss the week’s security news. They cover: Microsoft has killed VBScript Google to make passkeys the new default sign-in method MGM losses to exceed $100m Clorox has a bad quarter Why a bug in cURL could be really bad news Much, much more This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environm...
Risky Business #724 -- Exploitation moves away from Microsoft, Google and Apple products
October 03, 2023 13:00 - 54 minutes - 50 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Ransomware crews target WS_FTP and Jetbrains servers Global energy supply shapes up as big target The Dossier Center drops another banger Indian nationalists DDoS Canadian targets A look at the Exim drama Much, much more This week’s show is brought to you by Kroll Cyber. George Glass is this week’s sponsor guest. Links to everything that we discussed are below and you can follow Patrick o...
Risky Business #723 -- MGM and Caesars: Western youths are working with ransomware gangs
September 27, 2023 14:00 - 57 minutes - 52.5 MBOn this week’s show Patrick Gray and Dmitri Alperovitch discuss the week’s security news. They cover: How western youths are working with Russian ransomware crews Russia has changed its targeting in Ukraine A massive breach of historical Russian flight information is god’s gift to OSINT orgs Cisco buys Splunk for $28bn Much, much more This week’s show is brought to you by Panther. Its field CISO Ken Westin is this week’s sponsor guest. Links to everything that we discussed are below....
Snake Oilers: Sublime Security, VulnCheck and Devicie
September 21, 2023 14:00 - 39 minutes - 36.2 MBIn this edition of Snake Oilers you’ll hear product pitches from: Sublime Security: e-mail security for people who want to tune their detections VulnCheck: Provides vulnerability intelligence to governments, large enterprises and vendors Devicie: Manage your devices with Intune without pulling your hair out Show notes sublime.security VulnCheck - Outpace Adversaries Cloud-native device management platform | Devicie
Risky Business #722 -- Microsoft embraces Zero Trust... Authentication?
September 19, 2023 14:00 - 59 minutes - 54.3 MBOn this week’s show Patrick Gray, Adam Boileau and Lina Lau discuss the week’s security news. They cover: Microsoft’s 38TB oopsie MGM’s Okta compromised, was this what Okta was warning us about? Why we need a cyber knife fight Google Authenticator sync abused in the wild Much, much more This week’s show is brought to you by Push Security. Co-founder Adam Bateman is this week’s sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodo...
Risky Business #721 -- Why Storm-0558's Microsoft hack should have failed
September 12, 2023 14:00 - 58 minutes - 53.6 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: How Storm-0558 stole Microsoft’s signing key Cisco 0day being used by ransomware crews We were right about Elon stumbling into the Ukraine war Someone’s amazing image library 0day just got crushed Much, much more! This week’s show is brought to you by Nucleus Security. Co-founder Scott Kuffer is this week’s sponsor guest. Links to everything that we discussed are below and you can follow P...
Snake Oilers: ConductorOne, Bloodhound Enterprise and Zero Networks
September 07, 2023 14:00 - 39 minutes - 36.1 MBIn this edition of Snake Oilers you’ll hear product pitches from: ConductorOne: PAM, account cycle management and access auditing for cloud and SaaS accounts Bloodhound Enterprise: Enumerate attack paths in your environment and shut them down Zero Networks: Agentless: heavily automated microsegmentation and a VPN product that won’t get you insta-owned Show notes ConductorOne - Identity security & access control Home - BloodHound Enterprise Microsegmentation in a Matter of Minutes | Z...
Risky Business #720 -- How cloud identity provider federation features can get you mega-owned
September 05, 2023 14:00 - 56 minutes - 52.2 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Why everyone should pay attention to some recent attacks on Okta customers Why third party comms apps are risky af Why are Russian espionage opps using Tor for C2? Surveillance firms abuse Fiji Telco Digicel’s SS7 access Much, much more! This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest. Links to everything that we discu...
Risky Business #719 -- FBI vapes 700,000 Qakbot infections
August 29, 2023 14:00 - 54 minutes - 49.7 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The FBI takes down Qakbot, steals operators’ bitcoins ha ha Danish hosting provider completely destroyed in ransomware attack Sophisticated Russian cyber attack on Polish trains. Well. Not really. Microsoft revokes cert then revokes its revocation Much, much more! This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy Ryan Kalember is thi...
Risky Business #718 -- Chaos and carnage, business as usual
August 22, 2023 14:00 - 51 minutes - 46.7 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: (NOTE: This podcast was initially pushed out into the Risky Business News podcast feed in error. Sorry about that!) US Government warnings to private space sector on cyber risk Ukrainian hackers dump the inbox of Russian Duma deputy chair Absentee voting in Ecuador’s election disrupted by DDoS attack South Korea warns of Chinese “spy chips” Much, much more! This week’s show is brought to y...
Feature Interview: How Sandworm prepared Ukraine for a cyber war
August 20, 2023 14:00 - 52 minutes - 53.9 MBIn this joint Risky Business and Geopolitics Decanted feature interview, Patrick Gray and Dmitri Alperovitch talk to Illia Vitiuk, the Head of the Department of Cyber and Information Security of the Security Service of Ukraine (SBU) about the cyber dimension to Russia’s invasion. From turning off Ukraine’s power grid with a cyber attack in 2015 to the Viasat hack in 2022, Russia’s intelligence services are world renowned for executing creative destructive cyber campaigns. Despite this, aft...
Risky Business #717 -- The kids are okay. At ripping your face off.
August 15, 2023 14:00 - 1 hour - 56.1 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: More victims identified in Chinese breach of Microsoft email accounts Cyber Safety Review Board to investigate Microsoft We got some stuff wrong last week More details on Viasat hack revealed Special guest Heather Adkins talks about the CSRB’s Lapsus$ report Much, much more This week’s show is brought to you by RunZero. Its co-founder HD Moore is this week’s sponsor guest. Links to everyt...
Risky Business #716 -- This ain't your grandma's cloud
August 08, 2023 14:00 - 55 minutes - 51.2 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Tenable gives Microsoft a spray over Azure bug fix delay, quality Lateral movement fun via Azure Active Directory Cross-Tenant Synchronization Ransomware targets hospitals, special needs schools Japan’s cybersecurity has some catching up to do Much, much more This week’s show is brought to you by Corelight. Brian Dye, Corelight’s CEO, is this week’s sponsor guest. Links to everything that ...
Risky Business #715 -- Pressure mounts on Microsoft to explain itself
August 01, 2023 14:00 - 59 minutes - 54.4 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Ron Wyden’s “please explain” letter to Microsoft Chinese APT crews prepositioning to disrupt US military logistics China claims US hacked its seismology sensors Ivanti/MobileIron exploitation going vertical Much, much more This week’s show is brought to you by Stairwell. Mike Wiacek, Stairwell’s founder and CEO, is this week’s sponsor guest. He’s joined by Eric Foster, Stairwell’s VP of Bus...
Feature interview: Australia's Cyber Security Minister Clare O'Neil
July 26, 2023 14:00 - 40 minutes - 37.5 MBIn this interview Patrick Gray speaks to Australia’s Home Affairs and Cyber Security Minister Clare O’Neil and NCSC founding director Ciaran Martin about the government’s upcoming cybersecurity strategy, releasing the hounds and more.
Risky Business #714 -- Microsoft vs Wiz: pistols at dawn
July 25, 2023 14:00 - 1 hour - 56.4 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The dust-up between Microsoft and Wiz MobileIron/Ivanti 0day hoses Norwegian government agencies That’ll do TETRA, that’ll do… Microsoft finally agrees to offer decent logging without price gouging Much, much more This week’s show is brought to you by Resoucely. Travis McPeak, Resourcely’s co-founder and CEO, is this week’s sponsor guest. Links to everything that we discussed are below and...
Risky Biz Soap Box: BEC actors embrace LLMs to attack Japan
July 20, 2023 14:00 - 42 minutes - 38.7 MBThis Soap Box edition of the podcast is sponsored by Proofpoint. Proofpoint offers email security and DLP products and services, and they’re probably best known for being the biggest email security company on the planet. That means they process a LOT of emails in the hopes of throttling the number of malicious emails that organisations have to deal with, whether that’s malware, phishing or BEC. So, with that in mind, what role could large language models play in email security? Now that...
Risky Business #713 -- Microsoft activates PR weasels after State Department hack
July 18, 2023 14:00 - 59 minutes - 54.1 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Microsoft’s weasel-word response to the State Department email hack JumpCloud got owned, maybe by DPRK Citrix 0day is getting stuff rekt Two more spyware firms sanctioned by USA Scammers list fake phone numbers for major airlines on Google Maps Much, much more This week’s show is brought to you by security focussed enterprise browser maker Island. Dan Amiga, Island’s CTO and co-founder, is...
Risky Business #712 -- The 336,000 undead Fortigates of DOOM
July 11, 2023 14:00 - 1 hour - 63.3 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The SEC is targeting SolarWinds executives UK to make banks liable for fraud NSA issues advice on UEFI trojan Microsoft blocks 100+ dodgy drivers The US IC knew what Prihozhin was up to. But what FSB doing? Much, much more This week’s show is brought to you by Netwrix. Martin Cannard, Netwrix’s VP of Product Strategy, is this week’s sponsor guest. He talks about why zero standing privilege...
Risky Biz Soap Box: Defeating Living of the Land
June 25, 2023 14:00 - 31 minutes - 28.6 MBIn this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land. The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively used so-called living off the land techniques. So the question becomes – what can you do about an attacker in your environment who has privilege a...
Risky Business #711 -- Albanian authorities raid MEK camp over Iran hacks
June 20, 2023 14:00 - 59 minutes - 54.5 MBOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Albanian authorities raid MEK over Iran hacks Microsoft admits “Anonymous Sudan” took down its services US Government puts $10m bounty on CL0P A deeper look at the Barracuda hack campaign Much, much more This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s spo...