Risky Business
Patrick Gray
5 Listeners
1 Comment
All episodes
Best episodes
Top 10 Risky Business Episodes
Goodpods has curated a list of the 10 best Risky Business episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Risky Business for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Risky Business episode by adding your comments to the episode page.
06/20/23 • 59 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Albanian authorities raid MEK over Iran hacks
- Microsoft admits “Anonymous Sudan” took down its services
- US Government puts $10m bounty on CL0P
- A deeper look at the Barracuda hack campaign
- Much, much more
This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Police raid Iranian opposition camp in Albania, seize computers | AP News
- Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan
- Anonymous Sudan and Killnet strike again, target EIB
- Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop
- Hackers infect Russian-speaking gamers with fake WannaCry ransomware
- US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive
- (1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter
- U.S. government says several agencies hacked as part of broader cyberattack
- Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive
- Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive
- Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant
- New DOJ unit will focus on prosecuting nation-state cybercrime
- EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’
- The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED
- Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker
- Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian
- Bipartisan bill would protect Americans’ data from export abroad
- District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice
- I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon
- CID-FLYER-TEMPLATE
- New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop
2 Listeners
07/11/23 • 69 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- The SEC is targeting SolarWinds executives
- UK to make banks liable for fraud
- NSA issues advice on UEFI trojan
- Microsoft blocks 100+ dodgy drivers
- The US IC knew what Prihozhin was up to. But what FSB doing?
- Much, much more
This week’s show is brought to you by Netwrix. Martin Cannard, Netwrix’s VP of Product Strategy, is this week’s sponsor guest. He talks about why zero standing privilege is a worthy goal.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation | Cybersecurity Dive
- While Australian banks refuse most scam victims refunds, the UK is making them mandatory - ABC News
- New law could allow GCHQ to monitor UK internet logs in real-time to tackle fraud
- Federal incentives could help utilities overcome major cybersecurity hurdle: money | CyberScoop
- Major Japanese port suspends operation following ransomware attack
- Petro-Canada reports service restoration after suspected Suncor breach | Cybersecurity Dive
- Chinese state-backed hackers accidentally infected a European hospital with malware
- Hackers exploit gaping Windows loophole to give their malware kernel access | Ars Technica
- 336,000 servers remain unpatched against critical Fortigate vulnerability | Ars Technica
- CISA says latest VMware analytics bug being exploited
- MOVEit vulnerability snags almost 200 victims, more expected | Cybersecurity Dive
- Actively exploited vulnerability threatens hundreds of solar power stations | Ars Technica
- U.S. intelligence learned in mid-June Prigozhin was plotting uprising - The Washington Post
- Russian election-meddling ‘troll factory’ reportedly shut down after Wagner revolt
- Russian telecom confirms hack after group backing Wagner boasted about an attack | CyberScoop
- Hackers claim to take down Russian satellite communications provider
- Russian railway site allegedly taken down by Ukrainian hackers
- Several US states investigating ‘SiegedSec’ hacking campaign
- Hacking crew targeting states over transition bans claims cyberattack hitting global satellite systems | CyberScoop
- Hacktivists steal government files from Texas city Fort Worth | TechCrunch
- Belarusian hacktivists сlaim to breach country’s leading state university
- ...
2 Listeners
08/08/22 • 40 min
In this edition of the Soap Box podcast Okta’s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware.
He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication.
Show notes
2 Listeners
Risky Business #720 -- How cloud identity provider federation features can get you mega-owned
Risky Business
09/05/23 • 56 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why everyone should pay attention to some recent attacks on Okta customers
- Why third party comms apps are risky af
- Why are Russian espionage opps using Tor for C2?
- Surveillance firms abuse Fiji Telco Digicel’s SS7 access
- Much, much more!
This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Cross-Tenant Impersonation: Prevention and Detection | Okta Security
- BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
- NCSC-MAR-Infamous-Chisel.pdf
- Ukraine says an energy facility disrupted a Fancy Bear intrusion
- Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security
- Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News
- CISA, MITRE shore up operational tech networks with adversary emulation platform
- LogicMonitor customers hit by hackers, because of default passwords | TechCrunch
- Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. | Ars Technica
- Why is .US Being Used to Phish So Many of Us? – Krebs on Security
- UK cyber agency announces Ollie Whitehouse as its first ever CTO
- Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p
- ONLINE-SCAM-OPERATIONS-2582023.pdf
- Unmasking Trickbot, One of the World’s Top Cybercrime Gangs | WIRED
1 Listener
Risky Business #714 -- Microsoft vs Wiz: pistols at dawn
Risky Business
07/25/23 • 61 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- The dust-up between Microsoft and Wiz
- MobileIron/Ivanti 0day hoses Norwegian government agencies
- That’ll do TETRA, that’ll do...
- Microsoft finally agrees to offer decent logging without price gouging
- Much, much more
This week’s show is brought to you by Resoucely. Travis McPeak, Resourcely’s co-founder and CEO, is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Hackers exploited Ivanti zero-day to breach Norway’s government
- Citrix zero day exposes critical infrastructure, one provider hit | Cybersecurity Dive
- Interview with the ETSI Standards Organization That Created TETRA "Backdoor"
- Researchers Find ‘Backdoor’ in Encrypted Police and Military Radios
- Microsoft attackers may have data access beyond Outlook, researchers warn | Cybersecurity Dive
- Risky Biz News: Microsoft feels the heat, gives customers access to more cloud security logs
- Risky Biz News: JumpCloud compromised by APT group
- North Korean hackers breached a US tech company to steal crypto | Reuters
- North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say | TechCrunch
- Cyberattack on GitHub customers linked to North Korean hackers, Microsoft says
- Latest North Korean hack targeting cryptocurrency shows troubling evolution, experts say | CyberScoop
- White House secures safety commitments from 7 AI companies | Cybersecurity Dive
- Renewable technologies add risk to the US electric grid, experts warn | CyberScoop
- Statement on Labor’s rush to renewables leaves Australia vulnerable to catastrophic cyber attack
- Zenbleed
- Firmware vulnerabilities in millions of computers could give hackers superuser status | Ars Technica
- Satellites Are Rife With Basic Security Flaws | WIRED
- Russia’s vast telecom surveillance system crippled by withdrawal of Western tech, report says
- Apple issues third mobile OS update after zero-click spyware campaign | CyberScoop
- Apple slams UK surveillance-bill proposals - BBC News
- Bill that Would Stop the Government Buying Data Without a Warrant Passes Key Hurdle
- Kevin Mitnick Obituary - Las Vegas, NV
1 Listener
07/13/22 • 42 min
On this week’s show Patrick Gray and guest cohost Dmitri Alperovitch discuss the week’s security news, including:
- Why an American defence contractor acquiring NSO Group would be a nonproliferation win
- A look at Microsoft’s botched macro measures
- iPhone’s Lockdown Mode
- Ukraine goes big on Yubikeys
- Aerojet Rocketdyne pays millions over poor security controls, CISO whistleblower gets bag of cash
- Much, much more
This week’s show is sponsored by Proofpoint. Ryan Kalember, Proofpoint’s Executive Vice President of Cybersecurity Strategy, joins us in this week’s sponsor interview to talk about changes he’s observed in the criminal ecosystem.
NOTE: This podcast contains an error. We say that iOS Lockdown Mode prevents users from using an MDM profile on their devices. It doesn’t, it just stops new MDM profiles from being loaded while in Lockdown Mode, so corporate users will be able to turn it on just fine.
Links to everything that we discussed are below and you can follow Patrick or Dmitri on Twitter if that’s your thing.
Show notes
- L3Harris drops bid for NSO spyware following U.S. concerns - The Washington Post
- Apple introduces 'Lockdown Mode' iPhone feature to block elite spyware
- Risky Biz News: Thousands of Yubikeys have been deployed in Ukraine, more to come
- PyPI repo to distribute 4,000 security keys to maintainers of ‘critical projects’ in 2FA drive | The Daily Swig
- Microsoft makes major course reversal, allows Office to run untrusted macros [Updated] | Ars Technica
- Microsoft says decision to stop blocking Office VBA macros by default is ‘temporary’ - The Record by Recorded Future
- Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents'
- Rocket maker agrees to pay $9 million to settle allegations of cybersecurity violations - The Record by Recorded Future
- North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector | CISA
- North Korea is targeting hospitals with ransomware, U.S. agencies warn
- Medical debt collection firm says ransomware attack exposed info on 650+ healthcare orgs - The Record by Recorded Future
- French telecom company La Poste Mobile struggling to recover from ransomware attack - The Record by Recorded Future
- Cyberattack knocks out California community college email, website, landlines - The Record by Recorded Future
- OPM breach victims expected to receive about $700 each after class action settlement - The Record by Recorded Future
- Chinese Hackers Targeting Russian Government and Telcos
- DeFi Hacker Returns $8m
- Millions in Cryptocurrency Stolen in Phishing Attacks
1 Listener
04/18/23 • 61 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why 3CX was the dumbest supply chain attack we’ve seen
- Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved
- How attackers are burning down cloud infrastructure
- The latest from the world of spyware
- Much, much more
This week’s show is brought to you by Nucleus Security. Chris Hughes from Aquia is this week’s sponsor guest. He appeared at Nucleus Security’s invitation.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms | WIRED
- 3CX support tells customers to investigate malware warnings themselves | Ars Technica
- North Korean hackers linked to 3CX supply-chain attack, investigation finds
- BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog
- Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands | CyberScoop
- MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
- CISA, Cisco highlight Russian military targeting of router vulnerabilities
- Israeli spyware software surveilling journalists, politicians
- Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
- Israeli Spyware Maker QuaDream Closes, Fires All Employees - National Security & Cyber - Haaretz.com
- Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch
- Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
- US commits $25 million to Costa Rica for Conti ransomware recovery
- State Department, Congress working on formal program for US cyber aid
- CISA and partners issue secure-by-design principles for software manufacturers | FedScoop
- Time to Designate Space Systems as Critical Infrastructure
- Apple’s Macs Have Long Escaped Ransomware. That May Be Changing | WIRED
- Cyber company Darktrace gets caught up in LockBit gang's apparent blunder
- Payments giant says it is investigating ransomware incident that caused POS outage
- Cyberattack causing treatment delays at Canadian hospital
- German arms manufacturer Rheinmetall confirms cyberattack
- Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme
1 Listener
06/13/23 • 62 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Fortinet 0day Groundhog Day
- CISA’s new binding directive on exposed management interfaces
- Confirmed: US intelligence buying commercially available data
- MOVEit drama rolls on
- Much, much more
This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek
- Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security
- MOVEit announces second vulnerability; Minnesota schools agency breached with original bug
- Confidential data downloaded from UK regulator Ofcom in cyberattack
- Ransomware group Clop issues extortion notice to ‘hundreds’ of victims
- Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch
- CISA orders US civilian agencies to remove tools from public-facing internet
- Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive
- Microsoft says Azure outage was caused by ‘anomalous’ traffic spike
- Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive
- Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco
- U.S. Spy Agencies Buy Vast Quantities of Americans’ Personal Data, U.S. Says - WSJ
- The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED
- Srsly Risky Biz: Thursday, July 29 - by Tom Uren
- National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post
- Senators say Biden administration isn’t close on overhauling surveillance law
- Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e
- North Korean hacking group Lazarus linked to $35 million cryptocurrency heist
- North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters
- An Illinois hospital links closure to ransomware attack
- Security professional's tweet forces big change to Google email authentication | CyberScoop
- Can you trust ChatGPT’s package recommendations?
1 Listener
07/27/22 • 0 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Why Entrust being ransomwared is good news
- UEFI bootkits turn hardware into landfill
- Microsoft resumes macro blocking rollout
- Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea
- Much, much more
This week’s sponsor guest is Paul “The Voice” Lanzi of Remediant. He’s popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Italy investigating ransomware attack on tax agency - The Record by Recorded Future
- IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future
- Microsoft resuming default block of Office VBA macros - The Record by Recorded Future
- Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica
- China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs
- Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future
- Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health
- Congress goes after spyware purveyors. Will it make a difference?
- Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future
- TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future
- Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED
- Federal privacy legislation progresses, but concerns about data brokers loom
- China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future
- T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future
- Former Coinbase Manager Arrested by Feds for Alleged Insider Trading
- Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig
- Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig
- Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica
1 Listener
01/17/23 • 57 min
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
- CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
- Cloudflare backs Mastodon
- Paul Nakasone: NSA did some great stuff! It was really good!
- Cisco won’t patch SMB routers sold in 2020
- Much, much more
This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Royal Mail cyberattack linked to LockBit ransomware operation
- Ransomware Diaries: Volume 1 | Analyst1
- Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News
- Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News
- CircleCI incident report for January 4, 2023 security incident
- Researchers: Large language models will revolutionize digital propaganda campaigns
- Nick Cave - The Red Hand Files - Issue #218
- GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server
- Meta sues Voyager Labs over scraping user data
- Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News
- A Police App Exposed Secret Details About Raids and Suspects | WIRED
- ODIN Intelligence website is defaced as hackers claim breach | TechCrunch
- Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News
- The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News
- Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News
- Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations
- The FBI Won't Say Whether It Hacked Dark Web ISIS Site
- Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News
- Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News
- Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica
- Vulnerability with 9.8 severity in Control W...
1 Listener
Show more best episodes
Show more best episodes
Featured in these lists
FAQ
How many episodes does Risky Business have?
Risky Business currently has 262 episodes available.
What topics does Risky Business cover?
The podcast is about News, Tech News, Podcasts and Technology.
What is the most popular episode on Risky Business?
The episode title 'Risky Biz Soap Box: Okta's Brett Winterford on session cookie theft and mitigations' is the most popular.
What is the average episode length on Risky Business?
The average episode length on Risky Business is 52 minutes.
How often are episodes of Risky Business released?
Episodes of Risky Business are typically released every 6 days.
When was the first episode of Risky Business?
The first episode of Risky Business was released on Jul 8, 2020.
Show more FAQ
Show more FAQ
Comments
@WizardOfFrozbo
Jul 19
Great to hear! More Adam!!!
Like
Reply