Risky Business Podcast Por Patrick Gray arte de portada

Risky Business

Risky Business

De: Patrick Gray
Escúchala gratis

Obtén 3 meses por US$0.99 al mes
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2025 Política y Gobierno
Episodios
  • Risky Business #817 -- Less carnage than your usual Thanksgiving

    Risky Business #817 -- Less carnage than your usual Thanksgiving
    Dec 3 2025
    In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about: Airbus rolls out software updates after a cosmic ray bitflips an A320 into a diveKrebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec…… as Wired publishes an opsec guide for teens.Microsoft decides its login portal is worth a Content Security PolicySouth Korean online retailer data breach covers 65% of the country This week’s episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS. This episode is also available on Youtube. Show notes Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNNCongress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoopPost-mortem of Shai-Hulud attack on November 24th, 2025 - PostHogUpdate: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | ArmisGlassworm's resurgence | Secure Annex4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi BlogPost by @spuxx.bsky.social — BlueskyMeet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on SecurityThe WIRED Guide to Digital Opsec for Teens | WIREDPerth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC NewsEd Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / XReuters accused of hack attack | ZDNETThe Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIREDMicrosoft tightens cloud login process to prevent common attack | Cybersecurity DiveFortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity DiveCryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future NewsOfficials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future NewsData breach hits 'South Korea's Amazon,' potentially affecting 65% of country’s population | The Record from Recorded Future NewsNSA Contractor Groomed Teenage Girls On Reddit, DOJ AllegesNebulock developed coreSigma for MacOScoreSigma repo:
    Más Menos
    1 h y 1 m
  • Risky Business #816 -- Copilot Actions for Windows is extremely dicey

    Risky Business #816 -- Copilot Actions for Windows is extremely dicey
    Nov 26 2025
    In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Salesforce partner Gainsight has customer data stolenCrowdstrike fires insider who gave hackers screenshots of internal systemsAustralian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigsShai-Hulud npm/Github worm is back, and rm -rf’ier than everSEC gives up on Solarwinds lawsuitDog eats cryptographer’s key material This week’s episode is sponsored by runZero. HD Moore pops in to talk about how they’re integrating runZero with Bloodhound-style graph databases. He also discusses uses for driving runZero’s tools with an AI, plus the complexities of shipping AI when the company has a variety of deployment models. This episode is also available on Youtube. Show notes Google says hackers stole data from 200 companies following Gainsight breachGainsight StatusTrust StatusCrowdStrike fires 'suspicious insider' who passed information to hackersSalesforce cuts off access to third-party app after discovering ‘unusual activity’Атаки разящей панды: APT31 сегодняOffice of Public Affairs | Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Australian federal MPs warned to turn off phones when Chinese delegation visits Parliament HouseSha1-Hulud: The Second Coming of the NPM Worm is Digging For SecretsFCC eliminates cybersecurity requirements for telecom companiesTrade Associations Cybersecurity Practices Ex ParteSEC voluntarily dismisses SolarWinds lawsuitRecord-breaking DDoS attack against Microsoft Azure mitigatedThe Cloudflare Outage May Be a Security Roadmap – Krebs on SecurityCritics scoff after Microsoft warns AI feature can infect machines and pilfer datavx-underground on X: "I've had a surprising amount of people ask me about Copilot"Researchers warn command injection flaw in Fortinet FortiWeb is under exploitationTwo suspected Scattered Spider hackers plead not guilty over Transport for London cyberattackRussia arrests young cybersecurity entrepreneur on treason chargesThis campaign aims to tackle persistent security myths in favor of better adviceOops. Cryptographers cancel election results after losing decryption key.Uncovering network attack paths with runZeroHoundModel Context Protocol
    Más Menos
    58 m
  • Risky Biz Soap Box: Greynoise knows when bad bugs are coming

    Risky Biz Soap Box: Greynoise knows when bad bugs are coming
    Nov 20 2025

    In this sponsored Soap Box edition of the podcast, Andrew Morris joins Patrick Gray to talk about how Greynoise can often get a 90 day heads up on serious vulnerabilities. Whether it’s malicious actors doing reconnaissance or the affected vendors trying to understand the scope of the problem, it seems that mass scanning activity lines up pretty nicely with typical 90-day disclosure timelines.

    A fascinating chat with Andrew, as always.

    This episode is also available on Youtube.

    Show notes
      Más Menos
      38 m
    Todavía no hay opiniones