Risky Business Podcast Por Risky Business Media arte de portada

Risky Business

Risky Business

De: Risky Business Media
Escúchala gratis

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2026 Política y Gobierno
Episodios
  • Risky Business #833 -- The Great Mythos Freakout of 2026

    Risky Business #833 -- The Great Mythos Freakout of 2026
    Apr 15 2026
    On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Everyone has an opinion about Claude Mythos… even though almost nobody has used it yetCISA adds a 2009 Excel bug to the KEV list, u wot?Adobe also parties like it’s the 2000s, and fixes an Acrobat Reader bugDisgraced former Trenchant exec Peter Williams’ sob story fails to resonate with … anyoneRemember those crosswalk buttons hacked to play audio mocking Trump and Zuck? They were “secured” by the password: 1234. This week’s episode is sponsored by mobile network operator, Cape. Ajit Gokhale talks with James about the ways to get being a telco right when you’re starting from scratch and solving the security problems of 2026. This episode is also available on Youtube. Show notes Lab SpaceThe “AI Vulnerability Storm”: Building a “Mythosready” Security ProgramPolymarket on X: "JUST IN: Goldman Sachs is reportedly ramping up its cyber defenses in preparation for Claude Mythos." Ananay on X: "Marcus Hutchins probably has the best take on Mythos doing vulnerability research"solst/ICE of Astarte on X: "Th vast majority of CISOs do not work at Google-sized companies, and will not have to worry about 0days"Charlie Miller on X: "we’ve gone through this before with early fuzzers, afl, etc"James Kettle on X: "'Can AI Do Novel Security Research? Meet the HTTP Terminator' will premiere at Blackhat"jeffrey lee funk on X: "We've been tricked, again. Many of the thousands of bugs and vulnerabilities Mythos found are in older software are impossible to exploit."Claude is getting worse, according to Claude • The RegisterYour Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply ChainOpenAI's Mac apps need updates thanks to the Axios hack | CyberScoopHack at Anodot leaves over a dozen breached companies facing extortion | TechCrunchSnowflake customers hit in data theft attacks after SaaS integrator breachBooking.com confirms hackers accessed customers’ dataCPUID hijacked to serve malware as HWMonitor downloads • The RegisterKnown Exploited Vulnerabilities Catalog | CISAAdobe fixes PDF zero-day security bug that hackers have exploited for months | TechCrunchThe Sad Decline of Trenchant Exec Who Had Everything, Before Deciding to Steal and Sell Zero Days to Russian BuyerFBI Extracts Suspect’s Deleted Signal Messages Saved in iPhone Notification DatabaseUS operation evicts Russia from hacked SOHO routers used to breach critical infrastructure | Cybersecurity DiveTelegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market | WIREDThe Dumbest Hack of the Year Exposed a Very Real Problem | WIRED
    Más Menos
    1 h
  • Snake Oilers: Burp AI, Sondera and Truffle Security

    Snake Oilers: Burp AI, Sondera and Truffle Security
    Apr 9 2026

    In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products:

    • Burp AI and DAST: The founder of PortSwigger and creator of legendary security software Burp Suite, Dafydd Stuttard, drops by to pitch listeners on Burp AI and Burp Suite DAST.

    • Sondera: Josh Devon talks about Sondera, a technology designed to intervene when AI models start doing the wrong thing by statefully tracking their trajectories. This isn’t a permissions suite for AI agents, it’s a way to stick agents in a harness and make sure they adhere to hard policy boundaries.

    • Truffle Security: Dylan Ayrey, the founder of Truffle Security, joins Risky Business again to talk through the latest bells and whistles in Trufflehog, a security tool that searches for exposed secrets and validates them. The Truffle team has done a lot of work on the remediation part of their product over the last few years, and Dylan tells us all about it!

    This episode is also available on YouTube

    Show notes
      Más Menos
      48 m
    • Risky Business #832 -- Anthropic unveils magical 0day computer God

      Risky Business #832 -- Anthropic unveils magical 0day computer God
      Apr 8 2026
      On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s new Mythos model hunts bugs and chains exploits together so well that… you cant have it……Unless you’re one of their Project Glasswing partnersThe world isn’t short on bugs, though. F5, Fortinet, Progress ShareFile, and TrueConf are all getting rekt by humansGPU Rowhammering goes in the GPU, past the IOMMU and back into the host-side Nvidia driverNorth Korea is spending serious time and money on its crypto hackingJust when the US needs CISA most, they slash its budget some more! This week’s episode is sponsored by identity verification firm, Persona. Tying digital actions to actual human identities isn’t just for banking know-your-customer any more. Persona’s Benjamin Crait says know-your-staff checks belong in high-value flows inside your organisation, too. This episode is also available on Youtube. Show notes Claude Mythos Preview \ red.anthropic.comAnthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning’ - The New York TimesAnthropic Teams Up With Its Rivals to Keep AI From Hacking Everything | WIREDFFmpeg on X: "Thank you to @AnthropicAI for sending FFmpeg patches" / XCritical flaw in F5 BIG-IP faces wide exploitation risk | Cybersecurity DiveReact2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data | Cybersecurity DiveCritical flaw in FortiClient EMS under exploitation | Cybersecurity DiveResearchers warn of critical flaws in Progress ShareFile | Cybersecurity DiveCISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers | The Record from Recorded Future NewsNew Rowhammer attacks give complete control of machines running Nvidia GPUs - Ars TechnicaNorth Korea's hijack of one of the web's most used open source projects was likely weeks in the making | TechCrunchDrift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea | The Record from Recorded Future NewsDrift on X: "Drift Protocol — Incident Background Update " / XTrump’s FY2027 budget again targets CISA | Cybersecurity DiveCISA’s vulnerability scans, field support on chopping block in Trump budget | Cybersecurity DiveIranian hackers break into U.S. industrial systems, agencies warnFBI labels suspected China hack of law enforcement data 'a major cyber incident'Russia Hacked Routers to Steal Microsoft Office Tokens – Krebs on SecurityMassachusetts hospital turning ambulances away after cyberattack | The Record from Recorded Future NewsExclusive | 'Ghost Murmur,' a never-used secret tool, deployed to find lost airman in Iran in daring missionA Secure Chat App’s Encryption Is So Bad It Is ‘Meaningless’
      Más Menos
      54 m
    Todavía no hay opiniones