Episodios

  • Risky Biz Soap Box: How to measure vulnerability reachability

    Risky Biz Soap Box: How to measure vulnerability reachability
    Aug 14 2025

    In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.

    It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.

    They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.

    This episode is also available on Youtube.

    Show notes
      Más Menos
      36 m
    • Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds

      Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds
      Aug 13 2025
      On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: CISA warns about the path from on-prem Exchange to the cloudMicrosoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps areEveryone and their dog seems to have a shell in US Federal Court information systemsGoogle pays $250k for a Chrome sandbox escapeAttackers use javascript in adult SVG files to … farm facebook likes?!SonicWall says users aren’t getting hacked with an 0day… this time. This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together. This episode is also available on Youtube. Show notes CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability | The Record from Recorded Future NewsAdvanced Active Directory to Entra ID lateral movement techniquesConsent & Compromise: Abusing Entra OAuth for Fun and Access to Internal Microsoft ApplicationsCartels may be able to target witnesses after major court hackFederal judiciary tightens digital security as it deals with ‘escalated cyberattacks’ | The Record from Recorded Future NewsCitrix NetScaler flaws lead to critical infrastructure breaches | Cybersecurity DiveDARPA touts value of AI-powered vulnerability detection as it announces competition winners | Cybersecurity DiveButtercup is now open-source!HTTP/1.1 must die: the desync endgameUS confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms | The Record from Recorded Future NewsNorth Korean cyber-espionage group ScarCruft adds ransomware in recent attack | The Record from Recorded Future NewsAdult sites are stashing exploit code inside racy .svg files - Ars TechnicaGoogle pays 250k for Chromium sandbox escapeSonicWall says recent attack wave involved previously disclosed flaw, not zero-day | Cybersecurity DiveTwo groups exploit WinRAR flaws in separate cyber-espionage campaigns | The Record from Recorded Future NewsTornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge | The Record from Recorded Future NewsHackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home | WIREDMalware in Open VSX: These Vibes Are OffHow attackers are using Active Directory Federation Services to phish with legit office.com linksIntroducing our guide to phishing detection evasion techniquesThe State of Attack Path Management
      Más Menos
      1 h
    • Risky Business #801 -- AI models can hack well now and it's weirding us out

      Risky Business #801 -- AI models can hack well now and it's weirding us out
      Aug 6 2025

      On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

      This episode explores the rise of AI-powered bug hunting:

      • Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects
      • The XBOW AI bug hunting platform sees success on HackerOne
      • Is an AI James Kettle on the horizon?

      There’s also plenty of regular cybersecurity news to discuss:

      • On-prem Sharepoint’s codebase is maintained out of China… awkward!
      • China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?
      • SonicWall advises customers to turn off their VPNs
      • Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs
      • Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.
      • The Russian government pushes VK’s Max messenger for everything

      This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

      This episode is also available on Youtube.

      Show notes
      • Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch
      • Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop
      • James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!
      • Risky Bulletin: China with the accusations again - Risky Business Media
      • 美情报机构频繁对我国防军工领域实施网络攻击窃密
      • SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica
      • China fears Nvidia chips could track, trace and shut down its AIs - Asia Times
      • SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News
      • Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity
      • ReVault! When your SoC turns against you…
      • Nearly 100,000 ChatGPT Conversations Were Searchable on Google
      • Microsoft catches Russian hackers targeting foreign embassies - Ars Technica
      • The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED
      • Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog
      • Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News
      Más Menos
      1 h y 6 m
    • Soap Box: Why AI can't fix bad security products

      Soap Box: Why AI can't fix bad security products
      Aug 1 2025

      In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.

      This episode is also available on Youtube.

      Show notes
        Más Menos
        37 m
      • Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP

        Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP
        Jul 30 2025

        On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

        • Did the SharePoint bug leak out of the Microsoft MAPP program?
        • Expel retracts its FIDO bypass writeup
        • The mess surrounding the women-only dating-safety app Tea gets worse
        • Broadcom customers struggle to get patches for VMWare hypervisor escapes
        • Aeroflot gets hacked by the Cyber Partisans, disrupting flights

        This week’s episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future.

        This episode is also available on Youtube.

        Show notes
        • Microsoft Probing Whether Cyber Alert Tipped Off Chinese Hackers
        • Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News
        • What we know about the Microsoft SharePoint attacks | Cybersecurity Dive
        • An important update (and apology) on our PoisonSeed blog
        • Tea User Files Class Action After Women’s Safety App Exposes Data
        • A Second Tea Breach Reveals Users’ DMs About Abortions and Cheating
        • Top Lawyer for National Security Agency Is Fired
        • From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944
        • VMware prevents some perpetual license holders from downloading patches
        • Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel - Ars Technica
        • КИБЕРУДАР ПО АЭРОФЛОТУ РФ!v
        • Treasury sanctions North Koreans involved in IT-worker schemes | Cybersecurity Dive
        • Minnesota governor activates National Guard amid St. Paul cyberattack | StateScoop
        • Outage was result of cyberattack, Post Luxembourg says
        • Clorox files $380 million suit blaming Cognizant for 2023 cyberattack | Cybersecurity Dive
        • Cisco network access security platform vulnerabilities under active exploitation | CyberScoop
        • Arizona woman sentenced to 8.5 years for running North Korean laptop farm | The Record from Recorded Future News
        • Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch
        Más Menos
        54 m
      • Risky Business #799 -- Everyone's Sharepoint gets shelled

        Risky Business #799 -- Everyone's Sharepoint gets shelled
        Jul 23 2025
        Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)Four (alleged) Scattered Spider members arrested (and bailed) in the UKHackers spend $2700 to buy creds for a Brazilian payment system, steal $100MFortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things! This week’s episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system. This episode is also available on Youtube. Show notes Update on DOD’s cloud servicesMicrosoft to stop using engineers in China for tech support of US military, Hegseth orders reviewA Little-Known Microsoft Program Could Expose the Defense Department to Chinese HackersWhile DOD policy bans unauthorized apps like TikTok from being on employees phones over national security risksMicrosoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on SecurityNational Guard was hacked by China's 'Salt Typhoon' group, DHS saysSuspected contractor for China’s Hafnium group arrested in in Italy | Cybersecurity DiveSingapore accuses Chinese state-backed hackers of attacking critical infrastructure networks | The Record from Recorded Future NewsUK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on SecurityFour people bailed after arrests over cyber attacks on M&S, Co-op and HarrodsBrazilian police arrest IT worker over $100 million cyber theft | The Record from Recorded Future NewsAt Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds | WIREDHacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment | The RecordIndian crypto exchange CoinDCX says $44 million stolen from reserves | The RecordChainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The RecordPoisonSeed bypassing FIDO keys to ‘fetch’ user accountsRisky Bulletin: Browser extensions hijacked for web scraping botnetA Startup is Selling Data Hacked from Peoples’ Computers to Debt CollectorsA surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunchUkrainian hackers wipe databases at Russia's Gazprom in major cyberattack, intelligence source saysFile transfer company CrushFTP warns of zero-day exploit seen in the wild | The RecordHPE warns of hardcoded passwords in Aruba access pointsPre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257)Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw | Cybersecurity DiveGoogle finds custom backdoor being installed on SonicWall network devices - Ars TechnicaHackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
        Más Menos
        1 h y 14 m
      • Risky Biz Soap Box: Prowler, the open cloud security platform

        Risky Biz Soap Box: Prowler, the open cloud security platform
        Jul 14 2025

        In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler.

        Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community, and now a growing business with an as-a-service platform.

        This episode is also available on Youtube.

        Show notes
          Más Menos
          32 m
        • Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses

          Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses
          Jul 2 2025
          On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Australian airline Qantas looks like it got a Scattered Spider-ingMicrosoft works towards blunting the next CrowdStrike disasterChanges are coming for Microsoft’s default enterprise app consenting setupSynology downplays hardcoded passwords for its M365 cloud backup agentThe next Citrix Netscaler memory disclosure looks nastyDrug cartels used technical surveillance to find, fix and finish FBI informants and witnesses This week’s episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments. This episode is also available on Youtube. Show notes Qantas hit by cyber attack, leaving 6 million customer records at risk of data breach Scattered Spider appears to pivot toward aviation sector | Cybersecurity Dive Microsoft to make Windows more resilient following 2024 IT outage | Cybersecurity Dive (384) The Ultimate Guide to App Consent in Microsoft Entra - YouTube When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365" / modzero AT&T deploys new account lock feature to counter SIM swapping | CyberScoop Iran-linked hackers threaten to release Trump aides' emails | Reuters US government warns of new Iran-linked cyber threats on critical infrastructure | Cybersecurity Dive Actively exploited vulnerability gives extraordinary control over server fleets - Ars Technica Critical vulnerability in Citrix Netscaler raises specter of exploitation wave | Cybersecurity Dive Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams | WIRED Cloudflare confirms Russia restricting access to services amid free internet crackdown | The Record from Recorded Future News Mexican drug cartel used hacker to track FBI official, then killed potential FBI informants, government audit says | CNN Politics Audit of the FBI's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - Redacted Report NATO members aim for spending 5% of GDP on defense, with 1.5% eligible for cyber | The Record from Recorded Future News US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations | CyberScoop US, French authorities confirm arrest of BreachForums hackers | TechCrunch Spanish police arrest five over $542 million crypto investment scheme | The Record from Recorded Future News Scam compounds labeled a 'living nightmare' as Cambodian government accused of turning a blind eye | The Record from Recorded Future News
          Más Menos
          1 h y 2 m