Podcast
Risky Business
Hosted by Risky Business Media · EN
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
111episodes
Episodes
Newest firstAll episodes
Risky Business #843 -- Fortibleed is kinda awesome, actually
Today01:03:35Summary readyOn this week’s show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations (TAO), and later became NSA’s Director of Cybersecurity. They cover: The surprisingly well done Fortibleed campaign Stolen Klue OAuth tokens lead to Salesforce data theft OpenAI wants to patch the planet runZero gets acquired by Accenture, congrats HD Moore! Much, much more! This episode is also available on YouTube. Show notes FortiBleed campaign used custom FortiGate sniffer to steal credentials | BleepingComputer FortiBleed: Fortinet device credential compromise expands into broader credential-attack guidance | unit42.paloaltonetworks.com Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world | TechCrunch Security Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks | BleepingComputer Polymarket (@Polymarket) on X | X (formerly Twitter) The Korean telecom giant at the center of Anthropic’s Mythos controversy | wrd.cm Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews - SRLabs Research | SRLabs OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos | wired.com Sponsored: Trail of Bits and OpenAI patch the planet | Risky Bulletin Intel agencies: Frontier AI models will reshape cybersecurity faster than expected | cyberscoop.com Embedding Forbidden Text in Spyware to Discourage AI Analysis | Schneier on Security A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak | TechCrunch Security USB worm spreads crypto-stealing malware via Windows shortcut files | BleepingComputer Android verification is coming: Google confirms timeline and supported app stores | Ars Technica California water utility probes breach claim by Iran-linked actor | Cybersecurity Dive Suspected cyberattack triggers false emergency alerts across parts of Brazil | The Record Tesco moving 40,000 server workloads off VMware amid Broadcom's "abusive conduct" | Ars Technica Trump directs federal agencies to protect US data from quantum threats | therecord.media Accenture shells out $4.18B on three companies in big industrial cybersecurity push | cyberscoop.com
SummaryRisky Business #842 -- Anthropic needs an adult in the C suite
1w ago00:59:59Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s Fable 5 and Mythos 5 get nuked by the US government four days after launch “because security” Why “guardrails” won’t keep the world safe from your AI doomsday machine The FISA 702 statute expired, but the spying can (probably) continue! NPM v12 delivers some protection against supply chain attacks, but not enough. Microsoft has a series of bugs that prevent Windows Update from … updating Much, much more! This episode is also available on YouTube Show notes Anthropic suspends new AI models after government directive | NBC News Tech Anthropic rankles users with safety-first Fable release | NBC News Tech How a 90-minute White House deadline sparked Silicon Valley’s biggest AI fight | washingtonpost.com Pete Hegseth (@PeteHegseth) on X | X (formerly Twitter) David Sacks (@DavidSacks) on X | X (formerly Twitter) DoW CIO Kirsten Davies (@DoWCIODavies) on X | X (formerly Twitter) David Shulman (@DavidShulmanFL) on X | X (formerly Twitter) Controversial FISA spying law expires tonight. The spying will continue. | Ars Technica GitHub announces npm security changes to tackle supply-chain attacks | BleepingComputer Why NPM v12 won’t stop supply chain attacks - Risky Business Media | Social Signals Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks | BleepingComputer Microsoft patches Exchange Server zero-day exploited in attacks | BleepingComputer Max severity Ivanti Sentry vulnerability now exploited in attacks | BleepingComputer CISA warns of another cPanel plugin flaw exploited in attacks | BleepingComputer Critical Fortinet FortiSandbox flaws now exploited in attacks | BleepingComputer CISA orders feds to patch actively exploited Ivanti flaw by Sunday | BleepingComputer CISA to require federal agencies to patch some cyber vulnerabilities within 3 days | therecord.media Path traversal flaw in AI dev platform Langflow exploited in attacks | BleepingComputer Microsoft: Some Windows PCs fail to install latest monthly updates | BleepingComputer Microsoft fixes BitLocker recovery bug on Windows Server 2025 | BleepingComputer Microsoft fixes Windows update failures linked to WUSA installer | BleepingComputer New attack turned Microsoft 365 Copilot into 1-click data theft tool | BleepingComputer Over 73,000 French govt employees affected in Tchap messenger breach | BleepingComputer Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps | wired.com FBI disrupts massive AI-powered phishing service using a million URLs | BleepingComputer Cyberattack shuts down major Australian sugar mills, disrupting harvest | The Record Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds | wired.com It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests | 404.feed.press Who Runs the Ransomware Group ‘The Gentlemen?’ | krebsonsecurity.com :brdKnife: (@cR0w@infosec.exchange) | Infosec Exchange
SummaryRisky Business #841 -- Microsoft gets owned and 0day'd
2w ago01:03:02Summary readyOn this week’s show special guest co-host Chris Wade, the founder of Corellium turned Cellebrite CTO, joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. They cover: Microsoft has repos owned, GitHub tokens popped, and a new 0day dropped on them Meanwhile, researchers are choosing full disclosure instead of engaging MSRC Meta’s AI support agent allowed a staggering 20,000 accounts to be stolen! Apple pulls Russia’s MAX messenger from the App Store and disables notifications Anthropic gives the public our first Mythos-class model but it won’t do cybersecurity work Stripe and Google Tag Manager used in eCommerce website hack campaign And much, much more! This week’s show is brought to you by runZero. HD Moore, runZeros’ founder, drops by in this week’s sponsor interview to talk about the AI vibe shift. Everyone is very worried about getting owned all of a sudden, and it’s really changing the cybersecurity business. This episode is also available on YouTube. Show notes Microsoft Hacked to Deliver Malware to Claude and Gemini Users | 404.feed.press Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process | therecord.media Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges | BleepingComputer Microsoft breaks Patch Tuesday record with 206 vulnerabilities | CyberScoop chompie1337 | X WhatsApp says NSO targeted users with spearfishing attacks in violation of court order | therecord.media Over 20,000 Instagram accounts stolen in Meta AI support hack | BleepingComputer New Apple feature automatically changes your compromised passwords | BleepingComputer Apple removes Russia’s state-backed messaging app Max from its store | therecord.media Exclusive: Anthropic's Mythos can exploit new flaws in hours | Anthropic’s new model is Mythos on a leash | CyberScoop Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You | wired.com OpenClaw AI agent found falling for phishing attacks, spills user data | BleepingComputer OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks | TechCrunch Security Hands on with Intelligent Terminal, an AI-powered Windows Terminal | BleepingComputer Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms | Mandiant Check Point warns of zero-day flaw targeted by ransomware affiliate | Cybersecurity Dive ServiceNow discloses security incident exposing customer data | BleepingComputer Credit card theft campaign abuses Stripe to host stolen payment info | BleepingComputer CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand | Cybersecurity Dive The U.S. Military Quietly Turned GPS Into a Global ‘Numbers Station,’ Evidence Suggests | 404.feed.press New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute | BleepingComputer Google has quietly cut staff across its Cloud business | businessinsider.com
SummarySoap Box: Detection and response in the AI age
3w ago00:36:35Summary readyIn this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Edward Wu, founder of Dropzone, about what AI is doing to detection, response and the SOC more generally. Dropzone makes AI agents that conduct alert investigations in your SOC, but will the SOC as we know it even exist in the future? Ed has a deep expertise in SOC tech, having previously led AI/ML detection engineering at Extrahop. This interview is a fantastic look at what the future may bring for detection and response professionals. This episode is also available on YouTube Show notes
SummaryRisky Business #840 -- Microsoft walks back researcher threats
3w ago01:06:03Summary readyOn this week’s show special guest co-host Andy Boyd joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Andy is the CEO of REDLattice, which makes the Paragon “intelligence collection and reconnaissance” solution. They cover: Adversaries are tracking US troop locations with commercially available location data A new Signal phishing campaign is going after message backups 404 Media is suing ICE to get its spyware contract with REDLattice (lol) Microsoft’s tone-deaf response to ‘never justifiable’ zero-day disclosures Mini Shai-Hulud pops up again just as Glassworm gets shattered Much, much more This week’s episode is sponsored by Authentik, an open source identity platform that you can host yourself. In this week’s sponsor interview Authentik’s CEO Fletcher Heisler joins Patrick Gray to talk about how they’re keeping up with the bugpocalypse, and also the work they’re doing to support identities for AI agents. This episode is also available on YouTube. Show notes The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are | wired.com U.S. says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’ | TechCrunch Security DOD location data attachment (Wyden) | Risky Business #830 -- LiteLLM and security scanner supply chains compromised | Risky Business Media US has seized nearly $1 billion in crypto from Iran, Bessent says | Russia claims foreign spy agencies hacked officials' phones | therecord.media Hackers are trying to steal Signal users’ backups in new wave of phishing attacks | TechCrunch Security We Sued ICE to Get Its Spyware Contract. The Agency Is Redacting Essentially Everything | Social Signals Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more | therecord.media A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure | Social Signals Microsoft says it will not pursue security researchers after zero-day backlash | therecord.media IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities | Social Signals Federal audit reveals NIST’s NVD is plagued by poor planning and duplication | cyberscoop.com Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts | krebsonsecurity.com Critical Windows Netlogon RCE flaw now exploited in attacks | BleepingComputer CISA adds exploited Palo Alto Networks GlobalProtect flaw to KEV | Cybersecurity Dive Password manager Dashlane says hackers stole some customers’ password vaults | TechCrunch Security CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain | cyberscoop.com Botnet of more than 17 million devices dismantled | arstechnica.com Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans | therecord.media ACCC investigating Olympics ticket scam | ABC Dozens of Red Hat packages backdoored through its offical NPM channel | arstechnica.com Solo podcast: A deep dive on TeamPCP - Risky Business Media | Trump administration releases scaled-back AI executive order | cyberscoop.com Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket | cyberscoop.com
SummaryRisky Business #839 -- TeamPCP stole GitHub's internal repos
4w ago01:00:23Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: TeamPCP breached GitHub’s internal repos. Now what? Some absolute plonker glued Coruna to a hijacked npm package CISA is worried about about open source and wants third party submissions for KEV AI infrastructure is “systemically” insecure Much, much more This week’s episode is sponsored by allowlisting vendor Airlock Digital. Airlock’s founders David Cottingham and Daniel Schell join Patrick Gray to talk about Microsoft briefly flagging DigitCert’s root certificate as malware. Fun! This episode is also available on YouTube Show notes GitHub confirms being hacked by TeamPCP, says customer data unaffected | therecord.media Grafana Labs links GitHub environment breach to TanStack npm supply chain attack | Cybersecurity Dive Coruna Respawned: Compromised art-template npm Package Leads... | Socket CISA chief frets about open-source vulnerabilities, delayed security improvements | cyberscoop.com Anthropic: Mythos finds more than 10,000 software flaws in first month | cyberscoop.com Pardon MIE? | ironPeak Blog CISA asks cybersecurity community to alert it to vulnerability exploitation | Cybersecurity Dive Lawmakers Demand Answers as CISA Tries to Contain Data Leak | krebsonsecurity.com Google publishes exploit code threatening millions of Chromium users | arstechnica.com Millions of AI agents imperiled by critical vulnerability in open source package | arstechnica.com Discord migrates all users to end-to-end encryption by default | The Record Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption | arstechnica.com Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada | krebsonsecurity.com Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages | Cybersecurity Dive FBI warns about fast-growing phishing kit targeting Microsoft 365 users | cyberscoop.com Analyzing the rise in device code phishing attacks in 2026 | Push Security Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses | TechCrunch Security Kash Patel’s clothing brand website shut down after reports it was hacked | TechCrunch Security Tulsi Gabbard resigns as US director of national intelligence | Social Signals When Certificate Trust Fails: The DigiCert Code-Signing Incident and Microsoft Defender False Positive |
SummaryRisky Business #838 -- GitHub investigates possible breach
May 2001:02:49Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: GitHub announced a possible breach CISA leaks important creds, keys in public repo Awful vulnerability in Bitlocker renders it useless without a PIN So. Many. Patches. Polish Government urges officials to ditch Signal for mSzyfr Much, much more This week’s show is brought to you by Thinkst Canary. Thinkst’s founder, Haroon Meer, is this week’s sponsor guest. He joined James Wilson to talk about how doing “the basics” in security isn’t trivially easy. This episode is also available on YouTube. Show notes GitHub on X: "We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely" / X CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran Iran hackers: Hackers have breached tank readers at gas stations; officials suspect Iran is responsible | CNN Politics War and Data Centers Are Driving Up the Cost of Fiber-Optic Cable Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold | The Record from Recorded Future News NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" - Risky Business Media Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog Project Glasswing: what Mythos showed us Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ First public macOS kernel memory corruption exploit on Apple M5 OpenAI launches Daybreak to combat cyber threats | Cybersecurity Dive Zero-day exploit completely defeats default Windows 11 BitLocker protections - Ars Technica GitHub - Wack0/bitlocker-attacks: A list of public attacks on BitLocker · GitHub Catalin Cimpanu: "The Polish government has advi…" - Mastodon CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday | The Record from Recorded Future News CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network | The Record from Recorded Future News Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN | Cybersecurity Dive Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs | The Record from Recorded Future News Streamer Realtime Deepfakes Himself into Mr. Beast, Says He Loves 'Touching Little Boys'
SummarySoap Box: Where does AI fit into cloud security?
May 1500:33:37Summary readyIn this sponsored soap box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, the founder of Prowler. Prowler started off as a bunch of scripts in a trenchcoat, then became an open source cloud security tool, and it’s now a venture-funded cloud security business. In this interview Toni talks us through how AI is changing the game for him as an open source project owner, and as a vendor. In short, reports of the death of IT and security tooling at the hands of frontier models have been greatly exaggerated. This episode is also available on Youtube. Show notes
SummaryRisky Business #837 -- GitHub Actions footgun claims TanStack
May 1301:05:15Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github Actions Instructure pays Canvas elearning platform data extortionists More Linux privilege escalation 0days! CISA helping critical infrastructure operators rearchitect their networks so they work offline This week’s episode is sponsored by email security platform Sublime Security. Bobby Filar chats with Patrick about how agentic AI is being evaluated by buyers in a marketplace that’s experiencing “AI fatigue”. This episode is also available on Youtube. Show notes ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack | CyberScoop Hardening TanStack After the npm Compromise | TanStack Blog Canvas Breach Disrupts Schools & Colleges Nationwide – Krebs on Security Instructure pays ransom after Canvas incident as Congress announces investigation | The Record from Recorded Future News When DNSSEC goes wrong: how we responded to the .de TLD outage Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog Mythos smythos! How to find 0day with lesser models - Risky Business Media GitHub - V4bel/dirtyfrag · GitHub retr0.zip NVD - CVE-2026-42511 Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI | CyberScoop Ivanti customers confront yet another actively exploited zero-day | CyberScoop Palo Alto warns of critical software bug used in firewall attacks | The Record from Recorded Future News Where Have All the Complex Windows Malware and Their Analyses Gone? Meet Rassvet, Russia’s Answer to Starlink | WIRED DOJ says ransomware gang tapped into Russian government databases | TechCrunch Iranian government hackers using Chaos ransomware as cover, researchers say | The Record from Recorded Future News Foxconn confirms cyberattack impacting North American factories | The Record from Recorded Future News New CISA initiative aims for critical infrastructure to operate offline during cyberattacks | The Record from Recorded Future News ‘HELLO BOSS’: Inside the Chinese Realtime Deepfake Software Powering Scams Around the World How to Disable Google's Gemini in Chrome | WIRED FCC pushes ban on security updates for foreign-made routers, drones to 2029 | The Record from Recorded Future News
SummaryRisky Business #836 -- You can't patch the bugpocalypse
May 601:01:56Summary readyOn this week’s show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week’s cybersecurity news, including: The US Government says we just have to patch faster, but… Bugs in cPanel, MoveIt and all Linux distributions this week show that patching alone isn’t enough James gets mad about lame AI Agent adoption advice from the US and Australian Governments James Kettle and Niels Provos both showed us that any model can find 0day like Mythos And the cyber-assisted theft of cargo results in an astonishing loss of $725 million dollars This week’s show is sponsored by SpecterOps. Their CTO, Jared Atkinson, chats to Pat about the big changes in the threat landscape, brought about by AI, that are causing a pivot away from detection and remediation, and toward prevention. This episode is also available on Youtube. Show notes Exclusive: US officials weigh cutting deadlines to fix digital flaws amid worries over AI-powered hacking, sources say | Reuters British cyber agency warns of looming ‘patch wave’ as AI speeds flaw discovery | The Record from Recorded Future News Federal agencies must patch cPanel bug by Sunday, CISA says | The Record from Recorded Future News cPanel zero-day exploited for months before patch release (CVE-2026-41940) - Help Net Security The most severe Linux threat to surface in years catches the world flat-footed - Ars Technica New MOVEit vulnerabilities prompt urgent patch warning | Cybersecurity Dive US and allies urge ‘careful adoption’ of AI agents | Cybersecurity Dive careful_adoption_of_agentic_ai_services.pdf User just tricked Grok and Bankrbot to send tokens with Morse code - Cryptopolitan Finding Zero-Days with Any Model (1872) Sponsored: James Kettle built an AI hacker - YouTube Feature Interview: Nicholas Carlini, Anthropic - Risky Business Media Trellix investigating breach of source code repository | Cybersecurity Dive Popular DAEMON Tools software compromised | Securelist Komari Red: The Monitoring Tool with a Built-in Reverse Shell | Huntress Hackers earning millions from hijacked cargo, FBI says | The Record from Recorded Future News Congress punts FISA renewal to June | The Record from Recorded Future News Cops Use Apple Data And Car Bluetooth To Identify Crypto Robbery Suspect Stewart Baker, outspoken voice on cybersecurity and national security law, dies at 78 | IAPP
Summary