Risky Business

Risky Business #841 -- Microsoft gets owned and 0day'd Jun 10, 2026 3782 On this week’s show special guest co-host Chris Wade, the founder of Corellium turned Cellebrite CTO, joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. They cover: Microsoft has repos owned, GitHub tokens popped, and a new 0day dropped on them Meanwhile, researchers are choosing full disclosure instead of engaging MSRC Meta’s AI s

Soap Box: Detection and response in the AI age Jun 5, 2026 2195 In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Edward Wu, founder of Dropzone, about what AI is doing to detection, response and the SOC more generally. Dropzone makes AI agents that conduct alert investigations in your SOC, but will the SOC as we know it even exist in the future? Ed has a deep expertise in SOC tech, having

Risky Business #840 -- Microsoft walks back researcher threats Jun 3, 2026 3963 On this week’s show special guest co-host Andy Boyd joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Andy is the CEO of REDLattice, which makes the Paragon “intelligence collection and reconnaissance” solution. They cover: Adversaries are tracking US troop locations with commercially available location data A new Signal phishing ca

Risky Business #839 -- TeamPCP stole GitHub's internal repos May 27, 2026 3623 On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: TeamPCP breached GitHub’s internal repos. Now what? Some absolute plonker glued Coruna to a hijacked npm package CISA is worried about about open source and wants third party submissions for KEV AI infrastructure is “systemically” insecure Mu

Risky Business #838 -- GitHub investigates possible breach May 20, 2026 3769 On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: GitHub announced a possible breach CISA leaks important creds, keys in public repo Awful vulnerability in Bitlocker renders it useless without a PIN So. Many. Patches. Polish Government urges officials to ditch Signal for mSzyfr Much, much

Soap Box: Where does AI fit into cloud security? May 15, 2026 2017 In this sponsored soap box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, the founder of Prowler. Prowler started off as a bunch of scripts in a trenchcoat, then became an open source cloud security tool, and it’s now a venture-funded cloud security business. In this interview Toni talks us through how AI is changing the game for hi

Risky Business #837 -- GitHub Actions footgun claims TanStack May 13, 2026 3915 On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github Actions Instructure pays Canvas elearning platform data extortionists More Linux privilege escalation 0days! CISA helping critical infrastructure operators rearchitect their networks so

Risky Business #836 -- You can't patch the bugpocalypse May 6, 2026 3716 On this week’s show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week’s cybersecurity news, including: The US Government says we just have to patch faster, but… Bugs in cPanel, MoveIt and all Linux distributions this week show that patching alone isn’t enough James gets mad about lame AI Agent adoption advice

Snake Oilers: Ent AI, Spacewalk and Mondoo May 1, 2026 2639 In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products: Ent AI: Co-founder Brandon Dixon pitched Ent, an intent-aware, AI-powered endpoint security control. Spacewalk AI: Founders Chris Fuller and Tim Wenzlau pitch Spacewalk, an AI-powered incident response platform. Mondoo: Co-founder Do

Risky Business #835 -- Why the Fast16 malware is badass Apr 29, 2026 3988 On this week’s show, Patrick Gray and James Wilson are joined by special guest-host Dmitri Alperovitch. They discuss the week’s cybersecurity news, including: The US government is mad as hell about Chinese firms stealing American AI technology Dmitri has an opinion or two about the US selling Nvidia chips to China Speaking of Chinese AI, Kimi’s new 2.6 is ver

Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs Apr 22, 2026 3633 On this week’s show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week’s cybersecurity news, including: Vercel got owned, and there’s a few infostealer and compromised employee dots to connect Mozilla used Mythos to find 271 bugs, which feels like a sign of the bug-pocalypse Speaking of the bug-pocalypse, is that why N

Risky Business #833 -- The Great Mythos Freakout of 2026 Apr 15, 2026 3585 On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Everyone has an opinion about Claude Mythos… even though almost nobody has used it yet CISA adds a 2009 Excel bug to the KEV list, u wot? Adobe also parties like it’s the 2000s, and fixes an Acrobat Reader bug Disgraced former Trenchant exec P

Snake Oilers: Burp AI, Sondera and Truffle Security Apr 9, 2026 2880 In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products: Burp AI and DAST: The founder of PortSwigger and creator of legendary security software Burp Suite, Dafydd Stuttard, drops by to pitch listeners on Burp AI and Burp Suite DAST. Sondera: Josh Devon talks about Sondera, a technology designed to

Risky Business #832 -- Anthropic unveils magical 0day computer God Apr 8, 2026 3210 On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s new Mythos model hunts bugs and chains exploits together so well that… you cant have it… …Unless you’re one of their Project Glasswing partners The world isn’t short on bugs, though. F5, Fortinet, Progress ShareFile, and TrueConf are

How the World Got Owned Episode 2: The 1990s, Part One Apr 3, 2026 2806 In this special documentary episode, Patrick Gray and Amberleigh Jack take a look back at hacking throughout the 1990s, from the feel-good vibes of the early hacking communities to the antics of young hackers who wound up on the run from the FBI. Part one features recollections from: Jeff Moss (The Dark Tangent), DefCon and Black Hat founder Chris Wysopal (Wel

Risky Business #831 -- The AI bugpocalypse begins Apr 1, 2026 3580 On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package TeamPCP appear to have ransacked Cisco’s source and cloud environments AI is getting legitimately good at being told to “just go find some 0day in this” Kaspers

Soap Box: Red teaming AI systems with SpecterOps Mar 27, 2026 1811 In this sponsored Soap Box edition of the show, Patrick Gray and James Wilson talk about red teaming AI systems with Russel Van Tuyl, Vice President of Services at elite penetration testing firm SpecterOps. SpecterOps is the company behind attack path enumeration tool Bloodhound and Bloodhound Enterprise, but they’re also a pentest and red teaming shop with world cl

Risky Business #830 -- LiteLLM and security scanner supply chains compromised Mar 25, 2026 3833 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They talk through: TeamPCP’s supply chain attack on Github, and they threw in an anti-Iran wiper, because why not?! Anthropic hooks up its models to just… use your whole computer After Stryker’s Very Bad Day, CISA says maybe add some more controls around yo

Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat Mar 18, 2026 3825 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss: Iran’s Intune-based wiper attack on medical device maker Stryker Qihoo 360’s AI publishes its own wildcard TLS cert private key Instagram is canning its end-to-end encrypted messaging What’s going on with mobile internet access in Moscow?

Risky Biz Soap Box: It took a decade, but allowlisting is cool again Mar 12, 2026 1645 In this Soap Box edition of the Risky Business podcast Patrick Gray sits down with Airlock Digital co-founders Daniel Schell and David Cottingham to talk about the role AI models could play in managing enterprise allowlists. They also talk about the durability of allowlisting as a control. After 12 years in business, the Airlock product hasn’t really changed all tha

Risky Business #828 -- The Coruna exploits are truly exquisite Mar 11, 2026 3748 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: The Coruna exploits were L3 Harris, but it seems Triangulation… was not! Iran’s cyber HQ hit by Israeli (kinetic) strikes Trump’s cyber “strategy” is … well, all we’ve got is jokes cause there’s no serious content NSA and CyberCom finally get

Risky Business #827 -- Iranian cyber threat actors are down but not out Mar 4, 2026 3684 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: The US-Israeli attack on Iran had a whole lot of cyber. It’s clearly in the playbook now! The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers So long Maddhu Gottumukkala, but CIS

Risky Business #826 -- A week of AI mishaps and skulduggery Feb 25, 2026 3971 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: Low skill actors compromise 600 Fortinets with AI-generated playbooks Anthropic calls out Chinese AI firms over model distillation Meta’s director of AI safety tells her ClawdBot not to delete her mail… so of course it does Peter Williams cops

Risky Biz Soap Box: The lethal trifecta of AI risks Feb 19, 2026 2253 There’s a lethal trifecta of AI risks: access to private data, exposure to untrusted content, and external communication. In this conversation, Risky Business host Patrick Gray chats with Josh Devon, the co-founder of Sondera, about how to best address these risks. There is no magic solution to this problem. AI models mix code and data, are non-deterministic, and ar

Risky Business #825 -- Palo Alto Networks blames it on the boogie Feb 18, 2026 3793 On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: Palo Alto threat researchers want to attribute to China, but management says shush An increasing proportion of ransomware is data extortion. Is this good? Cambodia says it’s going to dismantle scam compounds CISA sufferers through yet another

Risky Business #824 -- Microsoft's Secure Future is looking a bit wobbly Feb 11, 2026 3373 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Microsoft reshuffles security leadership. It doesn’t spark joy. Russia is hacking the Winter Olympics. Again. But y tho? China-linked groups are keeping busy, hacking telcos in Norway, Singapore and dozens of others Campaigns underway targeting Ivanti, Beyond

Risky Business #823 -- Humans impersonate clawdbots impersonating humans Feb 4, 2026 3369 Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week’s cybersecurity news, including: Notepad++ update supply chain attack has been attributed to China The AI agent future is even more stupid than expected; behold the OpenClaw/Clawdbot/Moltbook mess The Epstein files claim he had a pe

Risky Business #822 -- France will ditch American tech over security risks Jan 28, 2026 3845 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They discuss: La France is tres sérieux about ditching US productivity software China’s Salt Typhoon was snooping on Downing Street Trump wields the mighty DISCOMBOBULATOR ESET says the Polish power grid wiper was Russia’s GRU Sandworm crew US cyber institutions CISA

Risky Business #821 -- Wiz researchers could have owned every AWS customer Jan 21, 2026 3886 In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela’s power grid, or do they just want us to think th

Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!) Jan 14, 2026 3555 Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including: Santa brings hackers MongoDB memory leaks for Christmas Vercel pays out a million bucks to improve its React2Shell WAF defences 39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPG Cambodian scam compound kingpin g

How the World Got Owned Episode 1: The 1980s Jan 6, 2026 3816 In this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo’s Egg st

Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack Dec 17, 2025 3245 In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?! Russian junk-hacktivist

Risky Biz Soap Box: Graph the planet! Dec 11, 2025 2573 In this sponsored Soap Box edition of the Risky Business podcast, Patrick Gray chats with Jared Atkinson, CTO of SpecterOps, about BloodHound OpenGraph. OpenGraph enumerates attack paths across platforms and services, not just your primary directories. A compromised GitHub account to on-prem AD compromise attack path? It’s a thing, and OpenGraph will find it. Cros

Risky Business #818 -- React2Shell is a fun one Dec 10, 2025 3507 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: There’s a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate? China is out popping shells with it Linux adds support for PCIe bus encryption Amnesty International says Intellexa can just TeamViewer into its customers’ surveillan

Risky Business #817 -- Less carnage than your usual Thanksgiving Dec 3, 2025 3666 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about: Airbus rolls out software updates after a cosmic ray bitflips an A320 into a dive Krebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec… … as Wired publis

Risky Business #816 -- Copilot Actions for Windows is extremely dicey Nov 26, 2025 3487 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Salesforce partner Gainsight has customer data stolen Crowdstrike fires insider who gave hackers screenshots of internal systems Australian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigs Shai-Hulud npm/Github worm is back, and

Risky Biz Soap Box: Greynoise knows when bad bugs are coming Nov 20, 2025 2271 In this sponsored Soap Box edition of the podcast, Andrew Morris joins Patrick Gray to talk about how Greynoise can often get a 90 day heads up on serious vulnerabilities. Whether it’s malicious actors doing reconnaissance or the affected vendors trying to understand the scope of the problem, it seems that mass scanning activity lines up pretty nicely with typical 90

Risky Business #815 -- Anthropic's AI APT report is a big deal Nov 19, 2025 3084 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Anthropic says a Chinese APT orchestrated attacks using its AI It’s a day ending in -y, so of course there are shamefully bad Fortinet exploits in the wild Turns out slashing CISA was a bad idea, now it’s time for a hiring spree Researchers brute force entire

Risky Business #814 -- It's a bad time to be a scam compound operator Nov 12, 2025 3799 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The KK Park scam compound in Myanmar gets blasted with actual dynamite China sentences more scammers TO DEATH While Singapore is opting to lash them with the cane Chinese security firm KnownSec leaks a bunch of documents Necromancy continues on NSO Group, w

Risky Business #813 -- FFmpeg has a point Nov 5, 2025 3908 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google OpenAI announces its Aardvark bug-gobbling system Two US ransomware responders get arrested for… ransomware Memento (nee HackingTeam) CEO says: Sì, those are totally our

Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD Oct 29, 2025 3974 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts disabling St

Risky Business #811 -- F5 is the tip of the crap software iceberg Oct 22, 2025 3111 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: China has been rummaging in F5’s networks for a couple of years Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system Salesforce hackers use their stolen data trove to dox NSA, ICE employees Crypto stealing, proxy-deployin

Wide World of Cyber: A deep dive on the F5 hack Oct 21, 2025 2351 In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag. Show notes

Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business Oct 16, 2025 1849 In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space. After listening to this interview you’ll understand why the credit card company spent $

Risky Business #810 -- Data extortion attacks have a silver lining Oct 15, 2025 3792 In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: FBI intervenes in Scattered Spider Salesforce leaksite Clop loots Oracle E-Biz deployments Plus so much more data extortion.. At least it’s not ransomware … we guess? The US still can’t decide who’s gonna be in charge of NSA & Cybercom Cambodian scam co

Snake Oilers: Realm Security, Horizon3 and Persona Oct 7, 2025 2740 In this edition of the Snake Oilers podcast, three vendors pop in to pitch you all on their wares: Realm Security: A security focussed, AI-first data pipeline platform Horizon3: AI hackers! Pentesting robots!! They’re coming fer yur jerbs! Persona: Verify customer and staff identities with live capture This episode is also available on Youtube.

Risky Business #809 -- Hackers try to pay a journalist for access to the BBC Oct 1, 2025 2368 On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including: Hackers learn that trying to coerce a journalist just makes for … a great story? A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too. Adam fanboys over Watchtowr Labs wh

Risky Business #808 -- Insane megabug in Entra left all tenants exposed Sep 24, 2025 3157 On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including: Secret Service raids a SIM farm in New York MI6 launches a dark web portal Are the 2023 Scattered Spider kids finally getting their comeuppance? Production halt continues for Jaguar Land Rover GitHub tightens its security after Shai-Hulud worm

Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc Sep 17, 2025 3199 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Shai-Hulud worm propagates via npm and steals credentials Jaguar Land Rover attack may put smaller suppliers out of business Leaked data emerges from the vendor behind the Great Firewall of China Vastaamo hacker walks free while appeal is underway Why is a

Risky Biz Soap Box: runZero shakes up vulnerability management Sep 15, 2025 2057 In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management. With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your ne

Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal Sep 10, 2025 3102 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Apple ruins exploit developers’ week with fresh memory corruption mitigations Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack Salesloft says its GitHub was the initial entry point for its compromise Sitecore says people should

Snake Oilers: Nebulock, Vali Cyber and Cape Sep 8, 2025 2793 In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares: Automated, AI-powered threat hunting with Nebulock Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup" Sep 3, 2025 3715 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The Salesloft breach and why OAuth soup is a problem The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed Google says it will stand up a “disruption unit” Microsoft writes up a ransomware gang that’s all-in on the cloud fut

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy Aug 27, 2025 3212 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Australia expels Iranian ambassador Hackers sabotage Iranian shipping satcoms APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK? Trail of Bits uses image-downscaling to sneak prompts into Google Gemini The Com’s King Bob gets ten

Wide World of Cyber: Microsoft's China Entanglement Aug 25, 2025 2743 The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China. Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs Aug 20, 2025 3508 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Oracle’s long term CSO departs, and we’re not that sad about it Canada’s House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind chil

Risky Biz Soap Box: How to measure vulnerability reachability Aug 14, 2025 2148 In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications. It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application. They also talk

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds Aug 13, 2025 3600 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: CISA warns about the path from on-prem Exchange to the cloud Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are Everyone and their dog seems to have a shell in US Federal Court information systems Googl

Risky Business #801 -- AI models can hack well now and it's weirding us out Aug 6, 2025 3961 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut. This episode explores the rise of AI-powered bug hunting: Google’s Project Zero and Deepmind team up to find and re

Soap Box: Why AI can't fix bad security products Aug 1, 2025 2231 In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices. This episode is also available on Youtube. Show notes

Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP Jul 30, 2025 3217 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hacked by

Risky Business #799 -- Everyone's Sharepoint gets shelled Jul 23, 2025 4435 Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not) She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’) Four (alleged) Scattered Spider members arrested (and bailed) in the

Risky Biz Soap Box: Prowler, the open cloud security platform Jul 14, 2025 1928 In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler. Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community

Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses Jul 2, 2025 3739 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Australian airline Qantas looks like it got a Scattered Spider-ing Microsoft works towards blunting the next CrowdStrike disaster Changes are coming for Microsoft’s default enterprise app consenting setup Synology downplays hardcoded passwords for its M365 cloud backup

Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators Jun 25, 2025 3736 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: We roll our eyes over the “16 billion credentials” leak hitting mainstream news Some interesting cyber angles emerge from the conflict in Iran Opensource maintainer of libxml2 is fed up with this hacker crap Shockingly, there are yet more ways to trick people into pasti

Risky Business #796 -- With special guest co-host Chris Krebs Jun 18, 2025 3664 On this week’s show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the week’s cybersecurity news. They talk through: Israeli “hacktivists” take out an Iranian state-owned bank Scattered-spider and friends pivot into attacking insurers Securing identities in a cloud-first world keeps us awake at night Microsoft takes the “aa

Soap Box: AI has entered the SOC, and it ain't going anywhere Jun 16, 2025 1858 In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Dropzone AI founder Ed Wu about the role of LLMs in the SOC. The debate about whether AI agents are going to wind up in the SOC is over, they’ve already arrived. But what are they good for? What are they NOT good for? And where else will we see AI popping up in security? This e

Risky Business #795 -- How The Com is hacking Salesforce tenants Jun 11, 2025 4054 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: New York Times gets a little stolen Russian FSB data as a treat iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign Researcher figures out a trick to get Google account holders’ full names and phone numbers Major US food distributor gets

Risky Business #794 -- Psychic Panda outgunned by Fluffy Lizard and UNC56728242 Jun 4, 2025 3502 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Cyber firms agree to deconflict and cross-reference hacker group names Russian nuclear facility blueprints gathered from public procurement websites Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons Germany identifies the Trickbot kingp

Risky Business #793 -- Scattered Spider is hijacking MX records May 28, 2025 3892 In this week’s edition of Risky Business Dmitri Alperovitch and Adam Boileau join Patrick Gray to talk through the week’s news, including: EXCLUSIVE: A Scattered Spider-style crew is hijacking DNS MX entries and compromising enterprises within minutes The SVG format brings the all horrors of HTML+JS to image files, and attackers have noticed Brian Krebs eats

Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now May 21, 2025 3181 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: TeleMessage memory dumps show up on DDoSecrets Coinbase contractor bribed to hand over user data Telegram does seem to be actually cooperating with law enforcement Britain’s legal aid service gets 15 years worth of applicant data stolen Shocking no one, Ivanti were wea

Risky Biz Soap Box: Push Security's browser-first twist on identity security May 15, 2025 2064 In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account tha

Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys May 14, 2025 3472 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back! The ransomware ecosystem is finding life a bit tough lately SAP Netweaver bug being used by Chinese APT crew Academics keep just keep finding CPU side-channel attacks And of course… bug

Wide World of Cyber: How state adversaries attack security vendors May 9, 2025 3162 In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne’s Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them. From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns. This edition of the

Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate May 7, 2025 3372 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow. Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad After six years dormant, a Magento eCommerce platfor

BONUS INTERVIEW: Senator Mark Warner on Signalgate, Volt Typhoon and tariffs May 6, 2025 2984 In this extended interview the Vice Chair of the Senate Select Committee on Intelligence, Senator Mark Warner, joins Risky Business host Patrick Gray to talk about: The latest developments in the Signalgate scandal Why America needs to be more aggressive in responding to Volt Typhoon How tariffs are affecting American alliances Why the Five Eyes alliance is

Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful Apr 30, 2025 3751 On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: British retail stalwart Marks & Spencer gets cybered South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups Juice jacking!

Snake Oilers: LimaCharlie, Honeywell Cyber Insights, CobaltStrike and Outflank Apr 28, 2025 2330 In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products: LimaCharlie: A public cloud for SecOps Honeywell Cyber Insights: An OT security/discovery solution Fortra’s CobaltStrike and Outflank: Security tooling for red teamers This episode is also available on Youtube. Sh

Snake Oilers: Pangea, Cosive and Sysdig Apr 17, 2025 2865 In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech: Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud) Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff. Cosive: A threat int

Risky Business #788 -- Trump targets Chris Krebs, SentinelOne Apr 16, 2025 3215 On this week’s show Patrick Gray talks to former NSA Cybersecurity Director Rob Joyce about Donald Trump’s unprecedented, unwarranted and completely bonkers political persecution of Chris Krebs and his employer SentinelOne. They also talk through the week’s cybersecurity news, covering: Mitre’s stewardship of the CVE database gets its funding DOGE’d The US sig

Episodes

Recommended

—