20 episodes

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Risky Business Patrick Gray

    • Technology
    • 4.9 • 181 Ratings

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

    Risky Business #693 -- Hive takedown is the beginning, not the end

    Risky Business #693 -- Hive takedown is the beginning, not the end

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    A look at the Hive takedown
    UK’s Royal Mail still struggling
    GitHub’s code signing certificates stolen
    TSA misses the point on no-fly list theft
    Much, much more


    This week’s show is brought to you by Remediant, which is now a part of Netwrix.

    Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Biz Soap Box: Tools alone won't solve your vuln management problems

    Risky Biz Soap Box: Tools alone won't solve your vuln management problems

    In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.

    Risky Business #692 -- Google search results spew malware, phishing sites

    Risky Business #692 -- Google search results spew malware, phishing sites

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Google’s search results have become a malware-riddled sh*tshow
    Ransomware payment values dropped by 40% YoY in 2022
    Kraken takes over Solaris the old school way
    Grand Theft Auto RCE is wreaking havoc
    ManageEngine customers are all getting owned
    So you know, pretty much business as usual


    This week’s show is brought to you by Kroll.

    Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

    Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
    CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
    Cloudflare backs Mastodon
    Paul Nakasone: NSA did some great stuff! It was really good!
    Cisco won’t patch SMB routers sold in 2020
    Much, much more


    This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #690 -- 2023 will be a rough year for critical online services

    Risky Business #690 -- 2023 will be a rough year for critical online services

    On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes:


    Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume
    All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more
    A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem
    Why automotive security research will actually be interesting this year
    PLUS: A bunch of random news!


    This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff!

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

    Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Apple to introduce user-encrypted backups, FBI is sad
    Twitter ices e2ee plans for DMs
    RackSpace is getting sued over its hosted Exchange ransomware incident
    Dodgy driving: Microsoft signs some shady stuff
    Japan to change laws, release the Shibas
    A look at the US NDAA
    Much, much more


    This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Customer Reviews

4.9 out of 5
181 Ratings

181 Ratings

ACRNeal ,

Best InfoSec podcast

Having worked in InfoSec for almost 20 years, Risky Business is hands down my go to source for industry news. Informative and entertaining, Pat and Adam do great work

Themenace60 ,

Common Sense

Not driven by Click Bait but real world News with common sense commentary- light on the superlatives

Brindicruiser ,

Excellent

By a good margin, my favourite security podcast. Informative, reliable, accessible and reliable. There are more in depth or more tech oriented podcasts, but I think risky business has a great balance.

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
Jack Rhysider
The New York Times
The Cut & The Verge
Andreessen Horowitz

You Might Also Like

Johannes B. Ullrich
Cybereason
CyberWire, Inc.
Graham Cluley & Carole Theriault
Jack Rhysider
Recorded Future News