Risky Business

Patrick Gray
  • 4.6 (368)
  • TECH NEWS
  • UPDATED WEEKLY

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

  1. 4D AGO

    Risky Business #823 -- Humans impersonate clawdbots impersonating humans

    Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week’s cybersecurity news, including: Notepad++ update supply chain attack has been attributed to China The AI agent future is even more stupid than expected; behold the OpenClaw/Clawdbot/Moltbook mess The Epstein files claim he had a personal hacker? Microsoft is finally getting ready to (think about starting to begin to) disable NTLM by default The usual bugs in the usual things! Ivanti, Fortinet, and Solarwinds. Again. Telco hides a free trip in its privacy policy, someone actually reads it and wins! This weeks’s episode is sponsored by opensource IDP platform Authentik. CEO Fletcher Heisler talks to Pat about their new endpoint agent that can enforce device posture policies during login. This episode is also available on Youtube. Show notes The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit Notepad++ Hijacked by State-Sponsored Hackers | Notepad++ Notepad++ v8.8.3 - Self-signed Certificate: Certified by Code, Not Corporations | Notepad++ Hacking Moltbook: AI Social Network Reveals 1.5M API Keys | Wiz Blog lcamtuf on X: "Moltbook debate in a nutshell" / X Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site AndrewMohawk on X: "How exactly did an attacker send a message to your bot since you need to approve all the channels and set keys etc" / X Signal president warns AI agents are making encryption irrelevant Massive AI Chat App Leaked Millions of Users Private Conversations Runa Sandvik on X: New court record from the FBI details the state of the devices seized from Washington Post reporter Hannah Natanson EFTA01683874.pdf Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog Nobel Committee says Peace Prize winner likely revealed early by digital spying | Reuters County pays $600,000 to pentesters it arrested for assessing courthouse security - Ars Technica Advancing Windows security: Disabling NTLM by default - Windows IT Pro Blog Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts | Cybersecurity Dive CISA orders federal agencies to patch exploited SolarWinds bug by Friday | The Record from Recorded Future News CISA, security researchers warn FortiCloud SSO flaw is under attack | Cybersecurity Dive Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach | TechCrunch We Hid a Free Trip to Switzerland in Our Privacy Policy. Someone Found It in 2 Weeks. - Cape Between Two Nerds: The internal logic of Russian power grid attacks - YouTube

    56 min

  2. JAN 28

    Risky Business #822 -- France will ditch American tech over security risks

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They discuss: La France is tres sérieux about ditching US productivity software China’s Salt Typhoon was snooping on Downing Street Trump wields the mighty DISCOMBOBULATOR ESET says the Polish power grid wiper was Russia’s GRU Sandworm crew US cyber institutions CISA and NIST are struggling Voice phishing for MFA bypass is getting even more polished This episode is sponsored by Sublime Security. Brian Baskin is one of the team behind Sublime’s 2026 Email Threat Research report. He joins to talk through what they see of attackers’ use of AI, as well as the other trends of the year. This episode is also available on Youtube. Show notes France to ditch US platforms Microsoft Teams, Zoom for ‘sovereign platform’ amid security concerns | Euronews Suite Numérique plan - Google Search China hacked Downing Street phones for years Cyberattack Targeting Poland’s Energy Grid Used a Wiper Trump says U.S. used secret 'discombobulator' on Venezuelan equipment during Maduro raid | PBS News Risky Bulletin: Cyberattack cripples cars across Russia - Risky Business Media Lawmakers probe CISA leader over staffing decisions | CyberScoop Trump’s acting cyber chief uploaded sensitive files into a public version of ChatGPT - POLITICO Acting CISA director failed a polygraph. Career staff are now under investigation. - POLITICO NIST is rethinking its role in analyzing software vulnerabilities | Cybersecurity Dive Federal agencies abruptly pull out of RSAC after organizer hires Easterly | Cybersecurity Dive Real-Time phishing kits target Okta, Microsoft, Google Phishing kits adapt to the script of callers On the Coming Industrialisation of Exploit Generation with LLMs – Sean Heelan's Blog GitHub - SeanHeelan/anamnesis-release: Automatic Exploit Generation with LLMs Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" - Ars Technica Bypassing Windows Administrator Protection - Project Zero Task Failed Successfully - Microsoft’s “Immediate” Retirement of MDT - SpecterOps Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission WhatsApp's Latest Privacy Protection: Strict Account Settings - WhatsApp Blog Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive | WIRED Key findings from the 2026 Sublime Email Threat Research Report

    1h 4m

  3. JAN 21

    Risky Business #821 -- Wiz researchers could have owned every AWS customer

    In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela’s power grid, or do they just want us to think they coulda? US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them mad MS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting down Wiz pulls off cloud stunt hack that ends with control of everyone’s AWS console Millions of Bluetooth devices that use Google’s Fast Pairing will pair with anyone, any time GNU inet-tools’ telnetd parties like it’s 2007, and brings -f root unauthed remote login back Thinkst is this week’s sponsor, and long time friend of the show Haroon Meer joins. As always they’re polishing their Canary tokens - adding breadcrumbs to lead you to them - but they’re also a bunch of giant nerds who now run South Africa’s Computer Olympiad. This episode is also available on Youtube. Show notes Cyberattack in Venezuela Demonstrated Precision of U.S. Capabilities - The New York Times Why I’m withholding certainty that “precise” US cyber-op disrupted Venezuelan electricity - Ars Technica Layered Ambiguity: US Cyber Capabilities in the Raid to Extract Maduro from Venezuela | Royal United Services Institute Former CISA Director Jen Easterly Will Lead RSAC Conference | WIRED Trump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO - Nextgov/FCW Federal agencies ordered to patch Microsoft Desktop Windows Manager bug | The Record from Recorded Future News Windows 11 shutdown bug forces Microsoft into damage control • The Register CodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz Blog Critical flaw in AWS Console risked compromise of build environment | Cybersecurity Dive Never-before-seen Linux malware is “far more advanced than typical” - Ars Technica VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point Research Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking | WIRED Critical flaw in Fortinet FortiSIEM targeted in exploitation threat | Cybersecurity Dive CVE-2025-64155: 3 Years of Remotely Rooting the FortiSIEM A single click mounted a covert, multistage attack against Copilot - Ars Technica Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader | The Record from Recorded Future News Jordanian initial access broker pleads guilty to helping target 50 companies | The Record from Recorded Future News Supreme Court hacker posted stolen government data on Instagram | TechCrunch oss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetd How crypto criminals stole $700 million from people - often using age-old tricks Ctrl + Alt + Chaos: How Teenage Hackers Hijack the Internet

    1h 5m

  4. JAN 14

    Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)

    Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including: Santa brings hackers MongoDB memory leaks for Christmas Vercel pays out a million bucks to improve its React2Shell WAF defences 39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPG Cambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for him Krebs picks apart the Kimwolf botnet and residential proxy networks So many healthcare data leaks that we have a roundup section This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code! This episode is also available on Youtube. Show notes US, Australia say ‘MongoBleed’ bug being exploited | The Record from Recorded Future News Merry Christmas Day! Have a MongoDB security incident. | by Kevin Beaumont | Dec, 2025 | DoublePulsar Inside Vercel’s sleep-deprived race to contain React2Shell | CyberScoop gpg.fail Hacktivist deletes white supremacist websites live onstage during hacker conference | TechCrunch Chinese attackers exploiting zero-day to target Cisco email security products | The Record from Recorded Future News Ni8mare  -  Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs ServiceNow patches critical AI platform flaw that could allow user impersonation | CyberScoop Alleged cyber scam kingpin arrested, extradited to China | The Record from Recorded Future News FCC IoT labeling program loses lead company after China probe | Cybersecurity Dive Trump picks Lt. Gen. Joshua Rudd to lead NSA spy agency - The Washington Post NSA cyber directorate gets new acting leadership | The Record from Recorded Future News Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years | The Record from Recorded Future News ECLI:NL:GHAMS:2026:22, Amsterdam Court of Appeal, 23-003218-22 The Kimwolf Botnet is Stalking Your Local Network – Krebs on Security Who Benefited from the Aisuru and Kimwolf Botnets? – Krebs on Security Coupang recovers smashed laptop that alleged data leaker threw into river | The Record from Recorded Future News Ransomware responders plead guilty to using ALPHV in attacks on US organizations | The Record from Recorded Future News Nearly 480,000 impacted by Covenant Health data breach | The Record from Recorded Future News Illinois health department exposed over 700,000 residents' personal data for years | TechCrunch Tech provider for NHS England confirms data breach | TechCrunch Hacker claiming to be behind ManageMyHealth breach: ‘I do it for the money and I’m in negotiations to get it’ - NZ Herald

    59 min

  5. JAN 6

    How the World Got Owned Episode 1: The 1980s

    In this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo’s Egg story. This podcast features the memories of: Jon Callas, former principal software engineer at Digital Equipment Corporation Mark Rasch, Morris Worm prosecutor Timothy Winslow, former 414 hacker Greg Chartrand, author of Cracking the Cuckoos Egg and Tony Sager, former NSA How the World Got Owned is produced in partnership with SentinelOne. Show notes 1988 Federal sentencing guidelines manual Computer Intruder is put on probation and fined $10,000 | The New York Times Computer Intruder is found guilty | The New York Times United States of America, Appellee, v. Robert Tappan Morris, Defendant-appellant, 928 F.2d 504 (2d Cir. 1991) The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage | Clifford Stoll Cracking the Cuckoo’s Egg: The Untold Story of tracking and finding Karl Koch aka Hagbard of the Chaos Computer Club | Greg Chartrand Computer Buffs Tapped NASA Files | The New York Times Young Computer Bandits Byte off More than They Could Chew | The Washington Post ‘Hacker’ is used by Mainstream Media, September 5, 1983 | EDN Neal Patrick to testify before congressional committee Wargames official trailer, 1983 CBS News Segment on Robert Morris Computer Hacker The Fall of the Berlin Wall | Sky News I Hacked a Nuclear Facility in the 1980’s. You’re Welcome | CNN

    1h 4m

  6. 12/17/2025

    Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack

    In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?! Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain Microsoft finally turns RC4 off by default in Active Directory Kerberos Traefik’s TLS verify=on … turns it off, whoopsie 🤡 This week’s episode is sponsored by Sublime Security, makers of an email filtering solution that’s up for dealing with modern problems. Founder and CEO Josh Kamdjou joins to talk about calendar invite phishing, and the extra steps they’ve had to take to reach into people’s calendars and fix the mess. The Risky Business weekly show is taking holiday break, and will return on 14 January for its twentieth year! Good luck out there, internet friends. This episode is also available on Youtube. Show notes React2Shell attacks expand widely across multiple sectors | Cybersecurity Dive React issues new patches after security researchers flag additional flaws | Cybersecurity Dive ConsentFix: Browser-native ClickFix hijacks OAuth grants Hacking Endpoint to Identity (Microsoft 365): "ConsentFix" - YouTube Announced pick for No. 2 at NSA won’t get the job as another candidate surfaces | The Record from Recorded Future News Laura Loomer on X: "EXCLUSIVE: 🚨 White House Official Confirms Ongoing Search for NSA Deputy Director As Tim Kosiba's Deep State And Anti-Trump Ties Raise Red Flags 🚨" Senior official at Indo-Pacific Command is set to be Trump’s pick to lead Cyber Command, NSA | The Record from Recorded Future News Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg PdV says cyber attacks contained | Latest Market News Venezuela state oil company blames cyberattack on US after tanker seizure | The Record from Recorded Future News Office of Public Affairs | Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups | United States Department of Justice DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure | The Record from Recorded Future News vx-underground on X: "The United States government has indicted a state-sponsored Threat Actor named Victoria Eduardovna Dubranova" vx-underground on X: "I'm actually laughing. One of the compromises is so dumb" German parliament suffers suspected cyber attack during Zelenskyy’s visit Während Selenskyj-Besuch: Große Internet-Störung im Bundestag! | Politik | BILD.de Germany summons Russian ambassador over cyberattack, election disinformation | The Record from Recorded Future News Russische hackgroep had toegang tot openbare waterfontein in Nederland | de Volkskrant Most Parked Domains Now Serving Malicious Content – Krebs on Security PornHub extorted after hackers steal Premium member activity data Office of Public Affairs | Senior Manager for Government Contractor Charged in Cybersecurity Fraud Scheme | United States Department of Justice Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - Ars Technica CVE-2025-66491: Traefik's "Verify=On" Turned TLS Off | AISLE Dylan O'Donnell 🦋 on X: "This week I was rushed to hospital with a diagnosis of oesophageal cancer."

    54 min

  7. 12/11/2025

    Risky Biz Soap Box: Graph the planet!

    In this sponsored Soap Box edition of the Risky Business podcast, Patrick Gray chats with Jared Atkinson, CTO of SpecterOps, about BloodHound OpenGraph. OpenGraph enumerates attack paths across platforms and services, not just your primary directories. A compromised GitHub account to on-prem AD compromise attack path? It’s a thing, and OpenGraph will find it. Cross-platform attack path enumeration! So good! This episode is also available on Youtube. Show notes

    43 min

  8. 12/10/2025

    Risky Business #818 -- React2Shell is a fun one

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: There’s a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate? China is out popping shells with it Linux adds support for PCIe bus encryption Amnesty International says Intellexa can just TeamViewer into its customers’ surveillance systems …and a Belgian murder suspect complains that GrapheneOS’s duress wipe feature failed him? This week’s episode is sponsored by Kroll Cyber. Simon Onyons is Managing Director at Kroll’s Cyber and Data Resilience arm, and he discusses a problem near to many of our hearts. Just how do you explain cyber risk to the board? This episode is also available on Youtube. Show notes Risky Bulletin: APTs go after the React2Shell vulnerability within hours - Risky Business Media Guillermo Rauch on X: "React2Shell" / X React2Shell-CVE-2025-55182-original-poc/README.md at main · lachlan2k/React2Shell-CVE-2025-55182-original-poc · GitHub Hydrogen: Shopify’s headless commerce framework Researchers track dozens of organizations affected by React2Shell compromises tied to China’s MSS | The Record from Recorded Future News Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary Three hacking groups, two vulnerabilities and all eyes on China | The Record from Recorded Future News Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers Sean Plankey nomination to lead CISA appears to be over after Thursday vote | CyberScoop 🕳 on X: "This guy is complaining that GrapheneOS “failed him”. Showing a Belgian 🇧🇪 police request for an interrogation regarding premeditated murder (as a suspect)." / X Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say | TechCrunch To Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware - Amnesty International Security Lab Is ransomware finally on the decline? Treasury data offers cautious hope | CyberScoop UK cyber agency warns LLMs will always be vulnerable to prompt injection | CyberScoop In comedy of errors, men accused of wiping gov databases turned to an AI tool - Ars Technica

    58 min
See All (102)

Hosts & Guests

4.6
out of 5
368 Ratings

About

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Information

  • Creator
    Patrick Gray
  • Years Active
    2007 - 2026
  • Episodes
    102
  • Rating
    Clean
  • Copyright
    © Copyright Risky Business Media 2007-2026
  • Show Website
    Risky Business

You Might Also Like