20 episodes

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Risky Business Patrick Gray

    • Technology
    • 4.7 • 326 Ratings

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

    Risky Business #693 -- Hive takedown is the beginning, not the end

    Risky Business #693 -- Hive takedown is the beginning, not the end

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    A look at the Hive takedown
    UK’s Royal Mail still struggling
    GitHub’s code signing certificates stolen
    TSA misses the point on no-fly list theft
    Much, much more


    This week’s show is brought to you by Remediant, which is now a part of Netwrix.

    Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Biz Soap Box: Tools alone won't solve your vuln management problems

    Risky Biz Soap Box: Tools alone won't solve your vuln management problems

    In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.

    Risky Business #692 -- Google search results spew malware, phishing sites

    Risky Business #692 -- Google search results spew malware, phishing sites

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Google’s search results have become a malware-riddled sh*tshow
    Ransomware payment values dropped by 40% YoY in 2022
    Kraken takes over Solaris the old school way
    Grand Theft Auto RCE is wreaking havoc
    ManageEngine customers are all getting owned
    So you know, pretty much business as usual


    This week’s show is brought to you by Kroll.

    Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

    Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
    CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
    Cloudflare backs Mastodon
    Paul Nakasone: NSA did some great stuff! It was really good!
    Cisco won’t patch SMB routers sold in 2020
    Much, much more


    This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #690 -- 2023 will be a rough year for critical online services

    Risky Business #690 -- 2023 will be a rough year for critical online services

    On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes:


    Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume
    All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more
    A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem
    Why automotive security research will actually be interesting this year
    PLUS: A bunch of random news!


    This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff!

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

    Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

    Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

    On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:


    Apple to introduce user-encrypted backups, FBI is sad
    Twitter ices e2ee plans for DMs
    RackSpace is getting sued over its hosted Exchange ransomware incident
    Dodgy driving: Microsoft signs some shady stuff
    Japan to change laws, release the Shibas
    A look at the US NDAA
    Much, much more


    This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring.

    Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Customer Reviews

4.7 out of 5
326 Ratings

326 Ratings

User46451 ,

Best Security podcast available

Great combination of news, in depth interviews, and paid content.

TFWol ,

Hilarious and informative

My favorite part is when Patrick and Adam discuss the security news.

I usually end up crying from laughter, sometimes just wincing. It’s great stuff and super informative.

Especially when the news portions run long, it’s like dessert.

wwrsghggggdrgkjjfrd ,

Best Security Podcast

Wish there was more than one episode per week. More podcasts need to take a similar approach to sponsors (sponsor bit at the end and a separate episode for people to hawk their wares). Perfect blend of information, humour, and humility.

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
The Cut & The Verge
The New York Times
NPR
The Wall Street Journal

You Might Also Like

Johannes B. Ullrich
Cybereason
CyberWire, Inc.
Graham Cluley & Carole Theriault
Jack Rhysider
Recorded Future News