Podcasts

News, analysis and commentary

Risky Biz Soap Box: Run your own open source IDP with Authentik

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this SoapBox edition of the show Patrick Gray chats to Fletcher Heisler, the CEO of open-source identity provider Authentik.

The whole idea of Authentik is you can take control of an essential IT and security function: identity. Because Authentik is open source it’s extremely flexible, and if you’re running it yourself, you get to decide where your IDP should sit in your architecture. You can run it on prem if you’re an emergency call centre or you’re operating an airgapped network, or you can spin it up in your cloud environment if you’re a typical enterprise.

Fletcher talks through the reasons Authentik users are decoupling themselves from the major SaaS Identity Providers, and the flexibility that comes from being able to assemble exactly what you need.

Risky Biz Soap Box: Run your own open source IDP with Authentik
0:00 / 38:02

Srsly Risky Biz: Governments are losing the crypto wars

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

In this podcast Tom Uren and Patrick Gray talk about Apple’s refusal to obey a UK government order to provide the capability to access to encrypted iCloud data. Its the latest round in the ongoing government vs technology fights over warrant-proof encryption, and again it looks like governments will lose.

They also talk about good news in the fight against ransomware. Government actions are putting pressure on the cyber criminal ecosystem, splintering groups and even making it hard to for crooks to convert cryptocurrency to hard cash.

This episode is also available on [Youtube](

Srsly Risky Biz: Governments are losing the crypto wars
0:00 / 18:32

Risky Business #779 -- DOGE staffer linked to The Com

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Musk’s DOGE kid has a history with The Com
  • Paragon fires Italy as a spyware customer
  • Thailand cuts power to scam compounds…
  • … and arrests Phobos/8Base Russian cybercrims
  • The CyberCX DFIR report shows non-U2F MFA is well and truly over
  • And much, much more.

This week’s episode is sponsored by Dropzone.AI. They make an AI SOC analysis platform that relieves your analysts of the necessary but tedious work, so they can focus on the value of human insight. Dropzone’s founder and CEO Edward Wu joins to talk about how they approach the problem.

This episode is also available on Youtube.

Risky Business #779 -- DOGE staffer linked to The Com
0:00 / 58:48

Between Two Nerds: A Paragon of virtue

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq talk about Israeli spyware vendor Paragon, how and why it positions itself to sell to the US market, and how its capabilities might work.

Between Two Nerds: A Paragon of virtue
0:00 / 22:34

Risky Bulletin: Browser extension supply chain attack hits AdsPower

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

Risky Bulletin: Browser extension supply chain attack hits AdsPower
0:00 / 6:13

Srsly Risky Biz: DeepSeek a boon for Chinese APTs

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

UPDATED AUDIO: An earlier version of this podcast audio contained an editing mistake that desynchronised Patrick and Tom’s audio.

In this podcast Tom Uren and Patrick Gray talk about the cyber espionage implications of Chinese AI firm DeepSeek’s recently released models. They will certainly be picked up by various APT crews to try and accelerate their campaigns.

They also discuss the UK NCSC’s attempt to quantify ‘comedy bugs’ and whether EU sanctions against Russian military intelligence officers for a five-year-old cyber espionage campaign targeting Estonia are pointless.

Srsly Risky Biz: DeepSeek a boon for Chinese APTs
0:00 / 18:23

Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • DeepSeek leaves an unauthed database on the internet
  • Russia hacked UK prime minister’s personal mail
  • Australia sanctions a Telegram group… which is more sensible than it sounds
  • Medical device backdoor turns out to be just poorly thought out upgrade feature
  • Google abuses weak hashing to patch AMD CPU microcode
  • And much, much more.

This week’s episode is sponsored by email security boffins Sublime. Their co-founder and CEO Josh Kamdjou joins to talk about how attackers’ abuse of legitimate services like Docusign is a challenge for email security vendors.

Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems
0:00 / 56:28

Risky Bulletin: UK Prime Minister's personal email hacked by Russia

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

Risky Bulletin: UK Prime Minister's personal email hacked by Russia
0:00 / 6:41

Between Two Nerds: How the internet gets Salt Typhoon wrong

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how the compromise of US telecommunications companies by Chinese hackers has very little to do with US government lawful intercept laws.

Between Two Nerds: How the internet gets Salt Typhoon wrong
0:00 / 22:23

Risky Bulletin: US authorities sound the alarm on a medical device backdoor

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird.

Risky Bulletin: US authorities sound the alarm on a medical device backdoor
0:00 / 6:32