Risky Business Podcast

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Salesforce partner Gainsight has customer data stolen
• Crowdstrike fires insider who gave hackers screenshots of internal systems
• Australian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigs
• Shai-Hulud npm/Github worm is back, and rm -rf’ier than ever
• SEC gives up on Solarwinds lawsuit
• Dog eats cryptographer’s key material

This week’s episode is sponsored by runZero. HD Moore pops in to talk about how they’re integrating runZero with Bloodhound-style graph databases. He also discusses uses for driving runZero’s tools with an AI, plus the complexities of shipping AI when the company has a variety of deployment models.

This episode is also available on Youtube.

In this sponsored Soap Box edition of the podcast, Andrew Morris joins Patrick Gray to talk about how Greynoise can often get a 90 day heads up on serious vulnerabilities. Whether it’s malicious actors doing reconnaissance or the affected vendors trying to understand the scope of the problem, it seems that mass scanning activity lines up pretty nicely with typical 90-day disclosure timelines.

A fascinating chat with Andrew, as always.

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Anthropic says a Chinese APT orchestrated attacks using its AI
• It’s a day ending in -y, so of course there are shamefully bad Fortinet exploits in the wild
• Turns out slashing CISA was a bad idea, now it’s time for a hiring spree
• Researchers brute force entire phone number space against Whatsapp contact discovery API
• DOJ figures out how to make SpaceX turn off scam compounds’ Starlink service

This week’s episode is sponsored by Mastercard. Senior Vice President of Mastercard Cybersecurity Urooj Burney joins to talk about how the roles of fraud and cyber teams in the financial sector are starting to converge. Mastercard also recently acquired Recorded Future, and Urooj talks about how they aim to integrate cyber threat intelligence into the financial world.

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The KK Park scam compound in Myanmar gets blasted with actual dynamite
• China sentences more scammers TO DEATH
• While Singapore is opting to lash them with the cane
• Chinese security firm KnownSec leaks a bunch of documents
• Necromancy continues on NSO Group, with a Trump associate in charge
• OWASP freshens up the Top 10, you won’t believe what’s number three!

This week’s episode is sponsored by Thinkst Canary. Big bird Haroon Meer joins and, as usual, makes a good point. If you’re going to trust a vendor to do something risky like put a box on your network, they have an obligation to explain how they make that safe. Thinkst has a /security page that does exactly that. So why do we let Palo Alto and Fortinet get away with “trust me, bro”?

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google
• OpenAI announces its Aardvark bug-gobbling system
• Two US ransomware responders get arrested for… ransomware
• Memento (nee HackingTeam) CEO says: Sì, those are totally our tools getting snapped in Russia
• Hackers help freight theft gangs steal shipments to resell
• A second Jabber Zeus mastermind gets his comeuppance 15 years on

This week’s episode is sponsored by Nucleus Security, who make a vulnerability information management system. Co-founder Scott Kuffer says that approaches for triaging vulnerabilities have started to fall apart, given there are just. So. Many. And they’re all important!

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate
• Microsoft WSUS bug being exploited in the wild
• Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG
• SpaceX finally starts disabling Starlink terminals used by scammers
• Garbage HP update deletes certificates that authed Windows systems to Entra

This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation.

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• China has been rummaging in F5’s networks for a couple of years
• Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
• Salesforce hackers use their stolen data trove to dox NSA, ICE employees
• Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
• Adam gets humbled by new Linux-capabilities backdoor trick
• Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.

This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.

This episode is also available on Youtube.

In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag.

In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space.

After listening to this interview you’ll understand why the credit card company spent $2.65b on threat intelligence vendor Recorded Future!

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• FBI intervenes in Scattered Spider Salesforce leaksite
• Clop loots Oracle E-Biz deployments
• Plus so much more data extortion.. At least it’s not ransomware … we guess?
• The US still can’t decide who’s gonna be in charge of NSA & Cybercom
• Cambodian scam compounds get sanctioned and $15b in crypto is seized
• NSO gets sold for pocket-lint-grade money
• Bugs! Redis CVSS 10, Ivanti, Crowdstrike and… Internet Explorer?! zeroday?! In the wild?!!!?

This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow.

This episode is also available on Youtube.