Risky Business Podcast

Analysis and news podcasts published weekly

Risky Biz Soap Box: runZero shakes up vulnerability management

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management.

With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network.

It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud.

This episode is also available on Youtube.

Risky Biz Soap Box: runZero shakes up vulnerability management
0:00 / 34:17

Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Apple ruins exploit developers’ week with fresh memory corruption mitigations
  • Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack
  • Salesloft says its GitHub was the initial entry point for its compromise
  • Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”
  • Rogue certs for 1.1.1.1 appear to be just (stupid) testing
  • Jaguar Land Rover ransomware attackers are courting trouble

This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.

Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
0:00 / 51:42

Snake Oilers: Nebulock, Vali Cyber and Cape

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:

  • Automated, AI-powered threat hunting with Nebulock

Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at.

  • Runtime security for hypervisors from Vali Cyber

Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments.

  • A secure mobile telco: Cape

The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce.

This episode is also available on Youtube

Snake Oilers: Nebulock, Vali Cyber and Cape
0:00 / 46:33

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • The Salesloft breach and why OAuth soup is a problem
  • The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
  • Google says it will stand up a “disruption unit”
  • Microsoft writes up a ransomware gang that’s all-in on the cloud future
  • Aussie firm hot-mics its work-from-home employees’ laptops
  • Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"
0:00 / 61:55

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Australia expels Iranian ambassador
  • Hackers sabotage Iranian shipping satcoms
  • APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
  • Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
  • The Com’s King Bob gets ten years in the slammer
  • It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.

This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.

This episode is also available on Youtube.

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
0:00 / 53:32

Wide World of Cyber: Microsoft's China Entanglement

Presented by

Alex Stamos
Alex Stamos

Funemployed

Chris Krebs
Chris Krebs

Funemployed

Patrick Gray
Patrick Gray

CEO and Publisher

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.

Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!

This episode is also available on Youtube.

Wide World of Cyber: Microsoft's China Entanglement
0:00 / 45:43

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Oracle’s long term CSO departs, and we’re not that sad about it
  • Canada’s House of Commons gets popped through a Microsoft bug
  • Russia degrades voice calls via Whatsapp and Telegram to push people towards Max
  • South-East Asian scam compounds are also behind child sextortion
  • Reports that the UK has backed down on Apple crypto are… strange
  • Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!

This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!

This episode is also available on Youtube.

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs
0:00 / 58:28

Risky Biz Soap Box: How to measure vulnerability reachability

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.

It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.

They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.

This episode is also available on Youtube.

Risky Biz Soap Box: How to measure vulnerability reachability
0:00 / 35:48

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • CISA warns about the path from on-prem Exchange to the cloud
  • Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are
  • Everyone and their dog seems to have a shell in US Federal Court information systems
  • Google pays $250k for a Chrome sandbox escape
  • Attackers use javascript in adult SVG files to … farm facebook likes?!
  • SonicWall says users aren’t getting hacked with an 0day… this time.

This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together.

This episode is also available on Youtube.

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds
0:00 / 60:00

Risky Business #801 -- AI models can hack well now and it's weirding us out

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

This episode explores the rise of AI-powered bug hunting:

  • Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects
  • The XBOW AI bug hunting platform sees success on HackerOne
  • Is an AI James Kettle on the horizon?

There’s also plenty of regular cybersecurity news to discuss:

  • On-prem Sharepoint’s codebase is maintained out of China… awkward!
  • China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?
  • SonicWall advises customers to turn off their VPNs
  • Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs
  • Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.
  • The Russian government pushes VK’s Max messenger for everything

This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

This episode is also available on Youtube.

Risky Business #801 -- AI models can hack well now and it's weirding us out
0:00 / 66:01