Risky Business Podcast

Analysis and news podcasts published weekly

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • The Salesloft breach and why OAuth soup is a problem
  • The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
  • Google says it will stand up a “disruption unit”
  • Microsoft writes up a ransomware gang that’s all-in on the cloud future
  • Aussie firm hot-mics its work-from-home employees’ laptops
  • Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"
0:00 / 61:55

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Australia expels Iranian ambassador
  • Hackers sabotage Iranian shipping satcoms
  • APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
  • Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
  • The Com’s King Bob gets ten years in the slammer
  • It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.

This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.

This episode is also available on Youtube.

Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
0:00 / 53:32

Wide World of Cyber: Microsoft's China Entanglement

Presented by

Alex Stamos
Alex Stamos

Funemployed

Chris Krebs
Chris Krebs

Funemployed

Patrick Gray
Patrick Gray

CEO and Publisher

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.

Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!

This episode is also available on Youtube.

Wide World of Cyber: Microsoft's China Entanglement
0:00 / 45:43

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Oracle’s long term CSO departs, and we’re not that sad about it
  • Canada’s House of Commons gets popped through a Microsoft bug
  • Russia degrades voice calls via Whatsapp and Telegram to push people towards Max
  • South-East Asian scam compounds are also behind child sextortion
  • Reports that the UK has backed down on Apple crypto are… strange
  • Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!

This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!

This episode is also available on Youtube.

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs
0:00 / 58:28

Risky Biz Soap Box: How to measure vulnerability reachability

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.

It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.

They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.

This episode is also available on Youtube.

Risky Biz Soap Box: How to measure vulnerability reachability
0:00 / 35:48

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • CISA warns about the path from on-prem Exchange to the cloud
  • Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are
  • Everyone and their dog seems to have a shell in US Federal Court information systems
  • Google pays $250k for a Chrome sandbox escape
  • Attackers use javascript in adult SVG files to … farm facebook likes?!
  • SonicWall says users aren’t getting hacked with an 0day… this time.

This week’s episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together.

This episode is also available on Youtube.

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds
0:00 / 60:00

Risky Business #801 -- AI models can hack well now and it's weirding us out

Presented by

Amberleigh Jack
Amberleigh Jack

Producer and Editor

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

This episode explores the rise of AI-powered bug hunting:

  • Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects
  • The XBOW AI bug hunting platform sees success on HackerOne
  • Is an AI James Kettle on the horizon?

There’s also plenty of regular cybersecurity news to discuss:

  • On-prem Sharepoint’s codebase is maintained out of China… awkward!
  • China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?
  • SonicWall advises customers to turn off their VPNs
  • Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs
  • Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.
  • The Russian government pushes VK’s Max messenger for everything

This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

This episode is also available on Youtube.

Risky Business #801 -- AI models can hack well now and it's weirding us out
0:00 / 66:01

Soap Box: Why AI can't fix bad security products

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.

This episode is also available on Youtube.

Soap Box: Why AI can't fix bad security products
0:00 / 37:11

Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • Did the SharePoint bug leak out of the Microsoft MAPP program?
  • Expel retracts its FIDO bypass writeup
  • The mess surrounding the women-only dating-safety app Tea gets worse
  • Broadcom customers struggle to get patches for VMWare hypervisor escapes
  • Aeroflot gets hacked by the Cyber Partisans, disrupting flights

This week’s episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future.

This episode is also available on Youtube.

Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP
0:00 / 53:37

Risky Business #799 -- Everyone's Sharepoint gets shelled

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss:

  • Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)
  • She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)
  • Four (alleged) Scattered Spider members arrested (and bailed) in the UK
  • Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M
  • Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things!

This week’s episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system.

This episode is also available on Youtube.

Risky Business #799 -- Everyone's Sharepoint gets shelled
0:00 / 73:55