Risky Business Podcast

Analysis and news podcasts published weekly

Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Lina Lau discuss the week’s security news. They cover:

  • Microsoft has killed VBScript
  • Google to make passkeys the new default sign-in method
  • MGM losses to exceed $100m
  • Clorox has a bad quarter
  • Why a bug in cURL could be really bad news
  • Much, much more

This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments.

Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
0:00 / 44:23

Risky Business #724 -- Exploitation moves away from Microsoft, Google and Apple products

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Ransomware crews target WS_FTP and Jetbrains servers
  • Global energy supply shapes up as big target
  • The Dossier Center drops another banger
  • Indian nationalists DDoS Canadian targets
  • A look at the Exim drama
  • Much, much more

This week’s show is brought to you by Kroll Cyber. George Glass is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #724 -- Exploitation moves away from Microsoft, Google and Apple products
0:00 / 54:37

Risky Business #723 -- MGM and Caesars: Western youths are working with ransomware gangs

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Dmitri Alperovitch discuss the week’s security news. They cover:

  • How western youths are working with Russian ransomware crews
  • Russia has changed its targeting in Ukraine
  • A massive breach of historical Russian flight information is god’s gift to OSINT orgs
  • Cisco buys Splunk for $28bn
  • Much, much more

This week’s show is brought to you by Panther. Its field CISO Ken Westin is this week’s sponsor guest.

Links to everything that we discussed are below.

Risky Business #723 -- MGM and Caesars: Western youths are working with ransomware gangs
0:00 / 57:21

Snake Oilers: Sublime Security, VulnCheck and Devicie

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of Snake Oilers you’ll hear product pitches from:

  • Sublime Security: e-mail security for people who want to tune their detections
  • VulnCheck: Provides vulnerability intelligence to governments, large enterprises and vendors
  • Devicie: Manage your devices with Intune without pulling your hair out
Snake Oilers: Sublime Security, VulnCheck and Devicie
0:00 / 39:29

Risky Business #722 -- Microsoft embraces Zero Trust... Authentication?

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray, Adam Boileau and Lina Lau discuss the week’s security news. They cover:

  • Microsoft’s 38TB oopsie
  • MGM’s Okta compromised, was this what Okta was warning us about?
  • Why we need a cyber knife fight
  • Google Authenticator sync abused in the wild
  • Much, much more

This week’s show is brought to you by Push Security. Co-founder Adam Bateman is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #722 -- Microsoft embraces Zero Trust... Authentication?
0:00 / 59:18

Risky Business #721 -- Why Storm-0558's Microsoft hack should have failed

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • How Storm-0558 stole Microsoft’s signing key
  • Cisco 0day being used by ransomware crews
  • We were right about Elon stumbling into the Ukraine war
  • Someone’s amazing image library 0day just got crushed
  • Much, much more!

This week’s show is brought to you by Nucleus Security. Co-founder Scott Kuffer is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #721 -- Why Storm-0558's Microsoft hack should have failed
0:00 / 58:29

Snake Oilers: ConductorOne, Bloodhound Enterprise and Zero Networks

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of Snake Oilers you’ll hear product pitches from:

  • ConductorOne: PAM, account cycle management and access auditing for cloud and SaaS accounts
  • Bloodhound Enterprise: Enumerate attack paths in your environment and shut them down
  • Zero Networks: Agentless: heavily automated microsegmentation and a VPN product that won’t get you insta-owned
Snake Oilers: ConductorOne, Bloodhound Enterprise and Zero Networks
0:00 / 39:22

Risky Business #720 -- How cloud identity provider federation features can get you mega-owned

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Why everyone should pay attention to some recent attacks on Okta customers
  • Why third party comms apps are risky af
  • Why are Russian espionage opps using Tor for C2?
  • Surveillance firms abuse Fiji Telco Digicel’s SS7 access
  • Much, much more!

This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #720 -- How cloud identity provider federation features can get you mega-owned
0:00 / 56:59

Risky Business #719 -- FBI vapes 700,000 Qakbot infections

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • The FBI takes down Qakbot, steals operators’ bitcoins ha ha
  • Danish hosting provider completely destroyed in ransomware attack
  • Sophisticated Russian cyber attack on Polish trains. Well. Not really.
  • Microsoft revokes cert then revokes its revocation
  • Much, much more!

This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy Ryan Kalember is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #719 -- FBI vapes 700,000 Qakbot infections
0:00 / 54:17

Risky Business #718 -- Chaos and carnage, business as usual

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

(NOTE: This podcast was initially pushed out into the Risky Business News podcast feed in error. Sorry about that!)

  • US Government warnings to private space sector on cyber risk
  • Ukrainian hackers dump the inbox of Russian Duma deputy chair
  • Absentee voting in Ecuador’s election disrupted by DDoS attack
  • South Korea warns of Chinese “spy chips”
  • Much, much more!

This week’s show is brought to you by Airlock Digital. Its co-founders Daniel Schell and David Cottingham join this week’s show to talk about Powershell Constrained Language mode.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #718 -- Chaos and carnage, business as usual
0:00 / 51:01