Risky Business Podcast

Analysis and news podcasts published weekly

Risky Business #594 -- How ESNIs will change censorship and NDR

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • WeChat joins TikTok in the naughty corner
  • TLS 1.3 with ESNI will have a massive impact on censorship AND security
  • Belarus goes dark after dodgy election
  • Capital One fined $80m
  • Much, much more
Risky Business #594 -- How ESNIs will change censorship and NDR
0:00 / 63:45

Risky Business #593 -- China promises "mortal combat in the tech realm"

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Trump’s war on TikTok (featuring guest Alex Stamos)
  • Twitter hackers caught. Pretty embarrassing stuff, really.
  • NSO implants target Easter Bunny
  • Garmin may need a good OFAC lawyer (featuring comment from Dmitri Alperovitch)
  • Blackberry cracked after five years leads to multiple arrests in Australia
  • Much, much more
Risky Business #593 -- China promises "mortal combat in the tech realm"
0:00 / 59:49

Risky Biz Soap Box: Yubico Chief Solutions Officer Jerrod Chong

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Soap Box is the wholly sponsored podcast series we do here at Risky.Biz. That means everyone you hear on this podcast paid to be here. In this podcast you’re going to hear my latest interview with Jerrod Chong, Yubico’s Chief Solutions Officer.

Hardware security keys like Yubikeys have come a long way, even over the last couple of years. The biggest change is that the support for hardware keys is borderline ubiquitous now. FIDO2 support is in all the major browsers. You can even use Yubikeys with Google apps on an iPhone. The plumbing is here, it’s arrived.

Risky Biz Soap Box: Yubico Chief Solutions Officer Jerrod Chong
0:00 / 37:24

Risky Business #592 -- We're back. Did we miss anything?

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Two Chinese nationals charged with freelancing for MSS
  • Russia, China hacking COVID-19 research
  • The world dodged a bullet on the Windows DNS bug
  • Twitter blue tick pwnapalooza
  • Much, much more.
Risky Business #592 -- We're back. Did we miss anything?
0:00 / 66:12

Risky Biz Soap Box: Facebook, under the hood

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Normally these Soap Box podcasts – which are wholly sponsored – feature vendors trying to sell you stuff. But this time we’re doing something different: an interview with two of Facebook’s most senior engineers.

Risky Biz Soap Box: Facebook, under the hood
0:00 / 49:25

Risky Business #591 -- EncroChat user experience includes getting owned, going to prison

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • The latest on the EncroChat hack-related arrests
  • Details about the fresh F5 and Citrix bugs
  • Natanz go boom
  • Paying Wastedlocker ransoms violates Treasury sanctions
  • North Korea embraces Magecart (lol)
  • Much, much more…
Risky Business #591 -- EncroChat user experience includes getting owned, going to prison
0:00 / 56:20

Risky Biz Soap Box: No magic wand for business email compromise (BEC)

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

This edition of the Soap Box podcast is brought to you by Proofpoint.

Today’s guest is Proofpoint’s EVP of Cybersecurity Strategy, Ryan Kalember, and the topic is business email compromise, or BEC.

BEC is a big deal, generating billions of dollars in losses every year across basically all industry verticals and levels of government. Until recently, there haven’t been many technical controls that help to mitigate it.

Risky Biz Soap Box: No magic wand for business email compromise (BEC)
0:00 / 44:37

Risky Business #590 -- REPOST: It turns out we're not SAML experts

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Inside the new American “e2ee busting” bill
  • Julian Assange hit with (another) superseding indictment
  • Trustwave uncovers sneaky Chinese accounting software backdoor
  • Much, much more…

This week’s show is brought to you by Okta. They are, of course, the identity and auth giant and one of the few sponsors we actually approached last year for 2020 because, well, they are very good at what they do. This week Marc will be joining us to talk about a privacy-related topic. The discussion is nuanced, but it’s basically about how the public perception of privacy risks has diverged from the reality/ Further, that the COVID-19 crisis and the advent of digital contact tracing apps have actually brought general concerns around digital privacy to the fore.

Risky Business #590 -- REPOST: It turns out we're not SAML experts
0:00 / 53:04

Risky Business #589 -- Why Microsoft's steep E5 license pricing is a national security risk

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Australia “under attack” - a wrap
  • Microsoft releases more security protections for E5 customers
  • US to introduce “anti encryption” bill
  • Shady encrypted phone company owned by the cops
  • NSA to offer filtered DNS services to defence industry
  • MORE
Risky Business #589 -- Why Microsoft's steep E5 license pricing is a national security risk
0:00 / 52:59

Feature podcast: Inside BellTrox's hacker-for-hire operation

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Today we’re chatting with Citizen Lab Senior Researcher John Scott-Railton about the work they did investigating the Indian hacker-for-hire firm BellTrox.

For those of you who didn’t catch the news, The Citizen Lab, which operates out of the Munk School of Global Affairs at the University of Toronto, dropped a huge report a couple of weeks back that lays Belltrox’s operations bare. As you’ll hear this company attempted to hack tens of thousands of email accounts belonging to everyone from government officials to hedge fund managers and activists.

Feature podcast: Inside BellTrox's hacker-for-hire operation
0:00 / 33:10