Risky Business Podcast

In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Did the SharePoint bug leak out of the Microsoft MAPP program?
• Expel retracts its FIDO bypass writeup
• The mess surrounding the women-only dating-safety app Tea gets worse
• Broadcom customers struggle to get patches for VMWare hypervisor escapes
• Aeroflot gets hacked by the Cyber Partisans, disrupting flights

This week’s episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future.

This episode is also available on Youtube.

Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss:

• Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)
• She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)
• Four (alleged) Scattered Spider members arrested (and bailed) in the UK
• Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M
• Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things!

This week’s episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system.

This episode is also available on Youtube.

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler.

Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source project into a community, and now a growing business with an as-a-service platform.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Australian airline Qantas looks like it got a Scattered Spider-ing
• Microsoft works towards blunting the next CrowdStrike disaster
• Changes are coming for Microsoft’s default enterprise app consenting setup
• Synology downplays hardcoded passwords for its M365 cloud backup agent
• The next Citrix Netscaler memory disclosure looks nasty
• Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses

This week’s episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• We roll our eyes over the “16 billion credentials” leak hitting mainstream news
• Some interesting cyber angles emerge from the conflict in Iran
• Opensource maintainer of libxml2 is fed up with this hacker crap
• Shockingly, there are yet more ways to trick people into pasting commands into Windows
• Veeam “patches” its backup software RCE like it’s 2002 … by breaking the public PoC

This week’s episode is sponsored by Internet-wide honeypot reconnaissance platform, Greynoise. Founder Andrew Morris joins to talk about their journey spotting Chinese ORB-builders hacking thousands of ASUS routers, and why they’re destined for the woodchipper.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the week’s cybersecurity news. They talk through:

• Israeli “hacktivists” take out an Iranian state-owned bank
• Scattered-spider and friends pivot into attacking insurers
• Securing identities in a cloud-first world keeps us awake at night
• Microsoft takes the “aas” out of SaaS for Europe, leaving us with just software!
• An AI prompt injection into M365 exfils corporate data

This week’s episode is sponsored by Kroll’s Cyber practice. Kroll Cyber Associate Managing Director George Glass is based in London and talks through his experiences helping organisations in the UK deal with the Scattered Spider attacks.

This episode is also available on Youtube.

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Dropzone AI founder Ed Wu about the role of LLMs in the SOC.

The debate about whether AI agents are going to wind up in the SOC is over, they’ve already arrived. But what are they good for? What are they NOT good for? And where else will we see AI popping up in security?

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• New York Times gets a little stolen Russian FSB data as a treat
• iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign
• Researcher figures out a trick to get Google account holders’ full names and phone numbers
• Major US food distributor gets ransomwared
• The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems
• Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar.

This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Cyber firms agree to deconflict and cross-reference hacker group names
• Russian nuclear facility blueprints gathered from public procurement websites
• Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
• Germany identifies the Trickbot kingpin
• Google spots China’s MSS using Calendar events for malware C2
• Meta apps abuse localhost listeners to track web sessions.

This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.

This episode is also available on Youtube.