Videos

News, analysis and product demos

Risky Business Weekly (771): Palo Alto's firewall 0days are very, very stupid

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Microsoft introduces some sensible sounding post-Crowdstrike changes
  • Palo Alto patches hella-stupid bugs in its firewall management webapp
  • CISA head Jen Easterly to depart as Trump arrives
  • AI grandma tarpits phone scammers in family-tech-support hell
  • Academic research supports your gut-reaction; phishing training doesn’t work
  • And much, much more.

This week’s episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise’ AI system truffle-pigged out of their data set. …

Srsly Risky Biz: How Trump will drive covert operations

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

In this podcast Tom Uren and Patrick Gray talk about what to expect from President Trump’s second term. Trump is an activist president who believes in using state power, so intelligence agencies will be pushed to conduct more audacious or even outrageous covert operations.

They also discuss concerns about a new UN cybercrime treaty that is set for a vote at the General Assembly and the Canadian government’s curious decision to force the closure of TikTok’s local offices.

Risky Business Weekly (770): Why Ross Ulbricht should stay in prison

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.

Patrick Gray and Adam Boileau also discuss the week’s cybersecurity news, including:

  • Apple frustrates law enforcement with iOS auto-reboot
  • CISA says most KEV vulnerabilities in 2023 were first used as zero days
  • Russians roll incident response on some sweet Linux spookware
  • Regular users can create mailboxes in M365?
  • Tor tracks down the source of its joe-job abuse complaints…

Risky Biz Soap Box: Why black box email security is dead

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this edition of the Risky Business Soap Box we’re talking all about email security with Sublime Security co-founder Josh Kamdjou.

Email security is one of the oldest product categories in security, but as you’ll hear, Josh thinks the incumbents are just doing it wrong. He joins Risky Business host Patrick Gray for this interview about Sublime’s origin story and its new approach to email security.

https://sublime.security/

Srsly Risky Biz: Don't bring a banana to a knife fight

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Tom Uren
Tom Uren

Policy & Intelligence

In this podcast Tom Uren and Patrick Gray talk about the Snowflake hack after the person allegedly responsible was arrested in Canada. Telegram is involved at all sorts of levels and Tom wonders if this crime would have occurred if Telegram didn’t exist.

They also discuss the impact of the Chinese hack of US telcos and Sophos’ five-year cyber knife fight with Chinese APT crews.

Risky Business Weekly (769): Sophos pwns Chinese APTs

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s weekly Risky Business cybersecurity podcast Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Sophos drops implants on Chinese firewall exploit devs
  • Microsoft workshops better just-in-time Windows admin privileges
  • Snowflake hacker arrested in Canada
  • Okta has a fun, but not very impactful auth-bypass bug
  • Russians bring dumb-but-smart RDP client attacks
  • And much, much more.

Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube (https://www.youtube.com/watch?v=QDh5-ZL3nis)) for those who want to really live vicariously through Sophos doing what every vendor probably wants to do. …

Risky Business Weekly: Chinese APT Wiretaps the US Presidential Race (768)

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

NOTE: This is the news segment from this week’s podcast but the sponsor interview will only appear in the audio version due to a technical problem with that interview’s video recording. This is the same news segment though!

In this edition of the weekly Risky Business cybersecurity podcast Patrick Gray and Adam Boileau talk through:

  • A Chinese APT wiretaps the Trump and Harris campaigns
  • Operation Magnus snares infostealer operators and customers
  • Crypto thieves return stolen funds to US government wallets
  • Did Israel hack Iranian air defence?
  • Delta finally sues CrowdStrike
  • Much, much more…

Risky Biz Soap Box: Thinkst Canary's decade of deception

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

In this Soap Box edition of the podcast Patrick Gray chats with Thinkst Canary founder Haroon Meer about his “decade of deception”, including:

  • A history of Thinkst Canary including a recap of what they actually do
  • A look at why they’re still really the only major player in the deception game
  • A look at what companies like Microsoft are doing with deception
  • Why security startups should have conference booths

Find them at https://canary.tools/