Risky Business

• Risky Business #813 -- FFmpeg has a point

  In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google OpenAI announces its Aardvark bug-gobbling system Two US ransomware responders get arrested for… ransomware Memento (nee HackingTeam) CEO says: Sì, those are totally our tools getting snapped in Russia Hackers help freight theft gangs steal shipments to resell A second Jabber Zeus mastermind gets his comeuppance 15 years on This week’s episode is sponsored by Nucleus Security, who make a vulnerability information management system. Co-founder Scott Kuffer says that approaches for triaging vulnerabilities have started to fall apart, given there are just. So. Many. And they’re all important! This episode is also available on Youtube. Show notes vx-underground on X: "Yeah, so pretty much this entire drama thing is FFmpeg are a bunch of nerds…" FFmpeg on X: "@DavidEGrayson It's someone's hobby project of an obscure 1990s decoder…" Halvar Flake on X: "Given the extremely big role ffmpeg has played historically..." thaddeus e. grugq on X: "Current drama: Plucky security researcher Google takes on volunteer open source behemoth FFmpeg." Robert Graham on X: "Current status: There's a conflict between Google…" Introducing Aardvark: OpenAI’s agentic security researcher | OpenAI Bugcrowd acquires Mayhem Security to advance AI-powered security testing | CyberScoop Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks | CyberScoop Former Trenchant Exec Sold Stolen Code to Russian Buyer Even After Learning that Other Code He Sold Was Being "Utilized" by Different Broker in South Korea How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunch Operation Zero — A Zero-Day Vulnerability Platform John Scott-Railton on X: "7/ There's a push to scale up America's offensive industry right now…" CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware | TechCrunch Exploiting Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed Microsoft Teams Vulnerabilities Uncovered Cargo theft gets a boost from hackers using remote monitoring tools | The Record from Recorded Future News Remote access, real cargo: cybercriminals targeting trucking and logistics | Proofpoint US Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition | The Record from Recorded Future News Three suspected developers of Meduza Stealer malware arrested in Russia | The Record from Recorded Future News Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody – Krebs on Security Windows Server Update Service exploitation ensnares at least 50 victims | Cybersecurity Dive Post by @paulschnack.bsky.social — Bluesky

  --------  

  1:05:08

  --------

  1:05:08
• Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD

  In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts disabling Starlink terminals used by scammers Garbage HP update deletes certificates that authed Windows systems to Entra This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation. This episode is also available on Youtube. Show notes US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunch Attackers bypass patch in deprecated Windows Server update tool | CyberScoop CVE-2025-59287 WSUS Unauthenticated RCE | HawkTrace CVE-2025-59287 WSUS Remote Code Execution | HawkTrace Catching Credential Guard Off Guard - SpecterOps Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica Uncovering Qilin attack methods exposed through multiple cases Safety on X: "By November 10, we’re asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one. A reminder: if you enroll a new security key, any" / X SpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds | The Record from Recorded Future News SpaceX: Update Your Inactive Starlink Dishes Now or They'll Be Bricked How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist Former Polish official indicted over spyware purchase | The Record from Recorded Future News HP OneAgent Update Broke Entra Trust on HP AI Devices Windows' Built-in OpenSSH for Offensive Security How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED

  --------  

  1:06:14

  --------

  1:06:14
• Risky Business #811 -- F5 is the tip of the crap software iceberg

  In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: China has been rummaging in F5’s networks for a couple of years Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system Salesforce hackers use their stolen data trove to dox NSA, ICE employees Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah Adam gets humbled by new Linux-capabilities backdoor trick Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned. This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it. This episode is also available on Youtube. Show notes Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks | WIRED Breach at US-based cybersecurity provider F5 blamed on China, sources say | Reuters Network security devices endanger orgs with ’90s era flaws | CSO Online China claims it caught US attempting cyberattack on national time center | The Record from Recorded Future News Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials ICE amps up its surveillance powers, targeting immigrants and antifa - The Washington Post John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt US court orders spyware company NSO to stop targeting WhatsApp, reduces damages | Reuters Apple alerts exploit developer that his iPhone was targeted with government spyware | TechCrunch A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones | WIRED GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog European police bust network selling thousands of phone numbers to scammers | The Record from Recorded Future News Stephan Berger on X: "We recently took over an APT investigation from another forensic company. While reviewing analysis reports from the other company, we discovered that the attackers had been active in the network for months and had deployed multiple backdoors. One way they could regain root" / X Linux Capabilities Revisited | dfir.ch CVE-2025-59287 WSUS Remote Code Execution | HawkTrace TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware | Edera Blog Browser threat detection & response | Push Security | Push Security How Push stopped a high risk LinkedIn spear-phishing attack

  --------  

  51:51

  --------

  51:51
• Wide World of Cyber: A deep dive on the F5 hack

  In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag. Show notes

  --------  

  39:11

  --------

  39:11
• Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business

  In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space. After listening to this interview you’ll understand why the credit card company spent $2.65b on threat intelligence vendor Recorded Future! This episode is also available on Youtube. Show notes

  --------  

  30:49

  --------

  30:49

More News podcasts

Trending News podcasts

About Risky Business