Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Busine...
Coming to you from the same room in Risky Business headquarters Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They talk through:
Sonicwall firewalls hand out remote code exec like candy
Mastercard make a slapstick-grade mistake with their DNS
The data breach at PowerSchool and other niche SaaS providers
Academic research proposes taking down Europe’s power grid
Apple CPUs get a new speculative execution side channel
And much, much more.
This week’s episode is sponsored by Push Security, who make an identity security product that runs inside browsers. Luke Jennings joins to discuss some of the pitfalls of federated authentication, like attackers using unexpected identity providers to log in to your apps.
This episode is also available on Youtube.
Show notes
SonicWall warns hackers targeting critical vulnerability in SMA 1000 series appliances | Cybersecurity Dive
MasterCard DNS Error Went Unnoticed for Years – Krebs on Security
Data breach hitting PowerSchool looks very, very bad - Ars Technica
OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’ | The Record from Recorded Future News
Hackers imitate Kremlin-linked group to target Russian entities | The Record from Recorded Future News
UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters | The Record from Recorded Future News
Questions grow over whether Baltic Sea cable damage was sabotage or accidental | The Record from Recorded Future News
Researchers say new attack could take down the European power grid - Ars Technica
At least $69 million stolen from crypto platform Phemex in suspected cyberattack | The Record from Recorded Future News
BreachForums admin to be resentenced after appeals court slams supervised release | The Record from Recorded Future News
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more - Ars Technica
Apple fixes zero-day flaw affecting all devices | TechCrunch
I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny
Government websites vanish under Trump, from the Constitution to DEI
Trail of Bits: Director, Technical Marketing
Push Security: Security Researcher (remote in the USA)
A new class of phishing: Verification phishing and cross-IdP impersonation
-------- Â
51:26
Risky Business #776 -- Trump will flex American cyber muscles
Risky Business returns for its 19th year! Patrick Gray and Adam Boileau discuss the week’s cybersecurity news and there is a whole bunch of it. They discuss:
The incoming Trump administration guts the CSRB
Biden’s last cyber Executive Order has sensible things in it
China’s breach of the US Treasury gets our reluctant admiration
Ross Ulbricht - the Dread Pirate Roberts of Silk Road fame - gets his Trump pardon
New year, same shameful comedy Forti- and Ivanti- bugs
US soldier behind the Snowflake hacks faces charges after a solid Krebs-ing
And much, much (much! after a month off) more.
This week’s episode is sponsored by Sandfly Security, who make a Linux EDR solution. Founder Craig Rowland joins to talk about how the Linux ecosystem struggles with its lack of standardised approaches to detection and response. If you’ve got a telco full of unix, and people are asking how much Salt Typhoon you’ve got in there… Sandfly’s tools are probably what you’re looking for.
If you like your Business like us… - Risky - then we’re hiring! We’re looking for someone to help with audio and video production for our work, manage our socials, and if you’re also into the Cybers… even better. Position is remote, with a preference for timezones amenable to Australia/NZ. Drop us a line: editorial at risky.biz.
This episode is also available on Youtube.
Show notes
POLITICO Pro | Article | Acting DHS chief ousts CSRB experts, other department advisers
Treasury’s sanctions office hacked by Chinese government, officials say
Strengthening America’s Resilience Against the PRC Cyber Threats | CISA
AT&T, Verizon say they evicted Salt Typhoon from their networks
Risky Bulletin: Looking at Biden's last cyber executive order - Risky Business
Internet-connected devices can now have a label that rates their security | Reuters
US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks
FCC ‘rip and replace’ provision for Chinese tech tops cyber provisions in defense bill
CIA nominee tells Senate he, too, wants to go on cyber offense | CyberScoop
Trump tells Justice Department not to enforce TikTok ban for 75 days
Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices | The Record from Recorded Future News
Unpacking WhatsApp’s Legal Triumph Over NSO Group | Lawfare
Time to check if you ran any of these 33 malicious Chrome extensions
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf
Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware
Researchers warn of active exploitation of critical Apache Struts 2 flaw
DOJ deletes China-linked PlugX malware off more than 4,200 US computers
Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers | The Record from Recorded Future News
Ukraine restores state registers after suspected Russian cyberattack | The Record from Recorded Future News
Hackers claim to breach Russian state agency managing property, land records | The Record from Recorded Future News
U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security
-------- Â
1:03:53
Risky Biz Soap Box: Cool compliance tricks with the Island enterprise browser
In this sponsored Soap Box edition of the show Patrick Gray talks to Island CEO Michael Fey about some of the cool tricks in the Island enterprise browser. You can use it to tick off so many compliance boxes, and not just cybersecurity boxes.
This is largely a conversation about compliance, but it’s actually interesting and fun. These are words we never thought we’d type!
You can find Island at https://island.io/
This episode is also available on Youtube.
Show notes
-------- Â
26:40
Risky Business #775 -- Cl0p is back, SEC hack disclosures disappoint
On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
The SEC’s cyber incident reporting isn’t very exciting after all
China Telecom on the way to being thrown out of the US
The NSA/Cybercom might get two separate hats
The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
(Yet another) File upload bug in Struts makes Java admins weep
And much, much more.
This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing.
This episode is also available Youtube.
Show notes
SEC cyber incident reporting rule generates 71 filings in 11 months | Cybersecurity Dive
US senators, green groups call for accountability over hacking of Exxon critics | Reuters
Biden Administration Takes First Step to Retaliate Against China Over Hack - The New York Times
Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' | The Record from Recorded Future News
EU opens investigation into TikTok and the Romanian election – POLITICO
Clop ransomware claims responsibility for Cleo data theft attacks
CISA warns of ransomware gangs exploiting Cleo, CyberPanel bugs | The Record from Recorded Future News
CVE-2024-55956 | AttackerKB
Apache issues patches for critical Struts 2 RCE bug • The Register
Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers | The Record from Recorded Future News
Israeli spyware firm Paragon acquired by US investment group, report says | Reuters
How Cryptocurrency Turns to Cash in Russian Banks – Krebs on Security
Arizona man arrested for alleged involvement in violent online terror networks | CyberScoop
Russia bans Viber, claiming app facilitates terrorism and drug trafficking | The Record from Recorded Future News
-------- Â
1:01:06
Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations
In this edition of the Wild World of Cyber podcast Patrick Gray sits down with SentinelOne’s Chief Intelligence and Public Policy Officer Chris Krebs to talk all about Chinese cyber operations.
They look at the Salt Typhoon and Volt Typhoon campaigns, the last 20 years of Chinese operations, and the evolution of the cyber roles of China’s Ministry of State Security and People’s Liberation Army.
It’s a very dense hour of conversation!
This podcast was recorded in front of an audience at the Museum of Contemporary Art in Sydney.
This episode is also available on Youtube.
Show notes
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
New Zealand