Page de couverture de Risky Business

Risky Business

Risky Business

Auteur(s): Risky Business Media
Écouter gratuitement

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2026 Politique
Épisodes
  • Risky Business #838 -- GitHub investigates possible breach

    Risky Business #838 -- GitHub investigates possible breach
    May 20 2026
    On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: GitHub announced a possible breachCISA leaks important creds, keys in public repoAwful vulnerability in Bitlocker renders it useless without a PINSo. Many. Patches.Polish Government urges officials to ditch Signal for mSzyfrMuch, much more This week’s show is brought to you by Thinkst Canary. Thinkst’s founder, Haroon Meer, is this week’s sponsor guest. He joined James Wilson to talk about how doing “the basics” in security isn’t trivially easy. This episode is also available on YouTube. Show notes GitHub on X: "We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely" / XCISA Admin Leaked AWS GovCloud Keys on Github – Krebs on SecurityExperts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in IranIran hackers: Hackers have breached tank readers at gas stations; officials suspect Iran is responsible | CNN PoliticsWar and Data Centers Are Driving Up the Cost of Fiber-Optic CableMicrosoft on pace to break annual vulnerability record as AI-driven patch wave takes hold | The Record from Recorded Future NewsNCSC’s Ollie Whitehouse on surviving the "bugpocalypse" - Risky Business MediaDefense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security BlogProject Glasswing: what Mythos showed usLinus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’First public macOS kernel memory corruption exploit on Apple M5OpenAI launches Daybreak to combat cyber threats | Cybersecurity DiveZero-day exploit completely defeats default Windows 11 BitLocker protections - Ars TechnicaGitHub - Wack0/bitlocker-attacks: A list of public attacks on BitLocker · GitHubCatalin Cimpanu: "The Polish government has advi…" - MastodonCISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday | The Record from Recorded Future NewsCVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network | The Record from Recorded Future NewsPatch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN | Cybersecurity DiveMicrosoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs | The Record from Recorded Future NewsStreamer Realtime Deepfakes Himself into Mr. Beast, Says He Loves 'Touching Little Boys'
    Voir plus Voir moins
    1 h et 3 min
  • Soap Box: Where does AI fit into cloud security?

    Soap Box: Where does AI fit into cloud security?
    May 15 2026

    In this sponsored soap box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, the founder of Prowler.

    Prowler started off as a bunch of scripts in a trenchcoat, then became an open source cloud security tool, and it’s now a venture-funded cloud security business. In this interview Toni talks us through how AI is changing the game for him as an open source project owner, and as a vendor. In short, reports of the death of IT and security tooling at the hands of frontier models have been greatly exaggerated.

    This episode is also available on Youtube.

    Show notes
      Voir plus Voir moins
      34 min
    • Risky Business #837 -- GitHub Actions footgun claims TanStack

      Risky Business #837 -- GitHub Actions footgun claims TanStack
      May 13 2026
      On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github ActionsInstructure pays Canvas elearning platform data extortionistsMore Linux privilege escalation 0days!CISA helping critical infrastructure operators rearchitect their networks so they work offline This week’s episode is sponsored by email security platform Sublime Security. Bobby Filar chats with Patrick about how agentic AI is being evaluated by buyers in a marketplace that’s experiencing “AI fatigue”. This episode is also available on Youtube. Show notes ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack | CyberScoopHardening TanStack After the npm Compromise | TanStack BlogCanvas Breach Disrupts Schools & Colleges Nationwide – Krebs on SecurityInstructure pays ransom after Canvas incident as Congress announces investigation | The Record from Recorded Future NewsWhen DNSSEC goes wrong: how we responded to the .de TLD outageAdversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud BlogMythos smythos! How to find 0day with lesser models - Risky Business MediaGitHub - V4bel/dirtyfrag · GitHubretr0.zipNVD - CVE-2026-42511Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI | CyberScoopIvanti customers confront yet another actively exploited zero-day | CyberScoopPalo Alto warns of critical software bug used in firewall attacks | The Record from Recorded Future NewsWhere Have All the Complex Windows Malware and Their Analyses Gone?Meet Rassvet, Russia’s Answer to Starlink | WIREDDOJ says ransomware gang tapped into Russian government databases | TechCrunchIranian government hackers using Chaos ransomware as cover, researchers say | The Record from Recorded Future NewsFoxconn confirms cyberattack impacting North American factories | The Record from Recorded Future NewsNew CISA initiative aims for critical infrastructure to operate offline during cyberattacks | The Record from Recorded Future News‘HELLO BOSS’: Inside the Chinese Realtime Deepfake Software Powering Scams Around the WorldHow to Disable Google's Gemini in Chrome | WIREDFCC pushes ban on security updates for foreign-made routers, drones to 2029 | The Record from Recorded Future News
      Voir plus Voir moins
      1 h et 5 min
    Pas encore de commentaire