Épisodes

  • Risky Business #822 -- France will ditch American tech over security risks

    Risky Business #822 -- France will ditch American tech over security risks
    Jan 28 2026
    In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They discuss: La France is tres sérieux about ditching US productivity softwareChina’s Salt Typhoon was snooping on Downing StreetTrump wields the mighty DISCOMBOBULATORESET says the Polish power grid wiper was Russia’s GRU Sandworm crewUS cyber institutions CISA and NIST are strugglingVoice phishing for MFA bypass is getting even more polished This episode is sponsored by Sublime Security. Brian Baskin is one of the team behind Sublime’s 2026 Email Threat Research report. He joins to talk through what they see of attackers’ use of AI, as well as the other trends of the year. Show notes France to ditch US platforms Microsoft Teams, Zoom for ‘sovereign platform’ amid security concerns | EuronewsSuite Numérique plan - Google SearchChina hacked Downing Street phones for yearsCyberattack Targeting Poland’s Energy Grid Used a WiperTrump says U.S. used secret 'discombobulator' on Venezuelan equipment during Maduro raid | PBS NewsRisky Bulletin: Cyberattack cripples cars across Russia - Risky Business MediaLawmakers probe CISA leader over staffing decisions | CyberScoopTrump’s acting cyber chief uploaded sensitive files into a public version of ChatGPT - POLITICOActing CISA director failed a polygraph. Career staff are now under investigation. - POLITICONIST is rethinking its role in analyzing software vulnerabilities | Cybersecurity DiveFederal agencies abruptly pull out of RSAC after organizer hires Easterly | Cybersecurity DiveReal-Time phishing kits target Okta, Microsoft, GooglePhishing kits adapt to the script of callersOn the Coming Industrialisation of Exploit Generation with LLMs – Sean Heelan's BlogGitHub - SeanHeelan/anamnesis-release: Automatic Exploit Generation with LLMsOverrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" - Ars TechnicaBypassing Windows Administrator Protection - Project ZeroTask Failed Successfully - Microsoft’s “Immediate” Retirement of MDT - SpecterOpsKubernetes Remote Code Execution Via Nodes/Proxy GET PermissionWhatsApp's Latest Privacy Protection: Strict Account Settings - WhatsApp BlogMicrosoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunchHe Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive | WIREDKey findings from the 2026 Sublime Email Threat Research Report
    Voir plus Voir moins
    1 h et 4 min
  • Risky Business #821 -- Wiz researchers could have owned every AWS customer

    Risky Business #821 -- Wiz researchers could have owned every AWS customer
    Jan 21 2026
    In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela’s power grid, or do they just want us to think they coulda?US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them madMS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting downWiz pulls off cloud stunt hack that ends with control of everyone’s AWS consoleMillions of Bluetooth devices that use Google’s Fast Pairing will pair with anyone, any timeGNU inet-tools’ telnetd parties like it’s 2007, and brings -f root unauthed remote login back Thinkst is this week’s sponsor, and long time friend of the show Haroon Meer joins. As always they’re polishing their Canary tokens - adding breadcrumbs to lead you to them - but they’re also a bunch of giant nerds who now run South Africa’s Computer Olympiad. This episode is also available on Youtube. Show notes Cyberattack in Venezuela Demonstrated Precision of U.S. Capabilities - The New York TimesWhy I’m withholding certainty that “precise” US cyber-op disrupted Venezuelan electricity - Ars TechnicaLayered Ambiguity: US Cyber Capabilities in the Raid to Extract Maduro from Venezuela | Royal United Services InstituteFormer CISA Director Jen Easterly Will Lead RSAC Conference | WIREDTrump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO - Nextgov/FCWFederal agencies ordered to patch Microsoft Desktop Windows Manager bug | The Record from Recorded Future NewsWindows 11 shutdown bug forces Microsoft into damage control • The RegisterCodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz BlogCritical flaw in AWS Console risked compromise of build environment | Cybersecurity DiveNever-before-seen Linux malware is “far more advanced than typical” - Ars TechnicaVoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point ResearchHundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking | WIREDCritical flaw in Fortinet FortiSIEM targeted in exploitation threat | Cybersecurity DiveCVE-2025-64155: 3 Years of Remotely Rooting the FortiSIEMA single click mounted a covert, multistage attack against Copilot - Ars TechnicaPolice raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader | The Record from Recorded Future NewsJordanian initial access broker pleads guilty to helping target 50 companies | The Record from Recorded Future NewsSupreme Court hacker posted stolen government data on Instagram | TechCrunchoss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetdHow crypto criminals stole $700 million from people - often using age-old tricksCtrl + Alt + Chaos: How Teenage Hackers Hijack the Internet
    Voir plus Voir moins
    1 h et 5 min
  • Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)

    Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)
    Jan 14 2026
    Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including: Santa brings hackers MongoDB memory leaks for ChristmasVercel pays out a million bucks to improve its React2Shell WAF defences39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPGCambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for himKrebs picks apart the Kimwolf botnet and residential proxy networksSo many healthcare data leaks that we have a roundup section This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code! This episode is also available on Youtube. Show notes US, Australia say ‘MongoBleed’ bug being exploited | The Record from Recorded Future NewsMerry Christmas Day! Have a MongoDB security incident. | by Kevin Beaumont | Dec, 2025 | DoublePulsarInside Vercel’s sleep-deprived race to contain React2Shell | CyberScoopgpg.failHacktivist deletes white supremacist websites live onstage during hacker conference | TechCrunchChinese attackers exploiting zero-day to target Cisco email security products | The Record from Recorded Future NewsNi8mare  -  Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research LabsServiceNow patches critical AI platform flaw that could allow user impersonation | CyberScoopAlleged cyber scam kingpin arrested, extradited to China | The Record from Recorded Future NewsFCC IoT labeling program loses lead company after China probe | Cybersecurity DiveTrump picks Lt. Gen. Joshua Rudd to lead NSA spy agency - The Washington PostNSA cyber directorate gets new acting leadership | The Record from Recorded Future NewsDutch court sentences hacker who used port systems to smuggle cocaine to 7 years | The Record from Recorded Future NewsECLI:NL:GHAMS:2026:22, Amsterdam Court of Appeal, 23-003218-22The Kimwolf Botnet is Stalking Your Local Network – Krebs on SecurityWho Benefited from the Aisuru and Kimwolf Botnets? – Krebs on SecurityCoupang recovers smashed laptop that alleged data leaker threw into river | The Record from Recorded Future NewsRansomware responders plead guilty to using ALPHV in attacks on US organizations | The Record from Recorded Future NewsNearly 480,000 impacted by Covenant Health data breach | The Record from Recorded Future NewsIllinois health department exposed over 700,000 residents' personal data for years | TechCrunchTech provider for NHS England confirms data breach | TechCrunchHacker claiming to be behind ManageMyHealth breach: ‘I do it for the money and I’m in negotiations to get it’ - NZ Herald
    Voir plus Voir moins
    59 min
  • How the World Got Owned Episode 1: The 1980s

    How the World Got Owned Episode 1: The 1980s
    Jan 6 2026

    In this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo’s Egg story.

    This podcast features the memories of:

    • Jon Callas, former principal software engineer at Digital Equipment Corporation
    • Mark Rasch, Morris Worm prosecutor
    • Timothy Winslow, former 414 hacker
    • Greg Chartrand, author of Cracking the Cuckoos Egg and
    • Tony Sager, former NSA

    How the World Got Owned is produced in partnership with SentinelOne.

    Show notes
    • 1988 Federal sentencing guidelines manual
    • Computer Intruder is put on probation and fined $10,000 | The New York Times
    • Computer Intruder is found guilty | The New York Times
    • United States of America, Appellee, v. Robert Tappan Morris, Defendant-appellant, 928 F.2d 504 (2d Cir. 1991)
    • The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage | Clifford Stoll
    • Cracking the Cuckoo’s Egg: The Untold Story of tracking and finding Karl Koch aka Hagbard of the Chaos Computer Club | Greg Chartrand
    • Computer Buffs Tapped NASA Files | The New York Times
    • Young Computer Bandits Byte off More than They Could Chew | The Washington Post
    • ‘Hacker’ is used by Mainstream Media, September 5, 1983 | EDN
    • Neal Patrick to testify before congressional committee
    • Wargames official trailer, 1983
    • CBS News Segment on Robert Morris Computer Hacker
    • The Fall of the Berlin Wall | Sky News
    • I Hacked a Nuclear Facility in the 1980’s. You’re Welcome | CNN
    Voir plus Voir moins
    1 h et 4 min
  • Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack

    Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack
    Dec 17 2025
    In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: React2Shell attacks continue, surprising no oneThe unholy combination of OAuth consent phishing, social engineering and Azure CLIVenezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?!Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountainMicrosoft finally turns RC4 off by default in Active Directory KerberosTraefik’s TLS verify=on … turns it off, whoopsie 🤡 This week’s episode is sponsored by Sublime Security, makers of an email filtering solution that’s up for dealing with modern problems. Founder and CEO Josh Kamdjou joins to talk about calendar invite phishing, and the extra steps they’ve had to take to reach into people’s calendars and fix the mess. The Risky Business weekly show is taking holiday break, and will return on 14 January for its twentieth year! Good luck out there, internet friends. This episode is also available on Youtube. Show notes React2Shell attacks expand widely across multiple sectors | Cybersecurity DiveReact issues new patches after security researchers flag additional flaws | Cybersecurity DiveConsentFix: Browser-native ClickFix hijacks OAuth grantsHacking Endpoint to Identity (Microsoft 365): "ConsentFix" - YouTubeAnnounced pick for No. 2 at NSA won’t get the job as another candidate surfaces | The Record from Recorded Future NewsLaura Loomer on X: "EXCLUSIVE: 🚨 White House Official Confirms Ongoing Search for NSA Deputy Director As Tim Kosiba's Deep State And Anti-Trump Ties Raise Red Flags 🚨"Senior official at Indo-Pacific Command is set to be Trump’s pick to lead Cyber Command, NSA | The Record from Recorded Future NewsTrump Administration Turning to Private Firms in Cyber Offensive - BloombergPdV says cyber attacks contained | Latest Market NewsVenezuela state oil company blames cyberattack on US after tanker seizure | The Record from Recorded Future NewsOffice of Public Affairs | Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups | United States Department of JusticeDOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure | The Record from Recorded Future Newsvx-underground on X: "The United States government has indicted a state-sponsored Threat Actor named Victoria Eduardovna Dubranova"vx-underground on X: "I'm actually laughing. One of the compromises is so dumb"German parliament suffers suspected cyber attack during Zelenskyy’s visitWährend Selenskyj-Besuch: Große Internet-Störung im Bundestag! | Politik | BILD.deGermany summons Russian ambassador over cyberattack, election disinformation | The Record from Recorded Future NewsRussische hackgroep had toegang tot openbare waterfontein in Nederland | de VolkskrantMost Parked Domains Now Serving Malicious Content – Krebs on SecurityPornHub extorted after hackers steal Premium member activity dataOffice of Public Affairs | Senior Manager for Government Contractor Charged in Cybersecurity Fraud Scheme | United States Department of JusticeMicrosoft will finally kill obsolete cipher that has wreaked decades of havoc - Ars TechnicaCVE-2025-66491: Traefik's "Verify=On" Turned TLS Off | AISLEDylan O'Donnell 🦋 on X: "This week I was rushed to hospital with a diagnosis of oesophageal cancer."
    Voir plus Voir moins
    54 min
  • Risky Biz Soap Box: Graph the planet!

    Risky Biz Soap Box: Graph the planet!
    Dec 11 2025

    In this sponsored Soap Box edition of the Risky Business podcast, Patrick Gray chats with Jared Atkinson, CTO of SpecterOps, about BloodHound OpenGraph.

    OpenGraph enumerates attack paths across platforms and services, not just your primary directories.

    A compromised GitHub account to on-prem AD compromise attack path? It’s a thing, and OpenGraph will find it.

    Cross-platform attack path enumeration! So good!

    This episode is also available on Youtube.

    Show notes
      Voir plus Voir moins
      43 min
    • Risky Business #818 -- React2Shell is a fun one

      Risky Business #818 -- React2Shell is a fun one
      Dec 10 2025

      In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

      • There’s a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate?
      • China is out popping shells with it
      • Linux adds support for PCIe bus encryption
      • Amnesty International says Intellexa can just TeamViewer into its customers’ surveillance systems
      • …and a Belgian murder suspect complains that GrapheneOS’s duress wipe feature failed him?

      This week’s episode is sponsored by Kroll Cyber. Simon Onyons is Managing Director at Kroll’s Cyber and Data Resilience arm, and he discusses a problem near to many of our hearts. Just how do you explain cyber risk to the board?

      This episode is also available on Youtube.

      Show notes
      • Risky Bulletin: APTs go after the React2Shell vulnerability within hours - Risky Business Media
      • Guillermo Rauch on X: "React2Shell" / X
      • React2Shell-CVE-2025-55182-original-poc/README.md at main · lachlan2k/React2Shell-CVE-2025-55182-original-poc · GitHub
      • Hydrogen: Shopify’s headless commerce framework
      • Researchers track dozens of organizations affected by React2Shell compromises tied to China’s MSS | The Record from Recorded Future News
      • Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary
      • Three hacking groups, two vulnerabilities and all eyes on China | The Record from Recorded Future News
      • Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers
      • Sean Plankey nomination to lead CISA appears to be over after Thursday vote | CyberScoop
      • 🕳 on X: "This guy is complaining that GrapheneOS “failed him”. Showing a Belgian 🇧🇪 police request for an interrogation regarding premeditated murder (as a suspect)." / X
      • Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say | TechCrunch
      • To Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware - Amnesty International Security Lab
      • Is ransomware finally on the decline? Treasury data offers cautious hope | CyberScoop
      • UK cyber agency warns LLMs will always be vulnerable to prompt injection | CyberScoop
      • In comedy of errors, men accused of wiping gov databases turned to an AI tool - Ars Technica
      Voir plus Voir moins
      58 min
    • Risky Business #817 -- Less carnage than your usual Thanksgiving

      Risky Business #817 -- Less carnage than your usual Thanksgiving
      Dec 3 2025
      In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about: Airbus rolls out software updates after a cosmic ray bitflips an A320 into a diveKrebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec…… as Wired publishes an opsec guide for teens.Microsoft decides its login portal is worth a Content Security PolicySouth Korean online retailer data breach covers 65% of the country This week’s episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS. This episode is also available on Youtube. Show notes Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNNCongress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoopPost-mortem of Shai-Hulud attack on November 24th, 2025 - PostHogUpdate: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | ArmisGlassworm's resurgence | Secure Annex4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi BlogPost by @spuxx.bsky.social — BlueskyMeet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on SecurityThe WIRED Guide to Digital Opsec for Teens | WIREDPerth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC NewsEd Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / XReuters accused of hack attack | ZDNETThe Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIREDMicrosoft tightens cloud login process to prevent common attack | Cybersecurity DiveFortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity DiveCryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future NewsOfficials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future NewsData breach hits 'South Korea's Amazon,' potentially affecting 65% of country’s population | The Record from Recorded Future NewsNSA Contractor Groomed Teenage Girls On Reddit, DOJ AllegesNebulock developed coreSigma for MacOScoreSigma repo:
      Voir plus Voir moins
      1 h et 1 min