Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: We roll our eyes over the “16 billion credentials” leak hitting mainstream news Some interesting cyber angles emerge from the conflict in Iran Opensource maintainer of libxml2 is fed up with this hacker crap Shockingly, there are yet more ways to trick people into pasting commands into Windows Veeam “patches” its backup software RCE like it’s 2002 … by breaking the public PoC This week’s episode is sponsored by Internet-wide honeypot reconnaissance platform, Greynoise. Founder Andrew Morris joins to talk about their journey spotting Chinese ORB-builders hacking thousands of ASUS routers, and why they’re destined for the woodchipper. This episode is also available on Youtube. Show notes No, the 16 billion credentials leak is not a new data breach Canadian telecom hacked by suspected China state group - Ars Technica Telecom giant Viasat breached by China's Salt Typhoon hackers WarTranslated on X: "Iran’s jamming GPS in the Strait of Hormuz, messing with ~970 ships, per Windward. UKMTO confirms the interference. Faulty AIS coordinates are screwing up navigation in the Persian Gulf. The IRGC threatens to shut the strait down in hours. https://t.co/kdMJvshOGC" / X Dmitri Alperovitch on X: "Chairman of the Joint Chiefs Gen. Dan Caine says @US_CYBERCOM supported this strike mission" / X Top Pentagon spy pick rejected by White House - POLITICO DHS warns of heightened cyber threat as US enters Iran conflict | Cybersecurity Dive Exclusive: Early US intel assessment suggests strikes on Iran did not destroy nuclear sites, sources say U.S. braces for Iran's response after overnight strikes on nuclear sites Assessing the Damage to Iran’s Nuclear Program Iran Hacks Tirana Municipality in Retaliation Over MEK - Tirana Times Iran's government says it shut down internet to protect against cyberattacks | TechCrunch Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry | Cybersecurity Dive Tonga Ministry of Health hit with cyberattack affecting website, IT systems | The Record from Recorded Future News Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US | The Record from Recorded Future News Russia releases REvil members after convictions for payment card fraud | The Record from Recorded Future News OneLogin, Many Issues: How I Pivoted from a Trial Tenant to Compromising Customer Signing Keys - SpecterOps Triaging security issues reported by third parties (#913) · Issue · GNOME/libxml2 README: Set expectations straight (35d04a08) · Commits · GNOME / libxml2 · GitLab What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia | Google Cloud Blog FileFix - A ClickFix Alternative | mr.d0x Address bar shows hp.com. Browser displays scammers’ malicious text anyway. - Ars Technica Researchers urge vigilance as Veeam releases patch to address critical flaw | Cybersecurity Dive ASUSpicious Flaw - Millions of Users’ Information Exposed Since 2022 | MrBruh's Epic Blog Perth dad who created ‘evil twin’ Wi-Fi did so to access pictures of women GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers
Risky Business #796 -- With special guest co-host Chris Krebs
On this week’s show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the week’s cybersecurity news. They talk through: Israeli “hacktivists” take out an Iranian state-owned bank Scattered-spider and friends pivot into attacking insurers Securing identities in a cloud-first world keeps us awake at night Microsoft takes the “aas” out of SaaS for Europe, leaving us with just software! An AI prompt injection into M365 exfils corporate data This week’s episode is sponsored by Kroll’s Cyber practice. Kroll Cyber Associate Managing Director George Glass is based in London and talks through his experiences helping organisations in the UK deal with the Scattered Spider attacks. This episode is also available on Youtube. Show notes Iran’s Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group | CyberScoop Iran orders officials to ditch connected devices Heightened Cyberthreat Amidst Israel-Iran Conflict Threat group linked to UK, US retail attacks now targeting insurance industry | Cybersecurity Dive Coming to Apple OSes: A seamless, secure way to import and export passkeys - Ars Technica Cyberattack on Washington Post Compromises Email Accounts of Journalists Hackers impersonating US government compromise email account of prominent Russia researcher | The Record from Recorded Future News A good one to talk to Chris about: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws | Cybersecurity Dive Whole Foods supplier making progress on restoration after cyberattack left shelves empty | The Record from Recorded Future News Ransomware attack on ticketing platform upends South Korean entertainment industry | The Record from Recorded Future News Advisory: Cybersecurity incident
Soap Box: AI has entered the SOC, and it ain't going anywhere
In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Dropzone AI founder Ed Wu about the role of LLMs in the SOC. The debate about whether AI agents are going to wind up in the SOC is over, they’ve already arrived. But what are they good for? What are they NOT good for? And where else will we see AI popping up in security? This episode is also available on Youtube. Show notes
Risky Business #795 -- How The Com is hacking Salesforce tenants
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: New York Times gets a little stolen Russian FSB data as a treat iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign Researcher figures out a trick to get Google account holders’ full names and phone numbers Major US food distributor gets ransomwared The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar. This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst. This episode is also available on Youtube. Show notes How The Times Obtained Secret Russian Intelligence Documents - The New York Times Ukraine's military intelligence claims cyberattack on Russian strategic bomber maker | The Record from Recorded Future News Harris-Walz campaign may have been targeted by iPhone hackers, cybersecurity firm says iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S. Spyware maker cuts ties with Italy after government refused audit into hack of journalist’s phone | The Record from Recorded Future News Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist | TechCrunch Android chipmaker Qualcomm fixes three zero-days exploited by hackers | TechCrunch Cellebrite to acquire mobile testing firm Corellium in $200 million deal | CyberScoop Apple Gave Governments Data on Thousands of Push Notifications A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account Bruteforcing the phone number of any Google user Acreed infostealer poised to replace Lumma after global crackdown | The Record from Recorded Future News BidenCash darknet forum taken down by US, Dutch law enforcement | The Record from Recorded Future News NHS calls for 1 million blood donors as UK stocks remain low following cyberattack | The Record from Recorded Future News Major food wholesaler says cyberattack impacting distribution systems | The Record from Recorded Future News Kettering Health confirms attack by Interlock ransomware group as health record system is restored | The Record from Recorded Future News Hackers abuse malicious version of Salesforce tool for data theft, extortion | Cybersecurity Dive shubs on X: "IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we're releasing Newtowner, to help test for this issue: https://t.co/X3dkMz9gwK" / X Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect | WIRED Australian navy ship causes radio and internet outages to parts of New Zealand
Risky Business #794 -- Psychic Panda outgunned by Fluffy Lizard and UNC56728242
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Cyber firms agree to deconflict and cross-reference hacker group names Russian nuclear facility blueprints gathered from public procurement websites Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons Germany identifies the Trickbot kingpin Google spots China’s MSS using Calendar events for malware C2 Meta apps abuse localhost listeners to track web sessions. This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security. This episode is also available on Youtube. Show notes 'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames | Reuters Ukraine's Massive Drone Attack Was Powered by Open Source Software Massive security breach: Russian nuclear facilities exposed online How a Spyware App Compromised Assad’s Army - New Lines Magazine Exclusive | Federal Authorities Probe Effort to Impersonate White House Chief of Staff Susie Wiles - WSJ Malaysian home minister’s WhatsApp hacked, used to scam contacts | The Record from Recorded Future News U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security Top counter antivirus service disrupted in global takedown | CyberScoop Cops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware Kingpin | WIRED Australian ransomware victims now must tell the government if they pay up | The Record from Recorded Future News Google: China-backed hackers hiding malware in calendar events | Cybersecurity Dive Coinbase breach linked to customer data leak in India, sources say | Reuters US military IT specialist arrested for allegedly trying to leak secrets to foreign government | The Record from Recorded Future News NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages | The Record from Recorded Future News ConnectWise says nation-state attack targeted multiple ScreenConnect customers | The Record from Recorded Future News Google Online Security Blog: Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store Meta and Yandex are de-anonymizing Android users’ web browsing identifiers - Ars Technica An Open Letter to Third-Party Suppliers
Risky Business #793 -- Scattered Spider is hijacking MX records
In this week’s edition of Risky Business Dmitri Alperovitch and Adam Boileau join Patrick Gray to talk through the week’s news, including: EXCLUSIVE: A Scattered Spider-style crew is hijacking DNS MX entries and compromising enterprises within minutes The SVG format brings the all horrors of HTML+JS to image files, and attackers have noticed Brian Krebs eats a 6.3Tbps DDoS … ‘cause that’s how you demo your packet cannon Law enforcement takes out Lumma Stealer, Qakbot, Danabot and some dark web drug traffickers Iranian behind 2019 Baltimore ransomware mysteriously appears in North Carolina and pleads guilty CISA’s leadership is fleeing in droves, even though the US needs them more than ever. This week’s episode is sponsored by Thinkst Canary. Long time friend of the show Haroon Meer joins and talks through where he feels the industry is at, having just returned home from the AI-fueled hype at this year’s RSA conference. This episode is also available on Youtube. Show notes China-linked ‘Silk Typhoon’ hackers accessed Commvault cloud environments, person familiar says - Nextgov/FCW Risky Bulletin: SVG use for phishing explodes in 2025 - Risky Business Media KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – Krebs on Security Midwestern telco Cellcom confirms cyber incident after days of service outages | The Record from Recorded Future News Microsoft leads international takedown of Lumma Stealer | Cybersecurity Dive Who said what? on X: "Message from the administrator of Lumma Stealer on the forums about the recent events🕊️👀 https://t.co/MOjCSMMErK" / X Ransomware hackers charged, infrastructure dismantled in international law enforcement operation | The Record from Recorded Future News Oops: DanaBot Malware Devs Infected Their Own PCs – Krebs on Security DOJ charges man allegedly behind Qakbot malware | The Record from Recorded Future News US, Europol arrest 270 dark web drug traffickers in Operation RapTor | The Record from Recorded Future News Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars | The Record from Recorded Future News Decentralized crypto platform Cetus hit with $223 million hack | The Record from Recorded Future News Nearly 70,000 impacted by Coinbase breach involving $20 million ransom demand | The Record from Recorded Future News USA: Crypto investor charged with kidnapping, torturing man in an NYC apartment Vietnam orders ban on Telegram messaging app over security concerns | The Record from Recorded Future News Exclusive: Hacker who breached communications app used by Trump aide stole data from across US government | Reuters CISA loses nearly all top officials as purge continues | Cybersecurity Dive White House dismisses scores of National Security Council staff - The Washington Post
Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: TeleMessage memory dumps show up on DDoSecrets Coinbase contractor bribed to hand over user data Telegram does seem to be actually cooperating with law enforcement Britain’s legal aid service gets 15 years worth of applicant data stolen Shocking no one, Ivanti were weaseling when they blamed latest bugs on a third party library This week’s episode is sponsored by Prowler, who make an open source cloud security tool. Founder and original project developer Toni de la Fuente joins to talk through the flexibility that open tooling brings. Prowler is also adding support for SaaS platforms like M365, and of course, an AI assistant to help you write checks! This episode is also available on Youtube. Show notes TeleMessage - Distributed Denial of Secrets How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes | WIRED Coinbase says thieves stole user data and tried to extort $20M Hack could cost Coinbase up to $400M: filing | Cybersecurity Dive Severed Fingers and ‘Wrench Attacks’ Rattle the Crypto Elite Money Stuff: US Debt Rates Itself | NewsletterHunt 2 massive black market services blocked by Telegram, messaging app says | Reuters Telegram Gave Authorities Data on More than 20,000 Users GovDelivery, an email alert system used by governments, abused to send scam messages | TechCrunch ATO warning as hackers steal $14,000 in tax returns: ‘Be wary’ Hack of SEC social media account earns 14-month prison sentence for Alabama man | The Record from Recorded Future News 19-year-old accused of largest child data breach in U.S. agrees to plead guilty Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy | 7NEWS Pegasus spyware maker rebuffed in efforts to get off trade blacklist - The Washington Post Ransomware attack hits supplier of refrigerated groceries to British supermarkets | The Record from Recorded Future News UK government confirms massive data breach following hack of Legal Aid Agency | The Record from Recorded Future News Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities | Cybersecurity Dive Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)
Risky Biz Soap Box: Push Security's browser-first twist on identity security
In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up. It’s extremely difficult to bypass. That’s because when you’re in the browser it doesn’t matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it. There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it’s enrolled into your SSO, are you sure that’s how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable? This is a fun one! This episode is also available on Youtube. Show notes
Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back! The ransomware ecosystem is finding life a bit tough lately SAP Netweaver bug being used by Chinese APT crew Academics keep just keep finding CPU side-channel attacks And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF? This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future. This episode is also available on Youtube. Show notes Exploiting Copilot AI for SharePoint | Pen Test Partners MrBruh's Epic Blog Ransomware group Lockbit appears to have been hacked, analysts say | Reuters "CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET’s birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy." Mysterious hackers who targeted Marks and Spencer's computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states The organizational structure of ransomware groups is evolving rapidly. SAP NetWeaver exploitation enters second wave of threat activity China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures DOGE software engineer’s computer infected by info-stealing malware Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades FBI and Dutch police seize and shut down botnet of hacked routers Poland arrests four in global DDoS-for-hire takedown School districts hit with extortion attempts after PowerSchool breach EU launches vulnerability database to tackle cybersecurity threats Training Solo - vusec Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet PSIRT | FortiGuard Labs EPMM Security Update | Ivanti
Wide World of Cyber: How state adversaries attack security vendors
In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne’s Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them. From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns. This edition of the Wide World of Cyber was recorded in front of a live audience in San Francisco, with Patrick attending via Zoom. The Wide World of Cyber podcast series is a wholly sponsored co-production between SentinelOne and Risky Business Media. This episode is also available on Youtube. Show notes
Risky Business #790 -- Bye bye Signal-gate, hello TeleMessage-gate
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: White House’s off-brand Israeli Signal fork logs cleartext messages with hard coded creds while getting hacked (twice). Just … Wow. Ransomware attacks on UK retailers are linked, and Marks & Spencer has it extra bad After six years dormant, a Magento eCommerce platform backdoor comes to life The North Korean IT worker scam is truly webscale NSO group owes Meta $168m for hacking WhatsApp This week’s episode is sponsored by vulnerability management wranglers, Nucleus Security. Aaron Unterberger joins to talk through the complexities of tracking vulnerabilities in cloud components - left to the source, right to the deployments, and …sideways into the sidecars? This week’s show also features an excerpt from Pat’s interview with Senator Mark Warner - Scoot back one in your podcast feed to check out the full chat, or find it on Youtube. This episode is available on Youtube too. Show notes Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs The Signal Clone the Trump Admin Uses Was Hacked App used by Mike Waltz suspends services after hacking claims Senator Demands Investigation into Trump Admin Signal Clone After 404 Media Investigation MG on X: "Looks like TeleMessage was probably procured and rolled out under Biden. There are public records for it. https://t.co/XCuZpi8PL3" / X Harrods becomes latest retailer to announce attempted cyberattack | The Record from Recorded Future News Co-op DragonForce cyber attack includes customer data, firm admits Co-op cyber attack: Staff told to keep cameras on in meetings Hundreds of e-commerce sites hacked in supply-chain attack - Ars Technica Microsoft’s new “passwordless by default” is great but comes at a cost - Ars Technica Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop US wants to cut off key player in Southeast Asian cybercrime industry | The Record from Recorded Future News Myanmar militia leader sanctioned by US over cyber scam connections | The Record from Recorded Future News Trump proposes major cut to CISA’s budget, citing false ‘censorship’ claims | Cybersecurity Dive NSA to cut up to 2,000 civilian roles as part of intel community downsizing | The Record from Recorded Future News NSO Group owes $168M in damages to WhatsApp over spyware infections, jury says | CyberScoop
BONUS INTERVIEW: Senator Mark Warner on Signalgate, Volt Typhoon and tariffs
In this extended interview the Vice Chair of the Senate Select Committee on Intelligence, Senator Mark Warner, joins Risky Business host Patrick Gray to talk about: The latest developments in the Signalgate scandal Why America needs to be more aggressive in responding to Volt Typhoon How tariffs are affecting American alliances Why the Five Eyes alliance is sacrosanct This episode is available on Youtube Show notes
Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: British retail stalwart Marks & Spencer gets cybered South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then) Anti-DOGE whistleblower sure sounds like he has a point This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems. Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉 This episode is also available on Youtube. Show notes British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News M&S cyber-attack linked to hacking group Scattered Spider | Marks & Spencer | The Guardian Bina Puri shares, Warrant B close sharply lower day after hacking Bina Puri, Pos Malaysia tumble following hacking incident | FMT Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News US conducts cyberattacks against major Chinese commercial encryption provider: report - Global Times Iran says major cyberattack on infrastructure repelled | Iran International Spain rules out cyber attack - but what could have caused power cut? South Korea's SK Telecom begins SIM card replacement after data breach AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security iOS and Android juice jacking defenses have been trivial to bypass for years - Ars Technica How Android 16's new security mode will stop USB-based attacks - Android Authority Researchers warn of critical flaw found in Erlang OTP SSH | Cybersecurity Dive Critical vulnerability in SAP NetWeaver under threat of active exploitation | Cybersecurity Dive CVE-2025-31324: Critical SAP Flaw Explained | Strobes Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) Risky Bulletin: NFC card malware keeps evolving in Russia, a bad omen for the future - Risky Business Media Hegseth had unsecured internet line in Pentagon for Signal, sources say | AP News Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security 2025_0414_Berulis-Disclosure-with-Exhibits.s.pdf CISA gets a deputy director as it braces for major layoffs | Cybersecurity Dive Two top cyber officials resign from CISA | The Record from Recorded Future News Ex-CISA chief Chris Krebs leaving SentinelOne following Trump pressure | Reuters Former cyber official targeted by Trump speaks out after cuts to digital defense Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne ZachXBT on X: "Nine hours ago a suspicious transfer was made from a potential victim for 3520 BTC ($330.7M)"
Snake Oilers: LimaCharlie, Honeywell Cyber Insights, CobaltStrike and Outflank
In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products: LimaCharlie: A public cloud for SecOps Honeywell Cyber Insights: An OT security/discovery solution Fortra’s CobaltStrike and Outflank: Security tooling for red teamers This episode is also available on Youtube. Show notes
Snake Oilers: Pangea, Cosive and Sysdig
In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech: Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud) Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff. Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/snakeoilers) Are you running a MISP server on some old hardware under a desk in your SOC? There’s a better way! Cosive can run it for you on AWS so you can just use it instead of wrestling with maintaining it. They also do some CTI consulting to help you get better use out of MISP. Sysdig: A Linux runtime security platform (https://sysdig.com/) The modern Windows network is an all-singing, all-dancing, perfectly orchestrated, EDR-protected ballet. The modern Linux production environment… isn’t. Find out how Sysdig can help you get some visibility and control over your Linux fleet. This episode is also available on Youtube. Show notes