Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Risky Business #770 -- A Russian IR guy discovers extremely cool spookware

November 12, 2024 1:03:29 11.82 MB ( 49.12 MB less) Downloads: 0

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • Apple frustrates law enforcement with iOS auto-reboot
  • CISA says most KEV vulnerabilities in 2023 were first used as zero days
  • Russians roll incident response on some sweet Linux spookware
  • Regular users can create mailboxes in M365?
  • Tor tracks down the source of its joe-job abuse complaints
  • And much, much more.

This week’s feature guest is former FBI agent Chris Tarbell, who arrested Silk Road operator Ross Ulbricht way back in 2013. As suggestions swirl that an incoming Trump administration might release Ulbricht, Chris talks about the reality of the Dread Pirate Roberts.

This episode is sponsored by software supply chain security firm Socket.dev. Founder Feross Aboukhadijeh thinks that we need a CVE-like catalogue for supply-chain attacks, and he makes a solid argument.

The show is also available on Youtube.

Show notes