Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Risky Business #660 -- Lapsus$ arrests, latest on Okta incident
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Some arrests of suspected Lapsus$ members in the UK Why the Okta incident is probably a fizzer Four FSB officers indicted over Triton/Trisis malware Kim Zetter interviewed Intrusion Truth Australian government to upsize ASD Wave bye bye to Finfisher Much, much more This week’s sponsor interview is with Mike Wiacek from Stairwell. Stairwell makes a product that catalogues the files in your environment and lets you slice and dice that data. That makes threat hunting pretty easy and Mike is joining the show this week to talk about why organisations of all stripes should be doing threat hunting. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal - BBC News Okta ‘identifying and contacting’ customers potentially affected by Lapsus$ breach - The Record by Recorded Future Okta revises original statement, says 366 customers affected by Lapsus$ breach - The Record by Recorded Future Okta apologizes for waiting two months to notify customers of Lapsus$ breach - The Record by Recorded Future Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show | TechCrunch DOJ unseals indictments of four Russian gov’t officials for cyberattacks on energy companies - The Record by Recorded Future Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide | OPA | Department of Justice Intrusion Truth - Five Years of Naming and Shaming China’s Spies ASD to double in size after $10bn cyber security funding boost - Security - iTnews How the Biden budget goes big on cyber - The Record by Recorded Future FBI, CISA advise 13,000 orgs to have 'low threshold' for reporting cyberattacks - The Record by Recorded Future Senate report examines REvil ransomware attacks on US firms - The Record by Recorded Future Senate ransomware investigation says FBI leaving victims in the lurch Surveillance software firm FinFisher declares insolvency - The Record by Recorded Future NSO refused Ukraine’s request for Pegasus spyware so it wouldn’t anger Russia - The Washington Post FCC puts Kaspersky on security threat list, says it poses “unacceptable risk” | Ars Technica Traffic at major Ukrainian internet service provider Ukrtelecom disrupted - The Record by Recorded Future An interview with the chief technical officer at Ukrtelecom - The Record by Recorded Future Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests” – Krebs on Security North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets | Ars Technica Google releases emergency security update for Chrome users after second 0-day of 2022 discovered - The Record by Recorded Future Npm maintainers remove malicious packages after typosquatting attempt - The Record by Recorded Future ‘Spam Nation’ Villain Vrublevsky Charged With Fraud – Krebs on Security $2 million stolen from DeFi protocol Revest Finance, platform unable to reimburse victims - The Record by Recorded Future Flash loan attack on One Ring protocol nets crypto-thief $1.4 million | The Daily Swig More than $625 million stolen in DeFi hack of Ronin Network - The Record by Recorded Future Hackers Who Stole $50 Million in Crypto Say They Will Refund Some Victims
Risky Biz Soap Box: Why allowlisting is ready for prime time
Airlock Digital co-founders Daniel Schell and Dave Cottingham join host Patrick Gray to talk about: What an effective allowlisting program looks like Why the third party allowlisting industry failed the first time What you can achieve with Microsoft tooling versus specialist tools How much effort is involved to do this right
Risky Business #659 -- Okta and Microsoft meet LAPSUS$
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Okta’s somewhat awful comms around its LAPSUS$ incident Inside Microsoft’s brush with the same group How Elon Musk’s Starlink service is being used to drop bombs on Russian tanks US, UK governments warn of impending Russian cyberdoom Much, much more… This week’s sponsor interview is with Paul Lanzi, co-founder of Remediant. Paul joins the show this week to talk about cyber insurance. It’s a topic that has come up a lot for us lately – ransomware has borderline sunk the current cyber insurance model as payments ballooned and payouts made a lot of insurers adjust premiums to the. But all is not lost – Paul says this blowup means the insurance industry is actually adapting and could wind up being a driver of better security practices. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Hackers hit authentication firm Okta, customers 'may have been impacted' | Reuters Updated Okta Statement on LAPSUS$ | Okta Microsoft investigating Lapsus$ claims of Bing, Cortana data theft - The Record by Recorded Future DEV-0537 criminal actor targeting organizations for data exfiltration and destruction - Microsoft Security Blog U.K. echoes Biden warning on Russian cyberattacks - The Record by Recorded Future Statement by President Biden on our Nation’s Cybersecurity | The White House FBI advised that hackers scanned networks of 5 US energy firms ahead of Biden's Russia cyberattack warning - CNNPolitics CISA, FBI warn of satellite network hacks following Viasat cyberattack - The Record by Recorded Future Specialist Ukrainian drone unit picks off invading Russian forces as they sleep | News | The Times China’s DJI And Its Billionaire Chief Put In An Awkward Spot As Both Sides In Ukraine War Use Its Drones Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine | Snyk Catalin Cimpanu on Twitter: "Following the poisoning of the node-ipc npm package to sabotage systems in Belarus and Russia, Russia's NKTsKI cyber-security agency has told companies to use local repos for FOSS software, use older versions prior to the invasion, and audit new updates https://t.co/3PlKdXTfn1 https://t.co/EV25HBBZFN" / Twitter U.S. bars ex-spies from becoming 'mercenaries,' following Reuters series | Reuters Behold, a password phishing site that can trick even savvy users | Ars Technica Death of the Password? FIDO Alliance Reveals Its New Plan | WIRED Scammers have 2 clever new ways to install malicious apps on iOS devices | Ars Technica New details emerge on prolific Conti-linked cybercrime group Trickbot is using MikroTik routers to ply its trade. Now we know why | Ars Technica Sandworm-linked botnet has another piece of hardware in its sights Hacker Steals Customer Data From Circle, BlockFi, Other Big Crypto Firms - Decrypt Lawmakers Probe Early Release of Top RU Cybercrook – Krebs on Security A different way to do PAM -- Paul Lanzi, Remediant - YouTube
Risky Business #658 -- Germany sounds alarm on Kaspersky software
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Germany issues stark warning to Kaspersky users Ukraine SATCOM hack keeps getting more interesting Russia to spin up its own CA, but it’s not what it seems Why the ransomware threat could get worse, then better Much, much more This week’s show is brought to you by Fastly. Kelly Shortridge, Fastly’s Senior Principal Product Technologist, joins the show this week to tell us what modern security actually looks like. Kelly is always fascinating so we were thrilled she was in the sponsor chair this week. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes German government issues warning about Kaspersky products - CyberScoop Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say | Reuters SATELLITE SYSTEMS, SATCOM AND SPACE SYSTEMS UPDATE Russia to create its own security certificate authority, alarming experts Political fallout in cybercrime circles upping the threat to Western targets (2) Oleg Shakirov on Twitter: "Russia's deputy foreign minister says he hopes the Russian-U.S. dialogue on cyber security will be resumed in response to a question whether it has been frozen He adds that it can bring tangible results like the disruption of REvil https://t.co/m817WD80vr" / Twitter FinCEN warns ransomware proceeds could be part of Russia sanctions evasion Biden takes big step toward government-backed digital currency Ukrainian hackers say HackerOne is blocking their bug bounty payouts | TechCrunch (2) Techmeme on Twitter: "Sources: Apple and Google removed Kremlin critic Navalny's app in September after FSB agents came to homes of top execs and threatened to take them to prison (Washington Post) https://t.co/nqvtHmG1Ft https://t.co/gQCcnFhnyo" / Twitter Government agencies in Ukraine targeted in cyber-attacks deploying MicroBackdoor malware | The Daily Swig (2) ESET research on Twitter: "#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine 🇺🇦. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 https://t.co/gVzzlT6AzN" / Twitter Ukraine facing major regional internet outages as Russian invasion continues Transparency Org Releases Alleged Leak of Russian Censorship Agency Denial-of-service attack knocked Israeli government sites offline The Lapsus$ Hacking Group Is Off to a Chaotic Start | WIRED Penny Arcade - Comic - Also Known As Blackmail Man charged with Kaseya hack extradited to the US - The Record by Recorded Future NetWalker ransomware affiliate extradited to the US - The Record by Recorded Future Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 | Ars Technica New method that amplifies DDoSes by 4 billion-fold. What could go wrong? | Ars Technica SEC weighs reporting requirements for publicly traded companies Biden signs cyber incident reporting bill into law - The Record by Recorded Future Join The Dept of Know_ Live! BAYRAKTAR-Official Song (english) - YouTube Product Demo: Proofpoint Nexus People Explorer - YouTube
Risky Business #657 -- Belarus targets refugee data
On this week’s show Patrick Gray, Brian Krebs and Adam Boileau discuss the week’s security news, including: The Contileaks latest Belarus targeted refugee data. Was it behind the ICRC hack? How APT41 hacked America’s livestock SATCOM hack in Ukraine may bode ill for Musk Much, much more Material Security’s co-founder Ryan Noon is this week’s sponsor guest. He joins the show to talk about a few things, how the building blocks for a whole new generation of security tooling – like large-scale data crunching tech – is now just available off the shelf. He also talks us through an integration Material has done with a groovy new SOAR platform called Tines. Links to everything we discussed – and a YouTube demo of Material’s technology – are below. Show notes Conti Ransomware Group Diaries, Part I: Evasion – Krebs on Security Conti Ransomware Group Diaries, Part II: The Office – Krebs on Security Conti Ransomware Group Diaries, Part III: Weaponry – Krebs on Security Conti Ransomware Group Diaries, Part IV: Cryptocrime – Krebs on Security Christo Grozev on Twitter: "This is not the worst part. In the phone call in which the FSB officer assigned to the 41st Army reports the death to his boss in Tula, he says they've lost all secure communications. Thus the phone call using a local sim card. Thus the intercept. https://t.co/cgHHo7VaRi" / Twitter Cloudflare not fully backing out of Russia, company says, as tech firms are forced to weigh in - CyberScoop NATO countries' refugee management may have been targeted by Belarus-linked hackers - CyberScoop Twitter Launches Tor Onion Service Making Site Easier to Access in Russia Hive ransomware gang targets Romanian oil firm in its latest cyberattack - The Record by Recorded Future Chinese Spies Hacked a Livestock App to Breach US State Networks | WIRED Christophe on Twitter: "Casually compromising API keys from Azure customers: - Step 1: Create an Azure automation account - Step 2: curl localhost on ports 40000+ You now have an API token in the Azure tenant of another customer, with the same permissions as the automation🙈 https://t.co/XRI99mCJ1T" / Twitter Google WAF bypassed via oversized POST requests | The Daily Swig DDoSers are using a potent new method to deliver attacks of unthinkable size | Ars Technica SATCOM terminals under attack in Europe: a plausible analysis. The internet in Ukraine is still mostly online. Could Starlink be a backup if it goes out? - The Record by Recorded Future Linux has been bitten by its most high-severity vulnerability in years | Ars Technica Google to acquire Mandiant in $5.4 billion deal - The Record by Recorded Future Senate approves cyber incident reporting bill amid worries about Russian threats - The Record by Recorded Future Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns - The Record by Recorded Future Material Security: Keeping email safe at rest (improved audio) - YouTube Risky Biz Product Demos - YouTube
Risky Business #656 – We expected a cyberwar but got an infowar
On this week’s show Patrick Gray, Dmitri Alperovitch and Adam Boileau discuss the week’s security news, including: We expected a cyberwar but got an information war People with SDR kits are doing SIGINT in Ukraine Conti has imploded and it’s hilarious Much, much more This week’s show is brought to you by Proofpoint. Sherrod DeGrippo, Proofpoint’s Vice President of Threat Research and Detection is this week’s sponsor guest. She joins us to talk about how there isn’t really any magic advice she can dispense to protect customers from Russian attacks. There are some show notes below, but they’re not exhaustive. Show notes The propaganda war has eclipsed cyberwar in Ukraine | MIT Technology Review Ukrainian Researcher Leaks Conti Ransomware Gang Data Signal on Twitter: "We've had an uptick in usage in Eastern Europe & rumors are circulating that Signal is hacked & compromised. This is false. Signal is not hacked. We believe these rumors are part of a coordinated misinformation campaign meant to encourage people to use less secure alternatives." / Twitter Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns - The Record by Recorded Future Phishing campaign targets European officials assisting in refugee operations - The Record by Recorded Future https://twitter.com/sbreakintl/status/1498619303717142529?s=21 Apple halts sales of products to Russia, restricts access to Russian news apps Belarusian hackers launch another attack, adding to chaotic hacktivist activity around Ukraine - CyberScoop Russian State Media Hacked to Show Casualty Numbers for Russian Soldiers in Ukraine War Would Banning Russia From Getting Software Updates Make It Easier to Hack? Ukraine’s Volunteer ‘IT Army’ Is Hacking in Uncharted Territory | WIRED vx-underground on Twitter: "Conti ransomware group previously put out a message siding with the Russian government. Today a Conti member has begun leaking data with the message "Fuck the Russian government, Glory to Ukraine!" You can download the leaked Conti data here: https://t.co/BDzHQU5mgw https://t.co/AL7BXnihza" / Twitter Active Measures, LLC on Twitter: "That keyboard sound you hear is lawyers at US CYBERCOMMAND updating some opinions." / Twitter Conti ransomware gang chats leaked by pro-Ukraine member - The Record by Recorded Future Russia appears to deploy digital defenses after DDoS attacks - The Record by Recorded Future Russia’s Sandworm Hackers Have Built a Botnet of Firewalls | WIRED Auth0 co-founder and CEO Eugenio Pace walks us through the Auth0 platform - YouTube Dmitri Alperovitch on Twitter: "In the last few weeks, I have become increasingly convinced that Kremlin has unfortunately made a decision to invade Ukraine later this winter. While it is still possible for Putin to deescalate, I believe the likelihood is now quite low. Allow me to explain why 🧵" / Twitter
Risky Biz Soap Box: US Government will embrace "phishing resistant MFA"
These Soap Box editions of the show are entirely sponsored – that means everyone you hear in one of these episodes paid to be here. In this edition we’re talking to Yubico’s Chief Solutions Officer Jerrod Chong. We do one of these Soap Box podcasts with Jerrod every year. Yubico, of course, is the maker of the Yubikey hardware security device. In this chat with Jerrod we cover a few things – like the zero trust executive order, hardware-backed web transactions and how the industry leading the charge on security keys right now is actually the cryptocurrency space.