Risky Business Patrick Gray
-
- News
-
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
-
Risky Business #742 -- China bans AMD and Intel, pivots to Linux on the desktop
On this week’s show Patrick and Adam discuss the week’s security news, including:
FVEY protests China’s widespread hacking of western politicians
China bans western CPUs, Windows and databases
Apple’s leaky M-chip prefetcher
Nigeria holds ex-IRS investigator hostage in Binance stoush
Researchers bring Rowhammer to AMD Zen and DDR5
And much, much more.
This week’s show is brought to you by Thinkst Canary. Its founder Haroon Meer joins this week’s show to make a passionate case that security vendors don’t all have to go for explosive growth. Slow and steady with a focus on excellent and relevant products will win the race, he says. -
Risky Biz Soap Box: Why Azure vulns should get CVEs
In this Soap Box edition of the podcast Patrick Gray talks to Nucleus Security co-founder Scott Kuffer about whether or not cloud service vulnerabilities should get CVEs, what on earth is happening with NIST’s National Vulnerability Database (NVD) and more.
-
Risky Business #741 -- The Mintlify breach and modern supply chains
On this week’s show Patrick and Adam discuss the week’s security news, including:
Turns out AI is still bad code review after all,
Mintlify loses a bunch of Github tokens,
Everything old is new again with the UDP loop DoS,
Know-your-(recon satellite)-customer is hard,
Microsoft takes away Russia’s powershell, solving living off the land,
And much, much more
This week’s show is brought to you by Material Security. In this week’s sponsor interview we speak with Material’s Rajan Kapoor, VP of Customer Experience at Material. We’re also joined by Chaim Sanders, who heads Security and Privacy at Lyft. -
Risky Business #740 -- Midnight Blizzard's Microsoft hack isn't over
On this week’s show Patrick and Adam discuss the week’s security news, including:
Weather forecast in Redmond is still for blizzards at midnight
Maybe Change Healthcare wasn’t just crying nation-state wolf
Hackers abuse e-prescription systems to sell drugs
CISA goes above and beyond to relate to its constituency by getting its Ivantis owned
VMware drinks from the Tianfu Cup
Much, much more
This week’s feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller’s chief of staff when he was FBI director.
John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He’ll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing.
Rad founder Jimmy Mesta will along in this week’s sponsor segment to talk about some really interesting work they’ve done in baselining cloud workloads. It’s the sort of thing that sounds simple that really, really isn’t. -
Risky Business #739 -- ALPHV exit scams while Change Healthcare burns
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
Predator spyware maker getting a stern sanctioning
A German military WebEx meeting gets snooped
Mem-corrpution is still king
And much, much more
In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP. -
Risky Business #738 -- LockBit is down but not out. Yet.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
LockBit gets back up after takedown
Russia arrests Medibank hacker… for something else
ConnectWise gives out free updates, but customers aren’t happy
Microsoft gives in to demands for more logs
Sandvine gets entity-listed
And much much more.
Dmitri Alperovitch also joins the show to discuss Starlink, Starshield and a row with Congress about its availability in Taiwan.
In this week’s sponsor interview, Airlock Digital’s Daniel Schell talks about his adventures with WDAC, and Dave Cottingham predicts Windows 12 will go all in on signed code.