Risky Business

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about: This week’s episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS. This episode is also available on Youtube. Show notes Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNNCongress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoopPost-mortem of Shai-Hulud attack on November 24th, 2025 - PostHogUpdate: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | ArmisGlassworm's resurgence | Secure Annex4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi BlogPost by @spuxx.bsky.social — BlueskyMeet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on SecurityThe WIRED Guide to Digital Opsec for Teens | WIREDPerth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC NewsEd Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / XReuters accused of hack attack | ZDNETThe Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIREDMicrosoft tightens cloud login process to prevent common attack | Cybersecurity DiveFortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity DiveCryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future NewsOfficials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future NewsData breach hits 'South Korea's Amazon,' potentially affecting 65% of country’s population | The Record from Recorded Future NewsNSA Contractor Groomed Teenage Girls On Reddit, DOJ AllegesNebulock developed coreSigma for MacOScoreSigma repo:

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by runZero. HD Moore pops in to talk about how they’re integrating runZero with Bloodhound-style graph databases. He also discusses uses for driving runZero’s tools with an AI, plus the complexities of shipping AI when the company has a variety of deployment models. This episode is also available on Youtube. Show notes Google says hackers stole data from 200 companies following Gainsight breachGainsight StatusTrust StatusCrowdStrike fires 'suspicious insider' who passed information to hackersSalesforce cuts off access to third-party app after discovering ‘unusual activity’Атаки разящей панды: APT31 сегодняOffice of Public Affairs | Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Australian federal MPs warned to turn off phones when Chinese delegation visits Parliament HouseSha1-Hulud: The Second Coming of the NPM Worm is Digging For SecretsFCC eliminates cybersecurity requirements for telecom companiesTrade Associations Cybersecurity Practices Ex ParteSEC voluntarily dismisses SolarWinds lawsuitRecord-breaking DDoS attack against Microsoft Azure mitigatedThe Cloudflare Outage May Be a Security Roadmap – Krebs on SecurityCritics scoff after Microsoft warns AI feature can infect machines and pilfer datavx-underground on X: "I've had a surprising amount of people ask me about Copilot"Researchers warn command injection flaw in Fortinet FortiWeb is under exploitationTwo suspected Scattered Spider hackers plead not guilty over Transport for London cyberattackRussia arrests young cybersecurity entrepreneur on treason chargesThis campaign aims to tackle persistent security myths in favor of better adviceOops. Cryptographers cancel election results after losing decryption key.Uncovering network attack paths with runZeroHoundModel Context Protocol

In this sponsored Soap Box edition of the podcast, Andrew Morris joins Patrick Gray to talk about how Greynoise can often get a 90 day heads up on serious vulnerabilities. Whether it’s malicious actors doing reconnaissance or the affected vendors trying to understand the scope of the problem, it seems that mass scanning activity lines up pretty nicely with typical 90-day disclosure timelines. A fascinating chat with Andrew, as always. This episode is also available on Youtube. Show notes

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Mastercard. Senior Vice President of Mastercard Cybersecurity Urooj Burney joins to talk about how the roles of fraud and cyber teams in the financial sector are starting to converge. Mastercard also recently acquired Recorded Future, and Urooj talks about how they aim to integrate cyber threat intelligence into the financial world. This episode is also available on Youtube. Show notes Full report: Disrupting the first reported AI-orchestrated cyber espionage campaignResearchers question Anthropic claim that AI-assisted attack was 90% autonomous - Ars TechnicaChina’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work | CyberScoopAmazon discovers APT exploiting Cisco and Citrix zero-days | AWS Security BlogCISA gives federal agencies one week to patch exploited Fortinet bug | The Record from Recorded Future NewsPSIRT | FortiGuard LabsCISA, eyeing China, plans hiring spree to rebuild its depleted ranks | Cybersecurity DiveThis Is the Platform Google Claims Is Behind a 'Staggering’ Scam Text Operation | WIREDA Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers | WIREDDOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound | WIREDMultiple US citizens plead guilty to helping North Korean IT workers earn $2 million | The Record from Recorded Future NewsCyberattack leaves Jaguar Land Rover short of £680 million | The Record from Recorded Future NewsFBI: Akira gang has received nearly $250 million in ransoms | The Record from Recorded Future NewsOperation Endgame: Police reveal takedowns of three key cybercrime tools | The Record from Recorded Future NewsInside a Wild Bitcoin Heist: Five-Star Hotels, Cash-Stuffed Envelopes, and Vanishing Funds | WIRED

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Thinkst Canary. Big bird Haroon Meer joins and, as usual, makes a good point. If you’re going to trust a vendor to do something risky like put a box on your network, they have an obligation to explain how they make that safe. Thinkst has a /security page that does exactly that. So why do we let Palo Alto and Fortinet get away with “trust me, bro”? This episode is also available on Youtube. Show notes Myanmar Junta Dynamites Scam Hub in PR Move as Global Pressure GrowsChina sentences 5 Myanmar scam kingpins to death | The Record from Recorded Future NewsLaw passed for scammers, mules to be caned after victims in Singapore lose almost $4b since 2020 | The Straits TimesKnownSec breach: What we know so far. - NetAskariRisky Bulletin: Another Chinese security firm has its data leakedInside Congress LiveThe Government Shutdown Is a Ticking Cybersecurity Time Bomb | WIREDFormer Trump official named NSO Group executive chairman | The Record from Recorded Future NewsShort-term renewal of cyber information sharing law appears in bill to end shutdown | The Record from Recorded Future NewsJaguar Land Rover hack hurt the U.K.'s GDP, Bank of England saysMonetary Policy Report - November 2025 | Bank of EnglandSonicWall says state-linked actor behind attacks against cloud backup service | Cybersecurity DiveJapanese media giant Nikkei reports Slack breach exposing employee and partner records | The Record from Recorded Future News"Intel sues former employee for allegedly stealing confidential data" Post by @campuscodi.risky.biz — BlueskyIntroduction - OWASP Top 10:2025 RC1

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Nucleus Security, who make a vulnerability information management system. Co-founder Scott Kuffer says that approaches for triaging vulnerabilities have started to fall apart, given there are just. So. Many. And they’re all important! This episode is also available on Youtube. Show notes vx-underground on X: "Yeah, so pretty much this entire drama thing is FFmpeg are a bunch of nerds…"FFmpeg on X: "@DavidEGrayson It's someone's hobby project of an obscure 1990s decoder…"Halvar Flake on X: "Given the extremely big role ffmpeg has played historically..."thaddeus e. grugq on X: "Current drama: Plucky security researcher Google takes on volunteer open source behemoth FFmpeg."Robert Graham on X: "Current status: There's a conflict between Google…"Introducing Aardvark: OpenAI’s agentic security researcher | OpenAIBugcrowd acquires Mayhem Security to advance AI-powered security testing | CyberScoopProsecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks | CyberScoopFormer Trenchant Exec Sold Stolen Code to Russian Buyer Even After Learning that Other Code He Sold Was Being "Utilized" by Different Broker in South KoreaHow an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunchOperation Zero — A Zero-Day Vulnerability PlatformJohn Scott-Railton on X: "7/ There's a push to scale up America's offensive industry right now…"CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware | TechCrunchExploiting Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed Microsoft Teams Vulnerabilities UncoveredCargo theft gets a boost from hackers using remote monitoring tools | The Record from Recorded Future NewsRemote access, real cargo: cybercriminals targeting trucking and logistics | Proofpoint USAlleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition | The Record from Recorded Future NewsThree suspected developers of Meduza Stealer malware arrested in Russia | The Record from Recorded Future NewsAlleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody – Krebs on SecurityWindows Server Update Service exploitation ensnares at least 50 victims | Cybersecurity DivePost by @paulschnack.bsky.social — Bluesky

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation. This episode is also available on Youtube. Show notes US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunchAttackers bypass patch in deprecated Windows Server update tool | CyberScoopCVE-2025-59287 WSUS Unauthenticated RCE | HawkTraceCVE-2025-59287 WSUS Remote Code Execution | HawkTraceCatching Credential Guard Off Guard - SpecterOpsCache poisoning vulnerabilities found in 2 DNS resolving apps - Ars TechnicaUncovering Qilin attack methods exposed through multiple casesSafety on X: "By November 10, we’re asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one. A reminder: if you enroll a new security key, any" / XSpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds | The Record from Recorded Future NewsSpaceX: Update Your Inactive Starlink Dishes Now or They'll Be BrickedHow we linked ForumTroll APT to Dante spyware by Memento Labs | SecurelistFormer Polish official indicted over spyware purchase | The Record from Recorded Future NewsHP OneAgent Update Broke Entra Trust on HP AI DevicesWindows' Built-in OpenSSH for Offensive SecurityHow Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it. This episode is also available on Youtube. Show notes Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks | WIREDBreach at US-based cybersecurity provider F5 blamed on China, sources say | ReutersNetwork security devices endanger orgs with ’90s era flaws | CSO OnlineChina claims it caught US attempting cyberattack on national time center | The Record from Recorded Future NewsHackers Dox Hundreds of DHS, ICE, FBI, and DOJ OfficialsHackers Say They Have Personal Data of Thousands of NSA and Other Government OfficialsICE amps up its surveillance powers, targeting immigrants and antifa - The Washington PostJohn Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion AttemptUS court orders spyware company NSO to stop targeting WhatsApp, reduces damages | ReutersApple alerts exploit developer that his iPhone was targeted with government spyware | TechCrunchA New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones | WIREDGlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi BlogEuropean police bust network selling thousands of phone numbers to scammers | The Record from Recorded Future NewsStephan Berger on X: "We recently took over an APT investigation from another forensic company. While reviewing analysis reports from the other company, we discovered that the attackers had been active in the network for months and had deployed multiple backdoors. One way they could regain root" / XLinux Capabilities Revisited | dfir.chCVE-2025-59287 WSUS Remote Code Execution | HawkTraceTARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware | Edera BlogBrowser threat detection & response | Push Security | Push SecurityHow Push stopped a high risk LinkedIn spear-phishing attack

In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the f5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag. Show notes

In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space. After listening to this interview you’ll understand why the credit card company spent $2.65b on threat intelligence vendor Recorded Future! This episode is also available on Youtube. Show notes

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow. This episode is also available on Youtube. Show notes FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak | The Record from Recorded Future NewsDozens of Oracle customers impacted by Clop data theft for extortion campaign | CyberScoopWell, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882)Clop is a Big Fish, But Not Worth Hunting - Risky Business MediaShinyHunters Wage Broad Corporate Extortion Spree – Krebs on SecurityThe company Discord blamed for its recent breach says it wasn't hackedQantas confirms cybercriminals released stolen customer data | The Record from Recorded Future NewsRed Hat confirms breach of GitLab instance, which stored company’s consulting data | CyberScoopRisky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks - Risky Business MediaTeenagers arrested in England over cyberattack on nursery chain Kido | The Record from Recorded Future NewsActing US Cyber Command, NSA chief won’t be nominated for the job, sources say | The Record from Recorded Future NewsLayoffs, reassignments further deplete CISA | Cybersecurity DiveTrump’s scandalous directive to AG Pam Bondi reached the public by accidentFeds sanction Cambodian conglomerate over cyber scams, seize $15 billion from chairman | The Record from Recorded Future NewsUS Congress committee investigating Musk-owned Starlink over Myanmar scam centres | Myanmar | The GuardianSatellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data | WIREDNetherlands invokes special powers against Chinese-owned semiconductor company Nexperia | The Record from Recorded Future NewsSpyware maker NSO Group confirms acquisition by US investors | TechCrunchApple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits | WIREDWiz Finds Critical Redis RCE Vulnerability: CVE‑2025‑49844 | Wiz BlogSonicWall admits attacker accessed all customer firewall configurations stored on cloud portal | CyberScoopSonicWall SSLVPN devices compromised using valid credentials | Cybersecurity DiveIssues Affecting CrowdStrike Falcon Sensor for WindowsZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities - SecurityWeekJaguar Land Rover launches phased restart at factories after cyber-attack | Jaguar Land Rover | The GuardianWindows 10 support ends today — here's who's affected and what you need to do

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow. This episode is also available on Youtube. Show notes FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak | The Record from Recorded Future NewsDozens of Oracle customers impacted by Clop data theft for extortion campaign | CyberScoopWell, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882)Clop is a Big Fish, But Not Worth Hunting - Risky Business MediaShinyHunters Wage Broad Corporate Extortion Spree – Krebs on SecurityThe company Discord blamed for its recent breach says it wasn't hackedQantas confirms cybercriminals released stolen customer data | The Record from Recorded Future NewsRed Hat confirms breach of GitLab instance, which stored company’s consulting data | CyberScoopRisky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks - Risky Business MediaTeenagers arrested in England over cyberattack on nursery chain Kido | The Record from Recorded Future NewsActing US Cyber Command, NSA chief won’t be nominated for the job, sources say | The Record from Recorded Future NewsLayoffs, reassignments further deplete CISA | Cybersecurity DiveTrump’s scandalous directive to AG Pam Bondi reached the public by accidentFeds sanction Cambodian conglomerate over cyber scams, seize $15 billion from chairman | The Record from Recorded Future NewsUS Congress committee investigating Musk-owned Starlink over Myanmar scam centres | Myanmar | The GuardianSatellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data | WIREDNetherlands invokes special powers against Chinese-owned semiconductor company Nexperia | The Record from Recorded Future NewsSpyware maker NSO Group confirms acquisition by US investors | TechCrunchApple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits | WIREDWiz Finds Critical Redis RCE Vulnerability: CVE‑2025‑49844 | Wiz BlogSonicWall admits attacker accessed all customer firewall configurations stored on cloud portal | CyberScoopSonicWall SSLVPN devices compromised using valid credentials | Cybersecurity DiveIssues Affecting CrowdStrike Falcon Sensor for WindowsZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities - SecurityWeekJaguar Land Rover launches phased restart at factories after cyber-attack | Jaguar Land Rover | The GuardianWindows 10 support ends today — here's who's affected and what you need to do

In this edition of the Snake Oilers podcast, three vendors pop in to pitch you all on their wares: Realm SecurityHorizon3Persona This episode is also available on Youtube. Show notes

On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including: This episode is also available on YouTube. Show notes 'You'll never need to work again': Criminals offer reporter money to hack BBCGovernment to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdownFeds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on SecurityUK authorities arrest man in connection with cyberattack against aviation vendor | Cybersecurity DiveChinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoinCyberattack on Japanese beer giant Asahi limits shipping, call center operations | The Record from Recorded Future NewsAfghanistan plunged into nationwide internet blackout, disrupting air travel, medical care | The Record from Recorded Future NewsTile trackers are a stalker's dream, say Georgia Tech researchersIntel and AMD trusted enclaves, the backbone of network security, fall to physical attacks - Ars TechnicaSupermicro server motherboards can be infected with unremovable malware - Ars TechnicaChina-linked hackers use ‘BRICKSTORM’ backdoor to steal IP | The Record from Recorded Future NewsAnother BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal SectorsFederal agencies given one day to patch exploited Cisco firewall bugs | The Record from Recorded Future NewsCisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution VulnerabilityIs This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035)It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2

On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform. This episode is also available on YouTube Show notes U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General AssemblyMI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future NewsOne Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens | dirkjanm.ioGithub npm changesFlights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity DiveMajor European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future NewsWhen “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on | DataBreaches.NetUK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity DiveAlleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future NewsLas Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoopDOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future Newsvx-underground on X: "Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says "Cost of BTC at time was $36M" - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google "Ransomware, November, 2023" - omfg.exe https://t.co/uv2EzbL5HT" | XJLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55% | The Record from Recorded Future NewsJaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity DiveNew plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future NewsAI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks. This week’s episode is also available on Youtube. Show notes Self-Replicating Worm Hits 180+ Software Packages – Krebs on SecurityJaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisisJaguar Land Rover production shutdown could last until NovemberU.S. Investors, Trump Close In on TikTok Deal With China - WSJU.S. Investors, Trump Close In on TikTok Deal With China - WSJHow China’s Propaganda and Surveillance Systems Really Operate | WIREDMythical Beasts: Diving into the depths of the global spyware market - Atlantic CouncilHacker convicted of extorting 20,000 psychotherapy victims walks free during appeal | The Record from Recorded Future NewsUS national charged in Finnish psychotherapy center extortion | The Record from Recorded Future NewsBreachForums administrator given three-year prison stint after resentencing | The Record from Recorded Future NewsMicrosoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national | The Record from Recorded Future NewsSenator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars TechnicaExclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | ReutersIsrael announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch

In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management. With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at attackers on your network. It can also integrate with your EDR platform, and other data sources, to give you powerful visibility into the true state of things on your network and in your cloud. This episode is also available on Youtube. Show notes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint! This episode is also available on Youtube. Show notes Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security ResearchVenezuela's president thinks American spies can't hack Huawei phones | TechCrunch18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on SecuritySoftware packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars TechnicaSalesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity DiveCISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future NewsSAP warns of high-severity vulnerabilities in multiple products - Ars TechnicaThe number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars TechnicaCyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future NewsCyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future NewsBridgestone Americas continues probe as it looks to restore operations | Cybersecurity DiveQantas penalizes executives for July cyberattack | The Record from Recorded Future NewsCyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future NewsGOP Cries Censorship Over Spam Filters That Work – Krebs on SecurityRisky Bulletin: APT report? No, just a phishing test! - Risky Business MediaPost by @patrick.risky.biz — Bluesky

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares: Nebulock Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at. Vali Cyber Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments. Cape The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce. This episode is also available on Youtube Show notes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please! This episode is also available on Youtube. Show notes The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security Salesloft: The Leading AI Revenue Orchestration Platform Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive The impact of the Salesloft Drift breach on Cloudflare and our customers China used three private companies to hack global telecoms, U.S. says CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog The Era of AI-Generated Ransomware Has Arrived | WIRED Between Two Nerds: How threat actors are using AI to run wild - YouTube Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security UK sought broad access to Apple customers’ data, court filing suggests ICE reactivates contract with spyware maker Paragon | TechCrunch WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch Safetrac turned staff laptops into covert recording devices to monitor WFH Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media