Risky Business-logo

Risky Business

Technology Podcasts >

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.
More Information

Location:

United States

Description:

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.

Language:

English


Episodes

Snake Oilers 10 part 2: Do too many users have VPN access to your prod environment? There's another way!

10/8/2019
More
In this edition of Snake Oilers Patrick speaks to: StrongDM makes a protocol proxy that you can use to provision production services (like Kubernetes and SQL access) to users without them requiring full VPN access to prod. This is very cool stuff, if you manage a large prod environment that’s suffering from VPN sprawl you’ll want to check this one out. Nicholas is the senior technical product manager for InsightIDR. InsightIDR is a SIEM/EDR play that integrates a bunch of stuff. These days...

Duration:00:40:37

Risky Biz Soap Box: Yubico's Jerrod Chong talks series 5 Yubikeys and what's next

10/2/2019
More
These Soap Box podcasts are a wholly sponsored series of podcasts we do here at Risky.Biz, so everyone you hear on the Soap Box podcast paid to be here. But that’s ok, because we’ve got some great sponsors. This podcast is brought to you by Yubico, makes of the Yubikey devices. These podcasts with Yubico have basically turned into an annual thing. Jerrod Chong is the Chief Solutions Officer at Yubico and he joined me for this conversation about what’s new in Yubico-land. They’ve launched...

Duration:00:38:59

Risky Business #558 -- Trump targets Crowdstrike, Apple jailbreakers rejoice

10/1/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: In this week’s sponsor interview we chat with Mr Sandbox himself, VMRay’s Carsten Willems. He’s along to talk about VMRay’s involvement in a machine-learning bypass competition that happened at DEFCON earlier this year. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Unfixable iOS Device Exploit Is the Latest Apple Security...

Duration:01:06:53

Snake Oilers 10 part 1: Richard Bejtlich talks Zeek plus pitches from Respond Software and PATH Networks

9/25/2019
More
In this edition of the Snake Oilers podcast host Patrick Gray speaks to: Richard talks about Zeek, formerly Bro, and how enterprises can use it to capture useful network information for analysis, forensics and detection purposes. Richard is an industry luminary and it’s a great interview. Marshal explains how new technology like eBPF and XDP mean it’s possible to build DDoS mitigation rigs out of commodity hardware. That means DDoS mitigation is about to get a whole lot cheaper, and PATH...

Duration:00:55:35

Risky Business #557 -- 26 nations release cyber norms statement at UN

9/24/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: In this week’s sponsor interview we talk to Cody Wood of Signal Sciences about http request smuggling. What it is and why it’s a nightmare to fix. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Androids And iPhones Hacked With Just One WhatsApp Click — And Tibetans Are Under AssaultFootage shows hundreds of blindfolded and...

Duration:00:55:13

Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

9/17/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector. Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a...

Duration:00:56:03

Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

9/10/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos. Links to everything that we discussed are...

Duration:00:54:57

Risky Biz Soap Box: MITRE ATT&CK framework is now officially everywhere

9/4/2019
More
The Soap Box podcast series is a fully sponsored podcast series we do here at Risky.Biz, and that means that everyone you hear in it paid to be featured. This edition of the Soap Box podcast is brought to you by AttackIQ and in in it we talk to its CISO and VP of customer success Chris Kennedy. And we’ll be discussing a topic of that frankly should be talked about a bit more: the MITRE ATT&CK framework. We also talk about attack simulation and which security controls are most commonly and...

Duration:00:45:48

Risky Business #554 -- Is there an iOS exploit glut?

9/3/2019
More
Alex Stamos is our news co-host this week. Patrick and Alex discuss all the week’s security news, including: This week’s sponsor interview is with Michelle Price of AustCyber. AustCyber is the organisation here in Australia that aims to build out the Australian cyber security industry and skills base, and Michelle pops in this week to tell us all about the upcoming Australian Cyber Week. Links to everything are below in the show notes. Show notes Project Zero: A very deep dive into iOS...

Duration:00:58:27

Risky Business #553 -- Imperva's cloud WAF gets owned hard

8/27/2019
More
On this week’s show Adam Boileau and Patrick Gray discuss the week’s security news, including: This week’s sponsor guest is Ryan Kalember, EVP of cybersecurity strategy with Proofpoint. Ryan is stopping by this week to touch on a couple of topics. He’ll tell us why Proofpoint didn’t attribute a recent malware campaign targeting US utilities to APT10 despite there being some pretty APT10-like tradecraft used in that particular campaign. He’ll also talk a bit about how thread hijacking is a...

Duration:00:58:30

Risky Biz Soap Box: Casey Ellis on "match.com for hackers"

8/21/2019
More
We used to think of companies like Bugcrowd as offering a very simple service: managed bug bounties. But these days that’s a bit too simplistic. All the “bounty” companies are offering more comprehensive and specific products these days. In this edition of the Soap Box podcast Bugcrowd CTO Casey Ellis joins the show to talk through what the future looks like in crowdsourced security. Matching individual hackers’ skills to individual gigs and launching new services like Bugcrowd for...

Duration:00:37:18

Risky Business #552 -- Guest host Alex Stamos on all the week's security news

8/20/2019
More
In this week’s show Patrick Gray and Alex Stamos discuss all the week’s news, including: Haroon Meer of Thinkst Canary is this week’s sponsor guest. We spoke to Haroon while he was in the USA, just before he was about to deliver a talk to USENIX all about “embracing hackiness”. Haroon thinks “hackiness” is a huge advantage for red teams, but that doesn’t mean blue teams can’t use the same hacky approaches to defence. It’s a typically great chat with Haroon. Links to everything discussed are...

Duration:00:56:06

Feature Podcast: Inaction is escalatory

8/14/2019
More
This podcast is brought to you by the William and Flora Hewlett Foundation, and it’s the second in a series of podcasts we’re doing that are all about cyber policy. The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea behind this podcast series is pretty simple: we talk to Hewlett’s grant recipients, or experts in Hewlett’s network, about pressing policy issues and turn those conversations into podcasts. The whole idea is to get some policy...

Duration:00:31:33

Risky Business #551 -- Post Vegas edition, more news than we can handle

8/13/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s sponsor interview is with Jake King of CMD. CMD has developed a control layer for Linux systems that restricts account actions, not just by traditional permissions. Jake will be along this week to talk a little bit about EDR on Linux. He saw a nice talk from some IBM X-Forcers at Black Hat about Linux EDR bypasses and that led to a conversation about Linux EDR generally. It’s interesting stuff Links...

Duration:01:12:45

Risky Business #550 -- CapitalOne owned, Hutchins sentenced, VxWorks horror-show and more!

7/30/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: Wolfgang Goerlich is this week’s sponsor guest. He’s an advisory CISO with Duo Security and will be along after this week’s news segment to walk us through Duo’s Trusted Access Report. They’ve got some interesting telemetry to share with us. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Capital One Data Theft Impacts 106M People...

Duration:00:57:39

Risky Business #549 -- FSB contractor breached, Equifax fined, NSO Group targets cloud

7/23/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s sponsor interview is with Casey Ellis of Bugcrowd. We’ll talk about how organisations are increasingly doing bug bounties on technology they use, not just technology they develop. And then we’ll be talking about a new thing Bugcrowd is doing – Bugcrowd for marketplaces. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show...

Duration:01:03:36

Risky Biz Soap Box: Ryan Kalember of Proofpoint on "Very Attacked People"

7/17/2019
More
Soap Box isn’t the regular, weekly show we do at Risky.Biz, if you’re looking for that, just scroll one podcast back in your feed or on the Risky Business website. Soap Box is a fully sponsored podcast series we do where vendors pay to come on and talk about research they’ve done, products they’ve launched, whatever. This edition of Soap Box is a particularly good one. Ryan Kalember is EVP of cybersecurity strategy at Proofpoint and he’s our guest in this edition. Ryan was on the show a...

Duration:00:37:44

Risky Business #548 -- Zoom RCE details and all the week's news

7/16/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: Assetnote’s Shubham Shah also joins the news segment to dish on the Zoom RCE bug he and his team found back in March. This week’s sponsor is Kasada, an Australian company that runs a bot filtering service. Kasada is a relatively new company but they’re kicking some pretty serious goals here in Australia and are now pushing into other markets like the USA. But instead of supplying us with one of their people,...

Duration:01:04:26

Risky Business #547 -- Zoom-gate, massive GDPR fines, ship hack warnings and more

7/9/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s show is brought to you by our lovely friends at Signal Sciences. I guess you’d call them a next generation WAF. Signal Sciences co-founder and CTO Zane Lackey will be along in this week’s sponsor interview to plug their new cloud-based WAF product, and also to have a chat about a trend he’s seeing at non-security conferences – more high quality security content. Links to everything that we discussed...

Duration:01:00:42

Risky Biz Soap Box: Cylance talks Persona

7/3/2019
More
As regular listeners know, this isn’t the weekly Risky Biz news and current affairs show, if you want that, scroll back in the podcast feed to the previous podcast. This is a Soap Box edition, a solely sponsored podcast series we do here at Risky Biz where vendors pay us to come on to the show to talk about, well, whatever they want, really. We’ve heard Duo Security talking about WebAuthn, we’ve got one with Proofpoint coming up that’s about insights they’ve gleaned from filtering such...

Duration:00:27:51