Risky Business-logo

Risky Business

Technology Podcasts >

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.
More Information

Location:

United States

Description:

The Risky Business podcast has been published weekly since 2007. It covers information/cyber security.

Language:

English


Episodes

Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

9/17/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector. Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a...

Duration:00:56:03

Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

9/10/2019
More
On this week’s show Patrick and Adam discuss the week’s security news, including: This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos. Links to everything that we discussed are...

Duration:00:54:57

Risky Biz Soap Box: MITRE ATT&CK framework is now officially everywhere

9/4/2019
More
The Soap Box podcast series is a fully sponsored podcast series we do here at Risky.Biz, and that means that everyone you hear in it paid to be featured. This edition of the Soap Box podcast is brought to you by AttackIQ and in in it we talk to its CISO and VP of customer success Chris Kennedy. And we’ll be discussing a topic of that frankly should be talked about a bit more: the MITRE ATT&CK framework. We also talk about attack simulation and which security controls are most commonly and...

Duration:00:45:48

Risky Business #554 -- Is there an iOS exploit glut?

9/3/2019
More
Alex Stamos is our news co-host this week. Patrick and Alex discuss all the week’s security news, including: This week’s sponsor interview is with Michelle Price of AustCyber. AustCyber is the organisation here in Australia that aims to build out the Australian cyber security industry and skills base, and Michelle pops in this week to tell us all about the upcoming Australian Cyber Week. Links to everything are below in the show notes. Show notes Project Zero: A very deep dive into iOS...

Duration:00:58:27

Risky Business #553 -- Imperva's cloud WAF gets owned hard

8/27/2019
More
On this week’s show Adam Boileau and Patrick Gray discuss the week’s security news, including: This week’s sponsor guest is Ryan Kalember, EVP of cybersecurity strategy with Proofpoint. Ryan is stopping by this week to touch on a couple of topics. He’ll tell us why Proofpoint didn’t attribute a recent malware campaign targeting US utilities to APT10 despite there being some pretty APT10-like tradecraft used in that particular campaign. He’ll also talk a bit about how thread hijacking is a...

Duration:00:58:30

Risky Biz Soap Box: Casey Ellis on "match.com for hackers"

8/21/2019
More
We used to think of companies like Bugcrowd as offering a very simple service: managed bug bounties. But these days that’s a bit too simplistic. All the “bounty” companies are offering more comprehensive and specific products these days. In this edition of the Soap Box podcast Bugcrowd CTO Casey Ellis joins the show to talk through what the future looks like in crowdsourced security. Matching individual hackers’ skills to individual gigs and launching new services like Bugcrowd for...

Duration:00:37:18

Risky Business #552 -- Guest host Alex Stamos on all the week's security news

8/20/2019
More
In this week’s show Patrick Gray and Alex Stamos discuss all the week’s news, including: Haroon Meer of Thinkst Canary is this week’s sponsor guest. We spoke to Haroon while he was in the USA, just before he was about to deliver a talk to USENIX all about “embracing hackiness”. Haroon thinks “hackiness” is a huge advantage for red teams, but that doesn’t mean blue teams can’t use the same hacky approaches to defence. It’s a typically great chat with Haroon. Links to everything discussed are...

Duration:00:56:06

Feature Podcast: Inaction is escalatory

8/14/2019
More
This podcast is brought to you by the William and Flora Hewlett Foundation, and it’s the second in a series of podcasts we’re doing that are all about cyber policy. The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea behind this podcast series is pretty simple: we talk to Hewlett’s grant recipients, or experts in Hewlett’s network, about pressing policy issues and turn those conversations into podcasts. The whole idea is to get some policy...

Duration:00:31:33

Risky Business #551 -- Post Vegas edition, more news than we can handle

8/13/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s sponsor interview is with Jake King of CMD. CMD has developed a control layer for Linux systems that restricts account actions, not just by traditional permissions. Jake will be along this week to talk a little bit about EDR on Linux. He saw a nice talk from some IBM X-Forcers at Black Hat about Linux EDR bypasses and that led to a conversation about Linux EDR generally. It’s interesting stuff Links...

Duration:01:12:45

Risky Business #550 -- CapitalOne owned, Hutchins sentenced, VxWorks horror-show and more!

7/30/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: Wolfgang Goerlich is this week’s sponsor guest. He’s an advisory CISO with Duo Security and will be along after this week’s news segment to walk us through Duo’s Trusted Access Report. They’ve got some interesting telemetry to share with us. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Capital One Data Theft Impacts 106M People...

Duration:00:57:39

Risky Business #549 -- FSB contractor breached, Equifax fined, NSO Group targets cloud

7/23/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s sponsor interview is with Casey Ellis of Bugcrowd. We’ll talk about how organisations are increasingly doing bug bounties on technology they use, not just technology they develop. And then we’ll be talking about a new thing Bugcrowd is doing – Bugcrowd for marketplaces. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show...

Duration:01:03:36

Risky Biz Soap Box: Ryan Kalember of Proofpoint on "Very Attacked People"

7/17/2019
More
Soap Box isn’t the regular, weekly show we do at Risky.Biz, if you’re looking for that, just scroll one podcast back in your feed or on the Risky Business website. Soap Box is a fully sponsored podcast series we do where vendors pay to come on and talk about research they’ve done, products they’ve launched, whatever. This edition of Soap Box is a particularly good one. Ryan Kalember is EVP of cybersecurity strategy at Proofpoint and he’s our guest in this edition. Ryan was on the show a...

Duration:00:37:44

Risky Business #548 -- Zoom RCE details and all the week's news

7/16/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: Assetnote’s Shubham Shah also joins the news segment to dish on the Zoom RCE bug he and his team found back in March. This week’s sponsor is Kasada, an Australian company that runs a bot filtering service. Kasada is a relatively new company but they’re kicking some pretty serious goals here in Australia and are now pushing into other markets like the USA. But instead of supplying us with one of their people,...

Duration:01:04:26

Risky Business #547 -- Zoom-gate, massive GDPR fines, ship hack warnings and more

7/9/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s show is brought to you by our lovely friends at Signal Sciences. I guess you’d call them a next generation WAF. Signal Sciences co-founder and CTO Zane Lackey will be along in this week’s sponsor interview to plug their new cloud-based WAF product, and also to have a chat about a trend he’s seeing at non-security conferences – more high quality security content. Links to everything that we discussed...

Duration:01:00:42

Risky Biz Soap Box: Cylance talks Persona

7/3/2019
More
As regular listeners know, this isn’t the weekly Risky Biz news and current affairs show, if you want that, scroll back in the podcast feed to the previous podcast. This is a Soap Box edition, a solely sponsored podcast series we do here at Risky Biz where vendors pay us to come on to the show to talk about, well, whatever they want, really. We’ve heard Duo Security talking about WebAuthn, we’ve got one with Proofpoint coming up that’s about insights they’ve gleaned from filtering such...

Duration:00:27:51

Risky Business #546 -- The fifth domain sees some action

7/2/2019
More
Adam Boileau is along this week to discuss the week’s security news. We cover: This week’s edition of Risky Business is brought to you by Senetas. They make layer 2 encryption tech, but they’ve also got a content disarm and reconstruction play now, Votiro, as well as their safe file sharing platform SureDrop. But we’re sticking with encryption in this week’s sponsor interview. Senetas CTO Julian Fay will be along a bit later to talk about his trip to the International Crypto Module...

Duration:00:58:32

Feature podcast: An interview with Jim Baker, former general counsel, FBI

6/14/2019
More
This is the first edition of a new series of podcasts we’re doing here at Risky.Biz that will focus on cyber policy issues. The Hewlett Foundation approached us a while back to see if we’d be interested in doing this series we jumped at the opportunity. The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea is pretty simple: we can talk to some of Hewlett’s grant recipients or experts in its network about pressing policy issues and turn those...

Duration:00:45:50

Risky Business #545 -- US Government loses control of customs mugshot database

6/11/2019
More
On this week’s show Adam Boileau and Patrick Gray discuss the week’s news, including: This week’s show is brought to you by Remediant! Remediant CEO Tim Keeler will be along this week to have a chinwag. We’ll talk about how simple security tech is really en vogue these days and how that’s a good thing. Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes CBP says hackers stole license plate and travelers' photos | ZDNetHackers...

Duration:01:05:46

Risky Business #544 -- NYTimes Baltimore report falls over

6/4/2019
More
On this week’s show Patrick and Adam talk through all the week’s security news, including: This week’s sponsor interview is with Marco Slaviero of Thinkst Canary. Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer. Show notes Ruppersberger:...

Duration:01:00:25

Risky Business #543 -- NYTimes blames NSA for Baltimore hacks, Assange faces espionage charges

5/28/2019
More
Adam Boileau couldn’t make it this week, but that’s ok because we’ve got former Facebook CSO and current Stanford adjunct professor Alex Stamos filling in for him in today’s show. He’ll be talking through all the week’s security news, including: This week’s sponsor interview with David Warburton of F5 Networks. You know F5 as a blinky-light box manufacturer. Load balancers, SSL termination, that sort of stuff. Not exactly a growth industry at the moment, so they’re pivoting. They’ve...

Duration:01:07:59