On this week’s show special guest co-host Chris Wade, the founder of Corellium turned Cellebrite CTO, joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news.
They cover:
Microsoft has repos owned, GitHub tokens popped, and a new 0day dropped on them
Meanwhile, researcher…
In this wholly sponsored Soap Box edition of the podcast Patrick Gray chats with Damien Lewke, the CEO and founder of Nebulock, about the future of threat hunting and detection.
Damien spent a decade in the EDR and MDR space before founding Nebulock in 2024. It started off as an AI-powered threat h…
On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news.
They cover:
Mini Shai-Hulud and the TanStack compromise using Github Actions
Instructure pays Canvas elearning platform data extortionists
More Linux privilege escalation 0days!
CISA hel…
On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Everyone has an opinion about Claude Mythos… even though almost nobody has used it yet
CISA adds a 2009 Excel bug to the KEV list, u wot?
Adobe also parties like it’s the 2000s…
On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news.
They cover:
GitHub announced a possible breach
CISA leaks important creds, keys in public repo
Awful vulnerability in Bitlocker renders it useless without a PIN
So. Many. Patches.
Poli…
On this week’s show special guest co-host Andy Boyd joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Andy is the CEO of REDLattice, which makes the Paragon “intelligence collection and reconnaissance” solution.
They cover:
Adversaries are tracking US troop locations…
In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Edward Wu, founder of Dropzone, about what AI is doing to detection, response and the SOC more generally.
Dropzone makes AI agents that conduct alert investigations in your SOC, but will the SOC as we know it e…
On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Anthropic’s new Mythos model hunts bugs and chains exploits together so well that… you cant have it…
…Unless you’re one of their Project Glasswing partners
The world isn’t shor…
In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products:
Burp AI and DAST: The founder of PortSwigger and creator of legendary security software Burp Suite, Dafydd Stuttard, drops by to pitch listeners on Burp AI and Burp Suite DAST.
…
On this week’s show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week’s cybersecurity news, including:
The US Government says we just have to patch faster, but…
Bugs in cPanel, MoveIt and all Linux distributions this week show that patching al…
On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail
Distillation, cheap tokens, and AI chat harvesting is an industry in China
Edge becomes a lolbin v…
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They discuss:
La France is tres sérieux about ditching US productivity software
China’s Salt Typhoon was snooping on Downing Street
Trump wields the mighty DISCOMBOBULATOR
ESET says the Polish power gr…
Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week’s cybersecurity news, including:
Notepad++ update supply chain attack has been attributed to China
The AI agent future is even more stupid than expected; behold the …
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Microsoft reshuffles security leadership. It doesn’t spark joy.
Russia is hacking the Winter Olympics. Again. But y tho?
China-linked groups are keeping busy, hacking telcos in Norway, Singapo…
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:
Palo Alto threat researchers want to attribute to China, but management says shush
An increasing proportion of ransomware is data extortion. Is this good?
Cambodia says it’s go…
There’s a lethal trifecta of AI risks: access to private data, exposure to untrusted content, and external communication. In this conversation, Risky Business host Patrick Gray chats with Josh Devon, the co-founder of Sondera, about how to best address these risks.
There is no magic solution to thi…
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:
Low skill actors compromise 600 Fortinets with AI-generated playbooks
Anthropic calls out Chinese AI firms over model distillation
Meta’s director of AI safety tells her ClawdB…
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:
The US-Israeli attack on Iran had a whole lot of cyber. It’s clearly in the playbook now!
The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being u…
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:
The Coruna exploits were L3 Harris, but it seems Triangulation… was not!
Iran’s cyber HQ hit by Israeli (kinetic) strikes
Trump’s cyber “strategy” is … well, all we’ve got is j…
In this Soap Box edition of the Risky Business podcast Patrick Gray sits down with Airlock Digital co-founders Daniel Schell and David Cottingham to talk about the role AI models could play in managing enterprise allowlists.
They also talk about the durability of allowlisting as a control. After 12…
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:
Iran’s Intune-based wiper attack on medical device maker Stryker
Qihoo 360’s AI publishes its own wildcard TLS cert private key
Instagram is canning its end-to-end encrypted …
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They talk through:
TeamPCP’s supply chain attack on Github, and they threw in an anti-Iran wiper, because why not?!
Anthropic hooks up its models to just… use your whole computer
After Str…
In this sponsored Soap Box edition of the show, Patrick Gray and James Wilson talk about red teaming AI systems with Russel Van Tuyl, Vice President of Services at elite penetration testing firm SpecterOps.
SpecterOps is the company behind attack path enumeration tool Bloodhound and Bloodhound Ente…
On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package
TeamPCP appear to have ransacked Cisco’s source and cloud environments
AI is getting legitima…
In this special documentary episode, Patrick Gray and Amberleigh Jack take a look back at hacking throughout the 1990s, from the feel-good vibes of the early hacking communities to the antics of young hackers who wound up on the run from the FBI.
Part one features recollections from:
Jeff Moss …
On this week’s show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations…
On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
TeamPCP breached GitHub’s internal repos. Now what?
Some absolute plonker glued Coruna to a hijacked npm package
CISA is worried about about open source and wants third party su…
On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Anthropic’s Fable 5 and Mythos 5 get nuked by the US government four days after launch “because security”
Why “guardrails” won’t keep the world safe from your AI doomsday machine
…
On this week’s show, Patrick Gray and James Wilson are joined by special guest-host Dmitri Alperovitch. They discuss the week’s cybersecurity news, including:
The US government is mad as hell about Chinese firms stealing American AI technology
Dmitri has an opinion or two about the US selling …
In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products:
Ent AI: Co-founder Brandon Dixon pitched Ent, an intent-aware, AI-powered endpoint security control.
Spacewalk AI: Founders Chris Fuller and Tim Wenzlau pitch Spacewalk, an A…
On this week’s show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week’s cybersecurity news, including:
Vercel got owned, and there’s a few infostealer and compromised employee dots to connect
Mozilla used Mythos to find 271 bugs, which feels like a sig…
In this sponsored soap box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, the founder of Prowler.
Prowler started off as a bunch of scripts in a trenchcoat, then became an open source cloud security tool, and it’s now a venture-funded cloud security business. In th…