On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador
Hackers sabotage Iranian shipping satcoms
APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
The Com’s King Bob gets ten years in the slammer
It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.
All content for Risky Business is the property of Patrick Gray and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador
Hackers sabotage Iranian shipping satcoms
APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
The Com’s King Bob gets ten years in the slammer
It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.
Risky Biz Soap Box: Push Security's browser-first twist on identity security
Risky Business
34 minutes
3 months ago
Risky Biz Soap Box: Push Security's browser-first twist on identity security
In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security.
Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up.
It’s extremely difficult to bypass. That’s because when you’re in the browser it doesn’t matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it.
There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it’s enrolled into your SSO, are you sure that’s how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable?
This is a fun one!
This episode is also available on Youtube.
Risky Business
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australia expels Iranian ambassador
Hackers sabotage Iranian shipping satcoms
APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK?
Trail of Bits uses image-downscaling to sneak prompts into Google Gemini
The Com’s King Bob gets ten years in the slammer
It’s a day that ends in -y, so of course there’s a new Citrix Netscaler RCE being used in the wild.
This week’s episode is brought to you by Corelight. Chief Strategy Officer Greg Bell talks through how they’ve been implementing AI for sifting through your network data. A model-context-protocol server that can rummage in all those packet logs for you while you keep investigating? Yes please.
This episode is also available on Youtube.
