On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
All content for Risky Business is the property of Patrick Gray and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
Risky Business #783 -- Evil webcam ransomwares entire Windows network
Risky Business
1 hour 3 minutes
2 months ago
Risky Business #783 -- Evil webcam ransomwares entire Windows network
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA.
They talk through:
A realistic bluetooth-proximity phishing attack against Passkeys
A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor
The ESP32 backdoor that is neither a door nor at the back
The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists
Years later, LastPass hackers are still emptying crypto-wallets
…and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice!
Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline.
This week’s episode is sponsored by SpecterOps, makers of the Bloodhound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using Bloodhound’s insight.
This episode is also available on Youtube.
Risky Business
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
Cyber firms agree to deconflict and cross-reference hacker group names
Russian nuclear facility blueprints gathered from public procurement websites
Someone audio deepfaked the White House Chief of Staff, but for the dumbest reasons
Germany identifies the Trickbot kingpin
Google spots China’s MSS using Calendar events for malware C2
Meta apps abuse localhost listeners to track web sessions.
This week’s episode is sponsored by automation vendor Tines. Its Field CISO, Matt Muller, joins the show to discuss an open letter penned by JP Morgan Chase’s CISO that pleads with Software as a Service suppliers to try to suck less at security.
This episode is also available on Youtube.
