In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
All content for Risky Business is the property of Patrick Gray and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
Risky Business #801 -- AI models can hack well now and it's weirding us out
Risky Business
1 hour 6 minutes
2 months ago
Risky Business #801 -- AI models can hack well now and it's weirding us out
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.
This episode explores the rise of AI-powered bug hunting:
Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects
The XBOW AI bug hunting platform sees success on HackerOne
Is an AI James Kettle on the horizon?
There’s also plenty of regular cybersecurity news to discuss:
On-prem Sharepoint’s codebase is maintained out of China… awkward!
China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?
SonicWall advises customers to turn off their VPNs
Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs
Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.
The Russian government pushes VK’s Max messenger for everything
This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.
This episode is also available on Youtube.
Risky Business
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
