Risky Business cover art

Risky Business

Risky Business

By: Patrick Gray
Listen for free

LIMITED TIME OFFER | £0.99/mo for the first 3 months

Premium Plus auto-renews at £8.99/mo after 3 months. Terms apply.

About this listen

 Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2026 Politics & Government
Episodes
  • Risky Business #821 -- Wiz researchers could have owned every AWS customer

    Risky Business #821 -- Wiz researchers could have owned every AWS customer
    Jan 21 2026
    In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela’s power grid, or do they just want us to think they coulda?US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them madMS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting downWiz pulls off cloud stunt hack that ends with control of everyone’s AWS consoleMillions of Bluetooth devices that use Google’s Fast Pairing will pair with anyone, any timeGNU inet-tools’ telnetd parties like it’s 2007, and brings -f root unauthed remote login back Thinkst is this week’s sponsor, and long time friend of the show Haroon Meer joins. As always they’re polishing their Canary tokens - adding breadcrumbs to lead you to them - but they’re also a bunch of giant nerds who now run South Africa’s Computer Olympiad. This episode is also available on Youtube. Show notes Cyberattack in Venezuela Demonstrated Precision of U.S. Capabilities - The New York TimesWhy I’m withholding certainty that “precise” US cyber-op disrupted Venezuelan electricity - Ars TechnicaLayered Ambiguity: US Cyber Capabilities in the Raid to Extract Maduro from Venezuela | Royal United Services InstituteFormer CISA Director Jen Easterly Will Lead RSAC Conference | WIREDTrump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO - Nextgov/FCWFederal agencies ordered to patch Microsoft Desktop Windows Manager bug | The Record from Recorded Future NewsWindows 11 shutdown bug forces Microsoft into damage control • The RegisterCodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz BlogCritical flaw in AWS Console risked compromise of build environment | Cybersecurity DiveNever-before-seen Linux malware is “far more advanced than typical” - Ars TechnicaVoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point ResearchHundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking | WIREDCritical flaw in Fortinet FortiSIEM targeted in exploitation threat | Cybersecurity DiveCVE-2025-64155: 3 Years of Remotely Rooting the FortiSIEMA single click mounted a covert, multistage attack against Copilot - Ars TechnicaPolice raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader | The Record from Recorded Future NewsJordanian initial access broker pleads guilty to helping target 50 companies | The Record from Recorded Future NewsSupreme Court hacker posted stolen government data on Instagram | TechCrunchoss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetdHow crypto criminals stole $700 million from people - often using age-old tricksCtrl + Alt + Chaos: How Teenage Hackers Hijack the Internet
    Show More Show Less
    1 hr and 5 mins
  • Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)

    Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)
    Jan 14 2026
    Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including: Santa brings hackers MongoDB memory leaks for ChristmasVercel pays out a million bucks to improve its React2Shell WAF defences39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPGCambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for himKrebs picks apart the Kimwolf botnet and residential proxy networksSo many healthcare data leaks that we have a roundup section This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code! This episode is also available on Youtube. Show notes US, Australia say ‘MongoBleed’ bug being exploited | The Record from Recorded Future NewsMerry Christmas Day! Have a MongoDB security incident. | by Kevin Beaumont | Dec, 2025 | DoublePulsarInside Vercel’s sleep-deprived race to contain React2Shell | CyberScoopgpg.failHacktivist deletes white supremacist websites live onstage during hacker conference | TechCrunchChinese attackers exploiting zero-day to target Cisco email security products | The Record from Recorded Future NewsNi8mare  -  Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research LabsServiceNow patches critical AI platform flaw that could allow user impersonation | CyberScoopAlleged cyber scam kingpin arrested, extradited to China | The Record from Recorded Future NewsFCC IoT labeling program loses lead company after China probe | Cybersecurity DiveTrump picks Lt. Gen. Joshua Rudd to lead NSA spy agency - The Washington PostNSA cyber directorate gets new acting leadership | The Record from Recorded Future NewsDutch court sentences hacker who used port systems to smuggle cocaine to 7 years | The Record from Recorded Future NewsECLI:NL:GHAMS:2026:22, Amsterdam Court of Appeal, 23-003218-22The Kimwolf Botnet is Stalking Your Local Network – Krebs on SecurityWho Benefited from the Aisuru and Kimwolf Botnets? – Krebs on SecurityCoupang recovers smashed laptop that alleged data leaker threw into river | The Record from Recorded Future NewsRansomware responders plead guilty to using ALPHV in attacks on US organizations | The Record from Recorded Future NewsNearly 480,000 impacted by Covenant Health data breach | The Record from Recorded Future NewsIllinois health department exposed over 700,000 residents' personal data for years | TechCrunchTech provider for NHS England confirms data breach | TechCrunchHacker claiming to be behind ManageMyHealth breach: ‘I do it for the money and I’m in negotiations to get it’ - NZ Herald
    Show More Show Less
    59 mins
  • How the World Got Owned Episode 1: The 1980s

    How the World Got Owned Episode 1: The 1980s
    Jan 6 2026

    In this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo’s Egg story.

    This podcast features the memories of:

    • Jon Callas, former principal software engineer at Digital Equipment Corporation
    • Mark Rasch, Morris Worm prosecutor
    • Timothy Winslow, former 414 hacker
    • Greg Chartrand, author of Cracking the Cuckoos Egg and
    • Tony Sager, former NSA

    How the World Got Owned is produced in partnership with SentinelOne.

    Show notes
    • 1988 Federal sentencing guidelines manual
    • Computer Intruder is put on probation and fined $10,000 | The New York Times
    • Computer Intruder is found guilty | The New York Times
    • United States of America, Appellee, v. Robert Tappan Morris, Defendant-appellant, 928 F.2d 504 (2d Cir. 1991)
    • The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage | Clifford Stoll
    • Cracking the Cuckoo’s Egg: The Untold Story of tracking and finding Karl Koch aka Hagbard of the Chaos Computer Club | Greg Chartrand
    • Computer Buffs Tapped NASA Files | The New York Times
    • Young Computer Bandits Byte off More than They Could Chew | The Washington Post
    • ‘Hacker’ is used by Mainstream Media, September 5, 1983 | EDN
    • Neal Patrick to testify before congressional committee
    • Wargames official trailer, 1983
    • CBS News Segment on Robert Morris Computer Hacker
    • The Fall of the Berlin Wall | Sky News
    • I Hacked a Nuclear Facility in the 1980’s. You’re Welcome | CNN
    Show More Show Less
    1 hr and 4 mins
No reviews yet