Risky Business cover art

Risky Business

Risky Business

By: Risky Business Media
Listen for free

Summary

 Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2026 Politics & Government
Episodes
  • Snake Oilers: Ent AI, Spacewalk and Mondoo

    Snake Oilers: Ent AI, Spacewalk and Mondoo
    May 1 2026

    In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products:

    • Ent AI: Co-founder Brandon Dixon pitched Ent, an intent-aware, AI-powered endpoint security control.

    • Spacewalk AI: Founders Chris Fuller and Tim Wenzlau pitch Spacewalk, an AI-powered incident response platform.

    • Mondoo: Co-founder Dominik Richter pitches Mondoo, an AI-powered “service as software” in the vulnerability management space.

    This episode is also available on YouTube.

    Show notes
      Show More Show Less
      44 mins
    • Risky Business #835 -- Why the Fast16 malware is badass

      Risky Business #835 -- Why the Fast16 malware is badass
      Apr 29 2026
      On this week’s show, Patrick Gray and James Wilson are joined by special guest-host Dmitri Alperovitch. They discuss the week’s cybersecurity news, including: The US government is mad as hell about Chinese firms stealing American AI technologyDmitri has an opinion or two about the US selling Nvidia chips to ChinaSpeaking of Chinese AI, Kimi’s new 2.6 is very interestingThe US sanctions a Cambodian senator for earning mega bucks through scam compoundsAnd a ransomware family is promoting itself as being … quantum-safe? This week’s show is sponsored by Trail of Bits. CEO and co-founder Dan Guido chats to Pat about how private inference works and Trail of Bits’ audit of WhatsApp’s private AI setup. This episode is also available on Youtube. Show notes Exclusive: US State Dept orders global warning about alleged AI thefts by DeepSeek, other Chinese firms | Reutersmoonshotai/Kimi-K2.6 · Hugging FaceDiscord Sleuths Gained Unauthorized Access to Anthropic’s Mythos | WIREDNewly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet | WIREDHackers deployed wiper malware in destructive attacks on Venezuela’s energy sector | The Record from Recorded Future NewsMystery Around Venezuelan Cyberattack Deepens, with New Discovery of "Highly Destructive" WiperRisky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack - Risky Business MediaAI Tools Are Helping Mediocre North Korean Hackers Steal Millions | WIREDCISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March | The Record from Recorded Future NewsUS, UK authorities warn that Firestarter backdoor malware survives patching | Cybersecurity DiveSurveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities | CyberScoopUK regulator closes loophole that allowed rogue companies to track phone users' location | ReutersUS sanctions Cambodian senator for millions earned through scam compounds | The Record from Recorded Future NewsVercel says some of its customers' data was stolen prior to its recent hack | TechCrunchSupply Chain Security Incident UpdateApple fixes bug that cops used to extract deleted chat messages from iPhones | TechCrunchKyle Daigle on X: "Wanted to provide more clarity about this. Yesterday, we had a regression in merge queue behavior where, in some cases, squash or rebase commits were generated from the wrong base state, making earlier changes appear reverted in branch history. 2,804 pull requests out of over 4M" / XSecuring the git push pipeline: Responding to a critical remote code execution vulnerability - The GitHub BlogOne ransomware crew now drives half of all cyber claims: At-Bay | Insurance BusinessIn a first, a ransomware family is confirmed to be quantum-safe - Ars TechnicaWhat we learned about TEE security from auditing WhatsApp's Private Inference
      Show More Show Less
      1 hr and 6 mins
    • Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs

      Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs
      Apr 22 2026
      On this week’s show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week’s cybersecurity news, including: Vercel got owned, and there’s a few infostealer and compromised employee dots to connectMozilla used Mythos to find 271 bugs, which feels like a sign of the bug-pocalypseSpeaking of the bug-pocalypse, is that why NIST is noping out of enriching a bunch of bugs?The NSA is using Mythos even though the government did that whole Anthropic blacklisting thingAnd DDos attacks hit a couple of smaller-player socials This week’s episode is sponsored by Permiso. Ian Ahl chats to Pat about the subtle signals Permiso uses to detect ShinyHunters-style activity in cloud and on-prem environments. This episode is also available on Youtube. Show notes Vercel April 2026 Security incidentVercel breach linked to infostealer infection at Context.aiVercel confirms breach as hackers claim to be selling stolen dataMatt Johansen: “This is not a good look” | XNIST limits vulnerability analysis as CVE backlog swells | Cybersecurity DiveCISA Cyber on XRansomware attack continues to disrupt healthcare in London nearly two years later | The Record from Recorded Future NewsLawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks | CyberScoopIn defeat for Trump, House extends electronic spying program for just 10 days | The Record from Recorded Future NewsCrypto infrastructure company blames $290 million theft on North Korean hackers | The Record from Recorded Future NewsUS-sanctioned currency exchange says $15 million heist done by "unfriendly states" - Ars TechnicaHackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunchMozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox | WIREDNSA using Anthropic's Mythos despite Defense Department blacklistBeyond the breach: inside a cargo theft actor’s post-compromise playbook | Proofpoint USBeware scam messages offering ships safe transit through Hormuz Strait, says security firm | The Straits TimesNew Jersey men given lengthy sentences for running North Korean laptop farms | The Record from Recorded Future NewsTurns Out We’re Not Alone - Volodymyr StyranUS joins nearly two dozen other countries in striking back against DDoS-for-hire platforms | Cybersecurity DiveBluesky blames app outage on ‘sophisticated’ DDoS attack | The Record from Recorded Future NewsMastodon says its flagship server was hit by a DDoS attack | TechCrunchAn IT expert explained under what conditions using a VPN can cause a smartphone to explode
      Show More Show Less
      1 hr and 1 min
    No reviews yet