Risky Business News

Follow Risky Business News
Share on
Copy link to clipboard

Regular cybersecurity news updates from the Risky Business team...

risky.biz


    • Aug 4, 2025 LATEST EPISODE
    • weekdays NEW EPISODES
    • 13m AVG DURATION
    • 741 EPISODES


    Search for episodes from Risky Business News with a specific topic:

    Latest episodes from Risky Business News

    Risky Bulletin: China with the accusations again

    Play Episode Listen Later Aug 4, 2025 6:35


    China accuses the US of new cyberattacks, a $14.5b crypto hack discovered five years later, the US National Cyber Director is named, and Lovense considers legal action over a security flaw disclosure. Show notes Risky Bulletin: China with the accusations again

    Sponsored: Tines shines at solving interesting problems

    Play Episode Listen Later Aug 3, 2025 12:40


    In this week's sponsor interview, Tines' Field CISO, Matt Muller, chats to Casey Ellis about the interesting and out-of-the-box ways they've seen people using the platform. Tines is a platform designed to automate repetitive tasks for IT and security teams. And, as it turns out, it can be used to … gamify shift handover? Show notes

    Risky Bulletin: Russia spies on local embassies via ISPs

    Play Episode Listen Later Aug 1, 2025 8:05


    Russia spies on local embassies via ISPs, a Canadian man jailed for stealing Internet Apes, Signal threatens to leave Australia, and Russian pharmacies go down after a cyberattack. Show notes Risky Bulletin: Russia spies on foreign embassies using local ISPs

    Srsly Risky Biz: The West's tepid China deterrence is not working

    Play Episode Listen Later Jul 31, 2025 17:07


    Tom Uren and Amberleigh Jack talk about how recent SharePoint exploitation is a blow-by-blow repeat of the 2021 Microsoft Exchange mass compromise event. The international response to that clearly didn't deter Chinese hackers, so it is time to try something different. They also talk about recent cases where outsourcing IT services has come with increased risk. Convenient, cheap, secure, pick any two. This episode is also available on Youtube. Show notes

    Risky Bulletin: Russia's Aeroflot cancels flights after hack

    Play Episode Listen Later Jul 30, 2025 6:37


    Russia's national airline cancels more than 100 flights following a cyberattack, the FBI seizes $2.4 million from the Chaos ransomware, Kazakhstan arrests a ransomware suspect, and Kyrgyzstan nationalizes internet access. Show notes Risky Bulletin: US seizes Chaos ransomware funds

    Risky Bulletin: Microsoft investigates MAPP leak

    Play Episode Listen Later Jul 27, 2025 5:23


    Microsoft investigates a MAPP leak as the source of the SharePoint zero-day, US law enforcement takes down the BlackSuit ransomware portal, an Arizona woman is imprisoned for running a North Korean laptop farm, and Allianz life insurance suffers a security breach. Show notes

    Sponsored: Nucleus Security on the evolution of vulnerability management

    Play Episode Listen Later Jul 27, 2025 19:14


    In this sponsored interview, Nucleus Security co-founder and COO, Scott Kuffer joins Casey Ellis to chat about how vulnerability management evolved into quite a lot more than just patch prioritization. Show notes

    Risky Bulletin: Microsoft rolls out linkable token identifiers to help IR teams

    Play Episode Listen Later Jul 25, 2025 7:02


    Microsoft rolls out better logging for incident responders, the SharePoint hacking spree hits major US agencies, Ukraine arrests the admin of a well-known hacking forum, and China launches a national Digital ID system. Show notes

    Risky Bulletin: Three Chinese APTs are behind the SharePoint zero-day attacks

    Play Episode Listen Later Jul 22, 2025 5:41


    Three Chinese APTs are behind the recent SharePoint zero-day attacks, the UK wants to ban the public sector from paying ransoms, Russia takes down a malware operation, and South Korea charges airline employees over selling celebrity data. Show notes

    Between Two Nerds: How China's cyber militia make sense

    Play Episode Listen Later Jul 21, 2025 33:20


    In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether China's ‘cyber militia' make sense and what they could be good for. This episode is also available on Youtube. Show notes Mobilizing Cyber Power: The Growing Role of Cyber Militias in China's Network Warfare Force Structure

    Risky Bulletin: Iranian security firm behind airline hacking spree

    Play Episode Listen Later Jul 21, 2025 6:07


    An Iranian security firm is behind an airline hacking spree, Chinese hackers breach Singapore's critical infrastructure, new SharePoint and CrushFTP zero-days are being used in the wild, and Japan releases free ransomware decrypters. Show notes

    Sponsored: Haroon Meer's secret to business success is… love

    Play Episode Listen Later Jul 20, 2025 20:53


    In this Risky Business sponsored interview, Thinkst Canary CEO Haroon Meer chats to Casey Ellis about the company's impressive growth over the past decade, and how it approached that path a little differently to other firms. Haroon's advice for young startup founders: Is your problem worth solving? And can you actually solve it? And… Love your customers. Show notes

    Risky Bulletin: New phishing technique bypasses FIDO keys

    Play Episode Listen Later Jul 18, 2025 8:03


    Hackers bypass FIDO keys with a new phishing technique, a mobile surveillance vendor deploys an SS7 exploit, ransomware hits South Korea's largest insurance provider, and law enforcement agencies dismantle a pro-Kremlin DDoS group. Show notes

    Srsly Risky Biz: Spain leaves key under mat for Huawei

    Play Episode Listen Later Jul 17, 2025 21:23


    Tom Uren and Amberleigh Jack talk about Huawei's contract to manage storage for Spain's lawful intercept system. News broke this week that Spain had signed a €12 million contract, but it turns out Huawei has been involved in the system since 2004! They also discuss arrests in the UK of four individuals associated with Scattered Spider. The criminal resumés of two of the suspects support the idea that there are key individuals with outsize impact. But they also reinforce that the online communities they are involved in act as training grounds for cyber criminals. Arrests will slow hacks, not stop them. This episode is also available on Youtube. Show notes

    Risky Bulletin: China breaches US National Guard

    Play Episode Listen Later Jul 16, 2025 7:08


    Salt Typhoon breaches a US state's National Guard, Ukrainian hackers wipe the servers of a Russian drone maker, the UK relocates Afghans caught up in a data leak, and Microsoft outsources some US government work to China. Show notes

    Between Two Nerds: Is US cyber espionage too careful?

    Play Episode Listen Later Jul 14, 2025 31:30


    In this edition of Between Two Nerds Tom Uren and The Grugq examine whether US cyber operations are too stealthy. Could they get more bang for the buck if they adopted a devil may care attitude to getting busted? This episode is also available on Youtube. Show notes Should US spies steal Chinese commercial secrets?

    Risky Bulletin: Radio equipment vulnerability can bring trains to sudden stops

    Play Episode Listen Later Jul 14, 2025 7:12


    A radio equipment vulnerability can bring trains to sudden stops, researchers prevent a Lazarus crypto attack, Spain hands Huawei control over its phone wiretapping system, and CISA warns of ongoing CitrixBleed 2 attacks. Show notes

    Sponsored: Should we ever trust AI?

    Play Episode Listen Later Jul 13, 2025 14:19


    In this Risky Business sponsored interview, Zero Networks Field CTO, Chris Boehm discusses the everyone-gets-an-AI future with Casey Ellis. Zero Networks makes network microsegmentation achievable without simply handing an AI control of the network. Will generative artificial intelligence ever be trusted to make hard access control decisions? Show notes

    Risky Bulletin: Two billion eSIMs receive crucial security patch

    Play Episode Listen Later Jul 11, 2025 8:20


    Two billion eSIMs receive crucial security patches, China's cyber militias go on the offensive, four Scattered Spider members detained over UK retail attacks, and a Russian basketball player is arrested in a ransomware case. Show notes

    Srsly Risky Biz: Four key players drive Scattered Spider

    Play Episode Listen Later Jul 10, 2025 17:07


    Tom Uren and Amberleigh Jack talk about our developing understanding of the group that people call Scattered Spider. Independent security firms agree that there are a small number of key people that are driving the group's outrageous success. That gives us hope that targeted action might stem the bleeding. They also talk about data leaks from China's cyber espionage ecosystem that are for sale on a data leak site. These look to contain actionable information from a counterintelligence point of view. And Tom wonders if a market for espionage-as-a-service will develop? This episode is also available on Youtube. Show notes

    Risky Bulletin: Chinese APT member arrested in Italy

    Play Episode Listen Later Jul 9, 2025 7:20


    Italy arrests a Chinese APT hacker, a Russian drone software group gets wiped, the SatanLock ransomware operation shuts down, and browser extensions power a web scraping botnet. Show notes

    Between Two Nerds: The opportunity in Asia

    Play Episode Listen Later Jul 7, 2025 32:13


    In this edition of Between Two Nerds Tom Uren and The Grugq talk about how there is an opportunity for the US to expand its 0day and talent acquisition pool to Asia. They revisit a paper comparing the Chinese and American 0day acquisition strategies and have some quibbles. This episode is also available on Youtube. Show notes Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace

    Risky Bulletin: Chinese researchers claim to find new North American APT

    Play Episode Listen Later Jul 7, 2025 5:08


    Chinese security researchers claim to have found a new American APT, the SEC and SolarWinds are seeking a settlement, a company insider was behind Brazil's bank hack, and Luis Vuitton discloses a security breach. Show notes

    Sponsored: Making Zero Trust work with non-critical, crappy applications

    Play Episode Listen Later Jul 6, 2025 11:39


    In this sponsored interview, Patrick Gray chats with the CEO of Knocknoc, Adam Pointon. They talk about the woeful state of internal enterprise networks and how many control system networks aren't appropriately segmented. Adam also explains why Knocknoc released a very simple identity aware proxy: For too long the Zero Trust “industry” has focussed on securing access to critical applications, while everything else is left behind to get owned. This is Zero Trust for crappy apps! Zero Trust for the rest of us! Show notes

    Risky Bulletin: Hunters International ransomware shuts down, releases decryption keys

    Play Episode Listen Later Jul 4, 2025 7:21


    A ransomware operation shuts down and releases free decryption keys, the FBI investigates a ransomware negotiator for taking kickbacks, Spain arrests two over government hacks, and hackers steal $185 million from Brazilian financial institutions. Show notes

    Srsly Risky Biz: Why Iran is a scaredy cat cyber chicken

    Play Episode Listen Later Jul 3, 2025 17:27


    Tom Uren and Patrick Gray discuss warnings about Iranian cyber attacks on US critical infrastructure. Despite many many warnings, there have been no actual attacks and they discuss the reasons why Iran would want to avoid escalatory cyber attacks. They also talk about how the FBI is struggling to deal with the democratisation of surveillance and data analysis, what the agency calls Ubiquitous Technical Surveillance (UTS). A Department of Justice audit of the FBI's response finds the threat from UTS is real and that sources have been murdered. But it seems that the FBI just doesn't care. This episode is also available on Youtube. Show notes

    Risky Bulletin: The US sanctions another Russian bulletproof hosting provider

    Play Episode Listen Later Jul 2, 2025 6:39


    The US sanctions another Russian bulletproof hosting provider, the International Criminal Court discloses a security breach, the US dismantles 29 North Korean laptop farms, and a Chinese student gets jailed in the UK for SMS blasting. Show notes

    Between Two Nerds: Microsoft embraces digital sovereignty

    Play Episode Listen Later Jun 30, 2025 22:13


    In this edition of Between Two Nerds Tom Uren and The Grugq talk about how Microsoft has embraced digital sovereignty and is bending over backwards to satisfy European tech supply chain concerns. This episode is also available on Youtube. Show notes The New York Times on the ICC Microsoft's 30 April Brad Smith post Microsoft's 4 June Brad Smith post

    Risky Bulletin: Scattered Spider targets the aviation sector

    Play Episode Listen Later Jun 30, 2025 8:31


    The Scattered Spider group targets the aviation sector, Russia throttles traffic from Cloudflare, a Mexican cartel hired hackers to track an FBI official, and Canada tells Hikvision to cease operations. Show notes

    Sponsored: Why Linux is the dark matter of the internet

    Play Episode Listen Later Jun 29, 2025 17:08


    In this Risky Bulletin sponsor interview Craig Rowland, CEO of Sandfly Security, talks to Tom Uren about the disconnect between how important Linux systems are and how much security attention they get. The pair discuss the variety of reasons that security teams underinvest in protecting Linux. Show notes

    Risky Bulletin: Phishers abuse forgotten Direct Send feature

    Play Episode Listen Later Jun 26, 2025 7:35


    A phishing group abuses a forgotten Exchange Online feature, a patient's death is linked to the Synnovis ransomware attack, France arrests the BreachForums leadership, and Microsoft offers free Windows 10 Extended Security Updates … with a catch. Show notes

    Srsly Risky Biz: Comparing Chinese and American 0day pipelines

    Play Episode Listen Later Jun 26, 2025 16:46


    Tom Uren and Patrick Gray talk about a new report that compares Chinese and American 0day pipelines. The US is narrowly focussed on acquiring exquisitely stealthy and reliable exploits, while China casts a far broader net. That was fine in the past, but as 0days get harder and harder to find, the report argues that the US needs to change the way it goes about getting them. The pair also talk about Cyber Command supporting the US bomb strikes against Iranian nuclear facilities. We like to believe in magic cyber capabilities, but we suspect the truth was far more mundane in this case. This episode is also available on Youtube. Show notes Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace

    Risky Bulletin: Hackers breach Norwegian dam, open valve at full capacity

    Play Episode Listen Later Jun 25, 2025 6:42


    Hackers fully open a valve at a Norwegian dam, the US house bans WhatsApp on staff devices, Russia wants to build a national IMEI database, and four REvil members are released after time served. Show notes

    Between Two Nerds: The evil genius of Predatory Sparrow

    Play Episode Listen Later Jun 23, 2025 28:37


    In this edition of Between Two Nerds Tom Uren and The Grugq dive into the motivations and actions of Predatory Sparrow, a purported hacktivist group that has been attacking Iran for the last five years and has leapt into the Iran-Israel war. This episode is also available on Youtube. Show notes

    Risky Bulletin: White House rejects nominee for NSA & CyberCom leader

    Play Episode Listen Later Jun 23, 2025 8:09


    The White House rejects the Pentagon's nominee for NSA & CyberCom leader, the FCC probes the US Cyber Trust Mark program, a cyberattack disrupts Russia's animal products industry, and hackers leak data about everyone in Paraguay. Show notes

    Sponsored: The geopolitics of trust

    Play Episode Listen Later Jun 22, 2025 11:16


    In this Risky Bulletin sponsor interview Fletcher Heisler, CEO of Authentik, talks to Tom Uren about the inflection points that make organisations consider rationalising their Identity Providers (IdPs). The pair also discuss sovereign tech stacks and how to earn the trust of customers. Show notes

    Risky Bulletin: Russian hackers abuse app-specific passwords to bypass MFA

    Play Episode Listen Later Jun 20, 2025 7:46


    Russian hackers abuse app-specific passwords to bypass multi-factor, the tenth Salt Typhoon victim is identified, Predatory Sparrow destroys $90 million from an Iranian crypto-exchange, and Argentina arrests a Russian disinfo gang. Show notes

    Srsly Risky Biz: Data brokers are a killer's best friend

    Play Episode Listen Later Jun 19, 2025 22:28


    Tom Uren and Patrick Gray talk about a Minnesota man who used people-search services to locate, stalk and eventually murder political targets. They also discuss purported hacktivist group Predatory Sparrow weighing in on the Iran-Israel conflict. It has attacked Iran's financial system including a bank associated with the Iranian Revolutionary Guard Corp and also burnt USD$90 million worth of cryptocurrency from an Iranian exchange This episode is also available on Youtube. Show notes

    Risky Bulletin: Israel-linked hackers claim Iran bank disruption

    Play Episode Listen Later Jun 18, 2025 7:03


    An Israeli-linked hacktivist group claims attack on Iranian bank, Chrome gets a new prompt to prevent local network attacks, a Century-old German napkin company goes under following ransomware attack, and Europol takes down the Archetyp dark web market. Show notes

    Between Two Nerds: Why modern influence operations suck

    Play Episode Listen Later Jun 16, 2025 30:21


    In this edition of Between Two Nerds Tom Uren and The Grugq take a look at a new AI-powered covert influence campaign and compare it to World War 2 efforts. This episode is also available on Youtube. Show notes

    Risky Bulletin: Washington Post email accounts hacked

    Play Episode Listen Later Jun 16, 2025 5:48


    Email accounts compromised at the Washington Post, shady email provider Cock.li gets hacked, hackers steal data from a French university, and the EU invests €145 million in hospital cybersecurity. Show notes

    Sponsored: Hardening the browser

    Play Episode Listen Later Jun 15, 2025 12:42


    In this Risky Bulletin sponsor interview Michael Leland, Field CTO of Island, talks about how Island manages risks from extensions, phishing and infostealers. Even when credentials are stolen, it is still not game over and there are still ways to prevent data loss and breaches. Show notes

    Risky Bulletin: Predator spyware alive despite US sanctions

    Play Episode Listen Later Jun 13, 2025 7:47


    Intellexa is alive and well despite US sanctions, Paragon spyware used a zero-click iMessage exploit, South Korea's largest online bookstore gets ransomwared, and law enforcement takes down several cybercrime operations. Show notes

    Srsly Risky Biz: Trump scales back Biden product security demands

    Play Episode Listen Later Jun 12, 2025 19:26


    Tom Uren and Patrick Gray talk about how a Trump executive order has scaled back the government's cyber security ambitions. The carrots and sticks that would have been used to encourage organisations to adopt stricter security standards are gone. They also discuss North Korea's use of AI in its IT worker scam and the emergence of espionage-as-a-service… perhaps. This episode is also available on Youtube. Show notes

    Risky Bulletin: SentinelOne dodges a Chinese APT hack

    Play Episode Listen Later Jun 11, 2025 5:13


    SentinelOne dodges a Chinese APT hack, anonymous sources point to more Salt Typhoon victims, a cyberattack disrupts grocery deliveries in the US, and 140 arrested in Kazakhstan for selling citizens' data. Show notes

    Between Two Nerds: How Russia's sabotage team got into hacking

    Play Episode Listen Later Jun 9, 2025 37:05


    In this edition of Between Two Nerds Tom Uren and The Grugq take a look at the hackers of Unit 29155, Russian military intelligence's sabotage and assassination group. This episode is also available on Youtube. Show notes The Insider 'Hidden Bear' investigation Japanese Tokuryū Ukraine SSSCIP report H1 2023

    Risky Bulletin: EU launches its own DNS service

    Play Episode Listen Later Jun 9, 2025 6:12


    The EU launches its own DNS service, Trump revises previous administrations' cyber executive orders, a supply chain attack hits popular NPM packages, and mysterious iOS attacks spotted in the wild. Show notes

    Sponsored: Phishing crews have gotten really good at evasion

    Play Episode Listen Later Jun 9, 2025 18:19


    In this sponsored interview, Casey Ellis interviews Push Security co-founder and Chief Product Officer Jacques Louw about how good phishing crews have gotten at evading detection. Attackers are hiding their payloads behind legitimate bot-detection tools to stop things like email security gateways from seeing them, as well as locking up phishing pages behind OAuth challenges. Push sees all this because it's installed as a browser plugin and sees what users see. Show notes

    Risky Bulletin: APTeens go after Salesforce data

    Play Episode Listen Later Jun 6, 2025 7:02


    A hacking group goes after Salesforce data, the FBI takes down the BidenCash carding forum, China offers rewards for Taiwanese military hackers, and high risk bugs are patched in enterprise software from HPE and Infoblox. Show notes

    Srsly Risky Biz: Law Enforcement Is Finally Making Progress on Ransomware

    Play Episode Listen Later Jun 5, 2025 18:43


    Tom Uren and Patrick Gray talk about how Operation Endgame, the multinational law enforcement effort to tackle ransomware is approaching the problem holisitically. It's tackling the enablers of ransomware and although it won't eliminate the crime, it'll make it harder for criminals. They also discuss the spyware app that helped to dismantle the Syrian regime, at least maybe a little bit, and how Russian military intelligence's sabotage and assasination unit got into cyber operations. This episode is also available on Youtube. Show notes

    Risky Bulletin: Syrian Army infected with spyware before regime collapse

    Play Episode Listen Later Jun 4, 2025 8:20


    A spyware app infected the Syrian Army's soldiers before the regime collapsed, NSO appeals its WhatsApp verdict, Chrome and Qual-comm patch zero-days, and an emergency services information sharing group shuts down. Show notes

    Claim Risky Business News

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel