Risky Business Podcast

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• Low skill actors compromise 600 Fortinets with AI-generated playbooks
• Anthropic calls out Chinese AI firms over model distillation
• Meta’s director of AI safety tells her ClawdBot not to delete her mail… so of course it does
• Peter Williams cops 7 years in jail for selling L3 Harris Trenchant’s exploits to Russia
• Ivanti got hacked in 2021 via… bugs in Ivanti

This episode is sponsored by line-rate network capture system Corelight. CEO Brian Dye joins to discuss what AI can do for defenders, and what it can’t.

This episode is also available on Youtube.

There’s a lethal trifecta of AI risks: access to private data, exposure to untrusted content, and external communication. In this conversation, Risky Business host Patrick Gray chats with Josh Devon, the co-founder of Sondera, about how to best address these risks.

There is no magic solution to this problem. AI models mix code and data, are non-deterministic, and are crawling around all over your enterprise data and APIs as you read this.

But in this sponsored interview, Josh outlines how we can start to wrap our hands around the problem.

This episode is also available on Youtube.

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• Palo Alto threat researchers want to attribute to China, but management says shush
• An increasing proportion of ransomware is data extortion. Is this good?
• Cambodia says it’s going to dismantle scam compounds
• CISA sufferers through yet another shutdown
• Google Gemini’s training secrets are being systematically harvested to improve other LLMs
• Academics assess SaaS password managers’ resilience against a malicious server

This episode is sponsored by SSO-firewall integration vendor Knocknoc. Chief exec Adam Pointon joins to talk about the latest in defences… which is to say Knocknoc for Solaris/Sparc and HPUX on PA-RISC?! Okay also that other little known OS… Windows.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Microsoft reshuffles security leadership. It doesn’t spark joy.
• Russia is hacking the Winter Olympics. Again. But y tho?
• China-linked groups are keeping busy, hacking telcos in Norway, Singapore and dozens of others
• Campaigns underway targeting Ivanti, BeyondTrust and SolarWinds products
• An unknown hero blocks 23/tcp on the US internet backbone
• And James Wilson pops into talk about Claude’s go at a C compiler

This week’s episode is sponsored by Ent.AI, an AI startup that isn’t quite ready to tell us all what they’re doing. But nevertheless, founder Brandon Dixon joins to discuss AI’s role in security. Where does language-based understanding take us that previous methods couldn’t?

This episode is also available on Youtube.

Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week’s cybersecurity news, including:

• Notepad++ update supply chain attack has been attributed to China
• The AI agent future is even more stupid than expected; behold the OpenClaw/Clawdbot/Moltbook mess
• The Epstein files claim he had a personal hacker?
• Microsoft is finally getting ready to (think about starting to begin to) disable NTLM by default
• The usual bugs in the usual things! Ivanti, Fortinet, and Solarwinds. Again.
• Telco hides a free trip in its privacy policy, someone actually reads it and wins!

This weeks’s episode is sponsored by opensource IDP platform Authentik. CEO Fletcher Heisler talks to Pat about their new endpoint agent that can enforce device posture policies during login.

This episode is also available on Youtube.

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They discuss:

• La France is tres sérieux about ditching US productivity software
• China’s Salt Typhoon was snooping on Downing Street
• Trump wields the mighty DISCOMBOBULATOR
• ESET says the Polish power grid wiper was Russia’s GRU Sandworm crew
• US cyber institutions CISA and NIST are struggling
• Voice phishing for MFA bypass is getting even more polished

This episode is sponsored by Sublime Security. Brian Baskin is one of the team behind Sublime’s 2026 Email Threat Research report. He joins to talk through what they see of attackers’ use of AI, as well as the other trends of the year.

This episode is also available on Youtube.

In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book.

This week news includes:

• Did the US cyber Venezuela’s power grid, or do they just want us to think they coulda?
• US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them mad
• MS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting down
• Wiz pulls off cloud stunt hack that ends with control of everyone’s AWS console
• Millions of Bluetooth devices that use Google’s Fast Pairing will pair with anyone, any time
• GNU inet-tools’ telnetd parties like it’s 2007, and brings -f root unauthed remote login back

Thinkst is this week’s sponsor, and long time friend of the show Haroon Meer joins. As always they’re polishing their Canary tokens - adding breadcrumbs to lead you to them - but they’re also a bunch of giant nerds who now run South Africa’s Computer Olympiad.

This episode is also available on Youtube.

Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including:

• Santa brings hackers MongoDB memory leaks for Christmas
• Vercel pays out a million bucks to improve its React2Shell WAF defences
• 39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPG
• Cambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for him
• Krebs picks apart the Kimwolf botnet and residential proxy networks
• So many healthcare data leaks that we have a roundup section

This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code!

This episode is also available on Youtube.

This episode is also available on [Youtube](

In this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo’s Egg story.

This podcast features the memories of:

• Jon Callas, former principal software engineer at Digital Equipment Corporation
• Mark Rasch, Morris Worm prosecutor
• Timothy Winslow, former 414 hacker
• Greg Chartrand, author of Cracking the Cuckoos Egg and
• Tony Sager, former NSA

How the World Got Owned is produced in partnership with SentinelOne.

In the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• React2Shell attacks continue, surprising no one
• The unholy combination of OAuth consent phishing, social engineering and Azure CLI
• Venezuela’s state oil firm gets ransomware’d, blames US… but what if it really is a US cyber op?!
• Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain
• Microsoft finally turns RC4 off by default in Active Directory Kerberos
• Traefik’s TLS verify=on … turns it off, whoopsie 🤡

This week’s episode is sponsored by Sublime Security, makers of an email filtering solution that’s up for dealing with modern problems. Founder and CEO Josh Kamdjou joins to talk about calendar invite phishing, and the extra steps they’ve had to take to reach into people’s calendars and fix the mess.

The Risky Business weekly show is taking holiday break, and will return on 14 January for its twentieth year! Good luck out there, internet friends.

This episode is also available on Youtube.