Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Content provided by Risky.biz and Patrick Gray. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Risky.biz and Patrick Gray or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Similar to Risky Biz
The avforums podcast brings you the latest tech, movie and gaming news, plus special features, interviews and show reports from the world of audio visual home entertainment
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Technical interviews about software topics.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful
Manage episode 479878170 series 3234705
Content provided by Risky.biz and Patrick Gray. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Risky.biz and Patrick Gray or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
- British retail stalwart Marks & Spencer gets cybered
- South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat
- It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups
- Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)
- Anti-DOGE whistleblower sure sounds like he has a point
This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems.
Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉
This episode is also available on Youtube.
Show notes
- British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News
- M&S cyber-attack linked to hacking group Scattered Spider | Marks & Spencer | The Guardian
- Bina Puri shares, Warrant B close sharply lower day after hacking
- Bina Puri, Pos Malaysia tumble following hacking incident | FMT
- Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News
- US conducts cyberattacks against major Chinese commercial encryption provider: report - Global Times
- Iran says major cyberattack on infrastructure repelled | Iran International
- Spain rules out cyber attack - but what could have caused power cut?
- South Korea's SK Telecom begins SIM card replacement after data breach
- AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security
- iOS and Android juice jacking defenses have been trivial to bypass for years - Ars Technica
- How Android 16's new security mode will stop USB-based attacks - Android Authority
- Researchers warn of critical flaw found in Erlang OTP SSH | Cybersecurity Dive
- Critical vulnerability in SAP NetWeaver under threat of active exploitation | Cybersecurity Dive
- CVE-2025-31324: Critical SAP Flaw Explained | Strobes
- Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
- Risky Bulletin: NFC card malware keeps evolving in Russia, a bad omen for the future - Risky Business Media
- Hegseth had unsecured internet line in Pentagon for Signal, sources say | AP News
- Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security
- 2025_0414_Berulis-Disclosure-with-Exhibits.s.pdf
- CISA gets a deputy director as it braces for major layoffs | Cybersecurity Dive
- Two top cyber officials resign from CISA | The Record from Recorded Future News
- Ex-CISA chief Chris Krebs leaving SentinelOne following Trump pressure | Reuters
- Former cyber official targeted by Trump speaks out after cuts to digital defense
- Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne
- ZachXBT on X: "Nine hours ago a suspicious transfer was made from a potential victim for 3520 BTC ($330.7M)"
129 episodes
Share
Manage episode 479878170 series 3234705
Content provided by Risky.biz and Patrick Gray. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Risky.biz and Patrick Gray or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:
- British retail stalwart Marks & Spencer gets cybered
- South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat
- It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups
- Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)
- Anti-DOGE whistleblower sure sounds like he has a point
This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems.
Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉
This episode is also available on Youtube.
Show notes
- British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News
- M&S cyber-attack linked to hacking group Scattered Spider | Marks & Spencer | The Guardian
- Bina Puri shares, Warrant B close sharply lower day after hacking
- Bina Puri, Pos Malaysia tumble following hacking incident | FMT
- Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News
- US conducts cyberattacks against major Chinese commercial encryption provider: report - Global Times
- Iran says major cyberattack on infrastructure repelled | Iran International
- Spain rules out cyber attack - but what could have caused power cut?
- South Korea's SK Telecom begins SIM card replacement after data breach
- AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security
- iOS and Android juice jacking defenses have been trivial to bypass for years - Ars Technica
- How Android 16's new security mode will stop USB-based attacks - Android Authority
- Researchers warn of critical flaw found in Erlang OTP SSH | Cybersecurity Dive
- Critical vulnerability in SAP NetWeaver under threat of active exploitation | Cybersecurity Dive
- CVE-2025-31324: Critical SAP Flaw Explained | Strobes
- Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
- Risky Bulletin: NFC card malware keeps evolving in Russia, a bad omen for the future - Risky Business Media
- Hegseth had unsecured internet line in Pentagon for Signal, sources say | AP News
- Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security
- 2025_0414_Berulis-Disclosure-with-Exhibits.s.pdf
- CISA gets a deputy director as it braces for major layoffs | Cybersecurity Dive
- Two top cyber officials resign from CISA | The Record from Recorded Future News
- Ex-CISA chief Chris Krebs leaving SentinelOne following Trump pressure | Reuters
- Former cyber official targeted by Trump speaks out after cuts to digital defense
- Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne
- ZachXBT on X: "Nine hours ago a suspicious transfer was made from a potential victim for 3520 BTC ($330.7M)"
129 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Risky Biz
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
The avforums podcast brings you the latest tech, movie and gaming news, plus special features, interviews and show reports from the world of audio visual home entertainment
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Technical interviews about software topics.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
