Risky Business

Risky Business


Risky Business primary podcast.


Risky Business #432 -- We need to talk about John  

On this week's show we're taking a look at the business dealings of John McAfee. Earlier today the NYSE announced the company that arranged to hire McAfee, MGT Capital, would be de-listed from the NYSE: MKT small cap exchange. This follows a class action investor lawsuit and the unearthing of a remuneration agreement between the company and McAfee that have lead some to suggest the whole company could be a pump and dump scam.

read more

Risky Business #431 -- What should the USA do about Russian hacks?  

On this week's show we're taking a look at what the hell the USA should do in response to Russia's hacks against the DNC. A few days ago the Director of National Intelligence and DHS issued a joint statement that officially puts blame for the DNC hacks squarely on Russia. Since then the Internets have been in meltdown over what exactly should be done in response.

read more

Risky Business #430 -- LulzSec's Tflow talks NSA exploits, justice and remorse  

On this week's show we're catching up with Mustafa Al-Bassam. He's a lovely young chap from England who was one upon a time one of the LulzSec crew. Like all the other guys in that crew he got busted, but he didn't spend any time in prison and these days he's doing really well. He's finished his undergrad, works with some blockchain technology and is about to start a PhD. He joins us this week to talk about his in depth analysis of the Shadowbrokers dump, as well as to reflect on his crimes. As you'll hear, he has some regrets.

read more

Risky Business #429 -- Krebs dumped, satellite hacking, election insecurity and more  

This week we'll be having a chat to Paul Marsh about a recent report from UK think tank Chatham House that says there's a looming cyber security crisis about to wreak havoc on the satellite ecosystem. But as you'll hear, Paul thinks the concerns are somewhat overhyped.

read more

Risky Business #428 -- Cross-platform Tor Browser pwnership with Ryan Duff  

On this week's show we'll be chatting with security researcher Ryan Duff about the rabbit hole that is the Tor Browser Bundle certificate pinning bug. The bug itself is interesting, but the questions it raises about how suitable Tor is for genuinely critical use are, you know, substantial. That's a really, really interesting chat with Ryan Duff, coming up after the news.

read more

Risky Business #427 -- Cahill law partner Brad Bondi on MedSec suit  

We have a great feature interview this week. Risky Business contributor Brian Donohue spoke with Cahill law firm partner Brad Bondi about the suit St Jude Medical has brought against MedSec and Muddy Waters over the short-sell of the medical device manufacturer's shares. That is an illuminating chat that certainly gave me an understanding of where this all could be heading, both in terms of the upcoming trial and how likely it is we'll see similar stuff in the future.

read more

Risky Business #426 -- House Oversight Committee drops OPM breach report PLUS St Jude sues MedSec  

In this week's feature interview we chat with Stephen Ridley about all things IoT. Stephen is a researcher turned entrepreneur and he'll be along to talk about the platform consolidation we're going to see when it comes to "things". Once that settles, he argues, we'll get a better idea of the security risks we should really, actually be worried about.

In this week's sponsor interview we're chatting with Simon Galbally at Senetas.

read more

Risky Business #425 -- MedSec CEO Justine Bone on the Muddy Waters short  

On this week's show we've landed what looks to be a fairly exclusive interview -- at least as far as the tech press is concerned. Justine Bone will be joining us to explain why the company she works with, MedSec, decided to use vulnerability information on implantable medical devices to drive a short-selling scheme in partnership with Muddy Waters.

This week's show is sponsored by Tenable Network Security. We're doing something a bit different in this week's sponsor interview -- we're chatting with one of Tenable's customers, City of San Diego CISO Gary Hayslip.

read more

Risky Business #424 -- Jess Frazelle on Docker. So hot right now.  

On this week's show we chat with Jessie Frazelle. Jessie is a former Docker maintainer who now works at Google on all things "containery". So we talk to her about what's up with containers, basically, and where the security pitfalls are. Like it or not, containers are likely going to be used in your environment, so getting to know them is a must. That's this week's feature.

read more

Risky Business #423 -- ShadowBrokers PLUS how2pwn Apple's Secure Enclave  

This week's feature interview is incredible. We're speaking with David Wang from Azimuth Security. He, his colleague Tarjei Mandt and Mat Solnik of OffCell Research delivered an absolutely blockbuster talk at Black Hat. I didn't see the talk at the time but I got a chance to review the slides and oh-my-god I can't believe this one got so little attention.

read more

Risky Business #422 -- #CensusFail, news with Adam and MOAR  

On this week's show we talk about the week's security news with Adam Boileau and I spill on what my sources have told me about #censusfail.

read more

Risky Business #421 -- Las Vegas edition with Dan Guido, Andy Greenberg and Zane Lackey  

On this week's show we speak with Signal Sciences' co-founder Zane Lackey about hackers building defensive tools and software companies. Dan Guido and Andy Greenberg talk about car hacking and the week's security news, and Wade Woolwine of Rapid7 is in the sponsor slot talking about EDR/IDR software.

Links to everything are in this week's show notes.

Risky Business #420 -- What we don't know about Watergate 2.0  

On this week's show we're taking a look at the DNC leaks, but don't worry, we won't be getting bogged down in the same old angles. Instead, we're going to chat to Lorenzo Franceschi-Bicchierai from VICE motherboard about his experience in interviewing the Guccifer 2 persona.

Then we'll hear from Kevin Poulsen about what these latest developments mean for Wikileaks. It's a topic you're probably sick of hearing about this week, but stick with us, we've got some new angles, and they're relevant.

read more

Risky Business #419 -- Brian Krebs on future of bank cybercrime  

On this week's show we're catching up with Brian Krebs of Krebs On Security. He'll be talking to us about recent trends in cybercrime, and he's got a warning for security teams in the banking sector. He says things are going to get pretty sticky, and he's usually right on this stuff.

read more

Risky Business #418 -- The rise of the crypto-Taliban  

On this week's show we're chatting with The Grugq about secure messaging. Facebook has announced it's rolling out an end-to-end encryption feature and the reaction to this wonderful announcement has been somewhat bizarre. We'll be talking to Grugq about why crypto absolutists are hating on companies that are rolling out non-default e2e features. We'll also talk about a couple of interesting case studies in which e2e encryption did absolutely nothing for the people using it.

read more

Risky Business #417 -- PlayPen ruling to let FBI off leash?  

In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.

read more

Risky Business #416 -- Post holiday carnage edition  

On this week's show we'll be catching up on the news of the last few weeks with Adam Boileau, then it's straight into the sponsor segment.

read more

Risky Business #415 -- Lauri Love talks extradition  

On this week's show we're chatting with Lauri Love. Lauri is an activist facing extradition to the United States where prosecutors hope to charge him with a raft of offences relating to attacks against US government computers... he'll tell us about what's going on with his extradition hearing and why he really, really doesn't want to go to the USA.

This week's show is sponsored by Tenable Network Security, big thanks to them. If you're looking for some vulnerability scanning and management software you really should talk to Tenable!

read more

Risky Business #414 -- Trading on OSINT for fun and profit  

On this week's show we're chatting with Australian security researcher Nik Cubrilovic. He's been doing some fascinating research into using OSINT techniques to obtain market-sensitive information. It's OSINT for fun and profit! That's this week's feature.

read more

Risky Business #413 -- Matthew Green: The case against backdoors  

In this week's feature slot we're joined by cryptographer Matthew Green of Johns Hopkins University. He'll be arguing against the subversion of encryption technologies this week. Consider it a counterpoint to last week's discussion with Stewart A Baker, former NSA general counsel. This week we get the other side of the argument!

This week's sponsor interview is also a cracker. We're chatting with Bromium's co-founder and CTO Simon Crosby. He's been spending a fair bit of time lately trolling rival CTOs on Twitter, which has been somewhat hilarious to watch.

read more

Video player is in betaClose