Cover art for podcast Risky Business

Risky Business

20 EpisodesProduced by Patrick GrayWebsite

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a secu… read more

Risky Business #599 -- You get domain admin! And YOU get domain admin!

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Russia, China, Iran having a red hot go at US political orgs
  • Crowdstrike drops report, telcos having a bad time
  • MSS owning US government with dumb bugs
  • DoJ indicts Iranian script kiddie because reasons
  • Proposed TikTok-Oracle deal barely makes sense
  • The mother of all Microsoft auth bugs, wow
  • Much, much more…

This week’s show is brought to you by Senetas. And we’ve got two sponsor guests for you this week: Senetas CTO Julian Fay will join us, as will Peter Farrely of AUCloud. Senetas uses AUCloud as a partner for its Suredrop file sharing and collaboration platform here in Oz, and Pete is joining us this week to talk through the new Cloud Assessment and Authorisation Framework published by the ACSC. If you work in Australian government IT and security, this one’s for you!

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Exclusive: Microsoft believes Russians that hacked Clinton targeted Biden campaign firm - sources | Reuters GRU eyes US election - Risky Business STRONTIUM: Detecting new patterns in credential harvesting - Microsoft Security Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says Report2020OverWatchNowheretoHide.pdf New CDRThief malware targets VoIP softswitches to steal call detail records | ZDNet VOS3000 VOS5000 Softswitch by Linknat - A Word-leading VoIP Solutions Provider Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says (8) Eric Geller on Twitter: "DOJ to announce Chinese hacking charges (and arrests!) tomorrow." / Twitter PAN-OS vulnerabilities add to a torrid year for enterprise software bugs Public disclosure didn't stop suspected Chinese hackers from targeting the Vatican Trump says Oracle ' very close' to TikTok deal Huawei HarmonyOS: Operating system will be on smartphones in 2021 US charges two hackers for defacing US websites following Soleimani killing | ZDNet FBI says credential stuffing attacks are behind some recent bank hacks | ZDNet Magento online stores hacked in largest campaign to date | ZDNet Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident [Blog] Zerologon: instantly become domain admin by subverting Netlogon cryptography (CVE-2020-1472) New BlindSide attack uses speculative execution to bypass ASLR | ZDNet BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys | ZDNet Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw | ZDNet MITRE releases emulation plan for FIN6 hacking group, more to follow | ZDNet Internal Facebook systems exposed via unpatched Apache library | The Daily Swig Porn site users targeted with malicious ads redirecting to exploit kits, malware | ZDNet Researcher kept a major Bitcoin bug secret for two years to prevent attacks | ZDNet Vast majority of cyber-attacks on cloud servers aim to mine cryptocurrency | ZDNet Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack | ZDNet Chinese diplomat demands investigation after his Twitter account liked embarrassing posts Whistleblower Says Facebook Ignored Global Political Manipulation When you browse Instagram and find former Australian Prime Minister Tony Abbott's passport number Anatomy of a Cloud Assessment and Authorisation |
Educational emoji reaction


Interesting emoji reaction


Funny emoji reaction


Agree emoji reaction


Love emoji reaction


Wow emoji reaction


Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to Risky Business


A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens