In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
All content for Risky Business is the property of Patrick Gray and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
Risky Business
51 minutes
1 month ago
Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Apple ruins exploit developers’ week with fresh memory corruption mitigations
Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack
Salesloft says its GitHub was the initial entry point for its compromise
Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”
Rogue certs for 1.1.1.1 appear to be just (stupid) testing
Jaguar Land Rover ransomware attackers are courting trouble
This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!
This episode is also available on Youtube.
Risky Business
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
China has been rummaging in F5’s networks for a couple of years
Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system
Salesforce hackers use their stolen data trove to dox NSA, ICE employees
Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah
Adam gets humbled by new Linux-capabilities backdoor trick
Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned.
This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins to talk through how Push traced a LinkedIn phishing campaign targeting CEOs, and the new logging capabilities that proved critical to understanding it.
This episode is also available on Youtube.
