Best Wreak Havoc Productions Podcasts (2025)

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Salesforce partner Gainsight has customer data stolen Crowdstrike fires insider who gave hackers screenshots of internal systems Australian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigs Shai-Hulud npm/Github worm is b…

1
Carolina Haints presents FOLK 3.3: Execution Rock 6:43

Play Pause

31m ago6:43

6:43

By Dan Sellers

1
Risky Biz Soap Box: Greynoise knows when bad bugs are coming 37:51

8d ago37:51

37:51

In this sponsored Soap Box edition of the podcast, Andrew Morris joins Patrick Gray to talk about how Greynoise can often get a 90 day heads up on serious vulnerabilities. Whether it’s malicious actors doing reconnaissance or the affected vendors trying to understand the scope of the problem, it seems that mass scanning activity lines up pretty nic…

1
424: Meta Beats the Antitrust Regulators 57:32

9d ago57:32

57:32

Geoff Manne (ICLE) returns! He and Corbin break down a judge’s ruling (politely) laughing the FTC’s antitrust lawsuit against Meta out of court. Topics include: The bizarro world of antitrust trash tweeting “‘Antitrust’ means what I want it to mean!” Back in reality: a straightforward ruling Maybe Zuck just . . . knows what he’s doing? Users want w…

1
Risky Business #815 -- Anthropic's AI APT report is a big deal 51:24

1h ago51:24

51:24

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Anthropic says a Chinese APT orchestrated attacks using its AI It’s a day ending in -y, so of course there are shamefully bad Fortinet exploits in the wild Turns out slashing CISA was a bad idea, now it’s time for a hiring spree Researchers brute for…

1
Carolina Haints presents FOLK 3.2: The Dillsboro Vampire 7:16

12d ago7:16

7:16

By Dan Sellers

1
423: Free Speech Hypocrites 58:28

16d ago58:28

58:28

Ari Cohn (FIRE) and host Corbin Barthold (TechFreedom) survey the Trump administration’s many attacks on the First Amendment. Topics include: Law firms you should no longer hire Political opponents = terror groups?! Brendan Carr is a lap dog Jawboning rebrand: it’s “outreach”! Terrorizing foreign students is bad Links: What if the Big Law Firms Had…

1
Risky Business #814 -- It's a bad time to be a scam compound operator 1:03:19

7d ago1:03:19

1:03:19

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The KK Park scam compound in Myanmar gets blasted with actual dynamite China sentences more scammers TO DEATH While Singapore is opting to lash them with the cane Chinese security firm KnownSec leaks a bunch of documents Necromancy continues on NSO G…

1
Carolina Haints presents FOLK 3.1: General Davidson's Ghost 5:04

22d ago5:04

5:04

By Dan Sellers

51
Risky Business #813 -- FFmpeg has a point 1:05:08

20d ago1:05:08

1:05:08

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: We love some good vulnerability reporting drama, this time FFmpeg’s got beef with Google OpenAI announces its Aardvark bug-gobbling system Two US ransomware responders get arrested for… ransomware Memento (nee HackingTeam) CEO says: Sì, those are tot…

1
422: Algorithms Rule the Internet (and Ash Feels Fine) 59:37

26d ago59:37

59:37

She’s back! Former host Ash Kazaryan (Future of Free Speech) returns for a wide-ranging discussion about powerful algorithms, attacks on Section 230, and much, much more. Topics include: Ash: this is your life! In defense of tHe aLGoRitHm In defense of Section 230 Once more: Anderson v. TikTok is so bad Has information gotten too cheap? Why Evangel…

1
Halloween Special: The Gaffney Strangler 21:01

26d ago21:01

21:01

By Dan Sellers

1
Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD 1:06:14

27d ago1:06:14

1:06:14

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts dis…

1
421: OpenAI’s Tumultuous Corporate Reboot 40:32

1M ago40:32

40:32

Sri Muppidi (The Information) discusses OpenAI’s effort to overhaul its corporate structure—and the resulting power struggle over the company’s future. Links: OpenAI Says Its Business Will Burn $115 Billion Through 2029 OpenAI Executives Rattled by Campaigns to Derail For-Profit Restructuring OpenAI Says Nonprofit Parent Will Own Equity Stake in Co…

1
Risky Business #811 -- F5 is the tip of the crap software iceberg 51:51

17d ago51:51

51:51

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: China has been rummaging in F5’s networks for a couple of years Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system Salesforce hackers use their stolen data trove to dox NSA, ICE employees Crypto stealing, proxy…

1
Wide World of Cyber: A deep dive on the F5 hack 39:11

1M ago39:11

39:11

In this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag. Show notes

1
Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business 30:49

1M ago30:49

30:49

In this sponsored Soap Box edition of the Risky Business podcast, host Patrick Gray chats with Mastercard’s Executive Vice President and Head of Security Solutions, Johan Gerber, about how the card brand thinks about cybersecurity and why it’s aggressively investing in the space. After listening to this interview you’ll understand why the credit ca…

1
Risky Business #810 -- Data extortion attacks have a silver lining 1:03:12

1M ago1:03:12

1:03:12

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: FBI intervenes in Scattered Spider Salesforce leaksite Clop loots Oracle E-Biz deployments Plus so much more data extortion.. At least it’s not ransomware … we guess? The US still can’t decide who’s gonna be in charge of NSA & Cybercom Cambodian scam…

1
Snake Oilers: Realm Security, Horizon3 and Persona 45:40

1M ago45:40

45:40

1
420: Tech and Immigration 46:43

2M ago46:43

46:43

Jeremy Neufeld (Institute for Progress) discusses how our immigration system works, why high-skilled immigrants are so important to the tech sector, what’s wrong with the Trump administration’s H-1B reforms, why America is so complacent about competing for global talent, and more. Links: Trump’s H-1B Changes Won’t Work Talent Recruitment Roulette: …

1
Risky Business #809 -- Hackers try to pay a journalist for access to the BBC 39:28

2M ago39:28

39:28

On this week’s show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week’s cybersecurity news, including: Hackers learn that trying to coerce a journalist just makes for … a great story? A man in his 40s gets arrested over the European airport chaos. Yep, we’re surprised, too. Adam fanboys over Watcht…

1
419: Do Tech Optimists Have a Party? 50:04

2M ago50:04

50:04

Adam Kovacevich (Chamber of Progress) discusses the populist / anti-tech turn in politics, and what can be done about it. Topics include: How did we get here? Tech optimists: There are dozens of us! Beware ThE gROupS If there’s a crisis, maybe act like it? Duct tape and bubble gum The great relearning We’re so doomed We’re so not doomed Links: Tech…

1
Risky Business #808 -- Insane megabug in Entra left all tenants exposed 52:37

2M ago52:37

52:37

On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including: Secret Service raids a SIM farm in New York MI6 launches a dark web portal Are the 2023 Scattered Spider kids finally getting their comeuppance? Production halt continues for Jaguar Land Rover GitHub tightens its security after Shai-Hulud …

1
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc 53:19

2M ago53:19

53:19

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Shai-Hulud worm propagates via npm and steals credentials Jaguar Land Rover attack may put smaller suppliers out of business Leaked data emerges from the vendor behind the Great Firewall of China Vastaamo hacker walks free while appeal is underway Wh…

1
418: Algorithms, AI, and Product Liability 1:02:34

3M ago1:02:34

1:02:34

Ari Cohn (FIRE) and Tom Kurland (Patterson Belknap) discuss the spate of product-liability lawsuits against social-media and AI companies. Topics include: A tort law primer The ballad of Helen Palsgraf Causation, shmausation Speech =/= product Ideas are powerful. (That’s the point!) “Addiction.” You keep using that word … ♪ Junk science ♪ AI, suici…

1
Risky Biz Soap Box: runZero shakes up vulnerability management 34:17

3M ago34:17

34:17

In this sponsored Soap Box edition of the Risky Business podcast, industry legend HD Moore joins the show to talk about runZero’s major push into vulnerability management. With its new Nuclei integration, runZero is now able to get a very accurate picture of what’s vulnerable in your environment, without spraying highly privileged credentials at at…

1
Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal 51:42

3M ago51:42

51:42

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Apple ruins exploit developers’ week with fresh memory corruption mitigations Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack Salesloft says its GitHub was the initial entry point for its compromise Sitecore says peop…

1
Snake Oilers: Nebulock, Vali Cyber and Cape 46:33

3M ago46:33

46:33

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares: Automated, AI-powered threat hunting with Nebulock Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have …

1
417: Free Speech Coalition v. Paxton Is Wreaking Havoc 49:10

3M ago49:10

49:10

Host Corbin Barthold (TechFreedom) discusses why Free Speech Coalition v. Paxton is wrong, how it muddies First Amendment law, and how it is already causing wider harm. Topics include: FSC v. Paxton: a result-oriented ruling A credulous court PoRn iS sCArY Ashcroft v. ACLU is sitting right there! tEcH Is ScARy RIP First Amendment 101 The porn-to-so…

1
Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup" 1:01:55

3M ago1:01:55

1:01:55

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: The Salesloft breach and why OAuth soup is a problem The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed Google says it will stand up a “disruption unit” Microsoft writes up a ransomware gang that’s all-in on the …

1
Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy 53:32

3M ago53:32

53:32

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Australia expels Iranian ambassador Hackers sabotage Iranian shipping satcoms APT hacker got doxxed in Phrack. Kind of. They’re probably Chinese, not DPRK? Trail of Bits uses image-downscaling to sneak prompts into Google Gemini The Com’s King Bob ge…

1
416: Britain Censors the Internet (and More) 53:22

3M ago53:22

53:22

Shoshana Weissmann (R Street) discusses the disastrous Online Safety Act, the growth of censorship in the UK, and more. Topics include: Protect the children, they said . . . The SpongeBob videos must stop Solve problems? Or just shut people up? How dare you comply with our law! Age verification in practice Peter Kyle: polite demagogue Let’s kill KO…

1
Wide World of Cyber: Microsoft's China Entanglement 45:43

3M ago45:43

45:43

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China. Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in t…

1
Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs 58:28

3M ago58:28

58:28

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Oracle’s long term CSO departs, and we’re not that sad about it Canada’s House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also be…

1
Risky Biz Soap Box: How to measure vulnerability reachability 35:48

3M ago35:48

35:48

In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications. It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your applicatio…

1
From the Vault: Revising Section 230 Will Silence Marginalized Voices 26:15

4M ago26:15

26:15

From November 8, 2020 (Episode 279): Billy Easley sits down with former host Ashkhen Kazaryan. They remind us of the value of the free and open Internet. Links: Revising the Law That Lets Platforms Moderate Content Will Silence Marginalized Voices Free Speech and Tech Policy at the US Supreme Court, 2025 (AEI Event)…

1
Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds 1:00:00

3M ago1:00:00

1:00:00

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: CISA warns about the path from on-prem Exchange to the cloud Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are Everyone and their dog seems to have a shell in US Federal Court information syst…

1
Risky Business #801 -- AI models can hack well now and it's weirding us out 1:06:01

3M ago1:06:01

1:06:01

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut. This episode explores the rise of AI-powered bug hunting: Google’s Project Zero and Deepmind team up…

1
415: The State of AI Regulation 53:05

4M ago53:05

53:05

Matt Perault (a16z) joins Corbin Barthold (TechFreedom) for a wide-ranging discussion of AI bills, AI laws, and AI vibes. Part of the WLF-TechFreedom Tech in the Courts webinar series. Topics include: Why did the AI moratorium die? Activity in the states Regulate outcomes, not models? Next steps in Congress “Transparency”: so hot right now The AI p…

1
Soap Box: Why AI can't fix bad security products 37:11

4M ago37:11

37:11

In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices. This episode is also available on Youtube. Show notes…

1
Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP 53:37

3M ago53:37

53:37

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hac…

1
Risky Business #799 -- Everyone's Sharepoint gets shelled 1:13:55

4M ago1:13:55

1:13:55

Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not) She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’) Four (alleged) Scattered Spider members arrested (and bai…

1
414: Beware the Butlerian Jihad 1:05:16

4M ago1:05:16

1:05:16

Our host, Corbin Barthold, heads over to So to Speak: The Free Speech Podcast. He talks with Nico Perrino and Ari Cohn of FIRE about the death of the AI moratorium, a bogus wrongful death lawsuit against Character AI, the FTC’s campaign of censorship against ad agencies, and the absurdities of Europe’s Digital Services Act. Links: Shownotes, courte…

1
Risky Biz Soap Box: Prowler, the open cloud security platform 32:08

4M ago32:08

32:08

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, founder of open source multi-cloud security product Prowler. Toni explains how Prowler came to be, and how its journey followed his own learning about the cloud. The pair also discuss Prowler’s successful transition from an open-source projec…

1
413: AI: Things Are About to Get Weird 59:19

5M ago59:19

59:19

Richard Morrison (Competitive Enterprise Institute) joins the show for a Big Picture Episode on how AI could affect art, culture, and politics. Topics include: Take your Zyn and LSD Don’t rock out to this AI band What is AI slop? (What is art?!) Cultural elites hardest hit A brief history of tech panics Ban the prompt theory! The AI civil rights mo…

1
Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses 1:02:19

5M ago1:02:19

1:02:19

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Australian airline Qantas looks like it got a Scattered Spider-ing Microsoft works towards blunting the next CrowdStrike disaster Changes are coming for Microsoft’s default enterprise app consenting setup Synology downplays hardcoded passwords for its M365 clou…

1
412: NASA: Lost in Space? 56:35

5M ago56:35

56:35

TechFreedom’s Jim Dunstan and Corbin Barthold discuss the NASA administrator vacancy, the Artemis program, the NASA budget, SpaceX and Blue Origin, the moon and Mars, the FAA and NEPA, space regulatory sandboxes, and more. Links: “A Blueprint to Launch”: Regulatory Sandboxes for Outer Space Roadster location in space Tech Policy Podcast 372: Spaces…

1
Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators 1:02:16

5M ago1:02:16

1:02:16

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: We roll our eyes over the “16 billion credentials” leak hitting mainstream news Some interesting cyber angles emerge from the conflict in Iran Opensource maintainer of libxml2 is fed up with this hacker crap Shockingly, there are yet more ways to trick people i…

1
411: Live: (Fired?) FTC Commissioners Slaughter & Bedoya 1:03:45

5M ago1:03:45

1:03:45

FTC commissioners Rebecca Slaughter, Alvaro Bedoya, and Bill Kovacic speak with hosts Bilal Sayyed and Jessica Melugin at the 2025 TechFreedom / CEI Policy Summit: Constitutional Limits of FTC, FCC & DOJ Interference in Media and Speech. Links: Constitutional Limits of FTC, FCC and DOJ | Day 1 Constitutional Limits of FTC, FCC and DOJ | Day 2 SCOTU…