Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat
March 17, 2026
1:03:45
11.96 MB ( 49.26 MB less)
Downloads: 0
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:
- Iran’s Intune-based wiper attack on medical device maker Stryker
- Qihoo 360’s AI publishes its own wildcard TLS cert private key
- Instagram is canning its end-to-end encrypted messaging
- What’s going on with mobile internet access in Moscow?
- The Xbox One’s bootloader gets voltage glitched into submission
- Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…)
This week’s episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique.
This episode is also available on Youtube.
Show notes
- Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems
- Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch
- Stryker attack raises concerns about role of device management tool | Cybersecurity Dive
- Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News
- How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks | WIRED
- U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued
- Risky Business Features: Being a Wartime CISO
- Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica
- China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key
- Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular
- Risky Business Features: MCP is Dead
- Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios
- Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios
- What is end-to-end encryption on Instagram | Instagram Help Center
- US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access | WIRED
- Website "whitelists" launched in Moscow | Forbes.ru
- Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters
- Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop
- Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica
- RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube
- CrackArmor: Multiple vulnerabilities in AppArmor