On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss: * Iran's Intune-based wiper attack on medical device maker Stryker * Qihoo 360's AI publishes its own wildcard TLS cert private key * Instagram is canning its end-to-end encrypted messaging * What's going on with mobile internet access in Moscow? * The Xbox One's bootloader gets voltage glitched into submission * Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…) This week's episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique. Show Notes: Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems https://www.zetter-zeroday.com/iranian-hacktivists-strike-medical-device-maker-stryker-in-severe-attack-that-wiped-systems/ Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch https://techcrunch.com/2026/03/17/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices/ Stryker attack raises concerns about role of device management tool | Cybersecurity Dive https://www.cybersecuritydive.com/news/stryker-attack-device-management-microsoft-iran/814816/ Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News https://therecord.media/stryker-tells-sec-unknown-timeline-recovery How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks | WIRED https://www.wired.com/story/handala-hacker-group-iran-us-israel-war/ U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued https://www.forbes.com/sites/the-wiretap/2026/03/17/us-strikes-killed-iranian-cyber-chiefs-but-the-hacks-continued/ Risky Business Features: Being a Wartime CISO https://risky.biz/RBFEATURES4/ Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/ China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key https://x.com/intcyberdigest/status/2033547961976639890 Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular https://www.irregular.com/publications/emergent-offensive-cyber-behavior-in-ai-agents Risky Business Features: MCP is Dead https://risky.biz/RBFEATURES7 Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios https://www.aisi.gov.uk/research/measuring-ai-agents-progress-on-multi-step-cyber-attack-scenarios Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios https://arxiv.org/pdf/2603.11214 What is end-to-end encryption on Instagram | Instagram Help Center https://help.instagram.com/491565145294150 US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access | WIRED https://www.wired.com/story/us-lawmakers-move-to-kill-the-fbis-warrantless-wiretap-access/ Website "whitelists" launched in Moscow | Forbes.ru https://www.forbes.ru/tekhnologii/557184-v-moskve-zarabotali-belye-spiski-sajtov Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters https://www.reuters.com/world/us/foreign-hacker-2023-compromised-epstein-files-held-by-fbi-source-documents-show-2026-03-11/ Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop https://cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/ Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica https://arstechnica.com/security/2026/03/researchers-disclose-vulnerabilities-in-ip-kvms-from-4-manufacturers/ RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube https://www.youtube.com/watch?v=FTFn4UZsA5U CrackArmor: Multiple vulnerabilities in AppArmor https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt

Srsly Risky Biz: Open weight models make the Mythos debate moot
494 views

Risky Business (843): Fortibleed is kinda awesome, actually
751 views

Pitching security startups to VCs in the AI era
203 views

Between Two Nerds: The PRC vs AI
342 views

Srsly Risky Biz: Anthropic has artificial, but not emotional, intelligence
460 views

Risky Business Weekly (842): Anthropic needs an adult in the C suite
1.2K views