Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat
18 March 2026

Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat

Risky Business

About

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:




    Iran’s Intune-based wiper attack on medical device maker Stryker
    Qihoo 360’s AI publishes its own wildcard TLS cert private key
    Instagram is canning its end-to-end encrypted messaging
    What’s going on with mobile internet access in Moscow?
    The Xbox One’s bootloader gets voltage glitched into submission
    Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…)


This week’s episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique.



This episode is also available on Youtube.





Show notes


    Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems

    Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch

    Stryker attack raises concerns about role of device management tool | Cybersecurity Dive

    Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News

    How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks | WIRED

    U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued

    Risky Business Features: Being a Wartime CISO

    Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica

    China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key

    Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular

    Risky Business Features: MCP is Dead

    Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios

    Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios

    What is end-to-end encryption on Instagram | Instagram Help Center

    US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access | WIRED

    Website "whitelists" launched in Moscow | Forbes.ru

    Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters

    Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop

    Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica

    RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube

    CrackArmor: Multiple vulnerabilities in AppArmor