Risky Business Features

Geoff White, investigative journalist who co-created the Lazarus Heist series, unpacks North Korea’s IT infiltration scheme. He describes interview tricks, deepfakes and laptop farms. He outlines how hires funnel work to hacker units, launder salaries and route funds toward regime priorities. The picture is more methodical and diabolical than headlines suggest.

Brad Arkin, experienced cybersecurity leader and former CISO at Adobe, Cisco and Salesforce, shares perspectives on supply-chain risks and AI-driven threats. He discusses how AI accelerates attackers more than defenders. He explores trade-offs like patch timing versus supply-chain risk. He highlights prevention, stronger egress controls, and new tools like syscall sandboxing and network-layer defenses.

Karina Klaur, an OpenClaw AI assistant acting as a technical thinking partner for vulnerability analysis. She inspects WebKit, hunts a suspected audio decode bug, then uncovers an SVG buffer overflow. Short, sharp scenes cover chaining primitives, sandbox and PAC hurdles, JIT corruption theory, refusal to produce exploit code, and a walkthrough of the multi‑stage Karuna chain.

Andy Boyd, former CIA cyber leader now CEO of Red Lattice, talks insider threat and defensive readiness. Rob Joyce, former NSA exec, explains offensive cyber ops and how AI shifts attack scaling. They discuss AI automating discovery, cloud scanning at scale, attacker augmentation, and why exploit leaks feel routine.

Brad Arkin, experienced security executive and former CISO who advises on incident response and identity risks. They review the Stryker attack and how Intune was weaponized to wipe devices. Discussion covers phishing of powerful admin creds, hardening high‑power access, inventorying fleet tools, AI guardrails, rate‑limiting destructive actions, and recovery challenges after mass wipes.

A contrarian take that the Model Context Protocol has lost relevance and why that matters for AI tooling. A look at how models are skipping structured tool protocols in favor of direct shell and CLI interactions. A rundown of the security tradeoffs as agents move from managed MCP servers to raw shell access. Practical advice on where to focus access controls and auditability.

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, and over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy. Show notes

A solo deep dive tracing an exploit kit from watering-hole JavaScript to full device compromise. Technical breakdowns cover WebKit exploit paths, JIT and type confusion tricks, and intricate heap grooming. Detailed chain shows read/write primitives, PAC and ASLR workarounds, WebAssembly trampolines, sandbox escapes, kernel escalation, and persistence techniques used to deploy crypto-stealing implants.

Brad Arkin, seasoned security leader and former CISO at Adobe, Cisco and Salesforce, shares wartime CISO realities. He covers who belongs in crisis decision rooms. He weighs keeping office internet for displaced staff against cutting connectivity. He talks through playbooks for shutting down or preserving key material, cloud/data center disaster choices, vendor exposure and using disaster playbooks for rapid coordination.

Brad Arkin, former CISO at Adobe, Cisco and Salesforce, brings hands-on cybersecurity and risk management experience. He describes North Korea’s fake IT worker industry. Short segments cover how fake identities and laptop farms operate. They explore detection headaches, legal limits, cross-team controls, and how AI supercharges interview fraud.