Risky Business #302 -- Poking the FireEye

The BreakPoint edition...
25 Oct 2013 » Risky Business

This week's show was recorded at the Ruxcon Breakpoint security conference at the Intercontinental Hotel in Melbourne. So this week's feature interview is a chat with Jonathan Brossard of Toucan Security, we're talking to him about his presentation on bypassing and generally messing with sandbox malware scanners. Poking the FireEye! That's a fun chat.

This week's show is brought to you by HackLabs, the Australian penetration testing firm. So in this week's sponsor interview we chat with HackLabs head honcho Chris Gatford about an early implementation of an over-the-'net NFC authentication scheme developed by IBM Switzerland. Will it catch on? That's coming up a bit later.

Show notes

Intelligence chief: Le Monde's allegations against NSA 'false' | Security & Privacy - CNET News:
http://news.cnet.com/8301-1009_3-57608909-83/intelligence-chief-le-monde...

German chancellor Angela Merkel says US spying is an unacceptable breach of trust - ABC News (Australian Broadcasting Corporation):
http://www.abc.net.au/news/2013-10-25/angela-merkel-obama-nsa-spying-spi...

Inside Julian Assange's Alleged Plot to Steal The Fifth Estate Book | Threat Level | Wired.com:
http://www.wired.com/threatlevel/2013/10/assange-house/

LinkedIn Intro App a Man in the Middle Attack | Threatpost | The First Stop For Security News:
http://threatpost.com/linkedin-intro-app-equivalent-to-man-in-the-middle...

DARPA Cyber Grand Challenge Offers $2M to Winners | Threatpost | The First Stop For Security News:
http://threatpost.com/darpa-contest-to-pay-2m-for-automated-network-defe...

Google Ideas aids online rebels with digital defenses | Security & Privacy - CNET News:
http://news.cnet.com/8301-1009_3-57608525-83/google-ideas-aids-online-re...

Real-world 'Do Not Track' coming to retail stores | Security & Privacy - CNET News:
http://news.cnet.com/8301-1009_3-57608726-83/real-world-do-not-track-com...

FBstalker Does Data Mining on Facebook Graph Search | Threatpost | The First Stop For Security News:
http://threatpost.com/fbstalker-automates-facebook-graph-search-data-min...

Experian Sold Consumer Data to ID Theft Service - Krebs on Security:
http://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-the...

Apple reasserts claim it doesn't want to spy on your iMessages | Security & Privacy - CNET News:
http://news.cnet.com/8301-1009_3-57608139-83/apple-reasserts-claim-it-do...

Snoopy Project mobile tracking and intelligence grows up | Threatpost | The First Stop For Security News:
http://threatpost.com/snoopy-mobile-tracking-profiling-project-gets-a-bo...

7 Eastern Europeans Indicted in Multimillion-Dollar eBay Fraud Scheme | Threat Level | Wired.com:
http://www.wired.com/threatlevel/2013/10/romanians-indicted-cyber-fraud/

Report: UN Nuclear Regulator Infected with Malware | Threatpost | The First Stop For Security News:
http://threatpost.com/report-un-nuclear-regulator-infected-with-malware/...

Safari matches rivals with sandboxed Flash for better security | Security & Privacy - CNET News:
http://news.cnet.com/8301-1009_3-57609053-83/safari-matches-rivals-with-...

Months Later, EAS Equipment Still Vulnerable to SSH Bugs | Threatpost | The First Stop For Security News:
http://threatpost.com/months-later-eas-equipment-still-vulnerable/102647

Google, FireEye Demand Change from Vulna Ad Network | Threatpost | The First Stop For Security News:
http://threatpost.com/overzealous-android-vulna-ad-network-put-in-its-pl...

ProSoft Technology RadioLinx ControlScape PRNG vulnerability | Threatpost | The First Stop For Security News:
http://threatpost.com/weak-key-generation-plagues-wireless-industrial-au...

Cisco Fixes DoS, Remote Code Execution Bugs in Six Products | Threatpost | The First Stop For Security News:
http://threatpost.com/cisco-fixes-dos-remote-code-execution-bugs-in-six-...

Apple Patches Fix More Than 100 Vulnerabilities | Threatpost | The First Stop For Security News:
http://threatpost.com/apple-patches-fix-more-than-100-vulnerabilities/10...

Critical NETGEAR ReadyNAS Frontview security vulnerability | Threatpost | The First Stop For Security News:
http://threatpost.com/netgear-readynas-storage-vulnerable-to-serious-com...

Simple Bug Exposed Verizon Wireless Users' SMS History | Threatpost | The First Stop For Security News:
http://threatpost.com/simple-bug-exposed-verizon-wireless-users-sms-hist...

[Syscan360 2013] Brossard Jonathan:
http://www.slideshare.net/endrazine/syscan360-2013

,

It is always like that. When people claim something, we all say it is not true. - Kris Krohn Strongbrook