Risky Business #358 -- HD Moore and Haroon Meer play "king for a day"

What would YOU do to "fix it"?
19 Mar 2015 » Risky Business

On this week's show we chat with Rapid7's HD Moore (feature) and Thinkst head honcho Haroon Meer (sponsor) about the big-picture changes that could see enterprise security actually change. They're both high-level interviews with two of the industry's sharpest.

Don't forget to check out this week's Risky Business video!

Don't forget you can now support the Risky Business page via our Patreon campaign. Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

Have you checked out this week's Risky Business YouTube video?
https://www.youtube.com/watch?v=TY0mBzP7qw8

German Police Just Made a Gigantic Dark-Web Drug Bust | WIRED
http://www.wired.com/2015/03/evolution-shiny-flakes-bust-heroin-cocaine-...

The Dark Web's Top Drug Market, Evolution, Just Vanished | WIRED
http://www.wired.com/2015/03/evolution-disappeared-bitcoin-scam-dark-web/

Hackers May Have Taken Medical Records From Insurer Premera | WIRED
http://www.wired.com/2015/03/hackers-may-taken-medical-records-insurer-p...

Bogus SSL certificate for Windows Live could allow man-in-the-middle hacks | Ars Technica
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-window...

Man who obtained Windows Live cert said his warnings went unanswered | Ars Technica
http://arstechnica.com/security/2015/03/man-who-obtained-windows-live-ce...

Microsoft takes 4 years to recover privileged TLS certificate addresses | Ars Technica
http://arstechnica.com/security/2015/03/microsoft-takes-4-years-to-recov...

Obama Administration Seeks More Legal Power to Disrupt Botnets | Threatpost | The first stop for security news
https://threatpost.com/obama-administration-seeks-more-legal-power-to-di...

CISA Cybersecurity Bill Advances Despite Privacy Concerns | WIRED
http://www.wired.com/2015/03/cisa-cybersecurity-bill-advances-despite-pr...

Mobile Android, iOS Apps Still Vulnerable to FREAK Attacks | Threatpost | The first stop for security news
https://threatpost.com/mobile-android-ios-apps-still-vulnerable-to-freak...

Shared Keys Simplify, Cheapen FREAK Attacks | Threatpost | The first stop for security news
https://threatpost.com/shared-keys-simplify-cheapen-freak-attacks/111668

Yahoo Previews End To End Email Encryption | Threatpost | The first stop for security news
https://threatpost.com/yahoo-previews-end-to-end-email-encryption-extens...

Yahoo wants to let you forget your Yahoo password - CNET
http://www.cnet.com/news/yahoo-wants-to-let-you-forget-your-yahoo-password/

Guardian backtracks, says Whisper doesn't spy on its users after all | Ars Technica
http://arstechnica.com/security/2015/03/guardian-backtracks-says-whisper...

Strange snafu hijacks UK nuke maker's traffic, routes it through Ukraine | Ars Technica
http://arstechnica.com/security/2015/03/mysterious-snafu-hijacks-uk-nuke...

South Korea claims North hacked nuclear data | Ars Technica
http://arstechnica.com/security/2015/03/south-korea-claims-north-hacked-...

Hey Twitter, Killing Anonymity's a Dumb Way to Fight Trolls | WIRED
http://www.wired.com/2015/03/hey-twitter-killing-anonymitys-dumb-way-fig...

Facebook Messenger will now let you send money to friends | The Verge
http://www.theverge.com/2015/3/17/8235781/facebook-messanger-payments-se...

Microsoft's Windows Hello will make your face, finger or iris the new sign-in - CNET
http://www.cnet.com/news/microsoft-introduces-windows-hello-for-signing-...

Authorities Closing In on Hackers Who Stole Data From JPMorgan Chase - NYTimes.com
http://www.nytimes.com/2015/03/16/business/dealbook/authorities-closing-...

BlackBerry takes another shot at a tablet -- sort of - CNET
http://www.cnet.com/news/blackberry-takes-another-shot-at-a-tablet-sort-of/

State Department takes network offline for security scrub - CNET
http://www.cnet.com/news/state-department-takes-network-offline-for-secu...

Google Apps bug exposes some users' personal info - CNET
http://www.cnet.com/news/bug-in-google-apps-exposes-some-users-personal-...

Stealthy, Persistent DLL Hijacking Works Against OS X | Threatpost | The first stop for security news
https://threatpost.com/stealthy-persistent-dll-hijacking-works-against-o...

Google Fix for Android Memory Leakage Issue In The Works | Threatpost | The first stop for security news
https://threatpost.com/google-aware-of-memory-leakage-issue-in-android-5...

Samsung Patches Social Media Vulnerability in Millions of Devices | Threatpost | The first stop for security news
https://threatpost.com/after-delays-samsung-patches-social-media-vulnera...

MS Update 3033929 Causing Reboot Loop - Krebs on Security
http://krebsonsecurity.com/2015/03/ms-update-3033929-causing-reboot-loop/

OpenSSL Patch to Plug Severe Security Holes - Krebs on Security
http://krebsonsecurity.com/2015/03/openssl-patch-to-plug-severe-security...

Apple Safari WebKit Vulnerabilities Patched | Threatpost | The first stop for security news
https://threatpost.com/apple-patches-webkit-vulnerabilities-in-safari/11...

D-Link Patches Two Vulnerabilities in Router Firmware | Threatpost | The first stop for security news
https://threatpost.com/d-link-patches-two-remotely-exploitable-bugs-in-f...

Adobe Flash Update Plugs 11 Security Holes - Krebs on Security
http://krebsonsecurity.com/2015/03/adobe-flash-update-plugs-11-security-...

ThinkstScapes
http://thinkst.com/thinkstscapes.html

Phish5 - Five minutes from start to phish
https://phish5.com/

The Bamboos - I Got Burned feat Tim Rogers - YouTube
https://www.youtube.com/watch?v=ASS_naRGRZY