Risky Business #406 -- Making a killing from bug bounty programs

We meet a guy who does just that...
31 Mar 2016 » Risky Business

On this week's show we're chatting with Nathaniel Wakelam, a professional bug bounty participant who, distressingly, at age 20, earns shitloads more money than I do! We'll talk to him about how he got into bug bounties, and how he manages to take down a massive paycheck in such a competitive space.

In this week's sponsor interview we're chatting with Senetas Security's Simon Galbally about the mess that is Australia's data breach notification legislation. This week's episode is sponsored by Senetas, an Australian company that designs and manufactures quite excellent layer 2 encryption gear.

Adam Boileau, as always, will also pop in to discuss the week's news headlines.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

The FBI Drops Its Case Against Apple After Finding a Way Into That iPhone | WIRED
http://www.wired.com/2016/03/fbi-drops-case-apple-finding-way-iphone/

iOS forensics expert's theory: FBI will hack shooter's phone by mirroring storage | Ars Technica
http://arstechnica.com/security/2016/03/ios-forensics-experts-theory-fbi...

63 Times the Feds Asked Apple and Google to Help Unlock Phones | Motherboard
http://motherboard.vice.com/en_au/read/63-times-the-feds-used-the-all-wr...

The Government Has Used the All Writs Act on Android Phones At Least 9 Times | Motherboard
http://motherboard.vice.com/en_au/read/google-has-helped-the-feds-access...

Dark Web's Got a Bad Rep: 7 in 10 People Want It Shut Down, Study Shows | WIRED
http://www.wired.com/2016/03/study-finds-7-10-people-want-dark-web-shut/

CloudFlare: 94 percent of the Tor traffic we see is "per se malicious" | Ars Technica
http://arstechnica.com/tech-policy/2016/03/new-data-suggests-94-percent-...

FBI: Er, no, we won't reveal how we unmask and torpedo Tor pedos \u2022 The Register
http://www.theregister.co.uk/2016/03/29/fbi_tor/

Pro-Tip: If You're a Suspected Dark Web Drug Dealer, Don't Trademark Your #Brand | Motherboard
http://motherboard.vice.com/en_au/read/suspected-dark-web-vendor-charged...

New ransomware installs in boot record, encrypts hard disk [Updated] | Ars Technica
http://arstechnica.com/security/2016/03/new-ransomware-installs-in-boot-...

Why Hospitals Are the Perfect Targets for Ransomware | WIRED
http://www.wired.com/2016/03/ransomware-why-hospitals-are-the-perfect-ta...

Crooks Steal, Sell Verizon Enterprise Customer Data - Krebs on Security
http://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-...

Big-Name Law Firms Fall Victim To Hackers | Threatpost | The First Stop For Security News
https://threatpost.com/big-name-law-firms-fall-victim-to-hackers/117096/

Gumtree serves world's worst exploit kit to scores of Aussies \u2022 The Register
http://www.theregister.co.uk/2016/03/29/gumtree_aus_serving_angler/

Certified Ethical Hacker website caught spreading crypto ransomware | Ars Technica
http://arstechnica.com/security/2016/03/certified-ethical-hacker-website...

Mal Men men hit LiveJournal with Angler exploit kit \u2022 The Register
http://www.theregister.co.uk/2016/03/30/angler_malvertising_livejournal/

Stealthy malware targeting air-gapped PCs leaves no trace of infection | Ars Technica
http://arstechnica.com/security/2016/03/stealthy-malware-targeting-air-g...

Hype Around the Mysterious 'Badlock' Bug Raises Criticism | WIRED
http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-c...

Cops: Lottery terminal hack allowed suspects to print more winning tickets | Ars Technica
http://arstechnica.com/security/2016/03/cops-lottery-terminal-hack-allow...

Phishing Victims Muddle Tax Fraud Fight - Krebs on Security
http://krebsonsecurity.com/2016/03/phishing-victims-muddle-tax-fraud-fight/

Microsoft Deploys Macro-Blocker In Office To Curb Malware | Threatpost | The First Stop For Security News
https://threatpost.com/microsoft-deploys-macro-blocking-feature-in-offic...

1,400+ Vulnerabilities Identified In Medical Supply System | Threatpost | The First Stop For Security News
https://threatpost.com/1400-vulnerabilities-to-remain-unpatched-in-medic...

Apple Intel HD3000 Graphics Kernel Driver Patch | Threatpost | The First Stop For Security News
https://threatpost.com/patched-apple-bug-paved-way-to-root-compromises/1...

Emergency Java Patch Re-Issued For 2013 Vulnerability | Threatpost | The First Stop For Security News
https://threatpost.com/emergency-java-patch-re-issued-for-2013-vulnerabi...

Racist troll says he sent white supremacist flyers to public printers at colleges | Ars Technica
http://arstechnica.com/information-technology/2016/03/public-printers-at...

Let Me Get That Door for You: Remote Root Vulnerability in HID Door Controllers -
http://blog.trendmicro.com/let-get-door-remote-root-vulnerability-hid-do...

Senetas
http://www.senetas.com/