Lots of interesting linkage here!
September 21st, 2012 --
Here's a list of the week's news items as discussed in the show, plus a few that didn't make the final cut. We've also got a link to Saskwatch's (featured track) page, go check out a show, and a link to the Ruxcon Breakpoint website. Breakpoint is a great new conference kicking off in Melbourne in October. Mention "Risky Business Apple TV" when you register and the Ruxcon Breakpoint team will send you a shiny new Apple TV! It's limited to the next five people to register, so get in quick!
A new take on quality control for penetration testers...
September 14th, 2012 --
This week's feature interview is with Wayne Ronaldson. Wayne's a security consultant with a company here called CQR, but he's cobbled together a fascinating little side project called Exploitable Labs.
Linkage! Get your linkage here!
September 14th, 2012 --
Here's a list of the news items discussed in Risky Business episode 254.
Network infoleaks for the win...
September 6th, 2012 --
On this week's show we're taking a look at the new release of the data mining and network footprinting tool Maltego. it's called Radium and the focus is very much on automation.
One click network footprinting for the win! Maltego creator Roelof Temmingh will be along in this week's feature interview to walk us through the new features. There's some interesting stuff in that interview about network information leaks. All your internal IP ranges R belong to Roelof!
News, music and more!
September 6th, 2012 --
Get your links! I've pasted all the news items discussed in this week's show below. I've also thrown in a link to Paterva's Maltego page and a YouTube clip of this week's feature track. Same song, different version, still good.
I've also linked to our sponsor's website because hey, they deserve the kudos and the SEO juice. :)
Apple: We didn't pass iPhone, iPad device IDs to FBI | ZDNet
http://www.zdnet.com/apple-we-didnt-pass-iphone-ipad-device-ids-to-fbi-7...
HD Moore chimes in with his view on the Aramco incident...
August 31st, 2012 --
On this week's show we're talking to Rapid7's HD Moore about recent attacks against the Saudi Aramco oil company that saw 30,000 of 40,000 machines rendered inoperable for around 10 days.
It's the single most destructive attack I've ever heard of.
This week's show is brought to you by Insomnia Security. You might know this week's sponsor guest -- it's out news buddy Adam Boileau, aka Metlstorm.
Linkage!
August 31st, 2012 --
Here's a list of this week's news items...
Oracle reportedly knew of critical Java bugs under attack for 4 months | Ars Technica
http://arstechnica.com/security/2012/08/critical-java-bugs-reported-4-mo...
Second accused LulzSec hacker arrested in Sony breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57502233-83/second-accused-lulzsec-hack...
Researchers Hack Brainwaves to Reveal PINs, Other Personal Data | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/brainwave-hacking/
Snare's been up to his sneaky tricks again...
August 23rd, 2012 --
In this week's feature interview we're getting an update on some research we looked at last year. Loukas of Assurance.com.au in Melbourne had been playing around with some "evil maid" EFI hacks on Macs, but he's done some more work on them and presented his findings at BlackHat in July.
He joins the show to discuss his latest EFI work. See this week's show notes for links to his slide deck and paper, as well as links to this week's news.
Links! PDFs! Papers!
August 23rd, 2012 --
Here are the news items discussed at the top of episode 251 of the Risky Business podcast.
I've also included some items that didn't make the final cut that you may find interesting anyway.
Google to Hold Pwnium 2 Contest, Offers $2M in Rewards | threatpost
http://threatpost.com/en_us/blogs/google-hold-pwnium-2-contest-offers-2m...
Google Building Privacy Red Team | threatpost
http://threatpost.com/en_us/blogs/google-building-privacy-red-team-082212
Assange Calls on U.S. to End 'Witchhunt' Against WikiLeaks | Threat Level | Wired.com
Getting nostalgic with Huawei stack-based overflows...
August 14th, 2012 --
On this week's show we chat with Recurity Labs' Felix "FX" Lindner and Greg Kopf in the feature segment.
These guys recently shredded some Huawei equipment. They owned it hard and turned it into a DEFCON talk [pdf]. They'll be along a bit later on to tell us why hacking away at Huawei kit made them feel nostalgic.
Click through for some quality linkage...
August 14th, 2012 --
Felix and Greg's Huawei slidedeck can be found here:
http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf
THIS WEEK'S NEWS ITEMS:
Stratfor emails reveal secret, widespread TrapWire surveillance system — RT
http://rt.com/usa/news/stratfor-trapwire-abraxas-wikileaks-313/
Is TrapWire surveillance really spying on Americans? - Technolog on NBCNews.com
http://www.technolog.msnbc.msn.com/technology/technolog/trapwire-surveil...
New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East | threatpost
Microsoft's Katie Moussouris reflects...
August 3rd, 2012 --
On this week's show we chat with Microsoft's Katie Moussouris about the company's BlueHat prize. How successful was the prize, and did it get Microsoft value for money in terms of quality entries?
Katie took some time out from her maternity leave to join the show.
This week's show is brought to you by Tenable Network Security.
In this week's sponsor interview with Tenable founder and CEO Ron Gula we get a bit philosophical. Has it become culturally acceptable in the business world to get owned?
Click through for newsy goodness!
August 3rd, 2012 --
The following is a list of news stories discussed by Patrick Gray and Adam Boileau in this week's edition of the Risky Business podcast.
Get the podcast here.
Expert: Huawei routers are riddled with vulnerabilities | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57482813-83/expert-huawei-routers-are-r...
Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate
https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
Full Disclosure: nvidia linux binary driver priv escalation exploit
This week's sponsor interview is awesomely creeeepy...
July 26th, 2012 --
I've been busy preparing my debate speech for tomorrow's Splendour in the Grass music festival, so this week's show is a shorter one than usual; there's no feature interview.
Links! Get your news links!
July 26th, 2012 --
Stories discussed in this week's news segment:
Australia, Canada 'primary spy targets'
http://www.theage.com.au/opinion/political-news/australia-canada-primary...
Nearly 5 Million People Have Government Security Clearances | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/07/security-clearances-increasing/
AAPT hacked by Anonymous - Security - Technology - News - CRN Australia
http://www.crn.com.au/News/309915,aapt-hacked-by-anonymous.aspx
Ex-NSA bigwig Brian Snow joins the show...
July 20th, 2012 --
On this week's show the NSA's former Technical Director of Information Assurance, Brian Snow, joins the program to warn us that recent advancements in quantum computing could invalidate all of our cryptographic systems within 15 years.
So we'd better get cracking on finding alternatives!
Get your linkage here...
July 20th, 2012 --
News items discussed in this week's show:
Password Leaks Continue: Billabong, NVIDIA Accounts Compromised | threatpost
http://threatpost.com/en_us/blogs/password-leaks-continue-billabong-nvid...
Hacker Claims Compromise of IT Recruiter | threatpost
http://threatpost.com/en_us/blogs/hacker-claims-compromise-wall-street-i...
Yahoo gives all clear after hack attack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57472023-83/yahoo-gives-all-clear-after...
1961-2012. Dead at 51...
July 13th, 2012 --
On this week's edition of the show we catch up with Mark Dowd of Azimuth security for a bit of a chat about Apple's upcoming iOS 6 operating system and its security features. We also wind up chatting about Apple's approach to OS security in general and the whole signed code appstore thing, it's fun stuff!
This week's show is brought to you by Tenable Network Security -- the most long term and loyal supporter of this podcast.
The humble pwnplug has turned out to be very useful...
July 6th, 2012 --
In this week's podcast we're chatting with Jonathan Cran of Pwnie Express.
Pwnie Express makes dropboxes that were designed to be used by pentesters. Funnily enough people have actually found all sorts of non-illicit uses for them.
In this week's sponsor interview we chat with HackLabs' penetration tester Jody Melbourne to ask if there's a future for hacktivists after SQLi bugs are a thing of the past.
In this week's news segment with Adam Boileau we discuss the following items:
Is the sky falling or is this a case of "nothing to see"?
June 28th, 2012 --
There's a lot of really interesting news this week. Adam Boileau is back on deck at the top of the show to discuss shitty security at the Ecuadorian embassy in London, the new tool DroidSheep, DARPA's (DERPA? Lol.) attempts at securing the architectural mess that is Android, dudes going to prison, other dudes getting away with stuff and much, much more!
Recent comments
10 weeks 4 days ago
11 weeks 6 days ago
14 weeks 2 days ago
20 weeks 5 days ago
21 weeks 1 day ago
21 weeks 6 days ago
24 weeks 5 days ago
27 weeks 3 days ago
29 weeks 4 days ago
29 weeks 4 days ago