Headlines covering the last month!
January 21st, 2016 --
Links to items discussed in episode 395 of the Risky Business podcast.
The last episode for 2015! Back in January 2016!
December 16th, 2015 --
On this week's show we're chatting with Johns Hopkins University cryptographer Matthew Green about rumblings emanating out of DC with regard to "stopping encryption", whatever the hell that means. In this week's sponsor interview we're chatting with Oliver Fay from Context about a paper they did in conjunction with UK's CERT about exploit kits. How much do they cost? Are there any that stick out as being particularly good? Or bad, depending on your point of view... Links to everything are in this week's show notes.
Satoshi v3.0, epic bugs, arrests and more!
December 16th, 2015 --
Links to items discussed in episode 394 of the Risky Business podcast.
And other assorted bits and pieces...
December 10th, 2015 --
On this week's show -- in addition to covering the latest claims about the true identity of Satoshi Nakamoto -- we're taking a look at a recent deal between a very large bank in Australia and Sydney's University of New South Wales.
News, comedy and more!
December 10th, 2015 --
Links to everything discussed in episode 393 of the Risky Business podcast.
PLUS: Details of the Risky Business partnership with PacketPushers...
December 3rd, 2015 --
On this week's show we're chatting with Kevin Finisterre about Silverpush -- the creepy ultrasonic audio-beaconing technology used by advertising companies that was in the press a couple of weeks ago. Kevin was all over it and he joins me to discuss the growing overlap between the techniques used by marketers and blackhats.
All the news that's fit to... link.
December 3rd, 2015 --
Links to everything discussed in episode 392 of the Risky Business podcast.
Banishing laptop shitware needs to be a CSO priority...
November 26th, 2015 --
On this week's show we're chatting with Darren Kemp of Duo Security. He's one of the authors of a post about the latest example of computer manufacturer shitware introducing catastrophic vulnerabilities into shipped systems. This time it's Dell's turn. If you haven't heard what they actually did you'll hardly even believe it. That's this week's feature interview.
News, music and more...
November 26th, 2015 --
Links to everything discussed in episode 391 of the Risky Business information security podcast.
PLUS: FireEye's Jonathan Wrolstad on WITHCOVEN...
November 20th, 2015 --
In this week's feature interview we're checking in with FireEye's Jonathan Wrolstad. He's a threat intelligence guy at FireEye and they've just published a really interesting report about what a threat group is doing in terms of target recon. They're using marketing company tricks to recon all sorts of high value targets. It's very interesting stuff, and it's likely tied to the Russian state.
All your newsy goodness right here!
November 20th, 2015 --
Links to items discussed in episode 390 of the Risky Business infosec podcast.
Tor Ekeland joins the show to get all lawyerly...
November 12th, 2015 --
On this week's show we're chatting with computer crime lawyer extraordinaire Tor Ekeland! He's worked on a number of high profile CFAA cases. Most recently he's been defending former Reuters and LA Times journalist Matthew Keys on some pretty hefty CFAA charges. He's also the guy who got Andrew Aurenheimer out of jail so he could go and live a free life as a Nazi troll. (Is that really a win?) He also defended Lauri Love... basically if you're a hacker who's fallen foul of the CFAA, this is the guy you want on your team.
Did the FBI buy Tor exploit? Intrigue! Read all about it!
November 12th, 2015 --
Links to everything discussed in episode 389 of the Risky Business podcast.
Risky.Biz: Now with 60% more CYBER!
November 5th, 2015 --
This week's feature interview is with Troy Hunt of HaveIBeenPwned.com. And he's noticing something pretty weird. It's common for people to deface websites for bragging rights, and yeah, it's not new that data dumps are the new bragging fodder. But it seems like these days attackers are seeing Troy's site as the definitive place to get cred. Now they'll steal a bunch of data and Troy is their first stop. Life is strange on the internets. That's this week's feature interview.
Tell me about your mother...
November 5th, 2015 --
Links to everything discussed in episode 388 of the Risky Business information security podcast.
PLUS a recap of the last three week's infosec news...
October 29th, 2015 --
In this week's feature interview we're chatting with Chris Rock from Kustodian. Chris did a great presentation at Ruxcon last week about how easy it is to hack people to death! He's found out just how easy it is to register births and deaths in the united states and Australia via online systems. He says it's a problem that could result in a virtual baby harvest for fraudsters who plan ahead. It's really fun stuff, that's this week's feature.
We're baaaaaack!
October 29th, 2015 --
Links to all the items discussed in episode 387 of the Risky Business information security podcast.
The horse is still showing signs of life. Keep flogging...
October 9th, 2015 --
On this week's show we're checking in with Katie Moussouris of HackerOne. She's an ex Microsoftie who's spent something like a decade working on vulnerability disclosure policies. She even helped get a vuln disclosure ISO standard ratified! And she'll be joining us this week to discuss disclosure politics, I guess you'd call it... for those of us who've been around infosec for a while, most of us would rather stick our face in a blender than talk about it, but Katie will be along to point out why people should fight their "disclosure debate fatigue" and get involved.
Another 20m or so records breached. You know, this week.
October 9th, 2015 --
Links to items discussed in episode 386 of the Risky Business infosec podcast.
Are they for real? Or is this some sort of long-form comedy thing?
October 2nd, 2015 --
******LANGUAGE WARNING: The f-bomb features, unbleeped, once in this week's show. Just a note for those of you with the kids in the car. On this week's show we're chatting with FireEye's chief security strategist Richard Bejtlich about this new agreement between China and the USA. The two countries have apparently agreed that they won't hack each other with the aim of stealing IP anymore. Questions to Richard include: Are they kidding? And: How did they announce this with a straight face?