News and Opinion

August 17, 2010 -- 

Last Tuesday was an unremarkable day. I awoke to the usual E-Mails IRC chatter and RSS reading, the most noteworthy of which was a small cluster of ZDI advisories addressing issues in WebKit.

Then I spotted the following, unremarkable tweet from @davidfarrier:

"some chap in china just hacked my gmail. and just to tell people about iphone 4s. as if people didn't know already. silly bugger."

Quickly followed by this:

July 22, 2010 -- 

The online customer database of a New Zealand-headquartered pizza store chain has been compromised.

Risky.Biz understands multiple intruders have compromised Hell Pizza's 400mb database. While it does not contain any credit card information, it does contain in excess of 230,000 rows of customer entries.

The company operates 64 stores in New Zealand, three in England, nine in Australia and one in Ireland.

July 20, 2010 -- 

So here's some food for thought: According to a report in the Washington Post, 22 US Government departments and 143 private companies are involved in top secret "cyber operations" programs.

July 12, 2010 -- 

Someone has done some wildly successful social engineering.  Amazing, actually.  I am not talking about the “Robin Sage” social media/social engineering case where a lot of people who should know better gave up a lot of information in a lot of different ways.  That may be interesting (we’ll see when it is presented), but even though some of the results were sensitive, that is building on a lot of prior work.

July 7, 2010 -- 

US soldier Bradley Manning has been charged with disclosing classified material to whistleblower site Wikileaks.

But it's what he hasn't been charged with that's interesting.

Since the news of Manning's arrest broke there has been much speculation about the fate of 150,000 diplomatic cables the young soldier is alleged to have stolen.

July 5, 2010 -- Photo kiosks in Big W stores are allegedly infecting customers with USB-borne viruses.

The Windows-based Fuji photo kiosks located in the company's stores apparently don't run antivirus software, so lovely little bits of malicious software like Trojan.Poison-36 are winding up on customers' USB keys, according to Risky Business listener and blogger Morgan Storey.

July 1, 2010 -- 

I've followed with great interest Wired.com's coverage of the arrest of Private Bradley Manning, the young American soldier who allegedly leaked reams of classified US military material to Wikileaks.

I've also watched in disbelief as Wikileaks has lashed out at Wired.com journalist Kevin Poulsen, suggesting he somehow acted unethically in his reporting of the arrest.

In my mind all he did was scoop other outlets with the news of Manning's troubles. That's not unethical, that's just good journalism.

May 27, 2010 -- 

The following is a longer, uncut version of a story that appeared on the front pages of The Age and Sydney Morning Herald yesterday.

Facebook's woeful relationship with law enforcement bodies is hampering police investigations and putting lives at risk, the Australian Federal Police says.

May 21, 2010 -- 

Risky.Biz has confirmed IBM staff distributed malware-infected USB drives at the AusCERT security conference this week.

In a highly embarrassing admission, the company has sent a broadcast e-mail to all AusCERT attendees warning them of the security lapse.

"At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth," the message reads. "Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."

April 6, 2010 -- 

Security vendor Trend Micro accidentally e-mailed a planned outage notification to over 1200 of its Australian customers with their e-mail addresses in the open CC field.

While not the worst kind of data leak, the mistake has left the vendor somewhat red faced and contrite. Following enquiries from Risky.Biz last week the company e-mailed the users affected by the blunder.