We'll be back in mid January 2015...
December 11th, 2014 --
In this special edition we take a look back over the big news items of 2014.
Truth can be stranger than fiction on those darned Internetz...
December 5th, 2014 --
On this week's show Adam and I establish that it's actually quite possible the disaster unfolding at Sony Pictures is, in fact, a North Korean government plot. I know, I know, there are sceptics, but any way you slice or dice it, it actually looks plausible. Tune in to find out why.
Don't forget to tune in to our year in review special next week!
December 5th, 2014 --
Links to items discussed in episode 348 of the Risky Business podcast...
PLUS: Sony gets popped, again, Regin and more...
November 28th, 2014 --
There's lots of fun news in this week's show. Sony Pictures got absolutely flattened, Regin is all the rage and the SEA has been enjoying some success.
All the news that's fit to read...
November 28th, 2014 --
Links to items discussed in episode 347 of the Risky Business podcast.
Encrypt smartphones = KILL the CHILDREN...
November 21st, 2014 --
On this week's show we're chatting with Peter Fillmore about payment card security. He was able to clone a contactless card and use it to do his shopping here in Australia -- this is something you shouldn't be able to do. So the question becomes, how can the USA, which is taking tentative steps towards chip cards, avoid some of the mistakes made in more advanced markets like ours? We also find out chip-enabled ATMs pass card data through the chip reader straight into a parser running on the main ATM OS... which, yeah... That's pretty bad.
News, music and a boatload of XP EMV app kernel details...
November 21st, 2014 --
Links to everything discussed in episode 346 of Risky Business.
How you can make cupcake recipes more popular than Obama...
November 13th, 2014 --
On this week's show we're taking a look at how you -- YES YOU -- can game online media. Find out how you can make comments on major news sites just disappear with one line of bash! Find out how you can drive a cupcake recipe into the "most popular" stories box on the world's major news sites! That's a chat with Azhar Desai of Thinkst and it's this week's feature.
Links for Risky Business 345...
November 13th, 2014 --
Links to all the news, slides, music and other fun stuff from Risky Business episode 345.
Influx of VMs could mean an influx of network equipment bugs...
November 7th, 2014 --
On this week's show we're chatting with Alec Stuart Muirk about some of his research into Cisco appliance security. That interview is not so much a blow by blow of the bugs he found, which were pretty devastating by the way, but more about how accessibility is a major hurdle when researching various bits of kit. As you'll hear, many security vendors are starting to release their kit as VMs, which means researchers will be more likely to poke at them. Does that mean more boneheaded bugs like the stuff he found? Well, probably.
Links to news, presentation slides and gigs!
November 7th, 2014 --
Links to all items discussed in episode 344 of the Risky Business podcast.
PLUS: Did you know bug bounties are considered adequate testing in PCI audits?
October 30th, 2014 --
HD Moore is filling in for Adam Boileau in the news seat this week. In the news segment we chat about Facebook's OSquery tool, chip and pin relay attacks, Russian and Chinese haxx and more. You can find links to all the items discussed in this week's show notes.
All the news that's fit to read...
October 30th, 2014 --
Links to items discussed in episode 343 of the Risky Business podcast.
Two feature interviews in this week's show!
October 24th, 2014 --
Despite some technical challenges we have a great show for you all this week. We'll be chatting with Mike Ryan of iSec Partners and his pal, independent hardware hacker Joe Fitzpatrick, all about the NSA Playset! It's a hobbyist project that aims to recreate all the awesome tools in the leaked NSA ANT catalogue. Such fun! We'll also be hearing a tale of cloud woe from the trenches of enterprise IT. A friend of the show had his entire global email infrastructure pulled offline by Symantec with what he says was inadequate warning. And he might just have a point there. Have a listen to the interview and make your own mind up.
Palo Alto... Oh the mirth... the MIRTH...
October 24th, 2014 --
Links to items discussed in this week's edition of the Risky Business podcast.
Oh, and the other stuff no one is talking about that could get absolutely everything owned...
October 16th, 2014 --
In this week's show we're chatting with Matt Solnik of Accuvant Labs about his stellar presentation at Breakpoint last week. In this interview he describes how he can leverage crappy carrier management client software into full remote compromise attacks against most smartphones, including fully patched iOS8 and Android. It's savage stuff and if you work in telcoland you'd be nuts to miss it.
Click through to see ThreatPost's awesome infosec clipart...
October 16th, 2014 --
Show notes for episode 341 of the Risky Business podcast.
The Breakpoint edition...
October 9th, 2014 --
This week's show was recorded on site at the Ruxcon Breakpoint conference in Melbourne. There have been a handful of absolute jaw-droppers among the presentations here, including a demo showcasing remote code exec against *most* mobile devices, including fully patched iOS8.
All the news that's fit to sigh over...
October 9th, 2014 --
Links to items discussed in episode 340 of the Risky Business podcast.
PLUS news with Adam, and Rahul Kashyap on malvertising...
October 3rd, 2014 --
On this week's show we're chatting with Neel Mehta, a security researcher with Google. Neel is best known for finding the Heartbleed bug, and he joins us this week to talk about Heartbleed, ShellShock, the security of SSL stacks and where he expects vuln research to go in the future. Funnily enough this is Neel's first interview about Heartbleed, so I guess we can call this a scoop!