It's the Metlstorm hour of power...
April 29th, 2016 --
On this week's show Adam Boileau and Patrick Gray talk about the week's information security news before diving into a detailed look at multiple recent attacks against banks' SWIFT infrastructure. It's the Metlstorm hour of power!
There's a LOT to get through this week...
April 29th, 2016 --
Links to all the items discussed in episode 409 of the Risky Business podcast.
Deja WHOAH...
April 21st, 2016 --
On this week's show, as promised, we'll be checking in with Dan Kaminsky of WhiteOps to discuss their bread and butter -- click fraud prevention. We also get his thoughts on what the ad industry could do to stamp out malvertising. As you'll hear, he thinks the only way forward is to actually fix browsers. Seems sensible to us! Adam Boileau is taking a well-deserved week off, so The Grugq pops in to fill in. We'll chat to him about all the infosec news of the last week. Links to everything are in this week's show notes.
Links, news and more!
April 21st, 2016 --
Links to everything discussed in episode 408 of the Risky Business podcast.
The Panama Papers, BadLock and more...
April 14th, 2016 --
On this week's show we chat with HD Moore about the woeful state of security at Panamanian law firms. Mossack Fonseca isn't the only one that truly, truly sucks at security. We also check in with Dan Kaminsky to get his reaction to the BadLock bug. Tenable Network Security's Cris "Space Rogue" Thomas joins us to talk about what we could expect this year when it comes to security startups. He's expecting quite a few of them to fold. The Grugq joins the show this week to discuss the week's security news. He's filling in for Adam Boileau who's travelling in Australia.
Lots to catch up on from the last two weeks!
April 14th, 2016 --
Links to items discussed in episode 407 of the Risky Business podcast.
We meet a guy who does just that...
March 31st, 2016 --
On this week's show we're chatting with Nathaniel Wakelam, a professional bug bounty participant who, distressingly, at age 20, earns shitloads more money than I do! We'll talk to him about how he got into bug bounties, and how he manages to take down a massive paycheck in such a competitive space.
Lots of news this week!
March 31st, 2016 --
Links to everything discussed in episode 406 of the Risky Business information security podcast!
Plus news, Haroon Meer and MORE!
March 24th, 2016 --
On this week's show we're chatting with myNetWatchman's Donald McCarthy about some research he's done into these crews shaking down US companies for W2 forms. He and his colleagues have identified at least 40 crews involved in this stuff. We'll get the skinny on that in this week's feature interview. We're also chatting with Haroon Meer this week in the sponsor interview. Haroon is the head honcho over at Thinkst Applied Research and we'll be talking to him some more about the fantastic honeypot product they've released: Canary.Tools.
All the news that's fit to... put in CMS?
March 24th, 2016 --
Links to everything discussed in episode 405 of the Risky Business podcast...
Counterterrorism researcher and ex GCHQ-er David Wells joins the show...
March 17th, 2016 --
On this week's show we're chatting with David Wells. He's ex GCHQ and ASD but these days he's a counterterrorism boffin with the Lowy Institute. He's joining us to discuss the IS document leak. Depending on which story you read its either the death of the organisation or it won't do anything at all to disrupt it. We get David's thoughts on what this leak will actually for the so-called Caliphate. In this week's sponsor interview we're doing something a bit different.. following on from last week's interview with Re/Code's Arik Hesseldahl we're chatting with Tenable's CFO, Steve Vintz.
Are we sick of #FBiOS yet?
March 17th, 2016 --
Links to everything discussed in episode 403 of the Risky Business information security podcast.
PLUS news with Adam and BugCrowd's Casey Ellis in the sponsor chair...
March 10th, 2016 --
On this week's show we're chatting with re/code's senior editor and "enterprise dude" Arik Hesseldahl about the business of infosec. Information security related stocks and shares are tanking on indexes all over the world... why? How can this be happening in a $75bn sector that is tipped to grow into a $175bn sector in the next four years? Arik will join us with the skinny on that. But don't panic, tanking infosec share prices might be a good thing for the discipline. We'll find out why a bit later on. In this week's sponsor interview we chat with BugCrowd CEO Casey Ellis.
Not the craziest week in infosec, but still plenty to talk about...
March 10th, 2016 --
Links to everything discussed in episode 402 of the Risky Business infosec podcast.
YSoSerial makes deserialisation attacks serious...
March 3rd, 2016 --
On this week's show we get into a serious technical discussion about deserialisation attacks with with one of Adam Boileau's colleagues, Brendan Jamieson about the biggest issue in infosec that no one is talking about -- deserialisation vulnerabilities and their exploitation. This attack class is a serious problem in enterprise environments thanks to the release of the YSoSerial tool about a year ago. Pen-testers who are across this bug class are finding issues everywhere they look, and hardly anyone is talking about it. But we do, this week.
Lots of policy news this week!
March 3rd, 2016 --
Links to items discussed in this week's episode of the Risky Business podcast.
Apple and FBI are both silly sausages...
February 25th, 2016 --
On this week's podcast we'll hear from Daniel Hodson of Elttam Security here in Australia. Daniel and his business partner Matt Jones have been looking into the security of messaging software that has recommended by the EFF. Does a bunch of ticks from the EFF actually say much about app security? Well, not really, as it turns out.
Apple, FBI still dominate agenda...
February 25th, 2016 --
A list of security items making the agenda this week.
Oops. This is going to get... tricky...
February 18th, 2016 --
On this week's show we chat with Dan Guido from Trail of Bits about the stoush between Apple and the US department of justice. In this week's sponsor interview we speak with Cris Thomas, a.k.a. Space Rogue. Cris works for Tenable Network Security, this week's sponsor, and he joins us in this week's podcast to talk about NIST's cyber security framework. Adam Boileau joins the show to discuss the week's security news. Links to everything are in this week's show notes.
The glibc bug is this week's other show-stopper...
February 18th, 2016 --
Links to everything discussed in episode 399 of the Risky Business information security podcast.