Risky Business #252 -- Attacks on Aramco likely state sponsored

HD Moore chimes in with his view on the Aramco incident...
31 Aug 2012 » Risky Business

On this week's show we're talking to Rapid7's HD Moore about recent attacks against the Saudi Aramco oil company that saw 30,000 of 40,000 machines rendered inoperable for around 10 days.

It's the single most destructive attack I've ever heard of.

This week's show is brought to you by Insomnia Security. You might know this week's sponsor guest -- it's out news buddy Adam Boileau, aka Metlstorm.

Adam works for Insomnia! So it's the MOAR METL edition this week! He'll be along a bit later to talk about new trends in security assessments; new ways of doing things that can gauge how effective organisations are at detecting what he calls the "lateral movement" of attackers through networks. As you'd expect, it's very interesting stuff and it's coming up after this week's feature interview.

Show notes

Oracle reportedly knew of critical Java bugs under attack for 4 months | Ars Technica
http://arstechnica.com/security/2012/08/critical-java-bugs-reported-4-mo...

Second accused LulzSec hacker arrested in Sony breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57502233-83/second-accused-lulzsec-hack...

Researchers Hack Brainwaves to Reveal PINs, Other Personal Data | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/brainwave-hacking/

Researcher reports a CSRF vulnerability in Facebook's App Center, earns $5,000 | ZDNet
http://www.zdnet.com/researcher-reports-a-csrf-vulnerability-in-facebook...

Air Force Openly Seeking Cyber-Weapons | threatpost
http://threatpost.com/en_us/blogs/air-force-openly-seeking-cyber-weapons...

Hackers vow 'hellfire' in latest major data leak | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57501931-83/hackers-vow-hellfire-in-lat...

Looking to Bolster Security, Dropbox Adds Two-Factor Authentication | threatpost
http://threatpost.com/en_us/blogs/looking-bolster-security-dropbox-adds-...

Analysis Shows Traces of Wiper Malware, But No Links to Flame | threatpost
http://threatpost.com/en_us/blogs/analysis-shows-traces-wiper-malware-no...

New Gauss and Flame link was a mistake, researchers say | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57499508-83/new-gauss-and-flame-link-wa...

Citrix Systems \xbb Most Americans Confused By Cloud Computing According to National Survey
http://www.citrix.com/English/NE/news/news.asp?newsID=2328309

Gauss: Abnormal Distribution - Securelist
http://www.securelist.com/en/analysis/204792238/Gauss_Abnormal_Distribution

Virus Shuts RasGas Office Computers, LNG Output Unaffected - Bloomberg
http://www.bloomberg.com/news/2012-08-30/virus-shuts-rasgas-office-compu...

Gh0stRat paper:
http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf

Insomnia Security, New Zealand
http://www.insomniasec.com/

,

The hackers surely know what they are doing. They did a good job in making a grand entrance. - Kris Krohn Strongbrook