Risky Business #330 -- Setting the infosec agenda

Elinor Mills talks infosec marketing and PR...
18 Jul 2014 » Risky Business

On this week's show we're chatting with infosec journalist turned PR strategist Elinor Mills. For eight years Elinor wrote about security for CNet News.com, before joining Bateman group as a content and media strategist in 2012.

We're chatting with Elinor about how the infosec media agenda is set. Do massive advertising, marketing and PR budgets give disproportionate media influence to companies that don't deserve it? Drum roll please... yup. Yes. Yes they do. But we'll chat to Elinor about that after the news.

In this week's sponsor interview we're chatting with Holly Stewart, Microsoft's senior program manager in its malware protection centre. We're talking about coordinated malware eradication.

Microsoft has launched a new program designed to attack the malware ecosystem at all levels. That means working with the ad distribution networks, online payment companies, ISPs... choke off the distribution, choke off the cash. It's a much more comprehensive approach than we've seen before and Holly will tell us how you might get involved.

Show notes

GCHQ's "Chinese menu" of tools spreads disinformation across Internet | Ars Technica
http://arstechnica.com/security/2014/07/ghcqs-chinese-menu-of-tools-spre...

JTRIG Tools and Techniques
https://www.documentcloud.org/documents/1217406-jtrigall.html

Journalists will face jail over spy leaks under new security laws | World news | theguardian.com
http://www.theguardian.com/world/2014/jul/16/journalists-face-jail-leaks...

NSA spies just LOVE swapping your sexts, says Snowden: 'It's a fringe benefit' \u2022 The Register
http://www.theregister.co.uk/2014/07/17/snowden_says_analysts_swapping_s...

Outside Panel Finds Over-Reliance on NSA Advice Led to Dual EC Problems | Threatpost | The first stop for security news
http://threatpost.com/outside-panel-finds-over-reliance-on-nsa-advice-le...

Swedish Court to Julian Assange: You're Not Going Anywhere | Threat Level | WIRED
http://www.wired.com/2014/07/swedish-court-to-julian-assange-youre-not-g...

Supposed 'leader' of LulzSec pleads guilty to hacking, hubris \u2022 The Register
http://www.theregister.co.uk/2014/07/17/lulzsec_leaderthatwasnt_pleads_g...

Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers | Threat Level | WIRED
http://www.wired.com/2014/07/google-project-zero/

Yahoo Full Application Source Code Disclosure Vulnerability | Security Down!
http://www.sec-down.com/wordpress/?p=440

Chinese hackers take command of Tesla Model S - CNET
http://www.cnet.com/au/news/chinese-hackers-take-command-of-tesla-model-s/

Malware hidden in Chinese inventory scanners targeted logistics, shipping firms | PCWorld
http://www.pcworld.com/article/2453100/malware-hidden-in-chinese-invento...

China calls Apple's iPhone a national security threat - CNET
http://www.cnet.com/au/news/china-calls-apples-iphone-a-national-securit...

Chinese businessman charged with hacking Boeing, Lockheed Martin | Ars Technica
http://arstechnica.com/tech-policy/2014/07/chinese-businessman-charged-w...

FBI: We found US MILITARY AIRCRAFT INTEL during raid on alleged Chinese hacker \u2022 The Register
http://www.theregister.co.uk/2014/07/14/us_military_aircraft_intel_captu...

How elite hackers (almost) stole the NASDAQ | Ars Technica
http://arstechnica.com/security/2014/07/how-elite-hackers-almost-stole-t...

Bitcoin pool GHash.io commits to 40% hashrate limit after its 51% breach | Ars Technica
http://arstechnica.com/business/2014/07/bitcoin-pool-ghash-io-commits-to...

"Severe" password manager attacks steal digital keys and data en masse | Ars Technica
http://arstechnica.com/security/2014/07/severe-password-manager-attacks-...

Mathematics makes strong case that "snoopy2" can be just fine as a password | Ars Technica
http://arstechnica.com/security/2014/07/mathematics-makes-strong-case-th...

DDoS attacks intensified in first half of 2014 - CNET
http://www.cnet.com/au/news/ddos-attacks-intensified-in-first-half-of-2014/

Beware Keyloggers at Hotel Business Centers - Krebs on Security
http://krebsonsecurity.com/2014/07/beware-keyloggers-at-hotel-business-c...

Here's How Easy It Could Be for Hackers to Control Your Hotel Room | Threat Level | WIRED
http://www.wired.com/2014/07/hacking-hotel-room-controls/

SSL Black List Aims to Publicize Certificates Associated With Malware | Threatpost | The first stop for security news
http://threatpost.com/ssl-black-list-aims-to-publicize-certificates-asso...

CNET attacked by Russian hacker group - CNET
http://www.cnet.com/au/news/cnet-attacked-by-russian-hacker-group/

Microsoft: No-IP takedown cleansed 4.7m PCs - Security - News - iTnews.com.au
http://www.itnews.com.au/News/389598,microsoft-no-ip-takedown-cleansed-4...

Exploit emerges for LZO algo hole \u2022 The Register
http://www.theregister.co.uk/2014/07/11/firefox_lzo_rce/

LibreSSL PRNG Vulnerability Patched | Threatpost | The first stop for security news
http://threatpost.com/overblown-libressl-prng-vulnerability-patched/107245

Cisco Patches Wireless Residential Gateway Vulnerabilities | Threatpost | The first stop for security news
http://threatpost.com/cisco-patches-wireless-residential-gateway-vulnera...

Apple blocks older, risky Flash plug-ins, forcing you to upgrade - CNET
http://www.cnet.com/au/news/apple-blocks-older-risky-flash-plug-ins-forc...

Five Vulnerabilities Fixed in Apache Web Server | Threatpost | The first stop for security news
http://threatpost.com/five-vulnerabilities-fixed-in-apache-web-server/10...

Active Directory flaw allows credentials theft - Security - News - iTnews.com.au
http://www.itnews.com.au/News/389747,active-directory-flaw-allows-creden...

Chrome for Android Update Patches URL Spoofing Bug | Threatpost | The first stop for security news
http://threatpost.com/chrome-for-android-update-fixes-critical-url-spoof...

Rickroll Innocent Televisions With This Google Chromecast Hack | Threat Level | WIRED
http://www.wired.com/2014/07/rickroll-innocent-televisions-with-this-goo...

Win/lose Whirlywirld original.m4v - YouTube
https://www.youtube.com/watch?v=8elKjPxMp98&feature=kp