Risky Business #351 -- Kim Zetter talks Stuxnet: Countdown to Zero Day

PLUS! Marcus Ranum and Beardy McSweatybeard...
30 Jan 2015 » Risky Business

In this week's feature interview we're chatting with Wired journalist Kim Zetter about her fantastic book Stuxnet: Countdown to Zero Day. As it turns out, the assumption that US and Israeli intelligence agencies had "boots on ground" intelligence to design the malicious code could very well be bunkum!

This week's show is brought to you by Tenable Network Security, so in this week's sponsor interview we're chatting with Tenable's very own Marcus Ranum about attribution.

No, not just the North Korea angle... we cover off what sort of focus the average enterprise needs to put on attributing attacks. Does it even matter?

Adam Boileau, as always, joins the show to discuss the week's security news.

You can become a Risky Business patron thanks to our Patreon campaign.

And you can also follow Patrick or Adam on Twitter, if that's your thing.

Show notes

First ever Risky.Biz YouTube rant with Patrick Gray - YouTube
https://www.youtube.com/watch?v=0o5PRIrQq48

Support Risky Business via our Patreon campaign!
https://patreon.com/riskybusiness

Kim Zetter's awesome Stuxnet book on Amazon:
http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X

Prosecutors Trace $13.4M in Bitcoins From the Silk Road to Ulbricht's Laptop | WIRED
http://www.wired.com/2015/01/prosecutors-trace-13-4-million-bitcoins-sil...

A Heroin Dealer Tells the Silk Road Jury What It Was Like to Sell Drugs Online | WIRED
http://www.wired.com/2015/01/silk-road-heroin-dealer-testifies/

Here's the Secret Silk Road Journal From the Laptop of Ross Ulbricht | WIRED
http://www.wired.com/2015/01/heres-secret-silk-road-journal-laptop-ross-...

Silk Road paid off hackers to keep site running - CNET
http://www.cnet.com/news/hackers-blackmailed-silk-road-underground/

No, Department of Justice, 80 Percent of Tor Traffic Is Not Child Porn | WIRED
http://www.wired.com/2015/01/department-justice-80-percent-tor-traffic-c...

Bitcoin Exchange Operator Sentenced to 4 Years for Silk Road Transactions | WIRED
http://www.wired.com/2015/01/bitcoin-exchange-operator-sentenced-4-years...

Aspiring Singer Arrested in Israel on Suspicion of Hacking Madonna | WIRED
http://www.wired.com/2015/01/aspiring-singer-arrested-israel-suspicion-h...

Barrett Brown Sentenced to 5 Years in Prison in Connection to Stratfor Hack | WIRED
http://www.wired.com/2015/01/barrett-brown-sentenced-5-years-prison-conn...

Dutch judge allows alleged "sophisticated" Russian hacker to be sent to US | Ars Technica
http://arstechnica.com/tech-policy/2015/01/dutch-judge-allows-alleged-so...

New Rules in China Upset Western Tech Companies - NYTimes.com
http://www.nytimes.com/2015/01/29/technology/in-china-new-cybersecurity-...

FCC Warns Businesses WiFi Blocking is Illegal | Threatpost | The first stop for security news
http://threatpost.com/fcc-warns-businesses-wifi-blocking-is-illegal/110728

Snowden reveals LEVITATION technique of Canada's spies \u2022 The Register
http://www.theregister.co.uk/2015/01/29/snowden_reveals_levitation_techn...

Researcher says Aussie spooks help code Five Eyes mega malware \u2022 The Register
http://www.theregister.co.uk/2015/01/29/did_aussie_spooks_write_regin/

Oz spooks hack, wreck Middle East 'cooling system': report \u2022 The Register
http://www.theregister.co.uk/2015/01/28/skip_spooks_hack_wreck_middle_ea...

Australia launches cyber-weapons in global counter-terrorist operations
http://www.afr.com/p/technology/australia_launches_cyber_weapons_hR1B30q...

Facebook: Oi, Lizard Squad - we can take down our own site, ta \u2022 The Register
http://www.theregister.co.uk/2015/01/27/facebook_lizardsquad_takedown_cl...

Information Security: The Internet of Gas Stati... | SecurityStreet
https://community.rapid7.com/community/infosec/blog/2015/01/22/the-inter...

Google drops three OS X 0days on Apple | Ars Technica
http://arstechnica.com/security/2015/01/google-drops-three-os-x-0days-on...

iTunes Connect bug logs developers in to other developers' accounts at random | Ars Technica
http://arstechnica.com/apple/2015/01/itunes-connect-bug-logs-developers-...

PHP Applications, WordPress Vulnerable to Ghost glibc Bug | Threatpost | The first stop for security news
http://threatpost.com/php-applications-wordpress-subject-to-ghost-glibc-...

Critical "GHOST" Vulnerability Released | Sucuri Blog
http://blog.sucuri.net/2015/01/critical-ghost-vulnerability-released.html

Thunderstrike Patch Slated for Inclusion in New OS X Build | Threatpost | The first stop for security news
http://threatpost.com/thunderstrike-patch-slated-for-new-os-x-build/110649

Bug in ultra secure BlackPhone let attackers decrypt texts, stalk users | Ars Technica
http://arstechnica.com/security/2015/01/bug-in-ultra-secure-blackphone-l...

Chrome 40 Patches 62 Security Vulnerabilities | Threatpost | The first stop for security news
http://threatpost.com/chrome-40-patches-62-security-vulnerabilities-pays...

Medeski Martin & Wood
http://www.mmw.net/