Risky Business

Risky Business #351 -- Kim Zetter talks Stuxnet: Countdown to Zero Day

January 30, 2015 -- In this week's feature interview we're chatting with Wired journalist Kim Zetter about her fantastic book Stuxnet: Countdown to Zero Day. As it turns out, the assumption that US and Israeli intelligence agencies had "boots on ground" intelligence to design the malicious code could very well be bunkum!

Risky Business #350 -- We're baaaaaack

January 22, 2015 -- Welcome back to Risky Business for another year. This is the ninth year of weekly Risky Business podcasts, we're stoked you're sticking around for more.

In this week's show Patrick Gray and Adam Boileau discuss the last month's crazy CyberNews(tm) and Palo Alto CTO and founder Nir Zuk stops by for the sponsor interview.

You can now support Risky Business by becoming a Patron.

Risky Business #349 -- 2014 in review

December 11, 2014 -- In this special edition we take a look back over the big news items of 2014.

Risky Business #348 -- Did DPRK pwn Sony? PLUS Dan Guido on DARPA's Cyber Grand Challenge

December 5, 2014 -- On this week's show Adam and I establish that it's actually quite possible the disaster unfolding at Sony Pictures is, in fact, a North Korean government plot. I know, I know, there are sceptics, but any way you slice or dice it, it actually looks plausible. Tune in to find out why.

Risky Business #347 -- So what does Detekt... detect?

November 28, 2014 -- There's lots of fun news in this week's show. Sony Pictures got absolutely flattened, Regin is all the rage and the SEA has been enjoying some success.

Risky Business #346 -- Haters gonna hate, Americans gonna 'muric

November 21, 2014 -- On this week's show we're chatting with Peter Fillmore about payment card security. He was able to clone a contactless card and use it to do his shopping here in Australia -- this is something you shouldn't be able to do. So the question becomes, how can the USA, which is taking tentative steps towards chip cards, avoid some of the mistakes made in more advanced markets like ours?

We also find out chip-enabled ATMs pass card data through the chip reader straight into a parser running on the main ATM OS... which, yeah... That's pretty bad.

Risky Business #345 -- Advanced sock puppetry and news website manipulation

November 13, 2014 -- On this week's show we're taking a look at how you -- YES YOU -- can game online media. Find out how you can make comments on major news sites just disappear with one line of bash! Find out how you can drive a cupcake recipe into the "most popular" stories box on the world's major news sites!

That's a chat with Azhar Desai of Thinkst and it's this week's feature.

Risky Business #344 -- Super Mario Cisco adventures

November 7, 2014 -- On this week's show we're chatting with Alec Stuart Muirk about some of his research into Cisco appliance security. That interview is not so much a blow by blow of the bugs he found, which were pretty devastating by the way, but more about how accessibility is a major hurdle when researching various bits of kit.

As you'll hear, many security vendors are starting to release their kit as VMs, which means researchers will be more likely to poke at them. Does that mean more boneheaded bugs like the stuff he found? Well, probably.

Risky Business #343 -- Special news guest HD Moore

October 30, 2014 -- HD Moore is filling in for Adam Boileau in the news seat this week. In the news segment we chat about Facebook's OSquery tool, chip and pin relay attacks, Russian and Chinese haxx and more. You can find links to all the items discussed in this week's show notes.

Risky Business #342 -- The NSA Playset, cloud woes and more!

October 24, 2014 -- Despite some technical challenges we have a great show for you all this week. We'll be chatting with Mike Ryan of iSec Partners and his pal, independent hardware hacker Joe Fitzpatrick, all about the NSA Playset! It's a hobbyist project that aims to recreate all the awesome tools in the leaked NSA ANT catalogue. Such fun!

We'll also be hearing a tale of cloud woe from the trenches of enterprise IT. A friend of the show had his entire global email infrastructure pulled offline by Symantec with what he says was inadequate warning. And he might just have a point there. Have a listen to the interview and make your own mind up.