Risky Business

Risky Business #165 -- McAfee Inside™

August 27, 2010 -- In this week's show we take a look at all the big news events over the last week. A newly rediscovered DLL hijacking technique has made some waves over the last seven days, as has the arrest in India of an e-voting machine security researcher.

Adam Boileau joins the program to discuss those items and others in this week's news segment.

In this week's feature interview we take a detailed look at Intel's decision to acquire security software maker McAfee for USD$7.68 billion. What is the reaction among analysts and the wider market?

Risky Business #164 -- FX on Blackberry security and wiretaps of the future

August 20, 2010 -- This week's guest is Felix "FX" Lindner. A well known researcher, FX has spent more than his fair share of time crawling around the innards of Blackberry devices.

He joins us this week to discuss the hubbub about lawful interception and Blackberry devices -- how resistant to wiretapping are they? What's the OS security like? What's the encryption scheme like?

As it turns out, the Blackberry holds up pretty well on most fronts, but FX fears law enforcement and intelligence agencies may start exploiting the baseband chipsets on mobile devices in order to intercept the data they carry.

Risky Business #163 -- Hacking ATMs with Barnaby Jack

August 13, 2010 -- This week's show is a cracker -- we're joined by IOActive's Barnaby Jack.

He made some major waves at BlackHat this year by demonstrating his attacks on ATMs.

He joins the show to discuss his research and talk about why his talk -- which was originally scheduled for last year's BlackHat conference -- was cancelled last year.

Kaspersky Lab's Vitaly Kamlyuk is this week's sponsor guest. He joins us to discuss what AV companies can do to detect some of the more exotic malware out there such as Stuxnet.

Adam Boileau, as always, checks in with the week's news headlines.

Risky Business #162 -- Pwning the Mars Rover with H D Moore

August 6, 2010 -- On this week's show chat to H D Moore about his research into the security -- or lack thereof -- of the VxWorks embedded operating system.

H D did a presentation at the Security B-Sides event that ran concurrently with Black Hat in Las Vegas. As it turns out VxWorks is used in a lot of places and the people who put it together suck at maths.

People who suck at maths write bad hashing algos. Really.

We'll also have a chat with Ron Gula of Tenable Network Security in this week's sponsor interview, and of course, Adam Boileau stops by for a chat about the week's news headlines.

Risky Business #161 -- APTs: Don't believe the hype

July 29, 2010 -- This week we take a look at Verizon Business Security Solutions' data breach investigation report. It declares APTs are nothing more than marketing hype! Polly Waffle!

Verizon's Bryan Sartin and Mark Goudie join us to discuss the report and that company's position on APT hype.

You can find the full report here.

Symantec's Francis deSouza stops by for this week's sponsor interview. In it we discuss the company's plans for its newest acquisitions -- Verisign and PGP corporation.

Risky Business #160 -- Clear evidence of state involvement in Stuxnet malware

July 23, 2010 -- This week's show is a cracker, and it's brought to you by our brand spanking new sponsor Research In Motion, makers of the Blackberry.

In this week's show we're taking an in depth look at the Stuxnet malware and the hideous, unpatched .lnk bug still affecting Microsoft systems. Paul Ducklin joins us to chat about that.

Ed Curtis from Research in Motion will be along in this week's sponsor interview to have a chat about some of the mistakes people make when rolling out Blackberry Enterprise Server, stay tuned for that.

Risky Business #159 -- Skimmers pay massive bribes downunder

July 16, 2010 -- On this week's show we take a fresh look at the insider threat in light of the news, here in Australia, that criminal syndicates are paying up to $40,000 to bribe service station attendants into helping them skim cards.

If the bad guys are willing to pay $40k for someone that low on the food chain, what will they pay to get at someone in your organisation?

To find out we'll be joined by Gartner research director, AusCERT co-founder and former Commonwealth Bank security big-wig Rob McMillan.

Also this week we chat with Kaspersky's Vitaly Kamlyuk in the sponsor interview.

Risky Business #158 -- Pwning up Apple's iTunes store

July 9, 2010 -- On this week's edition of the show we take a look at the security of Apple's iTunes store. If you haven't heard the news, it seems a rogue app developer was able to bill Apple customers for apps they never bought.

Risky Business #157 -- Voluntary codes versus regulation

July 2, 2010 -- WARNING: This week we missed some bad language during the edit... so hide this filthy podcast from your children's innocent ears.

On this week's show we're chatting with the head of Australia's Internet Industry Association (IIA), Peter Coroneos, about the government's plan to force internet users here to use antivirus software or be kicked off the tubes!

Peter was the architect of Australia's just released voluntary code for ISPs, but he'll be along soon to talk about why he thinks regulation here is actually a BAD idea. That's coming up soon.

Risky Business #156 -- ICQ heads to Russia, feds worry

June 25, 2010 -- In this week's show we have a chat with iDefense threat analyst Kimberly Zenz.

Apparently Russian cybercrooks love to use ICQ, so US-based investigators are worried about the planned sale of ICQ to a Russia-based company called Digital Sky.

Kimberly's specialty is the Russian cybercrime scene, and apparently this mooted sale is interesting for a number of reasons. She joins the show to explain!