Risky Business Podcast
August 14, 2012
Risky Business #250 -- Hack it like it's 1999
Presented by
CEO and Publisher
Technology Editor
On this week's show we chat with Recurity Labs' Felix "FX" Lindner and Greg Kopf in the feature segment.
These guys recently shredded some Huawei equipment. They owned it hard and turned it into a DEFCON talk [pdf]. They'll be along a bit later on to tell us why hacking away at Huawei kit made them feel nostalgic.
This week's show is brought to you by the fine folks at Australian pentesting firm HackLabs, so I hope you'll keep them in mind next time you're firing off those RFPs!
HackLabs founder and main man Chris Gatford joins us in this week's sponsor slot to discuss the extremely clever social engineering attack against accounts belonging to technology journalist Mat Honan. he got owned pretty hard. No clientsides, no exploits, no bruteforcing. Just a few phone calls.
Show notes
http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf
THIS WEEK'S NEWS ITEMS:
Stratfor emails reveal secret, widespread TrapWire surveillance system - RT
http://rt.com/usa/news/stratfor-trapwire-abraxas-wikileaks-313/
Is TrapWire surveillance really spying on Americans? - Technolog on NBCNews.com
http://www.technolog.msnbc.msn.com/technology/technolog/trapwire-surveil...
New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East | threatpost
http://threatpost.com/en_us/blogs/new-gauss-malware-descended-flame-and-...
Amazon addresses security exploit after journalist hack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57488759-83/amazon-addresses-security-e...
Apple responds to journalist's iCloud hack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57487873-83/apple-responds-to-journalis...
One way to make passwords obsolete -- just keep typing | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57492355-83/one-way-to-make-passwords-o...
DOJ Won't Ask Supreme Court to Review Hacking Case | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/computer-fraud-supreme-court/
Goldman Sachs Programmer Back in Court on New Charges | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/sergey-aleynikov-new-charges/
FTC Dings Google $22.5M in Safari Cookie Flap | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/ftc-google-cookie/
Microsoft Releases Attack Surface Analyzer Tool | threatpost
http://threatpost.com/en_us/blogs/microsoft-releases-attack-surface-anal...
#684121 - libotr2: Buffer overflows in libotr - Debian Bug report logs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684121
Anonymous targets ASIO, government websites | ZDNet
http://www.zdnet.com/au/anonymous-targets-asio-government-websites-70000...
Oracle Warns Users About Privilege Escalation Bug in Database Server | threatpost
http://threatpost.com/en_us/blogs/oracle-warns-users-about-privilege-esc...
The secret is already out there. You don't need to become so sensitive about that one. - James Cullem