Risky Business Podcast
September 21, 2012
Risky Business #255 -- IE 0days are news? WINNING
Presented by
CEO and Publisher
Technology Editor
This week's show is a shorter one than usual -- we've just got the news segment with Adam and a sponsor interview.
This week's show is sponsored by our benevolent overlords at Adobe! Big thanks to them. And we've got a fascinating chat in this week's show with Adobe's Steve Gotwalls about auto updaters.
How have they been architected? What do the update mechanisms look like? Are the update packages served via https or http? Can you cache them at your border? Should enterprise networks swallow updates without doing independent QA?
This is a surprisingly interesting topic, when we think about how much patch management has changed over the years.
Show notes
Microsoft Will Patch IE Zero-Day on Friday; Fixit Available as Stopgap | threatpost
http://threatpost.com/en_us/blogs/microsoft-will-patch-ie-zero-day-frida...
Sophos antivirus detects own update as false positive malware | ZDNet
http://www.zdnet.com/sophos-antivirus-detects-own-update-as-false-positi...
Feds Charge Activist with 13 Felonies for Rogue Downloading of Academic Articles | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/aaron-swartz-felony/
Virgin Mobile Shrugs as Coder Warns Accounts Are Easily Hijacked | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/virgin-mobile/
Sprint says Virgin Mobile users are safe from account hijacks - Computerworld
http://www.computerworld.com/s/article/9231470/Sprint_says_Virgin_Mobile...
Coders Behind the Flame Malware Left Incriminating Clues on Control Servers | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/flame-coders-left-fingerprints/
Grum Botnet Attempts Another Comeback, Fails Again | threatpost
http://threatpost.com/en_us/blogs/grum-botnet-attempts-another-comeback-...
iPhone 4S, Samsung Galaxy S3 hacked in contest | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57516966-83/iphone-4s-samsung-galaxy-s3...
iOS 6 allows tweets, Facebook posts from locked device | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57517364-83/ios-6-allows-tweets-faceboo...
Apple provides 197 security reasons to upgrade to iOS 6 | ZDNet
http://www.zdnet.com/apple-provides-197-security-reasons-to-upgrade-to-i...
Flaw in Oracle Logon Protocol Leads to Easy Password Cracking | threatpost
http://threatpost.com/en_us/blogs/flaw-oracle-logon-protocol-leads-easy-...
Chat app used by activists has security flaws, say critics | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57513530-83/chat-app-used-by-activists-...
Researchers poke holes through Fortinet, SonicWall UTMs - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316308,researchers-poke-holes-through-...
Anonymous' Barrett Brown Raided by FBI During Online Chat | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/barret-brown-raid/
Executive order drafted following failed Cybersecurity Act - SC Magazine
http://www.scmagazine.com/executive-order-drafted-following-failed-cyber...
Researcher Charlie Miller Joins Twitter Security Team | threatpost
http://threatpost.com/en_us/blogs/researcher-charlie-miller-joins-twitte...
Calendar config triggers Canberra security scare - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316099,calendar-config-triggers-canber...
Bromium secures computers by holding apps in isolation | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57515558-83/bromium-secures-computers-b...
Bromium ships vSentry micro-hypervisor for foolproof Windows 7 security | ZDNet
http://www.zdnet.com/bromium-ships-vsentry-micro-hypervisor-for-foolproo...
Romanian carders plead guilty to Subway hack - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316131,romanian-carders-plead-guilty-t...
Home
http://www.saskwatch.com.au/Saskwatch/Home.html
Breakpoint 2012 Security Conference
http://www.ruxconbreakpoint.com/
They are pretty geeky with that one. They are really good at computers and that is good. - Kris Krohn