Risky Business #259 -- MSDfail, Brett Moore and moooore!

From location at the Ruxcon Breakpoint conference in Melbourneā€¦
20 Oct 2012 » Risky Business

This week's show is being produced entirely on the ground at the Ruxcon Breakpoint security conference in my old home town of Melbourne Australia! And it's a shorter show than usual because I'm pretty busy down here producing a bunch of podcasts as a part of some joint coverage I'm doing for both Risky.Biz and The Register. If you want to check out some audio and blog posts from Breakpoint, head to http://risky.biz/breakpoint. They're not up yet, but you'll soon find some interviews with people like Barnaby Jack and Joshua Drake (jduck) there\u2026 or you can subscribe to the RB2 podcast feed at http://risky.biz/feeds if you want that content automagically.

In this week's sponsor interview we're chatting with Insomnia Security founder Brett Moore. Thanks to Insomnia security for all its support of this podcast. If you're a CSO in New Zealand and you've never had a pen test from these guys you're doing it wrong.

It's a company founded by Brett Moore and staffed by the likes of our regular news co-host Adam Boileau and his sometime fill in Mark Piper, as well as a few other guys. Brett joins us to recap Breakpoint and tell us what he thinks of the epic MSDfail in NZ. Why do organisations commission expert advice if they're just going to ignore it?

Show notes

MSD admits not acting on early system breach alerts... | Stuff.co.nz
http://www.stuff.co.nz/technology/digital-living/7826984/MSD-admits-not-...

Russian Anti-Virus Firm Plans Secure Operating System to Combat Stuxnet | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/kaspersky-operating-system/

Second LulzSec member pleads out in Sony Pictures attack - SC Magazine
http://www.scmagazine.com/second-lulzsec-member-pleads-out-in-sony-pictu...

Pentagon Hacker McKinnon Wins 10-Year Extradition Battle | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/mckinnon-extradition-win/

State-Sponsored Malware 'Flame' Has Smaller, More Devious Cousin | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/miniflame-espionage-tool/

WikiLeaks Goes Behind Paywall, Anonymous Cries Foul | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/wikileaks-paywall-anonymous/

Cyberthieves steal $400,000 from Bank of America | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57533007-83/cyberthieves-steal-$400000-from-bank-of-america/

Hackers target Fairfax holiday site Stayz, altering bank details on listings | News.com.au
http://www.news.com.au/travel/australia/hackers-target-fairfax-holiday-s...

Roxon issues discussion paper on mandatory data breach laws - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/319578,roxon-issues-discussion-paper-o...

Zero-day attacks last much longer than most would believe - SC Magazine
http://www.scmagazine.com/zero-day-attacks-last-much-longer-than-most-wo...

Pacemakers, defibrillators open to attack \u2022 The Register
http://www.theregister.co.uk/2012/10/17/pacemakers_open_to_wireless_attack/

Information Disclosure Zero-Day Discovered in Novell ZENworks | threatpost
http://threatpost.com/en_us/blogs/information-disclosure-zero-day-discov...

Oracle Patch Update to Include 109 Patches | threatpost
http://threatpost.com/en_us/blogs/oracle-patch-update-include-109-patche...

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update | threatpost
http://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-unt...

Adobe Extends Security of Reader and Acrobat With Better Sandbox, Force ASLR | threatpost
http://threatpost.com/en_us/blogs/adobe-extends-security-reader-and-acro...

Exploit Code Released Targeting Firefox 16 Vulnerability | threatpost
http://threatpost.com/en_us/blogs/exploit-code-released-targeting-firefo...

The Cactus Channel - Official Site
http://www.thecactuschannel.com/

,

The breach in the system is always there. We need to get used to it sometimes. - Mission Maids