This week's feature guest is Haroon Meer of Thinkst Applied Research. He's launched an awesome new site called Phish5.com that allows sysadmins and security consultants to automate phishing campaigns against their own networks and clients.
It's a brilliant idea and well executed.
This week's show is brought to you by the fine folks at Microsoft, and we chat with Microsoft's Jerry Bryant later on about the expansion of the company's MAPP program. If you're an incident responder you really want to hear about this -- you can now submit suspect samples to Microsoft and they'll inspect them for 0day. World-class triage at your fingertips.
The following stories were discussed in episode 293 of the Risky Business podcast.
Bradley Manning Sentenced to 35 Years in Prison | Threat Level | Wired.com
BBC News - Bradley Manning: 'I am a woman named Chelsea'
Julian Assange's WikiLeaks Party running mate Leslie Cannold quits
Statement of Resignation from Wikileaks Party National Council at Dan's blog
Security Community Raises Money for Researcher Snubbed by Facebook Bounty Program | Threat Level | Wired.com
Twitter OAuth Data Leaked From Third-Party App | Threatpost
NSA Broke Privacy Rules Thousands of Times, Contrary to Official Claims | Threat Level | Wired.com
Declassified 2011 FISC Opinion Shows Court Found Some NSA Surveillance Unconstitutional | Threatpost
China eyes IBM, Oracle, EMC over possible security issues | Security & Privacy - CNET News
U.K. Ordered Guardian to Destroy Snowden Files Because Its Servers Weren't Secure | Threat Level | Wired.com
FDA Issues Recommendations on the Security of Wireless Medical Devices | Threatpost
NSA and Intelligence Community turn to Tumblr -- weird but true | Security & Privacy - CNET News
Scanning the Internet in 45 Minutes | Threatpost
Nasdaq Stock Exchange Goes Dark After Tech Glitch | Threat Level | Wired.com
IP Cloaking Violates Computer Fraud and Abuse Act, Judge Rules | Threat Level | Wired.com
Prison Computer 'Glitch' Blamed for Opening Cell Doors in Maximum-Security Wing | Threat Level | Wired.com
Cybercrooks use DDoS attacks to mask theft of banks' millions | Security & Privacy - CNET News
How Not to DDoS Your Former Employer - Krebs on Security
Joburg billing leak not a hack: whistle blower
Google, Mozilla Considering Limiting Certificate Validity to 60 Months | Threatpost
League of Legends is hacked, with crucial user info accessed | Security & Privacy - CNET News
Google Chrome 29 Fixes 25 Vulnerabilities | Threatpost
Microsoft Reissues MS13-066 Windows Server Patch | Threatpost
Jumping Out of IE's Sandbox With One Click | Threatpost
Cisco Patches DoS, Buffer Overflow Vulnerabilities in UCM | Threatpost
IT Security News, Security Product Reviews and Opinion - SC Magazine Australia - Secure Business Intelligence
Phish5 - Phish your company in five easy steps
Microsoft Extends MAPP To Incident Responders And Offers Free Online
The Bombay Royale
The notes are really good. If you can read it, then that would be better. - Roger Stanton