Risky Business Podcast
September 12, 2014
Risky Business 336 -- Too many cons
Presented by
CEO and Publisher
Technology Editor
On this week's show we've got a great interview with Haroon Meer of Thinkst. Thinkst has a paid service that analysis the output of security conferences and puts together reports. Now, some of you might wonder why such a service would be needed, so let's put things in perspective: there were 2,700 conference presentations in the second quarter of this year at 116 events over 140 conference days. Yikes!
Haroon will be along in a bit to talk about the conference content boom, and he's also made their latest report free for Risky Business listeners! As I say, it's part of Thinkst's paid subscription service, so you'd be nuts not to grab it.
This week's show is brought to you by Tenable Network Security, thanks to the guys and gals over there. In this week's sponsor interview we're chatting with Paul Asadoorian, Tenable's product marketing manager for Nessus.
Paul is also well known as the host of the security weekly podcast! It's an infosec podcast with a massive audience that you've no doubt heard of.
We're chatting with Paul about embedded devices. He co-wrote a book on hacking the WRT54g home wireless gateway some years ago and he's gearing up to teach a SANS course on embedded device assessments. So yeah, Paul's going to stop by and discuss the state of all things embedded.
Show notes
Dread Pirate Sunk By Leaky CAPTCHA - Krebs on Security
http://krebsonsecurity.com/2014/09/dread-pirate-sunk-by-leaky-captcha/
FBI's Story of Finding Silk Road's Server Sounds a Lot Like Hacking | WIRED
http://www.wired.com/2014/09/fbi-silk-road-hacking-question/
Should we be worried? Showing on login page : SilkRoad
http://www.reddit.com/r/SilkRoad/comments/1dmznd/should_we_be_worried_sh...
Troll or thief? User claims Bitcoin founder Satoshi Nakamoto dox sabotage \u2022 The Register
http://www.theregister.co.uk/2014/09/10/troll_or_thief_user_claims_satos...
PayPal goes crypto-currency with Bitcoin \u2022 The Register
http://www.theregister.co.uk/2014/09/11/paypal_goes_cryptocurrency_with_...
Feds Threatened to Fine Yahoo $250K Daily for Not Complying With PRISM | WIRED
http://www.wired.com/2014/09/feds-yahoo-fine-prism/
Five Million Email Passwords, Addresses Leak Russian Forum | Threatpost | The first stop for security news
http://threatpost.com/five-million-email-passwords-addresses-appear-on-r...
Home Depot Data Breach Confirmed | Threatpost | The first stop for security news
http://threatpost.com/home-depot-confirms-breach-transactions-from-april...
BlackPOS malware confirmed in Home Depot US hack - Security - News - iTnews.com.au
http://www.itnews.com.au/News/391880,blackpos-malware-confirmed-in-home-...
Apple Plans to Extend 2FA to iCloud | Threatpost | The first stop for security news
http://threatpost.com/apple-plans-to-extend-2fa-to-icloud/108106
After hacking, Apple to send out more security alerts to users | Ars Technica
http://arstechnica.com/security/2014/09/after-hacking-apple-to-send-out-...
Barclays brings finger-vein biometrics to Internet banking | Ars Technica
http://arstechnica.com/security/2014/09/barclays-brings-finger-vein-biom...
Researchers find data leaks in Instagram, Grindr, OoVoo and more - CNET
http://www.cnet.com/news/researchers-find-data-leaks-in-instagram-grindr...
Salesforce Warns Customers of Dyreza Banker Trojan Attacks | Threatpost | The first stop for security news
http://threatpost.com/salesforce-warns-customers-of-dyreza-banker-trojan...
Traffic Networks Firm Patches Sensor Vulnerabilities | Threatpost | The first stop for security news
http://threatpost.com/traffic-networks-company-patches-sensor-vulnerabil...
Microsoft to patch ASP.NET mess even if you don't \u2022 The Register
http://www.theregister.co.uk/2014/09/11/microsoft_kills_dangerous_aspnet...
Cisco Patches Denial-of-Services Vulnerability in IMC | Threatpost | The first stop for security news
http://threatpost.com/us-cert-warns-of-vulnerability-in-cisco-baseboard-...
September 2014 Microsoft Patch Tuesday security bulletins | Threatpost | The first stop for security news
http://threatpost.com/emet-av-disclosure-leak-plugged-in-ie/108175
Critical Fixes for Adobe, Microsoft Software - Krebs on Security
http://krebsonsecurity.com/2014/09/critical-fixes-for-adobe-microsoft-so...
Apache Warns of Tomcat Remote Code Execution Vulnerability | Threatpost | The first stop for security news
http://threatpost.com/apache-warns-of-tomcat-remote-code-execution-vulne...
Infamous "podcast patent" heads to trial | Ars Technica
http://arstechnica.com/tech-policy/2014/09/jim-logan-says-he-invented-po...
thinkst.com/ts/free/ThinkstScapes-2014-Q2-v1.0.pdf
http://thinkst.com/ts/free/ThinkstScapes-2014-Q2-v1.0.pdf
Embedded Device Security Assessments For The Rest Of Us
http://www.sans.org/course/embedded-device-security-assessments