Risky Business #338 -- BASHPOCALYPSE 2014

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

In addition to covering the end of the world, this week's Risky Business features Don Bailey of Lab Mouse Security on his excellent IoT blog post, written largely in response to a Daily Dave post by Dave Aitel on so-called "junk hacking".

This week's show is brought to you by Context Information Security, big thanks to them! And in this week's sponsor interview we chat with Context's director of research Michael Jordon about his adventures in getting old computer games to work on printer screens. It's actually pretty cool.

Show notes

Shell Shock: Bash bug labelled largest ever to hit the internet
http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-l...

Hackers Are Already Using the Shellshock Bug to Launch Botnet Attacks | WIRED
http://www.wired.com/2014/09/hackers-already-using-shellshock-bug-create...

The Internet Braces for the Crazy Shellshock Worm | WIRED
http://www.wired.com/2014/09/internet-braces-crazy-shellshock-worm/

Patching Bash Vulnerability a Challenge for ICS, SCADA | Threatpost | The first stop for security news
http://threatpost.com/patching-bash-vulnerability-a-challenge-for-ics-sc...

Bash Botnet Exploit Found, Bash Patches Incomplete | Threatpost | The first stop for security news
http://threatpost.com/bash-exploit-reported-first-round-of-patches-incom...

Mozilla Patches RSA Signature Forgery in NSS, Firefox | Threatpost | The first stop for security news
http://threatpost.com/mozilla-patches-rsa-signature-forgery-in-firefox-t...

Xen security bug, you say? Amazon readies GLORIOUS GLOBAL CLOUD REBOOT \u2022 The Register
http://www.theregister.co.uk/2014/09/25/amazon_readies_global_glory_reboot/

Amazon forced to reboot EC2 to patch Xen bug - Storage - News - iTnews.com.au
http://www.itnews.com.au/News/396180,amazon-forced-to-reboot-ec2-to-patc...

Terror laws clear Senate, enabling entire Australian web to be monitored and whistleblowers to be jailed
http://www.smh.com.au/digital-life/consumer-security/terror-laws-clear-s...

Senate rejects attempt to limit ASIO's access to devices - Security - Telco/ISP - News - iTnews.com.au
http://www.itnews.com.au/News/396179,senate-rejects-attempt-to-limit-asi...

Charney on Trustworthy Computing: 'I Was the Architect of These Changes' | Threatpost | The first stop for security news
http://threatpost.com/charney-on-trustworthy-computing-i-was-the-archite...

Kevin Mitnick, Once the World's Most Wanted Hacker, Is Now Selling Zero-Day Exploits | WIRED
http://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/

Home Depot's former security architect had history of techno-sabotage | Ars Technica
http://arstechnica.com/security/2014/09/home-depots-former-security-arch...

Home Depot ignored security warnings for years, employees say | Ars Technica
http://arstechnica.com/security/2014/09/home-depot-ignored-security-warn...

MIT Students Battle State's Demand for Their Bitcoin Miner's Source Code | WIRED
http://www.wired.com/2014/09/mit-students-face-aggressive-subpoena-deman...

PayPal takes second cautious step towards Bitcoin - Finance - Security - News - iTnews.com.au
http://www.itnews.com.au/News/392418,paypal-takes-second-cautious-step-t...

Why the Heyday of Credit Card Fraud Is Almost Over | WIRED
http://www.wired.com/2014/09/emv/

Small Signs of Progress on DNSSEC | Threatpost | The first stop for security news
http://threatpost.com/small-signs-of-progress-on-dnssec/108536

Microsoft Online Services Bug Bounty Program Launches | Threatpost | The first stop for security news
http://threatpost.com/microsoft-starts-online-services-bug-bounty/108486

Blackphone Bug Bounty Program Launches on Bugcrowd | Threatpost | The first stop for security news
http://threatpost.com/blackphone-gets-bug-bounty-program-off-ground/108468

Productivity Trumping Security as BYOD Grows | Threatpost | The first stop for security news
http://threatpost.com/productivity-gains-trumping-security-as-byod-grows...

Researcher Discloses Wi-Fi Thermostat Vulnerabilities | Threatpost | The first stop for security news
http://threatpost.com/researcher-discloses-wi-fi-thermostat-vulnerabilit...

Kali NetHunter turns Android device into hacker Swiss Army knife | Ars Technica
http://arstechnica.com/information-technology/2014/09/kali-nethunter-tur...

The Mouse Trap: No Thing Left Behind
http://blog.securitymouse.com/2014/09/no-thing-left-behind.html

[Dailydave] Junk Hacking Must Stop!
https://lists.immunityinc.com/pipermail/dailydave/2014-September/000746....

Hacking Canon Pixma Printers - Doomed Encryption
http://www.contextis.com/resources/blog/hacking-canon-pixma-printers-doo...

Dawn LP/CD | HopeStreet Recordings
http://www.hopestreetrecordings.com/releases/dawn/

Risky Business #338 -- BASHPOCALYPSE 2014
0:00 / 0:00