Risky Business Podcast
October 30, 2014
Risky Business #343 -- Special news guest HD Moore
Presented by
CEO and Publisher
Technology Editor
This week's show is brought to you by the fine folks at BugCrowd, big thanks to them. BugCrowd CEO Casey Ellis will be along in this week's sponsor interview to talk about what's shakin' in the bounty world. And you know what? There are some interesting engagement models emerging out of the whole paid bounty scene, he's going to talk about that. We also find out that, according to Casey, bug bounty programs will get you a PCI compliance tick from an auditor, which isn't something I knew!
Show notes
Verizon's 'Perma-Cookie' Is a Privacy-Killing Machine | WIRED
http://www.wired.com/2014/10/verizons-perma-cookie/
Facebook, Google, and the Rise of Open Source Security Software | WIRED
http://www.wired.com/2014/10/facebook-builder-osquery/
GCHQ views data without a warrant, government admits | UK news | The Guardian
http://www.theguardian.com/uk-news/2014/oct/29/gchq-nsa-data-surveillance
Feds identify suspected 'second leaker' for Snowden reporters - Yahoo News
http://news.yahoo.com/feds-identify-suspected--second-leaker--for-snowde...
NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales | WIRED
http://www.wired.com/2014/10/schumer-crackdown-on-dark-web-drug-sales/
Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely | WIRED
http://www.wired.com/2014/10/anonymity-routers/
White House unclassified network hacked, apparently by Russians | Ars Technica
http://arstechnica.com/tech-policy/2014/10/white-house-unclassified-netw...
Research links massive cyber spying ring to Russia | Ars Technica
http://arstechnica.com/security/2014/10/research-links-massive-cyber-spy...
Researchers identify sophisticated Chinese cyberespionage group - The Washington Post
http://www.washingtonpost.com/world/national-security/researchers-identi...
Moscow, Beijing poised to sign deal on joint cyber security ops \u2022 The Register
http://www.theregister.co.uk/2014/10/24/moscow_beijing_poised_to_sign_de...
'Replay' Attacks Spoof Chip Card Charges - Krebs on Security
http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/
Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data | WIRED
http://www.wired.com/2014/10/hackers-using-gmail-drafts-update-malware-s...
FBI created fake Seattle Times Web page to nab bomb-threat suspect | Local News | The Seattle Times
http://seattletimes.com/html/localnews/2024888170_fbinewspaper1xml.html
Intel bods to detail RSA birko crypto man-in-the-middle diddle \u2022 The Register
http://www.theregister.co.uk/2014/10/28/intel_bods_to_detail_rsa_crypto_...
Shellshock over SMTP attacks mean you can now ignore your email \u2022 The Register
http://www.theregister.co.uk/2014/10/28/shellshocked_via_email_smtp_atta...
MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution - CXSecurity.com
http://cxsecurity.com/issue/WLB-2014100174
Spiderbait - Run - YouTube
https://www.youtube.com/watch?v=H7ociMW-_hs