Risky Business #343 -- Special news guest HD Moore

PLUS: Did you know bug bounties are considered adequate testing in PCI audits?
30 Oct 2014 » Risky Business

This week's show is brought to you by the fine folks at BugCrowd, big thanks to them. BugCrowd CEO Casey Ellis will be along in this week's sponsor interview to talk about what's shakin' in the bounty world. And you know what? There are some interesting engagement models emerging out of the whole paid bounty scene, he's going to talk about that. We also find out that, according to Casey, bug bounty programs will get you a PCI compliance tick from an auditor, which isn't something I knew!

Show notes

Verizon's 'Perma-Cookie' Is a Privacy-Killing Machine | WIRED
http://www.wired.com/2014/10/verizons-perma-cookie/

Facebook, Google, and the Rise of Open Source Security Software | WIRED
http://www.wired.com/2014/10/facebook-builder-osquery/

GCHQ views data without a warrant, government admits | UK news | The Guardian
http://www.theguardian.com/uk-news/2014/oct/29/gchq-nsa-data-surveillance

Feds identify suspected 'second leaker' for Snowden reporters - Yahoo News
http://news.yahoo.com/feds-identify-suspected--second-leaker--for-snowde...

NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales | WIRED
http://www.wired.com/2014/10/schumer-crackdown-on-dark-web-drug-sales/

Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely | WIRED
http://www.wired.com/2014/10/anonymity-routers/

White House unclassified network hacked, apparently by Russians | Ars Technica
http://arstechnica.com/tech-policy/2014/10/white-house-unclassified-netw...

Research links massive cyber spying ring to Russia | Ars Technica
http://arstechnica.com/security/2014/10/research-links-massive-cyber-spy...

Researchers identify sophisticated Chinese cyberespionage group - The Washington Post
http://www.washingtonpost.com/world/national-security/researchers-identi...

Moscow, Beijing poised to sign deal on joint cyber security ops \u2022 The Register
http://www.theregister.co.uk/2014/10/24/moscow_beijing_poised_to_sign_de...

'Replay' Attacks Spoof Chip Card Charges - Krebs on Security
http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data | WIRED
http://www.wired.com/2014/10/hackers-using-gmail-drafts-update-malware-s...

FBI created fake Seattle Times Web page to nab bomb-threat suspect | Local News | The Seattle Times
http://seattletimes.com/html/localnews/2024888170_fbinewspaper1xml.html

Intel bods to detail RSA birko crypto man-in-the-middle diddle \u2022 The Register
http://www.theregister.co.uk/2014/10/28/intel_bods_to_detail_rsa_crypto_...

Shellshock over SMTP attacks mean you can now ignore your email \u2022 The Register
http://www.theregister.co.uk/2014/10/28/shellshocked_via_email_smtp_atta...

MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution - CXSecurity.com
http://cxsecurity.com/issue/WLB-2014100174

Spiderbait - Run - YouTube
https://www.youtube.com/watch?v=H7ociMW-_hs

SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: