Risky Business #347 -- So what does Detekt... detect?

PLUS: Sony gets popped, again, Regin and more...
28 Nov 2014 » Risky Business

There's lots of fun news in this week's show. Sony Pictures got absolutely flattened, Regin is all the rage and the SEA has been enjoying some success.

In this week's feature interview we're chatting with Claudio Guarnieri about his tool Detekt. It copped an absolute tonne of criticism on Twitter over the last week or so, but as you'll hear, most of the critics were kind of missing the point about what Claudio was trying to achieve. I know, I know, the idea that someone on Twitter might have been wrong is crazy, but just listen to the interview and see what you think. Claudio joins us via Skype from Berlin for a chat about Detekt!

This week's show is brought to you by Websense, big thanks to them. Websense principal security researcher Carl Leonard will join us from London to do something very, very brave. He's going to make some predictions for what we could see in the malware space in 2015. Brave is the soul who makes predictions in this discipline. That's this week's sponsor interview, with thanks again to Websense!

Show notes

Sony Pictures hackers release list of stolen corporate files | Ars Technica
http://arstechnica.com/security/2014/11/sony-pictures-hackers-release-li...

'Hacked by #GOP': staff at Sony Pictures resort to paper and pen after hack shuts computer system
http://www.watoday.com.au/it-pro/security-it/hacked-by-gop-staff-at-sony...

I used to work for Sony Pictures. My friend still works there and sent me this. It's on every computer all over Sony Pictures nationwide. : hacking
https://www.reddit.com/r/hacking/comments/2n9zhv/i_used_to_work_for_sony...

Syrian Electronic Army claims hack of news sites, including CBC - Technology & Science - CBC News
http://www.cbc.ca/news/technology/syrian-electronic-army-claims-hack-of-...

Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer | WIRED
http://www.wired.com/2014/11/mysteries-of-the-malware-regin/

Regin Cyberespionage Malware Platform Targets GSM Networks | Threatpost | The first stop for security news
http://threatpost.com/regin-cyberespionage-platform-also-spies-on-gsm-ne...

Oops: After Threatening Hacker With 440 Years, Prosecutors Settle for a Misdemeanor | WIRED
http://www.wired.com/2014/11/from-440-years-to-misdemeanor/

Freya Newman escapes conviction for leaking Frances Abbott scholarship details
http://www.smh.com.au/nsw/freya-newman-escapes-conviction-for-leaking-fr...

Laughing Hacker Who Hit Sony, FBI Now Seeks Legal Lols - Businessweek
http://www.businessweek.com/news/2014-11-26/lulzsec-hacker-out-of-jail-w...

Icelandic hacker says guilty of stealing money from Wikileaks | Reuters
http://www.reuters.com/article/2014/11/26/iceland-wikileaks-idUSL6N0TG4U...

Apple, Google encryption 'not helping' criminal investigation: AFP | ZDNet
http://www.zdnet.com/au/apple-google-encryption-not-helping-criminal-inv...

ATO bitcoin treatment could see business move offshore | ZDNet
http://www.zdnet.com/ato-bitcoin-treatment-could-see-business-move-offsh...

Home Depot Breach Cost Company $43 Million in Third Quarter | Threatpost | The first stop for security news
http://threatpost.com/home-depot-breach-cost-company-43-million-in-third...

Home Depot hit with "at least 44 civil lawsuits" due to data breach | Ars Technica
http://arstechnica.com/tech-policy/2014/11/home-depot-hit-with-at-least-...

Craigslist Back Online Following DNS Hijack | Threatpost | The first stop for security news
http://threatpost.com/craigslist-back-online-following-dns-hijack/109559

New Google Security Dashboard Manages Device Activity | Threatpost | The first stop for security news
http://threatpost.com/new-google-security-dashboard-manages-device-activ...

Using a password manager on Android? It may be wide open to sniffing attacks | Ars Technica
http://arstechnica.com/security/2014/11/using-a-password-manager-on-andr...

Skimmer Innovation: 'Wiretapping' ATMs - Krebs on Security
http://krebsonsecurity.com/2014/11/skimmer-innovation-wiretapping-atms/

Siemens issues emergency SCADA patch \u2022 The Register
http://www.theregister.co.uk/2014/11/27/siemens_issues_emergency_scada_p...

Siemens Patches WinCC Vulnerabilities Likely Being Exploited | Threatpost | The first stop for security news
http://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being...

Four-year-old comment security bug affects 86 percent of WordPress sites | Ars Technica
http://arstechnica.com/security/2014/11/four-year-old-comment-security-b...

Adobe Releases Emergency Flash Player Patch | Threatpost | The first stop for security news
http://threatpost.com/adobe-releases-emergency-flash-player-patch/109623

Adobe Reader sandbox popped says Google researcher \u2022 The Register
http://www.theregister.co.uk/2014/11/27/adobe_reader_sandbox_popped/

Privacy bods Detekt FinFisher dressed as bookmark manager \u2022 The Register
http://www.theregister.co.uk/2014/11/26/privacy_bods_detekt_finisher_dre...

Resist Surveillance
https://resistsurveillance.org/intentions.html

Augie March - A Dog Starved (official video) - YouTube
https://www.youtube.com/watch?v=DCE0zKxgyKI

SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: