Risky Business #348 -- Did DPRK pwn Sony? PLUS Dan Guido on DARPA's Cyber Grand Challenge

Truth can be stranger than fiction on those darned Internetz...
05 Dec 2014 » Risky Business

On this week's show Adam and I establish that it's actually quite possible the disaster unfolding at Sony Pictures is, in fact, a North Korean government plot. I know, I know, there are sceptics, but any way you slice or dice it, it actually looks plausible. Tune in to find out why.

In this week's feature interview we chat with Dan Guido, CEO of Trail of Bits, about his company's approach to DARPA's Cyber Grand Challenge. It's an initiative that will see automated attack and defence rigs do battle at DEF CON in Las Vegas in 2016. It's a fascinating idea that involves a lot of cutting edge research. Don't miss that interview.

In this week's sponsor interview Matt Alderman of Tenable joins us to talk about what tech is going to be hot in 2015. Will a clear definition of threat intelligence (besides herpa derp) emerge in 2015? What about the skills shortage? Will that put even more impetus behind the push to security automation?

Show notes

Sony Got Hacked Hard: What We Know and Don't Know So Far | WIRED
http://www.wired.com/2014/12/sony-hack-what-we-know/

Sony Pictures hack gets uglier; North Korea won't deny responsibility [Updated] | Ars Technica
http://arstechnica.com/security/2014/12/sony-pictures-hack-gets-uglier-n...

Inside the "wiper" malware that brought Sony Pictures to its knees [Update] | Ars Technica
http://arstechnica.com/security/2014/12/inside-the-wiper-malware-that-br...

Sony Pictures malware tied to Seoul, "Shamoon" cyber-attacks | Ars Technica
http://arstechnica.com/security/2014/12/sony-pictures-malware-tied-to-se...

Sony Breach May Have Exposed Employee Healthcare, Salary Data - Krebs on Security
http://krebsonsecurity.com/2014/12/sony-breach-may-have-exposed-employee...

An alleged 27GB Sony Pictures data dump. 65 PlayStation web servers. One baffling mystery \u2022 The Register
http://www.theregister.co.uk/2014/12/03/strange_things_afoot_with_great_...

Iranian CLEAVER hacks through airport security, Cisco boxen \u2022 The Register
http://www.theregister.co.uk/2014/12/03/operation_cleaver/

Critical networks in US, 15 other nations, completely owned, possibly by Iran | Ars Technica
http://arstechnica.com/security/2014/12/critical-networks-in-us-15-natio...

An Interview With Darkside, Russia's Favorite Dark Web Drug Lord | WIRED
http://www.wired.com/2014/12/interview-darkside-russias-favorite-dark-we...

GCHQ boffins quantum-busted its OWN crypto primitive \u2022 The Register
http://www.theregister.co.uk/2014/12/03/gchq_boffins_quantumbusted_own_c...

Sites certified as secure often more vulnerable to hacking, scientists find | Ars Technica
http://arstechnica.com/security/2014/12/sites-certified-as-secure-often-...

Google kills CAPTCHAs: Are we human or are we spammer? \u2022 The Register
http://www.theregister.co.uk/2014/12/03/google_moves_beyond_text_puzzles...

Hawking: RISE of the MACHINES could DESTROY HUMANITY \u2022 The Register
http://www.theregister.co.uk/2014/12/03/stephen_hawking_says_ai_will_sup...

Australian Government funds effort to secure wearable data pulses \u2022 The Register
http://www.theregister.co.uk/2014/12/02/govt_backs_security_probe_to_fee...

December 2014 Microsoft Patch Tuesday Advance Notification | Threatpost | The first stop for security news
http://threatpost.com/missing-exchange-patch-expected-among-december-pat...

Apple Pulls Back Safari Patches | Threatpost | The first stop for security news
http://threatpost.com/apple-pulls-latest-round-of-safari-patches/109712

Cyber Grand Challenge - Mike Walker on Vimeo
http://vimeo.com/81340884

DARPA | Cyber Grand Challenge
http://www.cybergrandchallenge.com/

National Tour - Augie March
http://www.augiemarch.com.au/national-tour/