Risky Business #379 -- Ashley Madison dump, Troy Hunt and The Grugq

This week's show features surprise guest: Cold and flu!
20 Aug 2015 » Risky Business

In this week's podcast we check in with Troy Hunt from HaveIBeenPwned.com. Troy has done the responsible thing in adding the Ashley Madison dataset to his service -- you can only search for email addresses in the dump after you've verified that you control them. We'll talk to him about why he did that.

This week's show is brought to you by FireEye and FireEye senior systems engineer Ben Wilson stops by to have a chat about some neat tricks attackers and malware authors are getting up to with various scripts on Windows. WMI for persistence is a thing now, for example. It's a really interesting chat that one and it's coming up a bit later.

The Grugq is in the news chair this week, filling in for Adam Boileau.

Don't forget you can now support the Risky Business page via our Patreon campaign.

Oh, and do add Patrick and The Grugq on Twitter if that's your thing.

Show notes

Was the Ashley Madison Database Leaked? - Krebs on Security

Ashley Madison hack is not only real, it's worse than we thought | Ars Technica

Microsoft issues emergency patch for critical IE bug under active exploit | Ars Technica

Exclusive: Russian antivirus firm faked malware to harm rivals - Ex-employees | Reuters

Crackdowns Haven't Stopped the Dark Web's $100M Yearly Drug Sales | WIRED

What We Know About the NSA and AT&T's Spying Pact | WIRED

Busting the Biggest Myth of CISA---That the Program Is Voluntary | WIRED

Virginia Finally Drops America's 'Worst Voting Machines' | WIRED

How Not to Start an Encryption Company - Krebs on Security

How BitTorrent could let lone DDoS attackers bring down big sites | Ars Technica

RPC Portmapper Reflective DDoS Attacks | Threatpost | The first stop for security news

Android security on the ropes with one-two punch from researchers | Ars Technica

Your BMW or Benz Could Also Be Vulnerable to That GM OnStar Hack | WIRED

My browser visited Weather.com and all I got was this lousy malware (Updated) | Ars Technica

Luca Todesco OS X Zero Day Vulnerabilities | Threatpost | The first stop for security news

Bugged, Tracked, Hacked | 60 Minutes | 9Jumpin

Troy Hunt: Here's how I'm going to handle the Ashley Madison data

fireeye/flare-wmi \xb7 GitHub