Risky Business #381 -- Samy Kamkar on his outlaw days

Hard to imagine this dude as a wildman of the Internet, but there you go...
03 Sep 2015 » Risky Business

On this week's show we're chatting with hacker superstar and YouTube phenomenon Samy Kamkar. Samy is a security researcher of note -- his recent hardware hacks have been coming thick and fast. This week I spoke to him about his brush with the law following his unleashing of the Samy worm on MySpace a decade ago, some of his recent research and his plans for the future.

This week's show is brought to you by Tenable Network Security! Big thanks to Tenable for its support of the Risky Business podcast, we sure do appreciate it. So in this week's sponsor interview we're speaking with Tenable's very own Cris Thomas, a.k.a. Space Rogue. He was one of the early l0pht crew and this week we get his thoughts of the encroachment of security into pop culture and mainstream media. Between the Ashley Madison data breach's media impact and the fantastic USA Network television program Mr. Robot, is the security community finally getting the love its been craving all this time?

Adam Boileau, as always, joins the show for a look at the week's news headlines.

Don't forget you can now support the Risky Business page via our Patreon campaign.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

12 Must-Follow Feeds in the World of Security | WIRED
http://www.wired.com/2015/09/12-must-follow-feeds-world-security/

Prepare to be Thunderstruck: What if 'deuszu' ISN'T the Ashley Madison hacker? \u2022 The Register
http://www.theregister.co.uk/2015/09/01/prepare_to_be_thunderstruck_what...

What us worry? Ashley Madison says it added over 100K users last week | Ars Technica
http://arstechnica.com/security/2015/08/what-us-worry-ashley-madison-say...

Ecuador Considered Smuggling Julian Assange to Freedom in a Bag | WIRED
http://www.wired.com/2015/09/ecuador-considered-smuggling-julian-assange...

Uber Hires the Hackers Who Wirelessly Hijacked a Jeep | WIRED
http://www.wired.com/2015/08/uber-hires-hackers-wirelessly-hijacked-jeep/

Malware infecting jailbroken iPhones stole 225,000 Apple account logins | Ars Technica
http://arstechnica.com/security/2015/08/malware-infecting-jailbroken-iph...

China and Russia cross-referencing OPM data, other hacks to out US spies | Ars Technica
http://arstechnica.com/security/2015/08/china-and-russia-cross-referenci...

Lizard Squad launches DDoS against UK law enforcement agency | Ars Technica
http://arstechnica.com/security/2015/09/lizard-squad-launches-ddos-again...

Six Nabbed for Using LizardSquad Attack Tool - Krebs on Security
http://krebsonsecurity.com/2015/08/six-nabbed-for-using-lizardsquad-atta...

Spooks, plod and security industry join to chase bank hacker \u2022 The Register
http://www.theregister.co.uk/2015/08/28/irate_security_posse_intel_spook...

BitTorrent patched against flaw that allowed crippling DoS attacks | Ars Technica
http://arstechnica.com/security/2015/08/bittorrent-patched-against-flaw-...

Former security intern admits developing super-stealthy Android spyware | Ars Technica
http://arstechnica.com/security/2015/08/former-security-intern-admits-de...

Android ransomware uses XMPP chat to call home, claims it's from NSA | Ars Technica
http://arstechnica.com/security/2015/09/android-ransomware-uses-xmpp-cha...

OPM (Mis)Spends $133M on Credit Monitoring - Krebs on Security
http://krebsonsecurity.com/2015/09/opm-misspends-133m-on-credit-monitoring/

White House eyes sanctions for China over cyber-theft of trade secrets | Ars Technica
http://arstechnica.com/tech-policy/2015/08/white-house-eyes-sanctions-fo...

Lawyer: Turkey Arrested Journalists to Deter Foreign Media - ABC News
http://abcnews.go.com/International/wireStory/lawyer-turkey-arrested-jou...

Jihadist Fan Club CryptoCrap - Hacker OPSEC
http://grugq.github.io/blog/2014/08/09/jihadist-fan-crypto/

FBI: $1.2B Lost to Business Email Scams - Krebs on Security
http://krebsonsecurity.com/2015/08/fbi-1-2b-lost-to-business-email-scams/

How a bug in Visual Studio 2015 exposed my source code on GitHub and cost me $6,500 in a few hours
https://www.humankode.com/security/how-a-bug-in-visual-studio-2015-expos...

Associated Press sues FBI for impersonating its site to install spyware \u2022 The Register
http://www.theregister.co.uk/2015/08/28/associated_press_sues_fbi_for_im...

Netflix Sleepy Puppy Cross-Site Scripting Payload Framework | Threatpost | The first stop for security news
https://threatpost.com/netflix-sleepy-puppy-awakens-xss-vulnerabilities-...

xss-filters
https://www.npmjs.com/package/xss-filters

secure-handlebars
https://www.npmjs.com/package/secure-handlebars

Sneaky adware caught accessing users' Mac Keychain without permission | Ars Technica
http://arstechnica.com/security/2015/09/sneaky-adware-caught-accessing-u...

Attacks accessing Mac keychain without permission date back to 2011 | Ars Technica
http://arstechnica.com/security/2015/09/attacks-accessing-mac-keychain-w...

Google Chrome 45 Security Patches, Bug Bounty Awards | Threatpost | The first stop for security news
https://threatpost.com/google-patches-critical-vulnerabilities-in-chrome...

Cyber Security Challenge Australia
https://www.cyberchallenge.com.au/

Combo Breaker - motorized combo lock cracking device - YouTube
https://www.youtube.com/watch?v=YcpSvHpbHQ4

Home by waxheadmusic | Free Listening on SoundCloud
https://soundcloud.com/waxheadmusic/home

InControl Remote Mobile App | Land Rover USA
http://www.landroverusa.com/ownership/incontrol/index.html