Risky Business Podcast

January 11, 2017

Risky Business #438 -- Rich Mogull: Infosec as we know it is over

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show we’ll be speaking with industry analyst Rich Mogull about what he sees as tidal forces that are going to rip the information security industry as we know it apart – he has some compelling ideas on that, that’s this week’s feature.

We also check in with Mara Tam who spent today attending the Senate Select Committee on Intelligence in DC. It was a public hearing, but a few things shook out of it were pretty interesting.

This week’s show is brought to you by Canary.tools, makers of honeypot tech, or, if you’re a wanker, Deception Technology. I’m guessing I’ll capitulate eventually and start using that terminology, but not yet, dammit! Haroon joins us to look at how Geopolitics now looks like an IRC war from 1999! We also look at some industry trends, in particular, very smart people building very good tech.

Adam Boileau is back in the news hotseat to talk about all the stuff we missed over the last six weeks. From Trumpleaks (lol) to Wassenaar, hax and more.

Links to everything are in this week’s show notes.

Oh, and do add Patrick and Adam on Twitter if that’s your thing.

Risky Business #438 -- Rich Mogull: Infosec as we know it is over
0:00 / 0:00

Show notes

DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton — Krebs on Security

Intel report describes Putin-directed smear campaign to elect Trump | Ars Technica

It’s official: US election systems designated as critical | Ars Technica

Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units

Obama’s Russian Hacking Retaliation Is Biggest “Since the Cold War" | WIRED

ShadowBrokers Dump Came from Internal Code Repository, Insider | Threatpost | The first stop for security news

The Great Cyber Game: Commentary (3) – Medium

Shadow Brokers Now Selling Windows Exploits, Antivirus Bypass Tools

A Brief Interview with The Shadow Brokers, The Hackers Selling NSA Exploits | Motherboard

How hackers made life hell for a CIA boss and other top US officials | Ars Technica

What can you do with a billion Yahoo passwords? Lots of bad things | Ars Technica

Yahoo name change to Altaba, Marissa Meyer to resign from board after Verizon sale

Encryption App ‘Signal’ Fights Censorship With a Clever Workaround | WIRED

Anonymous’ Barrett Brown Is Free—and Ready to Pick New Fights | WIRED

Online databases dropping like flies, with >10k falling to ransomware groups | Ars Technica

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed — Krebs on Security

Freedom of Press Foundation Asks Canon, Nikon, and Other Camera Manufacturers to Sell Encrypted Cameras | WIRED

0-days hitting Fedora and Ubuntu open desktops to a world of hurt | Ars Technica

St. Jude Medical Patches Vulnerable Cardiac Devices | Threatpost | The first stop for security news

Hello Kitty Database of 3.3 Million Users Surfaces | Threatpost | The first stop for security news

FTC: D-Link Failed to Secure Routers, IP Cameras | Threatpost | The first stop for security news

Congressional Group Says Encryption Backdoors Are a Bad Idea | Threatpost | The first stop for security news

Wassenaar Renegotiation Will Be in Trump Administration's Hands | Threatpost | The first stop for security news

Panasonic, IOActive Clash on Vulnerability Report | Threatpost | The first stop for security news

Two New Edge Exploits Integrated into Sundown Exploit Kit | Threatpost | The first stop for security news

; DROP TABLE "COMPANIES";-- LTD - Overview (free company information from Companies House)

Securosis Blog

Canary — know when it matters