Risky Business #438 -- Rich Mogull: Infosec as we know it is over

PLUS: All the latest on the Manch-urine candidate...
11 Jan 2017 » Risky Business

On this week’s show we’ll be speaking with industry analyst Rich Mogull about what he sees as tidal forces that are going to rip the information security industry as we know it apart – he has some compelling ideas on that, that’s this week’s feature.

We also check in with Mara Tam who spent today attending the Senate Select Committee on Intelligence in DC. It was a public hearing, but a few things shook out of it were pretty interesting.

This week’s show is brought to you by Canary.tools, makers of honeypot tech, or, if you’re a wanker, Deception Technology. I’m guessing I’ll capitulate eventually and start using that terminology, but not yet, dammit! Haroon joins us to look at how Geopolitics now looks like an IRC war from 1999! We also look at some industry trends, in particular, very smart people building very good tech.

Adam Boileau is back in the news hotseat to talk about all the stuff we missed over the last six weeks. From Trumpleaks (lol) to Wassenaar, hax and more.

Links to everything are in this week’s show notes.

Oh, and do add Patrick and Adam on Twitter if that’s your thing.

Show notes

DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton — Krebs on Security
Intel report describes Putin-directed smear campaign to elect Trump | Ars Technica
It’s official: US election systems designated as critical | Ars Technica
Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units
Obama’s Russian Hacking Retaliation Is Biggest “Since the Cold War" | WIRED
ShadowBrokers Dump Came from Internal Code Repository, Insider | Threatpost | The first stop for security news
The Great Cyber Game: Commentary (3) – Medium
Shadow Brokers Now Selling Windows Exploits, Antivirus Bypass Tools
A Brief Interview with The Shadow Brokers, The Hackers Selling NSA Exploits | Motherboard
How hackers made life hell for a CIA boss and other top US officials | Ars Technica
What can you do with a billion Yahoo passwords? Lots of bad things | Ars Technica
Yahoo name change to Altaba, Marissa Meyer to resign from board after Verizon sale
Encryption App ‘Signal’ Fights Censorship With a Clever Workaround | WIRED
Anonymous’ Barrett Brown Is Free—and Ready to Pick New Fights | WIRED
Online databases dropping like flies, with >10k falling to ransomware groups | Ars Technica
Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed — Krebs on Security
Freedom of Press Foundation Asks Canon, Nikon, and Other Camera Manufacturers to Sell Encrypted Cameras | WIRED
0-days hitting Fedora and Ubuntu open desktops to a world of hurt | Ars Technica
St. Jude Medical Patches Vulnerable Cardiac Devices | Threatpost | The first stop for security news
Hello Kitty Database of 3.3 Million Users Surfaces | Threatpost | The first stop for security news
FTC: D-Link Failed to Secure Routers, IP Cameras | Threatpost | The first stop for security news
Congressional Group Says Encryption Backdoors Are a Bad Idea | Threatpost | The first stop for security news
Wassenaar Renegotiation Will Be in Trump Administration's Hands | Threatpost | The first stop for security news
Panasonic, IOActive Clash on Vulnerability Report | Threatpost | The first stop for security news
Two New Edge Exploits Integrated into Sundown Exploit Kit | Threatpost | The first stop for security news
; DROP TABLE "COMPANIES";-- LTD - Overview (free company information from Companies House)
Securosis Blog
Canary — know when it matters