On this week’s show we’ll be chatting with two of the organisers of an event that was held here in Australia – PlatyPus con. As you’ll hear, it wasn’t really a typical security con – attendees had to bring laptops and had to participate. The whole thing was centred around workshops. Everyone I know who went said it was brilliant, and I personally think this is an idea that is going to catch on outside of Australia. We’ll be speaking with Snail and Lin_s about that one in this week’s feature interview.
This week’s show is brought to you by Veracode, big thanks to them. In this week’s sponsor interview we’ll be chatting with Veracode’s senior product innovation manager Colin Domony about a couple of things. Veracode did a pretty interesting survey recently that really shows that developers are, in fact, finally, becoming security aware in a big way. Not only that, but Veracode has made some pretty significant changes to its products to reflect this switch. Static analysis software security tools are becoming something the developers themselves use, they’re not just for the security teams these days. So we’ll talk about the rationale behind Veracode’s recent release of a scanner that plugs into IDEs: Veracode Greenlight.
Adam Boileau joins us, as always, to talk about the week’s security news.
Oh, and do add Patrick, Jake or Adam on Twitter if that’s your thing.
Show notes
- The Alleged NSA Thief Stole Information Impacting At Least Five US Agencies - Motherboard
- CrowdStrike Initiates Legal Action Against NSS Labs For Misappropriation of Intellectual Property and Engaging in a Sham Transaction to Illegally Obtain Access To Our Falcon Software
- CrowdStrike attempts to sue NSS Labs to prevent test release, court denies request | CSO Online
- Explain! yourself! US! senators! yell! at! Yahoo! • The Register
- Senators Question Yahoo’s Candor on Data Breach - WSJ
- How to not do presidential opsec: Crisis management over dinner in public | Ars Technica
- The Cybersecurity Executive Orders: A Tale of Two Trumps |
- Amnesty International uncovers phishing campaign against human rights activists | Ars Technica
- A rash of invisible, fileless malware is infecting banks around the globe | Ars Technica
- Nation States Distancing Themselves from APTs | Threatpost | The first stop for security news
- A New Type of Malware Can Lock Power Plant Computers For Ransom - Motherboard
- Mac malware is still crude, but it’s slowly catching up to its Windows rivals | Ars Technica
- New Mac malware pinned on same Russian group blamed for election hacks | Ars Technica
- Virally growing attacks on unpatched WordPress sites affect ~2m pages | Ars Technica
- Hacking Team Hacker Phineas Fisher Is Taking a Break Because of Stress - Motherboard
- Now sites can fingerprint you online even when you use multiple browsers | Ars Technica
- BeyondCorp For The Rest Of Us | Duo Security
- Leave Spicer alone! (Or, why DNS registration is horrible) | Ars Technica
- New Tool Takes Mere Minutes to Create Dark Web Version of Any Site - Motherboard
- Sophos to assimilate Invincea's intelligent machine tech to fight malware • The Register
- How to Get Past Customs Without Giving Up Your Digital Privacy | WIRED
- Uber Debuts SSH Key Authentication Module | Threatpost | The first stop for security news
- Newly discovered flaw undermines HTTPS connections for almost 1,000 sites | Ars Technica
- Greenlight - IDE-Based Security Unit Testing | Veracode
