Risky Business Podcast
April 05, 2017
Risky Business #450 -- From Mirai to mushroom clouds in five easy steps
Presented by
CEO and Publisher
Technology Editor
This week’s show is a fun one! We’ll be chatting with Josh Corman, the Atlantic Council’s Director of Cyber Statecraft. We’ll be speaking with him about an exercise he did recently with a whole bunch of students. Basically the whole thing was a simulation where students walked through various scenarios and had to respond. Unfortunately, Josh discovered that most students had a predisposition to escalating things unnecessarily. From Mirai to mushroom clouds, that’s this week’s feature interview.
This week’s sponsor interview is also an absolute corker. Rapid7 is this week’s sponsor. In addition to making enterprise security software and running a pentest practice, Rapid7 also spends a considerable amount of time and money on developing Metasploit.
Rapid7 research director Tod Beardsley and director of transportation security Craig Smith join the show this week to talk about some recent changes to Metasploit that I’m amazed haven’t made a bigger splash. You can now run Metasploit against a CAN bus and they’ve built an RF module as well. That is absolutely awesome stuff, coming up in this week’s sponsor interview, with special thanks to Rapid7!
Adam Boileau, as always, joins us to talk about the week’s security news.
Links to items discussed in this week’s show have moved – they’re now included in this post, below.
Oh, and do add Patrick, or Adam on Twitter if that’s your thing.
Brought to you by Rapid7
Command Your Attack Surface
Show notes
Wikileaks releases code that could unmask CIA hacking operations | Ars Technica
Smart TV hack embeds attack code into broadcast signal—no access required | Ars Technica
Project Zero: Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)
Here's How Not to Get Doxed Like FBI Director James Comey - Motherboard
Reinhold Niebuhr on Twitter: "https://t.co/L5ehuMFGat https://t.co/x53gCG7Nvc"
Verizon Rebuts Critics of Data-Collecting App | Threatpost | The first stop for security news
Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear | WIRED
Russian Hackers Have Used the Same Backdoor for Two Decades | WIRED
Pegasus for Android: the other side of the story emerges | Lookout Blog
Someone is putting lots of work into hacking Github developers | Ars Technica
FBI Arrests Hacker Who Hacked No One - The Daily Beast
Hackers Hit Islamic State Site, Use It to Spread Malware - Motherboard
UK Cops Arrest Man Potentially Linked to Apple Extortion - Motherboard
An Unprecedented Heist Hijacked a Brazilian Bank’s Entire Online Operation | WIRED
Samsung's Android Replacement Is a Hacker's Dream - Motherboard
McAfee is once again an independent company - CSO | The Resource for Data Security Executives
Fake SEO Plugin Used In WordPress Malware Attacks | Threatpost | The first stop for security news
Exiting the Matrix: Introducing Metasploit's Ha... | Rapid7 Community and Blog
Metasploit's RF Transceiver Capabilities | Rapid7 Community and Blog