On this week’s show we chat with Atlassian’s head of security, Daniel Grzelak, all about some AWS security tools he’s come up with. He also previews a new tool for generating AWS access key honeytokens at scale, which is really neat.
This week’s show is brought to you by Veracode!
Veracode’s director of developer engagement, Peter Chestna, will be along in this week’s sponsor interview to have a yarn about some common misunderstandings between security people and developers. We look at misunderstandings both ways.
Adam Boileau is this week’s news guest. We talk about all the latest dark markets drama, plus the Great Nuclear Hax Freakout of 2017.
See links to show notes below, and follow Patrick or Adam on Twitter if that’s your thing!
Show notes
- Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say - The New York Times
- FBI-DHS “amber” alert warns energy industry of attacks on nuke plant operators | Ars Technica
- As World's Largest Dark Web Market Vanishes, Dodgy Links Promise a Way Back In - Motherboard
- AlphaBay: Drug Site Remains Shut as Fears of Exit Scam Grow | Fortune.com
- South Korean Cryptocurrency Exchange Bithumb to Compensate Users Following the Hacking
- Dark Web Hosting Service Hacked, Some Data Was Stolen
- Head of Mt Gox bitcoin exchange on trial for embezzlement and loss of millions | Technology | The Guardian
- Owners of "VirusTotal-for-Crooks" Service Arrested
- iPhone Bugs Are Too Valuable to Report to Apple - Motherboard
- Kaspersky under scrutiny after Bloomberg story claims close links to FSB | Ars Technica
- Russian Cybersecurity CEO Offers Source Code for U.S. Inspection | Fortune.com
- Russians now need a passport to watch Pornhub – VICE News
- International Investigatory Group Also Target of Government Spyware | Threatpost | The first stop for security news
- Sabre Consumer Website - Home
- Hackers stole credit card info from Trump hotel guests for months | TheHill
- Let's Encrypt to Offer Wildcard Certificates in 2018 | Threatpost | The first stop for security news
- Decryption Key to Original Petya Ransomware Released | Threatpost | The first stop for security news
- Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak | Ars Technica
- Hackers Linked to NotPetya Ransomware Decrypted a File for Us - Motherboard
- Broadpwn Bug Affects Millions of Android and iOS Devices
- OpenBSD Will Get Unique Kernels on Each Reboot. Do You Hear That Linux, Windows?
- Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks | Threatpost | The first stop for security news
- The Time I Got Recruited to Collude with the Russians - Lawfare
- 2016-07-08 Security Notice
- GitHub - dagrz/aws_pwn: A collection of AWS penetration testing junk
- Application Security | Veracode