This episode sponsored by NetSparker.On this week’s show we’re going to take a look at the ICO bubble. We’ll hear some excerpts from a chat I had with Coinjar CEO Asher Tan and then Adam and I are going to talk about what the hell is happening with all this crypto madness. We also take a look at the scuttling of the Kenyan election over hacking fears, the latest drama with Kaspersky being caught in the middle of geopolitical intrigue, the FSB’s unconventional BBQ in San Francisco and more.
This week’s show is brought to you by Netsparker.
Netsparker makes an automated webapp testing tool, you can kinda dial up the level of automation you want. They have a few nice tricks in their suite, too, like auto proof of concept exploitation of some bug classes so you can actually prove people need to fix stuff while you drink coffee, that’s nice.
In this week’s sponsor interview we’re speaking with Ferruh Mavituna, the founder and CEO of Netsparker, about automated testing at scale. It’s a sponsor interview, but it’s also a pretty generic chat about how you tackle that problem. Basically he says when you’re doing this scanning at scale you really can start with the bad, dumb stuff, because if you’re in an enterprise of any sort of size at all your automated testing is going to spit out a horror-show list.
Links to everything are below.
Oh, and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Who Is Marcus Hutchins? — Krebs on Security
- Solaris update plan is real, but future looks cloudy by design • The Register
- Bye Bye Solaris, it seems. | Hackaday
- Kenya's Supreme Court declares presidential election result null
- Kenyan Elections and Alleged Hacking: A Look at the available evidence | CIPIT Blog
- The Russian Company That Is a Danger to Our Security - The New York Times
- Chinese Agency Linked to Cyber-Espionage Operations Will Review Source Code of Foreign Firms
- Russia's San Francisco consulate is mysteriously burning stuff before it is shut down — Quartz
- Man Who Refused to Decrypt Hard Drives Still in Prison After Two Years
- Four Million Time Warner Cable Records Left on Misconfigured AWS S3 | Threatpost | The first stop for security news
- Military Contractor's Vendor Leaks Resumes in Misconfigured AWS S3 | Threatpost | The first stop for security news
- Mastercard Internet Gateway Service: Hashing Design Flaw – Tinyhack.com
- Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims
- Vulnerabilities Discovered in Mobile Bootloaders of Major Vendors
- Banking Trojan Now Targets Coinbase Users, Not Just Banking Portals
- Chinese Man Sentenced to Nine Months in Prison for Selling VPN Software
- Bitcoin falls as China bans initial coin offerings | Ars Technica
- ICO Bubble? Startups Are Raising Hundreds of Millions of Dollars Via Initial Coin Offerings | Inc.com
- Coinschedule - Cryptocurrency ICO Statistics
- SEC's ICO Ruling: What It Means for Investors and Blockchain | Fortune.com
- The Paris Coin Got it Right | txsrb
- Ethereum ICO: people invested thousands of dollars in "Useless Ethereum Token" (UET) — Quartz
- Digital assets in Ethereum blockchain
- Scaling-Up & Automating Web Application Security (Infosecurity Europe 2017 Tech Talk) - YouTube
