Adam and I have just returned from Black Hat and DEF CON in Las Vegas, so in this week’s show we’re going to have a look at the infosec news we missed over last couple of weeks. We did plan to recap Black Hat in this podcast, but we’ve wound up a bit short on space so I’m busting that out into a separate podcast that I’ll publish on Monday. So this podcast will just be a discussion around news plus a sponsor interview.
The news we’re covering:
- Australia’s new surveillance/”anti-encryption” laws
- Intel SGX vulnerability research
- Taiwan Semiconductor WannaCry woes
- Details on CYBERCOM op against ISIS
- Reddit pwnage
- Bitcoin investor sues AT&T over $23m loss
- FIN7 arrests
- CIA’s loss of scores of China assets may have been hack-related
- Massive ATM cashout and SWIFT attack hits Indian bank
- Much, much more
Bugcrowd CTO Casey Ellis joins us in this week’s sponsor interview to talk about a few things – firstly, how some research presented at Black Hat by the team at Portswigger is a sign that serious research teams are using bounties to cash in on their serious security research. Then we’ll be talking about the Bugcrowd University initiative and a reboot of the disclose.io project.