Risky Business #59 -- Blackhat CSRF and the alarmist media

Previously on Risky Business...
22 Apr 2008 » Risky Business

This week's show is brought to you by Tenable Network Security and hosted, as always, by Vigabyte virtual hosting.

On this week's show Risky Business guest Jeremiah Grossman -- Whitehat Security founder and blogger -- discusses Cross Site Request Forgery attacks with host Patrick Gray. CSRF attacks are no longer a lab attack folks, they're in the wild. Jeremiah shares his insights with us.

Infosec fixture Ron Gula, the co-founder and CTO of Tenable Network Security, pops by in this week's sponsor interview to discuss his company's moves into the SIEM market and recap the company's move to take Nessus closed source. It's been a few years since that happened -- how did it all end up?

In this week's news segment, Patrick Gray rants about the Australian media's God-awful reporting of sensible comments made by Attorney-General Robert McClelland. The sensationalist tabloid bug is evidently contagious, because it's been sweeping the Aussie media over the last week.

On this week's podcast:

  • Patrick Gray discusses the week's news and beatups with Munir Kotadia
  • Jeremiah Grossman talks CSRF
  • Ron Gula of Tenable Network Security pops in for this week's sponsor interview