This week's feature interview is with Troy Hunt of HaveIBeenPwned.com. And he's noticing something pretty weird. It's common for people to deface websites for bragging rights, and yeah, it's not new that data dumps are the new bragging fodder. But it seems like these days attackers are seeing Troy's site as the definitive place to get cred. Now they'll steal a bunch of data and Troy is their first stop.

In this week's feature interview we're chatting with Chris Rock from Kustodian. Chris did a great presentation at Ruxcon last week about how easy it is to hack people to death!

On this week's show we're checking in with Katie Moussouris of HackerOne. She's an ex Microsoftie who's spent something like a decade working on vulnerability disclosure policies. She even helped get a vuln disclosure ISO standard ratified!

******LANGUAGE WARNING: The f-bomb features, unbleeped, once in this week's show. Just a note for those of you with the kids in the car.

We've got a great show for you this week. Mark Dowd drops by to talk about the recent spate of Trojaned iOS apps that made it into Apple's China App Store. We also talk to him about his awesome AirDrop bug. How did it work?

On this week's show we take a look at what the hell it happening in Germany, where FireEye sought and obtained an ex parte injunction against a bunch of security researchers over a presentation they were about to do at 44Con. We speak with infosec lawyer Alex Urbelis -- he was at 44Con when all this came to light and he shares his insights.

On this week's show we're checking in with Charlie Miller. We chat car hacking and we also (kind of) find out what he's up to now he's working at Uber.

Hey everyone and welcome to Serious Business number 5! This is the podcast I do about non infosec related topics. It's less of a professional information security digest and more of an excuse for me to blab with my cohost, comedian Dan Ilic, about serious stuff every few weeks.

On this week's show we're chatting with hacker superstar and YouTube phenomenon Samy Kamkar. Samy is a security researcher of note -- his recent hardware hacks have been coming thick and fast. This week I spoke to him about his brush with the law following his unleashing of the Samy worm on MySpace a decade ago, some of his recent research and his plans for the future.

On this week's show we look at the fallout from the Ashley Madison attack. Did Brian Krebs just dox the Impact Team ringleader? Is he Australian?

In this week's podcast we check in with Troy Hunt from HaveIBeenPwned.com. Troy has done the responsible thing in adding the Ashley Madison dataset to his service -- you can only search for email addresses in the dump after you've verified that you control them. We'll talk to him about why he did that.

Hey to all you Patreon people!

First up, a big thanks to you for helping out the show. It's been really heartening to see so many of you value Risky Business enough to put your hands in your pockets and make a contribution.

The original idea behind the Patreon campaign was that if I hit the target I could take that money and throw it at an industrial unit here in Byron Bay and turn it into a proper studio. After 11.5 years working from home full time, I've been feeling a bit cooped up.

The plan was to buy one and use the Patreon contributions to help service the debt. I'd get an office to work in, and over time I'd be building some equity in some bricks and mortar which will come in handy if I'm lucky enough to get too old to work.

Well, we haven't hit the target (it was ambitious) and property prices have gone berserk here in Australia over the last 12 months. Also, commercial finance in this country is fraught. I wouldn't be able to get a loan for a commercial property anyway. (Not without a fully paid-off house as security.)

So I'm switching my plans up and it looks like the most realistic thing I can do is to eventually build a backyard office designed for sound production. (Carpeted walls, right shape etc.)

I've got enough room for something small in the backyard (Maybe 2.5m x 3m), and while I don't absolutely need it right now, I'm going to eventually.

So the plan that I had with the money raised via the Patreon campaign has changed. The unit idea is out, but the backyard studio is in. The thing is, I have no idea when I'll be able to do that. It's a hell of a thing to organise and I'm pretty busy renovating my house at the moment. And there's still the possibility that I'll just say "You know what? I like that patch of lawn just the way it is". I doubt it, but it's a consideration.

Patreon pledges are up to about $1100 a month from around 200 patrons, so an average of about $5 a month each, which works out to $1.35 per patron per podcast. I could pay down a small garden studio in a few years at this rate, purely with listener contributions. That's pretty awesome.

But again, I'm not sure when I'll pull the trigger on that.

So that's my mini rant in the interests of transparency. I don't want to wind up like Bronwyn Bishop in some sort of misappropriation scandal, so I'm letting you all know that the original idea isn't going to happen. I'm pretty sure most of you are happy to just support the podcast and you don't really care where the money goes, but it's important to be open I think. If you don't want to support the show in this way anymore I respect it, but it's helping and I appreciate it.

Many thanks to all of you,

Pat

On this week's show we're chatting with Mark Dowd and Brian Krebs about Oracle CSO Mary Ann Davidson's somewhat odd blog post from earlier this week. In the post she laid into security researchers for violating Oracle's EULA when reverse engineering their products. The post got pulled, much drama, we sift through the ashes of that. Plus we chat to Brian about the daring $46.7m online heist against Ubiquiti Networks.

On this week's show we discuss the BIS decision to ditch its car-a-zay plans for Wassenaar regulation, the latest car hacking news and more.

This week we're checking in with Josh Drake of Zimperium. With exploitation of Stagefright via Josh's sweet, sweet exploit you'd think the mother of all worms is coming. Well, probably not. Later versions of Android are tricky to exploit, and the diversity of hardware in earlier versions means coming up with one exploit to rule them all isn't really feasible. We'll drill down into that with Josh in a little while.

This is the podcast I do for shiggles with Australian comedian, radio and TV personality Dan Ilic.

In this week's feature interview we're chatting with Dave Jorm, our resident North Korea watcher. Some of you might remember Dave, he was on the show a couple of years ago talking about his OSINT satellite data analysis of North Korea and more recently he popped by to talk about software defined networking security.

On this week's show we'll be checking in with Richard Forno on the fallout from the OPM breach. Richard has been kicking around in DC infosec circles for a long time now and he let's us know what the mood is like inside the beltway.

Obviously the Hacking Team breach is the big story of the week and we'll be jumping right into that.

This week's feature interview is a bit left of field With all the talk about plane hacking flying around over the last couple of months (zing) I thought it might be an idea to talk to an actual airliner pilot. So this week we're joined by an Australian Airbus pilot. He works for an Asian airline but he was in Australia recently and I caught up with him to ask him for his thoughts on the topic.