This week's feature interview is with Alex Stamos, CISO of Yahoo. Alex did a fantastic AppSec keynote in early February that I wanted to ask him about, so we booked this interview a couple of weeks ago.
On this week's show we're speaking with Philippe Langlois. You may remember him as the founder of Qualys in the 90s, but these days he's the CEO and founder of P1 Security, a telecommunications security firm. He'll be joining us to discuss the NSA and GCHQ operation against SIM card manufacturer Gemalto.
On this week's show we're chatting with Assured Information Security senior research engineer Jacob Torrey about some work he's due to present at SysCAN and Infiltrate. It's called HARES, and it's basically a pretty impressive party trick that makes reverse engineering malware payloads a lot harder.
This week's feature interview is with Andy Greenberg, senior writer with WIRED. He's covered Silk Road from the get go, even scoring an in depth interview with DPR before he was caught and unmasked as Ross Ulbricht. He attended every day of Ulbricht's trial and says he was there every minute the jury was.
Despite Australian Attorney General George Brandis's stellar explanation, some people are still a tad confused about what proposed law changes mean. Funny, that.
In this week's feature we're chatting with Dave Aitel of Immunity Inc. We chat to him about the Sony hack being a demonstration of North Korean capability as opposed to genuine revenge... we also talk about security conferences in 2015 and chat to him about his rage-inspiring musings on so-called junk hacking from last year.
In this week's feature interview we're chatting with Wired journalist Kim Zetter about her fantastic book Stuxnet: Countdown to Zero Day. As it turns out, the assumption that US and Israeli intelligence agencies had "boots on ground" intelligence to design the malicious code could very well be bunkum!
Here it is, my first ever YouTube rant! I hope you enjoy it...
https://www.youtube.com/watch?v=0o5PRIrQq48
Yeah I haven't figured out how to embed it yet.
Welcome back to Risky Business for another year. This is the ninth year of weekly Risky Business podcasts, we're stoked you're sticking around for more.
In this special edition we take a look back over the big news items of 2014.
On this week's show Adam and I establish that it's actually quite possible the disaster unfolding at Sony Pictures is, in fact, a North Korean government plot. I know, I know, there are sceptics, but any way you slice or dice it, it actually looks plausible. Tune in to find out why.
There's lots of fun news in this week's show. Sony Pictures got absolutely flattened, Regin is all the rage and the SEA has been enjoying some success.
On this week's show we're chatting with Peter Fillmore about payment card security. He was able to clone a contactless card and use it to do his shopping here in Australia -- this is something you shouldn't be able to do. So the question becomes, how can the USA, which is taking tentative steps towards chip cards, avoid some of the mistakes made in more advanced markets like ours?
On this week's show we're taking a look at how you -- YES YOU -- can game online media. Find out how you can make comments on major news sites just disappear with one line of bash! Find out how you can drive a cupcake recipe into the "most popular" stories box on the world's major news sites!
On this week's show we're chatting with Alec Stuart Muirk about some of his research into Cisco appliance security. That interview is not so much a blow by blow of the bugs he found, which were pretty devastating by the way, but more about how accessibility is a major hurdle when researching various bits of kit.
This week's show is brought to you by the fine folks at BugCrowd, big thanks to them. BugCrowd CEO Casey Ellis will be along in this week's sponsor interview to talk about what's shakin' in the bounty world. And you know what? There are some interesting engagement models emerging out of the whole paid bounty scene, he's going to talk about that. We also find out that, according to Casey, bug bounty programs will get you a PCI compliance tick from an auditor, which isn't something I knew!
Despite some technical challenges we have a great show for you all this week. We'll be chatting with Mike Ryan of iSec Partners and his pal, independent hardware hacker Joe Fitzpatrick, all about the NSA Playset! It's a hobbyist project that aims to recreate all the awesome tools in the leaked NSA ANT catalogue. Such fun!
In this week's show we're chatting with Matt Solnik of Accuvant Labs about his stellar presentation at Breakpoint last week. In this interview he describes how he can leverage crappy carrier management client software into full remote compromise attacks against most smartphones, including fully patched iOS8 and Android. It's savage stuff and if you work in telcoland you'd be nuts to miss it.
This week's show was recorded on site at the Ruxcon Breakpoint conference in Melbourne. There have been a handful of absolute jaw-droppers among the presentations here, including a demo showcasing remote code exec against *most* mobile devices, including fully patched iOS8.
On this week's show we're chatting with Neel Mehta, a security researcher with Google. Neel is best known for finding the Heartbleed bug, and he joins us this week to talk about Heartbleed, ShellShock, the security of SSL stacks and where he expects vuln research to go in the future.
