The following is a complete recording of Christopher Hoff's AusCERT presentation. He's the chief security architect with Juniper Networks. He has a vendor-heavy background, but don't hold that against him -- he's got some very interesting ideas around virtualisation, cloud computing and deperimiterisation. His talk is about automating security at scale, but he starts off, off all things, with a history innovation in toilets, which surprisingly works pretty well.

In this sponsor podcast we chat with Paul Ducklin of Sophos about the recent spate of Mac Malware. In light of malware like Flashback, is it fair to say the public perception that Mac computers are more secure has been busted?

The following is a complete recording of an absolutely fascinating presentation by Robert Clark -- the operational attorney for the US Army Cyber Command.

In this sponsor podcast we chat with Richard Byfield, co-founder and general manager of Datacom TSS.

In this week's show we take a look at the big burning issue of BYOD.

On this week's show we're taking a look at basic opsec with an incident responder friend of ours. We'll be talking about some sensible strategies people can use when they're up to illegal stuff on the Internets, because, you know, watching all these guys getting busted for owning FBI websites from their own IPs is getting boring.

In this week's feature interview we're chatting with reverse engineer Jonathan Brossard about the theft of VMware source code from a third party. Lulzsec-linked hax0rs have owned up around 300mb of VMWare source and they say they're dropping it on May 5.

Risky Business has scooped another Lizzie award for excellence in IT media at this year's Mediaconnect IT Journalism Awards.

The podcast edged out competition from other IT publishers and the ABC to take the award for Best Technology Audio Program for the third year running.

Big thanks go out to all the listeners who make Risky Business a viable media outlet, the guests who take the time to appear on the show and to the sponsors who keep a roof over my head.

But of course biggest thanks of all go to Adam Boileau for his consistently insightful and lulzy turns as our regular news guest.

And congratulations to all the other winners.

We've got a jam-packed show this week! We'll be hearing from Ruxcon organiser Chris Spencer about a new conference he's putting together. It's called BreakPoint and he's trying to establish it as a truly international conference.

On this week's show we're taking a look at new laws in the United Kingdom that are designed to automate the collection of certain types of intelligence from telcos and ISPs.

Melbourne's Age newspaper is carrying a delicious little item today.

The long arm of the law has caught up with the alleged ringleader of the CabinCr3w hacking group. Over the last few months CabinCr3w have pwned a bunch of law enforcement websites, even doxing a bunch of officers.

Pretty ballsy stuff, right? You'd think if you're starting a war with law enforcement you'd have your opsec shit in order, yeah?

Well, apparently not!

Criminal mastermind Higinio O. Ochoa III -- his real name, apparently -- has been tracked down via a photo of his girlfriend's boobies. He allegedly posted it on a website along with information stolen from various police services.

The woman, from Wantirna South in the Australian city of Melbourne, was pictured holding a sign that reads ''PwNd by w0rmer & CabinCr3w <3 u BiTch's''.

Unfortunately for Mr. Ochoa The Third, he didn't scrub the EXIF data from the photo. The GPS coordinates within lead police right to his girlfriend's house. Oops.

You can't make this shit up.

Reports say up to 600k boxes have been hosed, and if recent statements out of Cupertino are any indication, Apple staffers are running around like the proverbial headless chickens trying to contain this outbreak.

On this week's show Adam Boileau and Patrick Gray talk through the week's security news headlines, including:

This week we talk to CommsDay founder and publisher Grahame Lynch about the Australian Government's decision to ban Chinese Networking vendor Huawei from supplying equipment to the National Broadband Network.

This week's feature interview is a chat with Verizon Business Security Solutions' Bryan Sartin about the annual Data Breach Investigations Report, or DBIR.

This week's feature interview is with Alastiar MacGibbon, CEO of CREST Australia -- the Council of Registered Ethical Security Testers.

The Australian government has announced the establishment of the Council of Registered Ethical Security Testers, or CREST.

CREST is a pretty big deal in the UK. Over there it's an extremely serious series of tests that can give hiring organisations a semi-reliable indication that a tester knows what they're doing. If you don't have your CREST certification, there's work you simply can't do.

But who knows what it'll morph into here -- the jury isn't just out, it hasn't even been empanelled yet. Government involvement isn't usually a good start.

You can read the Attorney General's announcement here.

Interesting to note that former Australian Federal Police agent (that was years ago now) Alastair MacGibbon is the CEO of CREST Australia.

He has zero background in security testing but his appointment makes sense -- it wouldn't be politically possible to appoint a CEO from a professional services organisation.

This way there's no conflict of interests.

On this week's show we're catching up with Mr. Popular himself, Adrian Lamo.

Global law enforcement swooped overnight, arresting a handful of online miscreants who, between them, have generated more headlines than the rest of the online underground put together.

That's right, LulzSec has been comprehensively pwnt. Some were arrested yesterday in raids, others, arrested some time ago, had their indictments unsealed by the courts.

But it was the news that online Anonymous hero Sabu, aka Hector Xavier Monsegur, had been acting as an FBI snitch since August 2011 that came as a shock to many.

It shouldn't have.

Back in September 2011, Sabu returned to Twitter after a one month hiatus as rumours of his arrest swept the Internet. He had indeed been arrested and flipped. By the time he logged back on to Twitter he was an active asset of the FBI.

The game had been up for Sabu since June 2011 at the latest. His identity had been well and truly exposed, with multiple pastebin posts unmasking him.

You would think anyone with half a brain would keep their distance from a high-profile target who was rumoured to be arrested, disappeared for a month, then reappeared.

But no. Everyone stayed tight. That's how the attackers allegedly behind the HBGary Federal attack, Stratfor's mail leak, the law-enforcement con call wiretap and attacks against Sony Entertainment have all wound up in the clink.

None of this matters. The real play here could be for Wikileaks and its founder Julian Assange.

We know these are the people who stole Stratfor's e-mail. This is the e-mail Wikileaks recently began publishing and releasing to its "media partners". We also know that this particular group of hackers had been completely and utterly compromised by the FBI.

Is it possible that the idea of passing Stratfor's mail on to Wikileaks, instead of just publishing it to the Internet, was in fact the FBI's idea? This group published HBGary's stolen mail directly to the Internet, why change now? Could it be that Sabu, at the behest of the FBI, was advocating a different approach?

You would think that the negotiated handover of illegally obtained data could open up all sorts of conversational possibilities. If a Wikileaks staffer asked these anon contacts to illegally obtain more information from other targets, I imagine that would be legally problematic.

The trick for the US Department of Justice could be trying to portray Wikileaks as the document laundering arm of Anonymous.

You can bet your bottom dollar that any communications between Wikileaks and this group were monitored, but it will be some time before we know if prosecutors can make hay from them.

Listen to Wired.com's news editor Kevin Poulsen discuss the Stratfor email dump. (24 mins in.)

Patrick Gray on Twitter.

This week we'll be joined by Wired.com's news editor Kevin Poulsen for a chat about the big news of the week -- Wikileaks' gigantic dump of private intelligence contractor STRATFOR's allegedly stolen e-mails.