Podcasts

News, analysis and commentary

Risky Business #265 -- Reliably detecting 0day with crash dumps

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show were chatting with Rex Warren of Leviathan Security in the United States.

Leviathan has been working with DARPA on an interesting new system that can reliably detect failed 0day exploitation attempts against hosts. Basically these guys are just grabbing Dr. Watson crash dumps at the gateway, but where it gets interesting is when we look at what they do with those crash dumps. Emulation FTW.

This week's show is brought to you by the fine folk at Tenable Network Security. If you need vulnerability scanning or SIEM software you really need to go visit their website. On this week's show we're revisiting the topic of phantom 0day with Ron Gula, the chief executive and co-founder of Tenable. We'll also be chatting to him about whether or not the biggest threat to users in the future could be social engineering.

Show notes

Zero-day hotel keycard hack goes unfixed, now being used by Texas thieves | ExtremeTech
http://www.extremetech.com/electronics/141557-zero-day-hotel-keycard-hac...

UN nuclear watchdog confirms data leak | ZDNet
http://www.zdnet.com/un-nuclear-watchdog-confirms-data-leak-7000008001/

Chrome Zero-Day Presentation Gives Way to Mandatory Military Service | threatpost
http://threatpost.com/en_us/blogs/chrome-zero-day-presentation-gives-way...

Google Repairs High-Risk Flaw in Chrome | threatpost
http://threatpost.com/en_us/blogs/google-repairs-high-risk-flaw-chrome-1...

Cisco and "8 Diamonds" threaten Chinese security
http://tech.sina.com.cn/t/2012-11-27/09207834698.shtml

Update: Attack on Romanian TLD Register led to Google, Yahoo Defacements and DNS Redirects | threatpost
http://threatpost.com/en_us/blogs/update-attack-romanian-tld-register-le...

DSD issues advice for executives tackling BYOD | ZDNet
http://www.zdnet.com/au/dsd-issues-advice-for-executives-tackling-byod-7...

Credit card companies' WikiLeaks block just fine, EU says | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57554855-83/credit-card-companies-wikil...

Romanian hackers behind $30m Australian credit card theft - ABC News (Australian Broadcasting Corporation)
http://www.abc.net.au/news/2012-11-29/afp-uncovers-romanian-card-hacking...

Second person guilty in AT&T iPad prank hack - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/324412,second-person-guilty-in-att-ipa...

Researcher reveals backdoor access in Samsung printers | ZDNet
http://www.zdnet.com/researcher-reveals-backdoor-access-in-samsung-print...

Java Zero-Day Exploit on Sale for 'Five Digits' - Krebs on Security
https://krebsonsecurity.com/2012/11/java-zero-day-exploit-on-sale-for-fi...

Kaseya patches platform vulnerability - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323797,kaseya-patches-platform-vulnera...

Piwik Update Infected with Backdoor Malware | threatpost
http://threatpost.com/en_us/blogs/piwik-update-infected-backdoor-malware...

Researcher Finds Nearly Two Dozen SCADA Bugs in a Few Hours' Time | threatpost
http://threatpost.com/en_us/blogs/researcher-finds-nearly-two-dozen-scad...

Symantec Warns of New Malware Targeting SQL Databases | threatpost
http://threatpost.com/en_us/blogs/symantec-warns-new-malware-targeting-s...

,

Good blog post!! Thank you a lot for providing individuals with an exceptionally terrific opportunity to read from this site. It's usually very ideal and also full of amusement for me and my office peers to search the blog the equivalent of three times in a week to read through the fresh secrets you have got.
villa rental koh samui

,

The hack has been pretty good so far. We all need to get the whole thing involved. - Feed the Children Reviews

Risky Business #265 -- Reliably detecting 0day with crash dumps
0:00 / 56:35

Risky Business #264 -- Three Guys With Ponytails Talk About Security

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show I'll being playing an excerpt from a panel discussion that took place at Kiwicon -- the session was called Three Guys with Ponytails Talk Security. The three guys are PGP Corporation co-founder Jon Callas, nCipher co-founder Nicko van Someren and the University of Auckland's Peter Gutmann.

The topics include quantum computing and Peter's oddly overkill print server.

This week's show is brought to you by Adobe! Adobe's head of product security and privacy Brad Arkin joins the show in this week's sponsor segment to talk about what he's calling "phantom 0day".

Show notes

U.S. accused of cyberattack on French government | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57553153-83/u.s-accused-of-cyberattack-...

FreeBSD Servers Compromised; Third-Party Software Packages Could be Impacted | threatpost
http://threatpost.com/en_us/blogs/freebsd-servers-compromised-third-part...

Hacker found guilty of massive AT&T-iPad site breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552852-83/hacker-found-guilty-of-mass...

Attackers Had Access for Months in South Carolina Data Breach | threatpost
http://threatpost.com/en_us/blogs/attackers-had-access-months-south-caro...

Researchers Remotely Control Smart Cards with Malware PoC | threatpost
http://threatpost.com/en_us/blogs/researchers-remotely-control-smart-car...

John McAfee, Unhinged: His Bizarre Breaks From Reality | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-unhinged/

Megaupload Assisted U.S. Prosecution of Smaller File-Sharing Service | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/megaupload-investigation-roots/

Microsoft hands Windows 8 Pro to pirates by mistake | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552960-83/microsoft-hands-windows-8-p...

Anonymous escalates its 'cyberwar' against Israel | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552168-83/anonymous-escalates-its-cyb...

Obama reportedly signs secretive cybersecurity policy directive | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57550092-83/obama-reportedly-signs-secr...

Facebook Enabling HTTPS by Default for North American Users | threatpost
http://threatpost.com/en_us/blogs/facebook-enabling-https-default-north-...

Aussie researchers paid to make US drones unhackable - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323047,aussie-researchers-paid-to-make...

Operation High Roller Now Targets Europe's SEPA Network and Large US Bank | threatpost
http://threatpost.com/en_us/blogs/operation-high-roller-now-targets-euro...

Pwning Androids, iPhones with Exchange - Messaging - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323360,pwning-androids-iphones-with-ex...

Researcher owns blue chip managed service platforms - Cloud - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323288,researcher-owns-blue-chip-manag...

Judge throws out Steam breach lawsuit over lack of "harm" - SC Magazine
http://www.scmagazine.com/judge-throws-out-steam-breach-lawsuit-over-lac...

Who is McAfee? | The official Blog of John McAfee. -[ www.whoismcafee.com ]-
http://www.whoismcafee.com/

This week's feature track: Can't Get Enough by Supergroove
http://www.youtube.com/watch?v=9gEy2FJ_AiA

,

Does the French government know how to back up what they are saying? If so, they might have to get themselves a good evidence. - Feed the Children Reviews

Risky Business #264 -- Three Guys With Ponytails Talk About Security
0:00 / 56:17

Risky Business #263 -- Data retention and the national security review

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

In this week's feature interview we're chatting with the Assistant Commissioner of the Australian Federal Police, Neil Gaughan.

He's the national manager of High Tech Crime Operations and he's joining us to discuss the ongoing national security review. As a part of that review the government is introducing laws that will force ISPs and other Carriage Service Providers (CSPs) to store information on Australian citizens for two years. It sounds scary, but as you'll hear the data covered by the proposed new law is actually pretty mundane stuff like DHCP and SIP logs.

We have a new Risky Business sponsor this week, an Australian company named Senetas. These guys make layer 2 crypto gear which I find very, very interesting. So in this week's sponsor interview I basically just had a yarn with Senetas co-founder and CTO Julian Fay about where that sort of gear is most useful. As you'll hear, Julian knows networks and he knows crypto.

Adam Boileau, as usual, joins us for the week's news headlines.

Show notes

This week's feature interview source material:
------------------------------------------------------------------------

The AFP's definition of communications metadata:
http://scott-ludlam.greensmps.org.au/sites/default/files/afpdoc.pdf

This week's news items:
------------------------------------------------------------------------

John McAfee, in Hiding, Condemns Belizean Government as 'Pirates' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-essay/

Skype Restores Password Resets, Repairs Flaw that Allows Account Hijacking | threatpost
http://threatpost.com/en_us/blogs/skype-suspends-password-resets-investi...

Attackers Compromise Adobe Connect User Site | threatpost
http://threatpost.com/en_us/blogs/attackers-compromise-adobe-connect-use...

Google Puts Flash in a Sandbox on OS X | threatpost
http://threatpost.com/en_us/blogs/google-puts-flash-sandbox-os-x-111412

Bradley Manning Offers to Plead Guilty to Partial Charges, Including Leaking to WikiLeaks | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/bradley-manning-plea-notice/

============================================
SPONSORED WHITEPAPERS. READ 'EM TO SUPPORT RISKY BUSINESS!

Senetas - Security Products White Papers
http://www.senetas.com/products/resources/white-papers.htm
============================================

Given Tablets but No Teachers, Ethiopian Children Teach Themselves | MIT Technology Review
http://www.technologyreview.com/news/506466/given-tablets-but-no-teacher...

Dictionary apps post false piracy confessions on Twitter - Crave
http://www.cnet.com.au/dictionary-apps-post-false-piracy-confessions-on-...

Hong Kong stock exchange hacker sentenced to jail | ZDNet
http://www.zdnet.com/cn/hong-kong-stock-exchange-hacker-sentenced-to-jai...

Blizzard Sued Over Data Breach, Authenticator Sales | threatpost
http://threatpost.com/en_us/blogs/blizzard-sued-over-data-breach-authent...

Twitter Resets More Passwords Than Accounts Hacked | threatpost
http://threatpost.com/en_us/blogs/twitter-resets-more-passwords-accounts...

Ransomware a growing menace, says Symantec | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57548314-83/ransomware-a-growing-menace...

Microsoft Update Includes Critical Security Update for IE 9, First Patches for Windows 8, RT | threatpost
http://threatpost.com/en_us/blogs/microsoft-update-includes-critical-sec...

Variant of Mac Malware Targets Tibetan Activists | threatpost
http://threatpost.com/en_us/blogs/variant-mac-malware-targets-tibetan-ac...

Memory Bug Fixed in Tor Client | threatpost
http://threatpost.com/en_us/blogs/memory-bug-fixed-tor-client-110912

This week's feature track:
------------------------------------------------------------------------

The Afrobiotics - Don't Play With Fire on Official.fm
http://official.fm/tracks/yG16

Risky Business #263 -- Data retention and the national security review
0:00 / 63:27

Risky Business #262 -- Side channel VM crypto attacks are badass

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're chatting with renowned megabrain Peter Gutmann about a paper on side channel attacks against crypto keys in virtualised environments. It's really complicated stuff, but very, very interesting.

Peter didn't do this research or write the paper, but I always like getting his take on this stuff because... well... he's really smart and he doesn't overhype stuff. That's after the news.

This week's show is brought to you by a new sponsor! NCC Group! Yay!

These guys have been the acquisition monster over the last couple of years, picking up NGS Security, iSec Partners and Matasano, among others. They're a large infosec company these days with a lot of extremely clever people working for them.

Joining us in this week's sponsor interview is Wade Alcorn, the Australia country manager for NCC Group... he's also the founder of the BeEF project and a very smart guy. He's joining us to have a chat about some interesting developments in Japan where a bunch of people have been arrested and charged with criminal offences for writing grey-market and downright illegal mobile apps.

Show notes

Experts Warn of Zero-Day Exploit for Adobe Reader - Krebs on Security
http://krebsonsecurity.com/2012/11/experts-warn-of-zero-day-exploit-for-...

Adobe Patches Critical Memory Vulnerabilities in Flash Player, AIR | threatpost
http://threatpost.com/en_us/blogs/adobe-patches-critical-memory-vulnerab...

COLUMBIA, S.C. - Lawsuit over SC Revenue security breach expanded - State & Regional - TheState.com
http://www.thestate.com/2012/11/05/2508579/lawsuit-over-sc-revenue-secur...

PixSteal-A Trojan Steals Images, Uploads to Iraqi FTP Server | threatpost
http://threatpost.com/en_us/blogs/pixsteal-trojan-steals-images-uploads-...

M3AAWG Recommends New DKIM Best Practices | threatpost
http://threatpost.com/en_us/blogs/m3aawg-recommends-new-dkim-best-practi...

Google Adds Malware Scanner to Jelly Bean 4.2 | threatpost
http://threatpost.com/en_us/blogs/google-adds-malware-scanner-jelly-bean...

Android Smishing Vulnerability Found in Android Open Source Project Firmware | threatpost
http://threatpost.com/en_us/blogs/android-smishing-vulnerability-found-a...

Coke Gets Hacked And Doesn't Tell Anyone - Businessweek
http://www.businessweek.com/news/2012-11-04/coke-hacked-and-doesn-t-tell

More VMware ESX Source Code Posted Online | threatpost
http://threatpost.com/en_us/blogs/more-vmware-esx-source-code-posted-onl...

Team Ghostshell Allegedly Spills 2.5 M Russian Records | threatpost
http://threatpost.com/en_us/blogs/team-ghostshell-allegedly-spills-25-m-...

Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1 | threatpost
http://threatpost.com/en_us/blogs/apple-patches-kernel-passcode-lock-and...

Apache Server-Status Publicly Viewable on Top Sites | threatpost
http://threatpost.com/en_us/blogs/apache-server-status-publicly-viewable...

China Most Threatening Cyberspace Force, U.S. Panel Says - Bloomberg
http://www.bloomberg.com/news/2012-11-05/china-most-threatening-cyberspa...

Facebook password-bypass flaw fixed | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57544933-83/facebook-password-bypass-fl...

Hotmail Takes on Election Duties as Servers in New Jersey Crash | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/new-jersey-email-fai/

Hackers expose British Navy email logins - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322232,hackers-expose-british-navy-ema...

Fraudsters launder cash though grants startup - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322118,fraudsters-launder-cash-though-...

www.cs.unc.edu/~reiter/papers/2012/CCS.pdf
http://www.cs.unc.edu/~reiter/papers/2012/CCS.pdf

Japanese Android developers arrested for infecting 10 million users - Hacker News , Security updates
http://thehackernews.com/2012/10/japanese-android-developers-arrested.ht...

,

The critical memory it has is really something. We need to get ourselves busy with that one. - Flemings Ultimate Garage

,

Link to Sophail: Applied attacks against Sophos Antivirus
https://lock.cmpxchg8b.com/sophailv2.pdf

Risky Business #262 -- Side channel VM crypto attacks are badass
0:00 / 52:41

Risky Business #261 -- Divide by zero, destroy power grid

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

We've got a great feature interview in this week's show with a computer science undergrad in the US who worked on a paper dealing with GPS security. You'll find out how you can melt down power lines with GPS haxx! Fun for the whole family!

This week's show is sponsored by Tenable Network Security. We'll be having Tenable product manager Jack Daniel on the line to talk about the death of periodical vulnerbility scanning. Apparently continuous scanning is all the rage these days!

I've spent the entire week down with the manflu, as you will probably hear, so apologies if the energy levels are down a bit this week.

Show notes

VUPEN Researchers Say They Have Zero-Day Windows 8 Exploit | threatpost
http://threatpost.com/en_us/blogs/vupen-researchers-say-they-have-zero-d...

Deloitte audit report that makes NZ government look like jerks:
http://www.msd.govt.nz/documents/about-msd-and-our-work/newsroom/media-r...

NY Post Pisses Its Pants Over Terrorism Homework; And You Should Too | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/terrorism-homework/

Homeland Security chief: Banks 'under attack' by hackers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57543300-83/homeland-security-chief-ban...

Huawei looks to German security researchers for help | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57542809-83/huawei-looks-to-german-secu...

Anonymous takes aim at Zynga | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541801-83/anonymous-takes-aim-at-zynga/

Millions of SSNs lifted from South Carolina database | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541481-83/millions-of-ssns-lifted-fro...

Feds charge 14 with making ATM cashouts appear like one - SC Magazine
http://www.scmagazine.com/feds-charge-14-with-making-atm-cashouts-appear...

Outages hit Google App Engine, Dropbox, Tumblr, and more | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541195-83/outages-hit-google-app-engi...

China blocks NY Times over story on leader's 'hidden fortune' | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541137-83/china-blocks-ny-times-over-...

U.S. looks to replace human surveillance with computers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57540826-83/u.s-looks-to-replace-human-...

Cisco Patches Vulnerabilities in Data Center and Web Conferencing Products | threatpost
http://threatpost.com/en_us/blogs/cisco-patches-vulnerabilities-data-cen...

ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining | threatpost
http://threatpost.com/en_us/blogs/zeroaccess-botnet-cashing-click-fraud-...

Here's the paper discussed in this week's feature interview!
http://users.ece.cmu.edu/~dbrumley/courses/18487-f12/readings/Nov28_GPS.pdf

If you enjoyed the music in this week's show, buy it!

Shop \xab Andrea Soler
http://andreasoler.com/shop/

,

Windows 8 is really good. I don't really think it will be particularly good in there. - ReputationAdvocate.com

Risky Business #261 -- Divide by zero, destroy power grid
0:00 / 59:57

INTERVIEW: Musclenerd on Qualcomm baseband hacking

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

This podcast is an interview with Eric "Musclenerd" McDonald. Eric is a renowned iPhone jailbreaker and as such has a very detailed understanding of smartphone platforms.

His talk at Ruxcon Breakpoint was all about the security of baseband chipsets. If you follow this stuff you might know that the baseband chipsets in these smartphones -- which handle all the basic communications functions of the phones -- are actually quite sophisticated. And where there's sophistication, there are potential problems.

As you'll hear, there's research going into attacking baseband chipsets through two vectors -- directly through the cell network, if you control it, or if you can trick your targets handset into associating with your fake networks... or indeed through the OS. It's interesting stuff.

INTERVIEW: Musclenerd on Qualcomm baseband hacking
0:00 / 15:01

INTERVIEW: Sniffing USB firmware with FaceDancer

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

This podcast is an interview I did at the Breakpoint security conference with security researcher Travis Goodspeed. He's come up with a hardware device called FaceDancer that allows him to capture USB device firmware by emulating the devices. What can you do with that? Well, you can start messing with those devices, loading up custom firmware, and even use modified USB devices to attack hosts.

INTERVIEW: Sniffing USB firmware with FaceDancer
0:00 / 12:18

Risky Business #260 -- News, Ducklin, Arkin and more!

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week's show is brought to you by our benevolent overlords at Adobe! And this week's sponsor interview is a must listen. Adobe's director of product security and privacy Brad Arkin joins us to discuss the breach at Adobe HQ that lead to malicious binaries being signed as valid by their code signing boxes.

Yes, it's a sponsor interview but Brad does a great job at answering some tough questions about the known extent of the compromise. I found that conversation extremely interesting and I suspect you will too.

We also chat to him about some new security features in Flash Player and Reader.

Also this week we're chatting with Paul Ducklin of Sophos Australia. Duck is well known to most Risky Business listeners, he's a regular guest, and this week he's joining us to talk about a few items of interest -- Oracle's awful patching schedule, a Sony lawsuit getting tossed and some weak DKIM issues that affected Google.

Insomnia Security's Mark Piper joins us to discuss the week's news headlines. You can find links to all our news in this week's show notes.

Risky Business #260 -- News, Ducklin, Arkin and more!
0:00 / 58:11

INTERVIEW: Did Google dodge the Android pwnbullet?

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

This podcast is an interview I did with Accuvant's Joshua Drake, aka jduck. His Breakpoint presentation was on the topic of Android security.

As regular listeners of the Risky Business podcast would know, we're pretty much convinced Android was rushed to market -- it was insecure, immature, way too open and a big, glaring risk to its users. Combine that with the inherent problems with the Android ecosystem and you had a recipe for disaster.

For those unfamiliar with those ecosystem problems, Android is very difficult to patch. Android users must wait for Google to update the OS, then ship the updates to the manufacturers who customise them for their hardware, then in turn they have to pass them on to the carriers, who may or may not customise those OS builds for compatibility with their apps and then pass the updates out over the air. Long story short, most Android devices wind up remaining unpatched.

Well, things have changed. As Joshua outlined in his presentation, Google has built a lot of exploit mitigations into the mobile OS and they're starting to look pretty effective. Is it possible that Google has dodged what many saw as an inevitable bullet?

INTERVIEW: Did Google dodge the Android pwnbullet?
0:00 / 9:38

INTERVIEW: Barnaby Jack on hacking implantable medical devices

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

This podcast is an interview I did with Barnaby Jack, a security researcher with IOActive. Barnes is probably best known for his work on ATM security. He famously "jackpotted" an ATM live on stage at BlackHat in 2010, but if he were to do a live demo of his latest research he'd probably wind up in prison.

That's because he's been looking at implantable defibrillators and pacemakers. As it turns out they have wireless interfaces that allow you to connect to them. You can bypass their rudimentary authentication and start sending 830 volt zaps into your victim's heart which, obviously, isn't ideal.

Jack says these techniques could be used for targeted assassinations, or perhaps even more worryingly, a maliciously motivated person could actually create an auto-propagating worm designed to kill people!

INTERVIEW: Barnaby Jack on hacking implantable medical devices
0:00 / 11:47