Risky Business Podcast

Analysis and news podcasts published weekly

Risky Business Podcast

October 11, 2012

Risky Business #258 -- Kevin Mitnick on identity verification

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're chatting with Kevin Mitnick! Arguably the world's best known hacker, Kevin used to be a very naughty boy, and that saw him sent to prison a few times... but since his most recent release over 12 years ago he's established himself as a security consultant, author and globetrotting public speaker.

We're chatting to him about the fundamentals of identity verification. How can you be sure that person on the phone requesting a password reset really is your customer? Can you rely solely on static identity information in this day and age?

This week's show is brought to you by PacketLoop, an Australian start-up doing really interesting packet capture analysis. It's big data security analytics! It's really interesting stuff and we're thrilled to have the support of a local company doing new things.

We'll be chatting to PacketLoop co-founder and CTO Michael Baker in this week's sponsor interview about roughly what they're doing.

PacketLoop is also sponsoring our coverage of Ruxcon Breakpoint next week. Just head to http://risky.biz/breakpoint for all our breakpoint coverage, with thanks to PacketLoop. I'll be down there dual filing stories and audio for Risky.Biz and The Register.

Show notes

Report: Chinese Tech Firms Should Be Viewed With Suspicion, Barred From U.S. Networks | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/chinese-telecoms-suspicious/

Hackable Huawei - F-Secure Weblog : News from the Lab
http://www.f-secure.com/weblog/archives/00002442.html

Philippines court halts a contentious cybercrime law | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57529298-83/philippines-court-halts-a-c...

Worm spreading on Skype IM installs ransomware | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57528353-83/worm-spreading-on-skype-im-...

Symantec: Russian criminals sell Web 'proxy' with backdoors | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57528254-83/symantec-russian-criminals-...

Middle East cyberattacks on Google users increasing | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57525334-83/middle-east-cyberattacks-on...

Microsoft Patches Critical Word Flaw; Certificate Key Length Changes are Official | threatpost
http://threatpost.com/en_us/blogs/microsoft-patches-critical-word-flaw-c...

Adobe, Microsoft Issue Updates for Critical Flaws in Flash Player | threatpost
http://threatpost.com/en_us/blogs/adobe-microsoft-issue-updates-critical...

New Tactics Helping Toll Fraud Malware on Android Avoid Detection | threatpost
http://threatpost.com/en_us/blogs/new-tactics-helping-toll-fraud-malware...

Zitmo Growing More Sophisticated, Prevalent in Android | threatpost
http://threatpost.com/en_us/blogs/zitmo-growing-more-sophisticated-preva...

Malware Signed by Adobe Certificate Only Used in Limited Targeted Attacks | threatpost
http://threatpost.com/en_us/blogs/malware-signed-adobe-certificate-only-...

Hack In The Box: Pirate Bay MIA, Chrome vulnerability found | ZDNet
http://www.zdnet.com/hack-in-the-box-pirate-bay-mia-chrome-vulnerability...

Proof-of-Concept Exploits HTML5 Fullscreen API for Social Engineering | threatpost
http://threatpost.com/en_us/blogs/proof-concept-exploits-html5-fullscree...

\ufeffGoogle App Engine open to session jacking - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/318610,65279google-app-engine-open-to-...

Flaws allow 3G devices to be tracked - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/317819,flaws-allow-3g-devices-to-be-tr...

3000 EU infosec pros engage in mock attacks - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/318261,3000-eu-infosec-pros-engage-in-...

Twitter outage caused by human error, domain briefly yanked | Internet & Media - CNET News
http://news.cnet.com/8301-1023_3-57528165-93/twitter-outage-caused-by-hu...

Hacker Goes on Massive WoW Killing Spree; World Survives | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/hacker-kills-thousands-in-wow/

Packetloop
http://www.packetloop.com/

The Izzys: Change Your Mind
http://www.shazam.com/music/web/track?id=57992307

,

The US are really careful of China. They have these kind of measures to ensure they don't get so far. - James D. Sterling

Risky Business #258 -- Kevin Mitnick on identity verification
0:00 / 0:00

Risky Business Podcast

October 05, 2012

Risky Business #257 -- Exploits for Win8 no mean feat

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

On this week's show we're taking a look at Windows 8 with Alex Ionescu. Alex works for Crowdstrike, he's a genuine expert in Windows internals and he says exploit writing and persistence when it comes to owning windows boxes is about to get a whole lot harder. That's after the news.

This week's show is brought to you by Insomnia Security. Insomnia is a New Zealand-based consultancy founded by Brett Moore. But these days Insomnia is much bigger than Brett. It has six full timers and they're all very clever chaps. Adam Boileau works there, as does this week's sponsor guest Mark Piper! We're chatting to Mark about what "typical" APT attackers get up to. What does the run of the mill APT MO actually look like?

Show notes

Hackers Breached Adobe Server in Order to Sign Their Malware | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/adobe-digital-cert-hacked/

Adobe to revoke code signing certificate | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57521794-83/adobe-to-revoke-code-signin...

White House confirms 'spearphishing' intrusion | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57523621-83/white-house-confirms-spearp...

Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent - Krebs on Security
https://krebsonsecurity.com/2012/09/chinese-hackers-blamed-for-intrusion...

Regulators shut down global PC 'tech support' scam | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57525250-83/regulators-shut-down-global...

Australia Post customers exposed in direct object reference flaw - Web/client - SC Magazine Australia
http://www.scmagazine.com.au/News/317651,australia-post-customers-expose...

FTC Takes On Scareware Marketers, Court Imposes $163M Judgment | threatpost
http://threatpost.com/en_us/blogs/ftc-takes-scareware-marketers-court-im...

Web security protocol HSTS wins proposed standard status | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57524915-83/web-security-protocol-hsts-...

SHA-3 Winner Chosen, But It May Be Years Before Keccak Has an Effect | threatpost
http://threatpost.com/en_us/blogs/sha-3-winner-chosen-it-may-be-years-ke...

Authentication Implications in Uniquely Identifiable Graphics Cards | threatpost
http://threatpost.com/en_us/blogs/authentication-implications-uniquely-i...

Microsoft Reaches Settlement with Site Linked to Nitol Botnet | threatpost
http://threatpost.com/en_us/blogs/microsoft-reaches-settlement-site-link...

Mozilla's Persona Web Authentication System Moves into Beta | threatpost
http://threatpost.com/en_us/blogs/mozillas-persona-web-authentication-sy...

DHS Issued False 'Water Pump Hack' Report; Called It a 'Success' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/dhs-false-water-pump-hack/

Cisco Patches Numerous Bugs in IOS, UCM | threatpost
http://threatpost.com/en_us/blogs/cisco-patches-numerous-bugs-ios-ucm-09...

City of Tulsa website not hacked after all | Tulsa World
http://www.tulsaworld.com/news/article.aspx?subjectid=334&articleid=2012...

IBM - My notifications
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&...

Nmap Development: Re: Hakin9's new Nmap Guide
http://seclists.org/nmap-dev/2012/q4/18

Breakpoint 2012 Speakers List
http://www.ruxconbreakpoint.com/speakers/#Alex Ionescu

Insomnia Security, New Zealand
http://www.insomniasec.com/

Breakpoint 2012 Training List
http://www.ruxconbreakpoint.com/training/

Bag Raiders - So Demanding - YouTube
http://www.youtube.com/watch?v=_Q0VERQxy_w

,

The signing certificate has been pretty good so far. That is really good if we need to do that. - Flemings Ultimate Garage

Risky Business #257 -- Exploits for Win8 no mean feat
0:00 / 0:00

Risky Business Podcast

September 27, 2012

Risky Business #256 -- NFC and public transport ticketing

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're taking a look at public transport ticketing security. Some clever fellows from the US of A have figured out how to reset their RFID tickets with a nifty little app for NFC-enabled smartphones. All this due to some positively boneheaded mistakes made during the initial rollout of some ticketing systems. That interview is with Corey Benninger of Intrepidus Group.

This week's show is brought to you by Tenable Network Security. Tenable's co-founder and CEO Ron Gula will be joining the program to talk about the possibility of US president Obama issuing an executive order designed to replace the doomed Cybersecurity Act of 2012, which was shot down by the US congress.

Insomnia Security's Mark Piper fills in for Adam Boileau in this week's news segment.

Show notes

New Java flaw could hit 1 billion users | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57520532-83/new-java-flaw-could-hit-1-b...

Microsoft Releases Out-Of-Band IE Zero-Day Patch | threatpost
http://threatpost.com/en_us/blogs/microsoft-releases-out-band-ie-zero-da...

SourceForge Investigates Backdoor Code Found in Copy of phpMyAdmin | threatpost
http://threatpost.com/en_us/blogs/sourceforge-investigates-backdoor-code...

Researcher Finds 100k IEEE.org Passwords Stored in Plain-Text on Public FTP Server | threatpost
http://threatpost.com/en_us/blogs/researcher-finds-100k-ieeeorg-password...

Samsung offers up patch for Galaxy S3 remote wipe vulnerability | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57520467-83/samsung-offers-up-patch-for...

Apple TV vulnerabilities closed after being watched for months | ZDNet
http://www.zdnet.com/apple-tv-vulnerabilities-closed-after-being-watched...

Large-Scale Water Holing Attack Campaigns Hitting Key Targets | threatpost
http://threatpost.com/en_us/blogs/large-scale-water-holing-attack-campai...

Forthcoming SHA-3 Hash Function May Be Unnecessary | threatpost
http://threatpost.com/en_us/blogs/forthcoming-sha-3-hash-function-may-be...

New Zealand Intel Agency Investigated for Unlawful Spying on Kim Dotcom | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/illegal-spying-on-kim-dotcom/

Google pays bug hunters for finding Windows flaw | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57520440-83/google-pays-bug-hunters-for...

ACLU sues to get U.S. agencies' license plate tracking records | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57520336-83/aclu-sues-to-get-u.s-agenci...

How long will it be before iOS 6 Maps kills someone? | ZDNet
http://www.zdnet.com/how-long-will-it-be-before-ios-6-maps-kills-someone...

Australian police want telco customer data retained forever | ZDNet
http://www.zdnet.com/australian-police-want-telco-customer-data-retained...

Special Report: iOS app piracy soars - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316996,special-report-ios-app-piracy-s...

Hackers ransom $3000 from NT business - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316663,hackers-ransom-3000-from-nt-bus...

Adobe releases open-source coding typeface - Boing Boing
http://boingboing.net/2012/09/24/adobe-releases-open-source-cod.html

UltraReset - Bypassing NFC access control with your smartphone - Intrepidus Group - Insight
http://intrepidusgroup.com/insight/2012/09/ultrareset-bypassing-nfc-acce...

Video of Intrepidus demonstrating NFC ticketing resets:
http://vimeo.com/49664045

Slide deck:
https://media3.risky.biz/EUSecWest-SoBenn-Transit2012-Preview.pdf

The Public Opinion Afro Orchestra - Shake on Official.fm
http://official.fm/tracks/daLt/file

,

That out of brand IE is really getting my attention. What would that be if I may ask? - Steven Wyer

Risky Business #256 -- NFC and public transport ticketing
0:00 / 0:00

Risky Business Podcast

September 21, 2012

Risky Business #255 -- IE 0days are news? WINNING

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week's show is a shorter one than usual -- we've just got the news segment with Adam and a sponsor interview.

This week's show is sponsored by our benevolent overlords at Adobe! Big thanks to them. And we've got a fascinating chat in this week's show with Adobe's Steve Gotwalls about auto updaters.

How have they been architected? What do the update mechanisms look like? Are the update packages served via https or http? Can you cache them at your border? Should enterprise networks swallow updates without doing independent QA?

This is a surprisingly interesting topic, when we think about how much patch management has changed over the years.

Show notes

Microsoft Will Patch IE Zero-Day on Friday; Fixit Available as Stopgap | threatpost
http://threatpost.com/en_us/blogs/microsoft-will-patch-ie-zero-day-frida...

Sophos antivirus detects own update as false positive malware | ZDNet
http://www.zdnet.com/sophos-antivirus-detects-own-update-as-false-positi...

Feds Charge Activist with 13 Felonies for Rogue Downloading of Academic Articles | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/aaron-swartz-felony/

Virgin Mobile Shrugs as Coder Warns Accounts Are Easily Hijacked | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/virgin-mobile/

Sprint says Virgin Mobile users are safe from account hijacks - Computerworld
http://www.computerworld.com/s/article/9231470/Sprint_says_Virgin_Mobile...

Coders Behind the Flame Malware Left Incriminating Clues on Control Servers | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/flame-coders-left-fingerprints/

Grum Botnet Attempts Another Comeback, Fails Again | threatpost
http://threatpost.com/en_us/blogs/grum-botnet-attempts-another-comeback-...

iPhone 4S, Samsung Galaxy S3 hacked in contest | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57516966-83/iphone-4s-samsung-galaxy-s3...

iOS 6 allows tweets, Facebook posts from locked device | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57517364-83/ios-6-allows-tweets-faceboo...

Apple provides 197 security reasons to upgrade to iOS 6 | ZDNet
http://www.zdnet.com/apple-provides-197-security-reasons-to-upgrade-to-i...

Flaw in Oracle Logon Protocol Leads to Easy Password Cracking | threatpost
http://threatpost.com/en_us/blogs/flaw-oracle-logon-protocol-leads-easy-...

Chat app used by activists has security flaws, say critics | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57513530-83/chat-app-used-by-activists-...

Researchers poke holes through Fortinet, SonicWall UTMs - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316308,researchers-poke-holes-through-...

Anonymous' Barrett Brown Raided by FBI During Online Chat | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/barret-brown-raid/

Executive order drafted following failed Cybersecurity Act - SC Magazine
http://www.scmagazine.com/executive-order-drafted-following-failed-cyber...

Researcher Charlie Miller Joins Twitter Security Team | threatpost
http://threatpost.com/en_us/blogs/researcher-charlie-miller-joins-twitte...

Calendar config triggers Canberra security scare - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316099,calendar-config-triggers-canber...

Bromium secures computers by holding apps in isolation | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57515558-83/bromium-secures-computers-b...

Bromium ships vSentry micro-hypervisor for foolproof Windows 7 security | ZDNet
http://www.zdnet.com/bromium-ships-vsentry-micro-hypervisor-for-foolproo...

Romanian carders plead guilty to Subway hack - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/316131,romanian-carders-plead-guilty-t...

Home
http://www.saskwatch.com.au/Saskwatch/Home.html

Breakpoint 2012 Security Conference
http://www.ruxconbreakpoint.com/

,

They are pretty geeky with that one. They are really good at computers and that is good. - Kris Krohn

Risky Business #255 -- IE 0days are news? WINNING
0:00 / 0:00

Risky Business Podcast

September 14, 2012

Risky Business #254 -- Does your pentester team know what it's doing?

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week's feature interview is with Wayne Ronaldson. Wayne's a security consultant with a company here called CQR, but he's cobbled together a fascinating little side project called Exploitable Labs.

In essence, Exploitable Labs is an online capture the flag environment. Participants connect to it, then go about finding various types of vulnerabilities -- in Web applications, servers and network devices. At the end of the exercise, the system spits out a report that can tell the participant where they're hot and where they're not.

Wayne designed the service to be used by people who hire penetration testers -- it's not a certification like CREST, it's an evaluation. It's an interesting idea!

Adam Boileau, as always, joins the show for a chat about the news headlines.

Show notes

Pirate Bay Co-Founder Arrested at Airport on Hacking Charges | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/pirate-bay-airport-arrest/

Apple Device IDs Leaked by Anonymous Traced to App Developer Blue Toad | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/udid-leak-traced-to-blue-toad/

Sleuths Trace New Zero-Day Attacks to Hackers Who Hit Google | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/google-hacker-gang-returns/all/

Report: Half of Android devices have unpatched holes | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57512467-83/report-half-of-android-devi...

Microsoft finds malware hidden in new computers in China | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57512703-83/microsoft-finds-malware-hid...

Phony Al-Jazeera text messages sent by pro-Syrian gov't hackers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57509104-83/phony-al-jazeera-text-messa...

Microsoft axes many of its Forefront enterprise security products | ZDNet
http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-sec...

Careful Who You Friend: Taliban Posing as 'Attractive Women' Online | Danger Room | Wired.com
http://www.wired.com/dangerroom/2012/09/taliban-facebook/

Microsoft Carries out Nitol Botnet Takedown | threatpost
http://threatpost.com/en_us/blogs/microsoft-carries-out-nitol-botnet-tak...

Apple Fixes Huge Number of Flaws With iTunes 10.7 | threatpost
http://threatpost.com/en_us/blogs/apple-fixes-huge-number-flaws-itunes-1...

CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions | threatpost
http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tl...

Go Daddy CEO Denies Hackers Behind Major Outage | threatpost
http://threatpost.com/en_us/blogs/go-daddy-ceo-disputes-hack-behind-majo...

Etsy handcrafts rewards for security bug hunters | ZDNet
http://www.zdnet.com/au/etsy-handcrafts-rewards-for-security-bug-hunters...

Google Adds Online Malware Scanner VirusTotal To Security Lineup | threatpost
http://threatpost.com/en_us/blogs/google-adds-online-malware-scanner-vir...

Red Hat Security Advisory 2012-1259-01 \u2248 Packet Storm
http://packetstormsecurity.org/files/116469

No Right Turn: Hacking the Budget
http://norightturn.blogspot.co.nz/2012/09/hacking-budget.html

BitFloor breached, hacker makes off with $250,000 in BitCoins - TechSpot News
http://www.techspot.com/news/50043-bitfloor-breached-hacker-makes-off-wi...

ssl - CRIME - How to beat the BEAST successor? - IT Security
http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-...

Exploitable Labs
http://exploitablelabs.com/

PentesterLab.com
https://pentesterlab.com/

My interview with Gotye:
http://media.risky.biz/fots.mp3

,

The hackers are having their way right now. I guess that is going to be pretty right? - Roger Stanton St. Mary's College

,

Now I am able to take the next phase in my profession and after working security for quite a few years, I would
love to improve up on my current knowledge and gain a few new ones.
Where's the best place to get started on I wonder?

Risky Business #254 -- Does your pentester team know what it's doing?
0:00 / 0:00

Risky Business Podcast

September 06, 2012

Risky Business #253 -- All your internal IP ranges R belong 2 Maltego

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're taking a look at the new release of the data mining and network footprinting tool Maltego. it's called Radium and the focus is very much on automation.

One click network footprinting for the win! Maltego creator Roelof Temmingh will be along in this week's feature interview to walk us through the new features. There's some interesting stuff in that interview about network information leaks. All your internal IP ranges R belong to Roelof!

This week's show is brought to you by HackLabs.

In this week's sponsor interview we chat with HackLabs head honcho Chris Gatford about the insider threat.

What can you do to minimise your chances of getting hosed by a disgruntled former staffer? That's an interesting segment that touches on account and access management, DLP and ghost account audits.

Speaking of sponsorship, we've got some sponsor vacancies opening up from next week and intro next year. So if you fancy sponsoring Risky Business, let me know.

Risky.Biz gets around 25,000 unique visitors a month from all over the globe, with around 16,000-20,000 episodes downloaded each month!

And you know what? It's a high quality audience. If you'd like to see some listener testimonials from enterprise security folks or talk about sponsorship, get in touch with me: patrick [at] risky.biz.

Risky Business #253 -- All your internal IP ranges R belong 2 Maltego
0:00 / 0:00

Risky Business Podcast

August 31, 2012

Risky Business #252 -- Attacks on Aramco likely state sponsored

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're talking to Rapid7's HD Moore about recent attacks against the Saudi Aramco oil company that saw 30,000 of 40,000 machines rendered inoperable for around 10 days.

It's the single most destructive attack I've ever heard of.

This week's show is brought to you by Insomnia Security. You might know this week's sponsor guest -- it's out news buddy Adam Boileau, aka Metlstorm.

Adam works for Insomnia! So it's the MOAR METL edition this week! He'll be along a bit later to talk about new trends in security assessments; new ways of doing things that can gauge how effective organisations are at detecting what he calls the "lateral movement" of attackers through networks. As you'd expect, it's very interesting stuff and it's coming up after this week's feature interview.

Show notes

Oracle reportedly knew of critical Java bugs under attack for 4 months | Ars Technica
http://arstechnica.com/security/2012/08/critical-java-bugs-reported-4-mo...

Second accused LulzSec hacker arrested in Sony breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57502233-83/second-accused-lulzsec-hack...

Researchers Hack Brainwaves to Reveal PINs, Other Personal Data | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/brainwave-hacking/

Researcher reports a CSRF vulnerability in Facebook's App Center, earns $5,000 | ZDNet
http://www.zdnet.com/researcher-reports-a-csrf-vulnerability-in-facebook...

Air Force Openly Seeking Cyber-Weapons | threatpost
http://threatpost.com/en_us/blogs/air-force-openly-seeking-cyber-weapons...

Hackers vow 'hellfire' in latest major data leak | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57501931-83/hackers-vow-hellfire-in-lat...

Looking to Bolster Security, Dropbox Adds Two-Factor Authentication | threatpost
http://threatpost.com/en_us/blogs/looking-bolster-security-dropbox-adds-...

Analysis Shows Traces of Wiper Malware, But No Links to Flame | threatpost
http://threatpost.com/en_us/blogs/analysis-shows-traces-wiper-malware-no...

New Gauss and Flame link was a mistake, researchers say | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57499508-83/new-gauss-and-flame-link-wa...

Citrix Systems \xbb Most Americans Confused By Cloud Computing According to National Survey
http://www.citrix.com/English/NE/news/news.asp?newsID=2328309

Gauss: Abnormal Distribution - Securelist
http://www.securelist.com/en/analysis/204792238/Gauss_Abnormal_Distribution

Virus Shuts RasGas Office Computers, LNG Output Unaffected - Bloomberg
http://www.bloomberg.com/news/2012-08-30/virus-shuts-rasgas-office-compu...

Gh0stRat paper:
http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf

Insomnia Security, New Zealand
http://www.insomniasec.com/

,

The hackers surely know what they are doing. They did a good job in making a grand entrance. - Kris Krohn Strongbrook

Risky Business #252 -- Attacks on Aramco likely state sponsored
0:00 / 0:00

Risky Business Podcast

August 23, 2012

Risky Business #251 -- Thunderbolt strikes Mac EFI

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

In this week's feature interview we're getting an update on some research we looked at last year. Loukas of Assurance.com.au in Melbourne had been playing around with some "evil maid" EFI hacks on Macs, but he's done some more work on them and presented his findings at BlackHat in July.

He joins the show to discuss his latest EFI work. See this week's show notes for links to his slide deck and paper, as well as links to this week's news.

This week's show is brought to you by Adobe!

Adobe's head of product security Brad Arkin joins us to give us some development tips for smaller coding teams. He also discusses his involvement with the RSA conference -- he'll be helping to select some talks.

Risky Business #251 -- Thunderbolt strikes Mac EFI
0:00 / 0:00

Risky Business Podcast

August 14, 2012

Risky Business #250 -- Hack it like it's 1999

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we chat with Recurity Labs' Felix "FX" Lindner and Greg Kopf in the feature segment.

These guys recently shredded some Huawei equipment. They owned it hard and turned it into a DEFCON talk [pdf]. They'll be along a bit later on to tell us why hacking away at Huawei kit made them feel nostalgic.

This week's show is brought to you by the fine folks at Australian pentesting firm HackLabs, so I hope you'll keep them in mind next time you're firing off those RFPs!

HackLabs founder and main man Chris Gatford joins us in this week's sponsor slot to discuss the extremely clever social engineering attack against accounts belonging to technology journalist Mat Honan. he got owned pretty hard. No clientsides, no exploits, no bruteforcing. Just a few phone calls.

Show notes

http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf

THIS WEEK'S NEWS ITEMS:

Stratfor emails reveal secret, widespread TrapWire surveillance system - RT
http://rt.com/usa/news/stratfor-trapwire-abraxas-wikileaks-313/

Is TrapWire surveillance really spying on Americans? - Technolog on NBCNews.com
http://www.technolog.msnbc.msn.com/technology/technolog/trapwire-surveil...

New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East | threatpost
http://threatpost.com/en_us/blogs/new-gauss-malware-descended-flame-and-...

Amazon addresses security exploit after journalist hack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57488759-83/amazon-addresses-security-e...

Apple responds to journalist's iCloud hack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57487873-83/apple-responds-to-journalis...

One way to make passwords obsolete -- just keep typing | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57492355-83/one-way-to-make-passwords-o...

DOJ Won't Ask Supreme Court to Review Hacking Case | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/computer-fraud-supreme-court/

Goldman Sachs Programmer Back in Court on New Charges | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/sergey-aleynikov-new-charges/

FTC Dings Google $22.5M in Safari Cookie Flap | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/ftc-google-cookie/

Microsoft Releases Attack Surface Analyzer Tool | threatpost
http://threatpost.com/en_us/blogs/microsoft-releases-attack-surface-anal...

#684121 - libotr2: Buffer overflows in libotr - Debian Bug report logs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684121

Anonymous targets ASIO, government websites | ZDNet
http://www.zdnet.com/au/anonymous-targets-asio-government-websites-70000...

Oracle Warns Users About Privilege Escalation Bug in Database Server | threatpost
http://threatpost.com/en_us/blogs/oracle-warns-users-about-privilege-esc...

,

The secret is already out there. You don't need to become so sensitive about that one. - James Cullem

Risky Business #250 -- Hack it like it's 1999
0:00 / 0:00

Risky Business Podcast

August 03, 2012

Risky Business #249 -- Did the BlueHat prize experiment succeed?

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we chat with Microsoft's Katie Moussouris about the company's BlueHat prize. How successful was the prize, and did it get Microsoft value for money in terms of quality entries?

Katie took some time out from her maternity leave to join the show.

This week's show is brought to you by Tenable Network Security.

In this week's sponsor interview with Tenable founder and CEO Ron Gula we get a bit philosophical. Has it become culturally acceptable in the business world to get owned?

If LinkedIn and Sony can have such a bad time, are major incidents therefore seen as routine?

Follow Patrick Gray on Twitter.

Show notes

Get the podcast here.

Expert: Huawei routers are riddled with vulnerabilities | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57482813-83/expert-huawei-routers-are-r...

Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate
https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

Full Disclosure: nvidia linux binary driver priv escalation exploit
http://seclists.org/fulldisclosure/2012/Aug/4

Firm Sees More DDoS Attacks Aimed at Telecom Systems | threatpost
http://threatpost.com/en_us/blogs/firm-sees-more-ddos-attacks-aimed-tele...

Republicans block vote on cybersecurity bill | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57485404-83/republicans-block-vote-on-c...

Vasillis Pappas Wins $200,000 Microsoft Blue Hat Prize | threatpost
http://threatpost.com/en_us/blogs/vasillis-pappas-wins-200000-microsoft-...

In First Black Hat Talk, Apple Reveals Little New About iOS Security | threatpost
http://threatpost.com/en_us/blogs/first-black-hat-talk-apple-reveals-lit...

Facebook aims 'bug bounty' at in-house network | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57480383-83/facebook-aims-bug-bounty-at...

More information on Security Advisory 2737111 - Security Research & Defense - Site Home - TechNet Blogs
http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-se...

Anonymous in a tizzy over logo trademark | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57484468-83/anonymous-in-a-tizzy-over-l...

Does Cybercrime Really Cost $1 Trillion? | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/08/cybercrime-trillion/all/

Illinois Outlaws Employer Requests for Facebook Passwords | threatpost
http://threatpost.com/en_us/blogs/illinois-outlaws-employer-requests-fac...

Anonymous dumps hacked AAPT data - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/310159,anonymous-dumps-hacked-aapt-dat...

OAuth 2.0 and the Road to Hell \xab hueniverse
http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

FX's Huawei slides:
http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf

,

A VERY ENTERTAINING SITE!
vacation rental koh samui

,

They surely are riddled with uncertainties. It will become a little bit better if you ask me. - Reputation Advocate

Risky Business #249 -- Did the BlueHat prize experiment succeed?
0:00 / 0:00