Risky Business Podcast

February 22, 2013

Risky Business #270 -- Red teaming your law firm for fun and profit

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show we're taking a look at the issue of secondary targeting. These days it's borderline likely that attackers who want information on your company's upcoming mergers and acquisition activity won't even bother attacking you to get the intel. They'll go for your law firm instead... or your accountants... or another partner.

CERT Australia Executive Manager Dr. Carolyn Patterson joins the show to talk about that.

This week's show is brought to you by Senetas, makers of fine, layer 2 encryption hardware boxens! If you're planning a greenfields development, please, please, please go visit the Senetas website. They're a publicly listed company and they make really good gear. This week's sponsor interview is with Senetas co-founder and CTO Julian Fay, who as you'll discover, really knows what he's talking about.

This week we chat to Julian about the various certification schemes out there -- FIPS, Common Criteria and CAPS. We talk about some of the problems with these schemes, and also about some of the changes that are being made to them. Certification is changing, big time, so make sure you listen to that one.

Risky Business #270 -- Red teaming your law firm for fun and profit

0:00 / 61:05

Risky Business Podcast

February 15, 2013

Risky Business #269 -- Dave Aitel on the end of clientsides

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show we have a chat with industry stalwart Dave Aitel of Immunity Inc.

Dave joins us to chat about a few things -- like what it will be like when clientside memory corruption exploits become as rare as server side corruption exploits are now. How will that change the security discipline? We also have a chat about El Jefe and sneaky ways of handling command and control.

This week's show is brought to you by NCC Group, the global information security firm. NCC Group's Asia Pacific General Manager and BeEF project creator Wade Alcorn joins us in this week's sponsor slot to chat about recent Ruby on Rails bugs. It's been patched three times in the last month! But how much of a problem is that for you?

Is Ruby on Rails being used for serious business? Should it be?

You can find Patrick on Twitter here and Adam here.

Show notes

Security Firm Bit9 Hacked, Used to Spread Malware - Krebs on Security
http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spr...

Microsoft Report Examines Socio-Economic Relationships to Malware Infections | threatpost
http://threatpost.com/en_us/blogs/microsoft-report-examines-socio-econom...

Cybersecurity Executive Order Short on Action, Long on Voluntary Initiatives | threatpost
http://threatpost.com/en_us/blogs/cybersecurity-executive-order-short-ac...

White House Must Respond to Petition Seeking Swartz Prosecutor's Firing | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/02/swartz-prosecutor-petition/

DHS Watchdog OKs 'Suspicionless' Seizure of Electronic Devices Along Border | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/02/electronics-border-seizures/

Malware Intelligence Lab from FireEye - Research & Analysis of Zero-Day & Advanced Targeted Threats:In Turn, It's PDF Time
http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html

Emergency Adobe Flash Player Patches Fix Pair of Zero Days | threatpost
http://threatpost.com/en_us/blogs/emergency-adobe-flash-player-patched-f...

Microsoft's next Patch Tuesday to fix 57 security bugs | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57568412-83/microsofts-next-patch-tuesd...

Hackers can easily breach Emergency Alert Systems | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57569322-83/hackers-can-easily-breach-e...

Ransomware cybercrime ring dismantled in Europe | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57569321-83/ransomware-cybercrime-ring-...

Old OS X malware used in increased attacks against Uyghur groups | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57569252-83/old-os-x-malware-used-in-in...

Anonymous fails to shut down live streams of Obama address | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57569098-83/anonymous-fails-to-shut-dow...

Gmail of journalists in Myanmar said to be hacked | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57568840-83/gmail-of-journalists-in-mya...

Audacious Hack Exposes Bush Family Pix, E-Mail | The Smoking Gun
http://www.thesmokinggun.com/documents/bush-family-hacked-589132

Telecom NZ says 22,500 Xtra email accounts hacked - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/333169,telecom-nz-says-22500-xtra-emai...

Yahoo! Pushing Java Version Released in 2008 - Krebs on Security
http://krebsonsecurity.com/2013/02/yahoo-pushing-java-version-released-i...

Mega security bugs detailed - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/331952,mega-security-bugs-detailed.aspx

Australian Tax System Breached By Criminals
http://www.smh.com.au/it-pro/security-it/criminals-breach-australian-tax...

CERT Australia rebuffs ex-staff criticism - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/331618,cert-australia-rebuffs-ex-staff...

Theoretical Lucky Thirteen TLS Attacks Could Turn Practical | threatpost
http://threatpost.com/en_us/blogs/theoretical-lucky-thirteen-tls-attacks...

VMware Fixes Privilege Escalation Vulnerability | threatpost
http://threatpost.com/en_us/blogs/vmware-fixes-privilege-escalation-vuln...

Ballot-stuffing bot hits News Ltd polls - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/331994,ballot-stuffing-bot-hits-news-l...

The Ubermotive Guide to Media Influence |
http://www.ubermotive.com/?p=68

Media Watch: News gets gamed (11/02/2013)
http://www.abc.net.au/mediawatch/transcripts/s3688053.htm?site=westernvic

Anonymous intends to block Webcasts of State of the Union | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57569044-83/anonymous-intends-to-block-...

IMMUNITY : Knowing You're Secure
http://www.immunityinc.com/products-eljefe.shtml

IMMUNITY : Knowing You're Secure
http://www.immunityinc.com/products-swarm.shtml

JaFFer Music, Lyrics, Songs, and Videos
http://www.reverbnation.com/jafferband

BeEF - The Browser Exploitation Framework Project
http://beefproject.com/

Information Security, Escrow & Other Solutions - NCC Group
http://www.nccgroup.com/

,

This week's show should not be missed. i am definite for the real thing that we will learn on this show. looking forward to it. - Flemings Ultimate Garage

Risky Business #269 -- Dave Aitel on the end of clientsides

0:00 / 56:46

Risky Business Podcast

February 08, 2013

Risky Business #268 -- Outsource your bug bounty program?

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

This week's feature interview is with Casey Ellis of BugCrowd.com -- a new business that runs outsourced bug bounty programs. It's a great idea and it's one that I personally think will really take off over the next couple of years.

This week's show is brought to you by our good friends at Adobe.

Adobe's director of product security and privacy Brad Arkin will be along a bit later on with an update on the phantom 0day issue the company experienced last year, as well as filling us in on some efforts designed to combat spearphishing attacks that use dodgy Flash objects embedded in Office files. It's more interesting than it sounds!

Adam Boileau is back in the news seat for a chat about recent headlines. You can find links to all the articles we discussed here.

Risky Business #268 -- Outsource your bug bounty program?

0:00 / 66:58

Risky Business Podcast

December 13, 2012

Risky Business #267 -- 2012 in review

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

This week's show takes a look back at some of the big issues and stories of 2012: The arrest of the Lulzsec crew, the release of Stratfor's email by Wikileaks and the Australian government ban on Huawei participating in the NBN rollout.

With bonus lulz.

This is the final episode of Risky Business for 2012. We'll be back in February 2013!

Risky Business #267 -- 2012 in review

0:00 / 52:29

Risky Business Podcast

December 07, 2012

Risky Business #266 -- ToR, BitCoin, crooks and quantum key distribution

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show we're talking ToR and BitCoin with Alice Hutchings, a Senior Researcher and Analyst with the Australian Institute of Criminology's Global, Economic and Electronic Crime Program.

ToR helps dissidents in foreign countries access information their governments deem unsavoury -- but it also provides a layer of protection to the consumers of child porn. Combine it with technology like BitCoin and bang, you've got Silk Road. Given the illicit uses of such technology, is volunteering to run a ToR server moral?

It's a fun, completely pointless academic conversation and it's coming up after the news!

This week's show is brought to you by Senetas, makers of fine layer 2 encryption technology. Senetas CTO Julian Fay joins us in this week's sponsor interview and we're talking all about Quantum Key Distribution.

It's a technology that is available commercially and after listening to that interview you'll actually know what it does and how it works! I learned a lot doing that interview. It's good stuff.

Show notes

John McAfee Hospitalized in Guatemala | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/12/threatlevel_1206_mcafeehospital/

Sophisticated botnet steals more than $47M by infecting PCs and phones | Ars Technica
http://arstechnica.com/security/2012/12/sophisticated-botnet-steals-more...

Bank Agrees to Reimburse Hacking Victim $300K in Precedent-Setting Case | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/bank-to-pay-hacking-victim/

Massive worm hits Tumblr, spams big blogs like USA Today | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57556784-83/massive-worm-hits-tumblr-sp...

Pentagon Deploying DARPA to Wage War on Backdoors | threatpost
http://threatpost.com/en_us/blogs/pentagon-deploying-darpa-wage-war-back...

Google Launches Private Android App Stores | threatpost
http://threatpost.com/en_us/blogs/google-launches-private-android-app-st...

Hackers steal customer info from insurance provider Nationwide | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557408-83/hackers-steal-customer-info...

U.S., U.K. caught in middle of huge Swiss spy data leak -- report | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557004-83/u.s-u.k-caught-in-middle-of...

ATM Thieves Swap Security Camera for Keyboard - Krebs on Security
http://krebsonsecurity.com/2012/12/atm-thieves-swap-security-camera-for-...

Twitter SMS bug lets hackers tweet via other users' accounts | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557050-83/twitter-sms-bug-lets-hacker...

Security Essentials fails latest AV-Test | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57556340-83/security-essentials-fails-l...

Judge Gives Bradley Manning Permission to Plead Guilty for WikiLeaks Dumps | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/manning-plea-terms-accepted/

Congress Demands United Nations Keep Hands Off the Internet | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/12/united-nations-internet-regs/

Mac malware follows Flashback - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/325137,mac-malware-follows-flashback.aspx

Six Security Flaws Fixed in BIND 9.9.2 | threatpost
http://threatpost.com/en_us/blogs/six-security-flaws-fixed-bind-992-120512

Microsoft Fixing 11 Vulnerabilities for December Patch Tuesday | threatpost
http://threatpost.com/en_us/blogs/microsoft-fixing-11-vulnerabilities-de...

Experts Downplay MySQL Database Zero-Days | threatpost
http://threatpost.com/en_us/blogs/experts-downplay-mysql-database-zero-d...

Austrian Police Raid ToR Exit Node Admin
http://www.scmagazine.com.au/News/324804,tor-exit-node-operator-raided-b...

Senetas - Hybrid Quantum Encryption
http://www.senetas.com/products/products/hybrid-quantum-encryption.htm

,

Being hospitalized in Guatemala is really interesting. I would want to know what the hospital looks like in there. - Feed the Children Reviews

Risky Business #266 -- ToR, BitCoin, crooks and quantum key distribution

0:00 / 59:48

Risky Business Podcast

November 30, 2012

Risky Business #265 -- Reliably detecting 0day with crash dumps

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show were chatting with Rex Warren of Leviathan Security in the United States.

Leviathan has been working with DARPA on an interesting new system that can reliably detect failed 0day exploitation attempts against hosts. Basically these guys are just grabbing Dr. Watson crash dumps at the gateway, but where it gets interesting is when we look at what they do with those crash dumps. Emulation FTW.

This week's show is brought to you by the fine folk at Tenable Network Security. If you need vulnerability scanning or SIEM software you really need to go visit their website. On this week's show we're revisiting the topic of phantom 0day with Ron Gula, the chief executive and co-founder of Tenable. We'll also be chatting to him about whether or not the biggest threat to users in the future could be social engineering.

Show notes

Zero-day hotel keycard hack goes unfixed, now being used by Texas thieves | ExtremeTech
http://www.extremetech.com/electronics/141557-zero-day-hotel-keycard-hac...

UN nuclear watchdog confirms data leak | ZDNet
http://www.zdnet.com/un-nuclear-watchdog-confirms-data-leak-7000008001/

Chrome Zero-Day Presentation Gives Way to Mandatory Military Service | threatpost
http://threatpost.com/en_us/blogs/chrome-zero-day-presentation-gives-way...

Google Repairs High-Risk Flaw in Chrome | threatpost
http://threatpost.com/en_us/blogs/google-repairs-high-risk-flaw-chrome-1...

Cisco and "8 Diamonds" threaten Chinese security
http://tech.sina.com.cn/t/2012-11-27/09207834698.shtml

Update: Attack on Romanian TLD Register led to Google, Yahoo Defacements and DNS Redirects | threatpost
http://threatpost.com/en_us/blogs/update-attack-romanian-tld-register-le...

DSD issues advice for executives tackling BYOD | ZDNet
http://www.zdnet.com/au/dsd-issues-advice-for-executives-tackling-byod-7...

Credit card companies' WikiLeaks block just fine, EU says | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57554855-83/credit-card-companies-wikil...

Romanian hackers behind $30m Australian credit card theft - ABC News (Australian Broadcasting Corporation)
http://www.abc.net.au/news/2012-11-29/afp-uncovers-romanian-card-hacking...

Second person guilty in AT&T iPad prank hack - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/324412,second-person-guilty-in-att-ipa...

Researcher reveals backdoor access in Samsung printers | ZDNet
http://www.zdnet.com/researcher-reveals-backdoor-access-in-samsung-print...

Java Zero-Day Exploit on Sale for 'Five Digits' - Krebs on Security
https://krebsonsecurity.com/2012/11/java-zero-day-exploit-on-sale-for-fi...

Kaseya patches platform vulnerability - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323797,kaseya-patches-platform-vulnera...

Piwik Update Infected with Backdoor Malware | threatpost
http://threatpost.com/en_us/blogs/piwik-update-infected-backdoor-malware...

Researcher Finds Nearly Two Dozen SCADA Bugs in a Few Hours' Time | threatpost
http://threatpost.com/en_us/blogs/researcher-finds-nearly-two-dozen-scad...

Symantec Warns of New Malware Targeting SQL Databases | threatpost
http://threatpost.com/en_us/blogs/symantec-warns-new-malware-targeting-s...

,

Good blog post!! Thank you a lot for providing individuals with an exceptionally terrific opportunity to read from this site. It's usually very ideal and also full of amusement for me and my office peers to search the blog the equivalent of three times in a week to read through the fresh secrets you have got.
villa rental koh samui

,

The hack has been pretty good so far. We all need to get the whole thing involved. - Feed the Children Reviews

Risky Business #265 -- Reliably detecting 0day with crash dumps

0:00 / 56:35

Risky Business Podcast

November 23, 2012

Risky Business #264 -- Three Guys With Ponytails Talk About Security

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show I'll being playing an excerpt from a panel discussion that took place at Kiwicon -- the session was called Three Guys with Ponytails Talk Security. The three guys are PGP Corporation co-founder Jon Callas, nCipher co-founder Nicko van Someren and the University of Auckland's Peter Gutmann.

The topics include quantum computing and Peter's oddly overkill print server.

This week's show is brought to you by Adobe! Adobe's head of product security and privacy Brad Arkin joins the show in this week's sponsor segment to talk about what he's calling "phantom 0day".

Show notes

U.S. accused of cyberattack on French government | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57553153-83/u.s-accused-of-cyberattack-...

FreeBSD Servers Compromised; Third-Party Software Packages Could be Impacted | threatpost
http://threatpost.com/en_us/blogs/freebsd-servers-compromised-third-part...

Hacker found guilty of massive AT&T-iPad site breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552852-83/hacker-found-guilty-of-mass...

Attackers Had Access for Months in South Carolina Data Breach | threatpost
http://threatpost.com/en_us/blogs/attackers-had-access-months-south-caro...

Researchers Remotely Control Smart Cards with Malware PoC | threatpost
http://threatpost.com/en_us/blogs/researchers-remotely-control-smart-car...

John McAfee, Unhinged: His Bizarre Breaks From Reality | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-unhinged/

Megaupload Assisted U.S. Prosecution of Smaller File-Sharing Service | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/megaupload-investigation-roots/

Microsoft hands Windows 8 Pro to pirates by mistake | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552960-83/microsoft-hands-windows-8-p...

Anonymous escalates its 'cyberwar' against Israel | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552168-83/anonymous-escalates-its-cyb...

Obama reportedly signs secretive cybersecurity policy directive | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57550092-83/obama-reportedly-signs-secr...

Facebook Enabling HTTPS by Default for North American Users | threatpost
http://threatpost.com/en_us/blogs/facebook-enabling-https-default-north-...

Aussie researchers paid to make US drones unhackable - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323047,aussie-researchers-paid-to-make...

Operation High Roller Now Targets Europe's SEPA Network and Large US Bank | threatpost
http://threatpost.com/en_us/blogs/operation-high-roller-now-targets-euro...

Pwning Androids, iPhones with Exchange - Messaging - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323360,pwning-androids-iphones-with-ex...

Researcher owns blue chip managed service platforms - Cloud - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323288,researcher-owns-blue-chip-manag...

Judge throws out Steam breach lawsuit over lack of "harm" - SC Magazine
http://www.scmagazine.com/judge-throws-out-steam-breach-lawsuit-over-lac...

Who is McAfee? | The official Blog of John McAfee. -[ www.whoismcafee.com ]-
http://www.whoismcafee.com/

This week's feature track: Can't Get Enough by Supergroove
http://www.youtube.com/watch?v=9gEy2FJ_AiA

,

Does the French government know how to back up what they are saying? If so, they might have to get themselves a good evidence. - Feed the Children Reviews

Risky Business #264 -- Three Guys With Ponytails Talk About Security

0:00 / 56:17

Risky Business Podcast

November 15, 2012

Risky Business #263 -- Data retention and the national security review

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

In this week's feature interview we're chatting with the Assistant Commissioner of the Australian Federal Police, Neil Gaughan.

He's the national manager of High Tech Crime Operations and he's joining us to discuss the ongoing national security review. As a part of that review the government is introducing laws that will force ISPs and other Carriage Service Providers (CSPs) to store information on Australian citizens for two years. It sounds scary, but as you'll hear the data covered by the proposed new law is actually pretty mundane stuff like DHCP and SIP logs.

We have a new Risky Business sponsor this week, an Australian company named Senetas. These guys make layer 2 crypto gear which I find very, very interesting. So in this week's sponsor interview I basically just had a yarn with Senetas co-founder and CTO Julian Fay about where that sort of gear is most useful. As you'll hear, Julian knows networks and he knows crypto.

Adam Boileau, as usual, joins us for the week's news headlines.

Show notes

This week's feature interview source material:
------------------------------------------------------------------------

The AFP's definition of communications metadata:
http://scott-ludlam.greensmps.org.au/sites/default/files/afpdoc.pdf

This week's news items:
------------------------------------------------------------------------

John McAfee, in Hiding, Condemns Belizean Government as 'Pirates' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-essay/

Skype Restores Password Resets, Repairs Flaw that Allows Account Hijacking | threatpost
http://threatpost.com/en_us/blogs/skype-suspends-password-resets-investi...

Attackers Compromise Adobe Connect User Site | threatpost
http://threatpost.com/en_us/blogs/attackers-compromise-adobe-connect-use...

Google Puts Flash in a Sandbox on OS X | threatpost
http://threatpost.com/en_us/blogs/google-puts-flash-sandbox-os-x-111412

Bradley Manning Offers to Plead Guilty to Partial Charges, Including Leaking to WikiLeaks | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/bradley-manning-plea-notice/

============================================
SPONSORED WHITEPAPERS. READ 'EM TO SUPPORT RISKY BUSINESS!

Senetas - Security Products White Papers
http://www.senetas.com/products/resources/white-papers.htm
============================================

Given Tablets but No Teachers, Ethiopian Children Teach Themselves | MIT Technology Review
http://www.technologyreview.com/news/506466/given-tablets-but-no-teacher...

Dictionary apps post false piracy confessions on Twitter - Crave
http://www.cnet.com.au/dictionary-apps-post-false-piracy-confessions-on-...

Hong Kong stock exchange hacker sentenced to jail | ZDNet
http://www.zdnet.com/cn/hong-kong-stock-exchange-hacker-sentenced-to-jai...

Blizzard Sued Over Data Breach, Authenticator Sales | threatpost
http://threatpost.com/en_us/blogs/blizzard-sued-over-data-breach-authent...

Twitter Resets More Passwords Than Accounts Hacked | threatpost
http://threatpost.com/en_us/blogs/twitter-resets-more-passwords-accounts...

Ransomware a growing menace, says Symantec | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57548314-83/ransomware-a-growing-menace...

Microsoft Update Includes Critical Security Update for IE 9, First Patches for Windows 8, RT | threatpost
http://threatpost.com/en_us/blogs/microsoft-update-includes-critical-sec...

Variant of Mac Malware Targets Tibetan Activists | threatpost
http://threatpost.com/en_us/blogs/variant-mac-malware-targets-tibetan-ac...

Memory Bug Fixed in Tor Client | threatpost
http://threatpost.com/en_us/blogs/memory-bug-fixed-tor-client-110912

This week's feature track:
------------------------------------------------------------------------

The Afrobiotics - Don't Play With Fire on Official.fm
http://official.fm/tracks/yG16

Risky Business #263 -- Data retention and the national security review

0:00 / 63:27

Risky Business Podcast

November 08, 2012

Risky Business #262 -- Side channel VM crypto attacks are badass

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week's show we're chatting with renowned megabrain Peter Gutmann about a paper on side channel attacks against crypto keys in virtualised environments. It's really complicated stuff, but very, very interesting.

Peter didn't do this research or write the paper, but I always like getting his take on this stuff because... well... he's really smart and he doesn't overhype stuff. That's after the news.

This week's show is brought to you by a new sponsor! NCC Group! Yay!

These guys have been the acquisition monster over the last couple of years, picking up NGS Security, iSec Partners and Matasano, among others. They're a large infosec company these days with a lot of extremely clever people working for them.

Joining us in this week's sponsor interview is Wade Alcorn, the Australia country manager for NCC Group... he's also the founder of the BeEF project and a very smart guy. He's joining us to have a chat about some interesting developments in Japan where a bunch of people have been arrested and charged with criminal offences for writing grey-market and downright illegal mobile apps.

Show notes

Experts Warn of Zero-Day Exploit for Adobe Reader - Krebs on Security
http://krebsonsecurity.com/2012/11/experts-warn-of-zero-day-exploit-for-...

Adobe Patches Critical Memory Vulnerabilities in Flash Player, AIR | threatpost
http://threatpost.com/en_us/blogs/adobe-patches-critical-memory-vulnerab...

COLUMBIA, S.C. - Lawsuit over SC Revenue security breach expanded - State & Regional - TheState.com
http://www.thestate.com/2012/11/05/2508579/lawsuit-over-sc-revenue-secur...

PixSteal-A Trojan Steals Images, Uploads to Iraqi FTP Server | threatpost
http://threatpost.com/en_us/blogs/pixsteal-trojan-steals-images-uploads-...

M3AAWG Recommends New DKIM Best Practices | threatpost
http://threatpost.com/en_us/blogs/m3aawg-recommends-new-dkim-best-practi...

Google Adds Malware Scanner to Jelly Bean 4.2 | threatpost
http://threatpost.com/en_us/blogs/google-adds-malware-scanner-jelly-bean...

Android Smishing Vulnerability Found in Android Open Source Project Firmware | threatpost
http://threatpost.com/en_us/blogs/android-smishing-vulnerability-found-a...

Coke Gets Hacked And Doesn't Tell Anyone - Businessweek
http://www.businessweek.com/news/2012-11-04/coke-hacked-and-doesn-t-tell

More VMware ESX Source Code Posted Online | threatpost
http://threatpost.com/en_us/blogs/more-vmware-esx-source-code-posted-onl...

Team Ghostshell Allegedly Spills 2.5 M Russian Records | threatpost
http://threatpost.com/en_us/blogs/team-ghostshell-allegedly-spills-25-m-...

Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1 | threatpost
http://threatpost.com/en_us/blogs/apple-patches-kernel-passcode-lock-and...

Apache Server-Status Publicly Viewable on Top Sites | threatpost
http://threatpost.com/en_us/blogs/apache-server-status-publicly-viewable...

China Most Threatening Cyberspace Force, U.S. Panel Says - Bloomberg
http://www.bloomberg.com/news/2012-11-05/china-most-threatening-cyberspa...

Facebook password-bypass flaw fixed | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57544933-83/facebook-password-bypass-fl...

Hotmail Takes on Election Duties as Servers in New Jersey Crash | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/new-jersey-email-fai/

Hackers expose British Navy email logins - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322232,hackers-expose-british-navy-ema...

Fraudsters launder cash though grants startup - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322118,fraudsters-launder-cash-though-...

www.cs.unc.edu/~reiter/papers/2012/CCS.pdf
http://www.cs.unc.edu/~reiter/papers/2012/CCS.pdf

Japanese Android developers arrested for infecting 10 million users - Hacker News , Security updates
http://thehackernews.com/2012/10/japanese-android-developers-arrested.ht...

,

The critical memory it has is really something. We need to get ourselves busy with that one. - Flemings Ultimate Garage

,

Link to Sophail: Applied attacks against Sophos Antivirus
https://lock.cmpxchg8b.com/sophailv2.pdf

Risky Business #262 -- Side channel VM crypto attacks are badass

0:00 / 52:41

Risky Business Podcast

November 02, 2012

Risky Business #261 -- Divide by zero, destroy power grid

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

We've got a great feature interview in this week's show with a computer science undergrad in the US who worked on a paper dealing with GPS security. You'll find out how you can melt down power lines with GPS haxx! Fun for the whole family!

This week's show is sponsored by Tenable Network Security. We'll be having Tenable product manager Jack Daniel on the line to talk about the death of periodical vulnerbility scanning. Apparently continuous scanning is all the rage these days!

I've spent the entire week down with the manflu, as you will probably hear, so apologies if the energy levels are down a bit this week.

Show notes

VUPEN Researchers Say They Have Zero-Day Windows 8 Exploit | threatpost
http://threatpost.com/en_us/blogs/vupen-researchers-say-they-have-zero-d...

Deloitte audit report that makes NZ government look like jerks:
http://www.msd.govt.nz/documents/about-msd-and-our-work/newsroom/media-r...

NY Post Pisses Its Pants Over Terrorism Homework; And You Should Too | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/terrorism-homework/

Homeland Security chief: Banks 'under attack' by hackers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57543300-83/homeland-security-chief-ban...

Huawei looks to German security researchers for help | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57542809-83/huawei-looks-to-german-secu...

Anonymous takes aim at Zynga | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541801-83/anonymous-takes-aim-at-zynga/

Millions of SSNs lifted from South Carolina database | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541481-83/millions-of-ssns-lifted-fro...

Feds charge 14 with making ATM cashouts appear like one - SC Magazine
http://www.scmagazine.com/feds-charge-14-with-making-atm-cashouts-appear...

Outages hit Google App Engine, Dropbox, Tumblr, and more | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541195-83/outages-hit-google-app-engi...

China blocks NY Times over story on leader's 'hidden fortune' | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541137-83/china-blocks-ny-times-over-...

U.S. looks to replace human surveillance with computers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57540826-83/u.s-looks-to-replace-human-...

Cisco Patches Vulnerabilities in Data Center and Web Conferencing Products | threatpost
http://threatpost.com/en_us/blogs/cisco-patches-vulnerabilities-data-cen...

ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining | threatpost
http://threatpost.com/en_us/blogs/zeroaccess-botnet-cashing-click-fraud-...

Here's the paper discussed in this week's feature interview!
http://users.ece.cmu.edu/~dbrumley/courses/18487-f12/readings/Nov28_GPS.pdf

If you enjoyed the music in this week's show, buy it!

Shop \xab Andrea Soler
http://andreasoler.com/shop/

,

Windows 8 is really good. I don't really think it will be particularly good in there. - ReputationAdvocate.com

Risky Business #261 -- Divide by zero, destroy power grid

0:00 / 59:57