Risky Business Podcast

Analysis and news podcasts published weekly

Risky Business Podcast

December 07, 2012

Risky Business #266 -- ToR, BitCoin, crooks and quantum key distribution

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're talking ToR and BitCoin with Alice Hutchings, a Senior Researcher and Analyst with the Australian Institute of Criminology's Global, Economic and Electronic Crime Program.

ToR helps dissidents in foreign countries access information their governments deem unsavoury -- but it also provides a layer of protection to the consumers of child porn. Combine it with technology like BitCoin and bang, you've got Silk Road. Given the illicit uses of such technology, is volunteering to run a ToR server moral?

It's a fun, completely pointless academic conversation and it's coming up after the news!

This week's show is brought to you by Senetas, makers of fine layer 2 encryption technology. Senetas CTO Julian Fay joins us in this week's sponsor interview and we're talking all about Quantum Key Distribution.

It's a technology that is available commercially and after listening to that interview you'll actually know what it does and how it works! I learned a lot doing that interview. It's good stuff.

Show notes

John McAfee Hospitalized in Guatemala | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/12/threatlevel_1206_mcafeehospital/

Sophisticated botnet steals more than $47M by infecting PCs and phones | Ars Technica
http://arstechnica.com/security/2012/12/sophisticated-botnet-steals-more...

Bank Agrees to Reimburse Hacking Victim $300K in Precedent-Setting Case | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/bank-to-pay-hacking-victim/

Massive worm hits Tumblr, spams big blogs like USA Today | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57556784-83/massive-worm-hits-tumblr-sp...

Pentagon Deploying DARPA to Wage War on Backdoors | threatpost
http://threatpost.com/en_us/blogs/pentagon-deploying-darpa-wage-war-back...

Google Launches Private Android App Stores | threatpost
http://threatpost.com/en_us/blogs/google-launches-private-android-app-st...

Hackers steal customer info from insurance provider Nationwide | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557408-83/hackers-steal-customer-info...

U.S., U.K. caught in middle of huge Swiss spy data leak -- report | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557004-83/u.s-u.k-caught-in-middle-of...

ATM Thieves Swap Security Camera for Keyboard - Krebs on Security
http://krebsonsecurity.com/2012/12/atm-thieves-swap-security-camera-for-...

Twitter SMS bug lets hackers tweet via other users' accounts | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57557050-83/twitter-sms-bug-lets-hacker...

Security Essentials fails latest AV-Test | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57556340-83/security-essentials-fails-l...

Judge Gives Bradley Manning Permission to Plead Guilty for WikiLeaks Dumps | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/manning-plea-terms-accepted/

Congress Demands United Nations Keep Hands Off the Internet | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/12/united-nations-internet-regs/

Mac malware follows Flashback - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/325137,mac-malware-follows-flashback.aspx

Six Security Flaws Fixed in BIND 9.9.2 | threatpost
http://threatpost.com/en_us/blogs/six-security-flaws-fixed-bind-992-120512

Microsoft Fixing 11 Vulnerabilities for December Patch Tuesday | threatpost
http://threatpost.com/en_us/blogs/microsoft-fixing-11-vulnerabilities-de...

Experts Downplay MySQL Database Zero-Days | threatpost
http://threatpost.com/en_us/blogs/experts-downplay-mysql-database-zero-d...

Austrian Police Raid ToR Exit Node Admin
http://www.scmagazine.com.au/News/324804,tor-exit-node-operator-raided-b...

Senetas - Hybrid Quantum Encryption
http://www.senetas.com/products/products/hybrid-quantum-encryption.htm

,

Being hospitalized in Guatemala is really interesting. I would want to know what the hospital looks like in there. - Feed the Children Reviews

Risky Business #266 -- ToR, BitCoin, crooks and quantum key distribution
0:00 / 59:48

Risky Business Podcast

November 30, 2012

Risky Business #265 -- Reliably detecting 0day with crash dumps

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show were chatting with Rex Warren of Leviathan Security in the United States.

Leviathan has been working with DARPA on an interesting new system that can reliably detect failed 0day exploitation attempts against hosts. Basically these guys are just grabbing Dr. Watson crash dumps at the gateway, but where it gets interesting is when we look at what they do with those crash dumps. Emulation FTW.

This week's show is brought to you by the fine folk at Tenable Network Security. If you need vulnerability scanning or SIEM software you really need to go visit their website. On this week's show we're revisiting the topic of phantom 0day with Ron Gula, the chief executive and co-founder of Tenable. We'll also be chatting to him about whether or not the biggest threat to users in the future could be social engineering.

Show notes

Zero-day hotel keycard hack goes unfixed, now being used by Texas thieves | ExtremeTech
http://www.extremetech.com/electronics/141557-zero-day-hotel-keycard-hac...

UN nuclear watchdog confirms data leak | ZDNet
http://www.zdnet.com/un-nuclear-watchdog-confirms-data-leak-7000008001/

Chrome Zero-Day Presentation Gives Way to Mandatory Military Service | threatpost
http://threatpost.com/en_us/blogs/chrome-zero-day-presentation-gives-way...

Google Repairs High-Risk Flaw in Chrome | threatpost
http://threatpost.com/en_us/blogs/google-repairs-high-risk-flaw-chrome-1...

Cisco and "8 Diamonds" threaten Chinese security
http://tech.sina.com.cn/t/2012-11-27/09207834698.shtml

Update: Attack on Romanian TLD Register led to Google, Yahoo Defacements and DNS Redirects | threatpost
http://threatpost.com/en_us/blogs/update-attack-romanian-tld-register-le...

DSD issues advice for executives tackling BYOD | ZDNet
http://www.zdnet.com/au/dsd-issues-advice-for-executives-tackling-byod-7...

Credit card companies' WikiLeaks block just fine, EU says | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57554855-83/credit-card-companies-wikil...

Romanian hackers behind $30m Australian credit card theft - ABC News (Australian Broadcasting Corporation)
http://www.abc.net.au/news/2012-11-29/afp-uncovers-romanian-card-hacking...

Second person guilty in AT&T iPad prank hack - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/324412,second-person-guilty-in-att-ipa...

Researcher reveals backdoor access in Samsung printers | ZDNet
http://www.zdnet.com/researcher-reveals-backdoor-access-in-samsung-print...

Java Zero-Day Exploit on Sale for 'Five Digits' - Krebs on Security
https://krebsonsecurity.com/2012/11/java-zero-day-exploit-on-sale-for-fi...

Kaseya patches platform vulnerability - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323797,kaseya-patches-platform-vulnera...

Piwik Update Infected with Backdoor Malware | threatpost
http://threatpost.com/en_us/blogs/piwik-update-infected-backdoor-malware...

Researcher Finds Nearly Two Dozen SCADA Bugs in a Few Hours' Time | threatpost
http://threatpost.com/en_us/blogs/researcher-finds-nearly-two-dozen-scad...

Symantec Warns of New Malware Targeting SQL Databases | threatpost
http://threatpost.com/en_us/blogs/symantec-warns-new-malware-targeting-s...

,

Good blog post!! Thank you a lot for providing individuals with an exceptionally terrific opportunity to read from this site. It's usually very ideal and also full of amusement for me and my office peers to search the blog the equivalent of three times in a week to read through the fresh secrets you have got.
villa rental koh samui

,

The hack has been pretty good so far. We all need to get the whole thing involved. - Feed the Children Reviews

Risky Business #265 -- Reliably detecting 0day with crash dumps
0:00 / 56:35

Risky Business Podcast

November 23, 2012

Risky Business #264 -- Three Guys With Ponytails Talk About Security

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show I'll being playing an excerpt from a panel discussion that took place at Kiwicon -- the session was called Three Guys with Ponytails Talk Security. The three guys are PGP Corporation co-founder Jon Callas, nCipher co-founder Nicko van Someren and the University of Auckland's Peter Gutmann.

The topics include quantum computing and Peter's oddly overkill print server.

This week's show is brought to you by Adobe! Adobe's head of product security and privacy Brad Arkin joins the show in this week's sponsor segment to talk about what he's calling "phantom 0day".

Show notes

U.S. accused of cyberattack on French government | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57553153-83/u.s-accused-of-cyberattack-...

FreeBSD Servers Compromised; Third-Party Software Packages Could be Impacted | threatpost
http://threatpost.com/en_us/blogs/freebsd-servers-compromised-third-part...

Hacker found guilty of massive AT&T-iPad site breach | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552852-83/hacker-found-guilty-of-mass...

Attackers Had Access for Months in South Carolina Data Breach | threatpost
http://threatpost.com/en_us/blogs/attackers-had-access-months-south-caro...

Researchers Remotely Control Smart Cards with Malware PoC | threatpost
http://threatpost.com/en_us/blogs/researchers-remotely-control-smart-car...

John McAfee, Unhinged: His Bizarre Breaks From Reality | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-unhinged/

Megaupload Assisted U.S. Prosecution of Smaller File-Sharing Service | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/megaupload-investigation-roots/

Microsoft hands Windows 8 Pro to pirates by mistake | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552960-83/microsoft-hands-windows-8-p...

Anonymous escalates its 'cyberwar' against Israel | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57552168-83/anonymous-escalates-its-cyb...

Obama reportedly signs secretive cybersecurity policy directive | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57550092-83/obama-reportedly-signs-secr...

Facebook Enabling HTTPS by Default for North American Users | threatpost
http://threatpost.com/en_us/blogs/facebook-enabling-https-default-north-...

Aussie researchers paid to make US drones unhackable - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323047,aussie-researchers-paid-to-make...

Operation High Roller Now Targets Europe's SEPA Network and Large US Bank | threatpost
http://threatpost.com/en_us/blogs/operation-high-roller-now-targets-euro...

Pwning Androids, iPhones with Exchange - Messaging - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323360,pwning-androids-iphones-with-ex...

Researcher owns blue chip managed service platforms - Cloud - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/323288,researcher-owns-blue-chip-manag...

Judge throws out Steam breach lawsuit over lack of "harm" - SC Magazine
http://www.scmagazine.com/judge-throws-out-steam-breach-lawsuit-over-lac...

Who is McAfee? | The official Blog of John McAfee. -[ www.whoismcafee.com ]-
http://www.whoismcafee.com/

This week's feature track: Can't Get Enough by Supergroove
http://www.youtube.com/watch?v=9gEy2FJ_AiA

,

Does the French government know how to back up what they are saying? If so, they might have to get themselves a good evidence. - Feed the Children Reviews

Risky Business #264 -- Three Guys With Ponytails Talk About Security
0:00 / 56:17

Risky Business Podcast

November 15, 2012

Risky Business #263 -- Data retention and the national security review

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

In this week's feature interview we're chatting with the Assistant Commissioner of the Australian Federal Police, Neil Gaughan.

He's the national manager of High Tech Crime Operations and he's joining us to discuss the ongoing national security review. As a part of that review the government is introducing laws that will force ISPs and other Carriage Service Providers (CSPs) to store information on Australian citizens for two years. It sounds scary, but as you'll hear the data covered by the proposed new law is actually pretty mundane stuff like DHCP and SIP logs.

We have a new Risky Business sponsor this week, an Australian company named Senetas. These guys make layer 2 crypto gear which I find very, very interesting. So in this week's sponsor interview I basically just had a yarn with Senetas co-founder and CTO Julian Fay about where that sort of gear is most useful. As you'll hear, Julian knows networks and he knows crypto.

Adam Boileau, as usual, joins us for the week's news headlines.

Show notes

This week's feature interview source material:
------------------------------------------------------------------------

The AFP's definition of communications metadata:
http://scott-ludlam.greensmps.org.au/sites/default/files/afpdoc.pdf

This week's news items:
------------------------------------------------------------------------

John McAfee, in Hiding, Condemns Belizean Government as 'Pirates' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/mcafee-essay/

Skype Restores Password Resets, Repairs Flaw that Allows Account Hijacking | threatpost
http://threatpost.com/en_us/blogs/skype-suspends-password-resets-investi...

Attackers Compromise Adobe Connect User Site | threatpost
http://threatpost.com/en_us/blogs/attackers-compromise-adobe-connect-use...

Google Puts Flash in a Sandbox on OS X | threatpost
http://threatpost.com/en_us/blogs/google-puts-flash-sandbox-os-x-111412

Bradley Manning Offers to Plead Guilty to Partial Charges, Including Leaking to WikiLeaks | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/bradley-manning-plea-notice/

============================================
SPONSORED WHITEPAPERS. READ 'EM TO SUPPORT RISKY BUSINESS!

Senetas - Security Products White Papers
http://www.senetas.com/products/resources/white-papers.htm
============================================

Given Tablets but No Teachers, Ethiopian Children Teach Themselves | MIT Technology Review
http://www.technologyreview.com/news/506466/given-tablets-but-no-teacher...

Dictionary apps post false piracy confessions on Twitter - Crave
http://www.cnet.com.au/dictionary-apps-post-false-piracy-confessions-on-...

Hong Kong stock exchange hacker sentenced to jail | ZDNet
http://www.zdnet.com/cn/hong-kong-stock-exchange-hacker-sentenced-to-jai...

Blizzard Sued Over Data Breach, Authenticator Sales | threatpost
http://threatpost.com/en_us/blogs/blizzard-sued-over-data-breach-authent...

Twitter Resets More Passwords Than Accounts Hacked | threatpost
http://threatpost.com/en_us/blogs/twitter-resets-more-passwords-accounts...

Ransomware a growing menace, says Symantec | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57548314-83/ransomware-a-growing-menace...

Microsoft Update Includes Critical Security Update for IE 9, First Patches for Windows 8, RT | threatpost
http://threatpost.com/en_us/blogs/microsoft-update-includes-critical-sec...

Variant of Mac Malware Targets Tibetan Activists | threatpost
http://threatpost.com/en_us/blogs/variant-mac-malware-targets-tibetan-ac...

Memory Bug Fixed in Tor Client | threatpost
http://threatpost.com/en_us/blogs/memory-bug-fixed-tor-client-110912

This week's feature track:
------------------------------------------------------------------------

The Afrobiotics - Don't Play With Fire on Official.fm
http://official.fm/tracks/yG16

Risky Business #263 -- Data retention and the national security review
0:00 / 63:27

Risky Business Podcast

November 08, 2012

Risky Business #262 -- Side channel VM crypto attacks are badass

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're chatting with renowned megabrain Peter Gutmann about a paper on side channel attacks against crypto keys in virtualised environments. It's really complicated stuff, but very, very interesting.

Peter didn't do this research or write the paper, but I always like getting his take on this stuff because... well... he's really smart and he doesn't overhype stuff. That's after the news.

This week's show is brought to you by a new sponsor! NCC Group! Yay!

These guys have been the acquisition monster over the last couple of years, picking up NGS Security, iSec Partners and Matasano, among others. They're a large infosec company these days with a lot of extremely clever people working for them.

Joining us in this week's sponsor interview is Wade Alcorn, the Australia country manager for NCC Group... he's also the founder of the BeEF project and a very smart guy. He's joining us to have a chat about some interesting developments in Japan where a bunch of people have been arrested and charged with criminal offences for writing grey-market and downright illegal mobile apps.

Show notes

Experts Warn of Zero-Day Exploit for Adobe Reader - Krebs on Security
http://krebsonsecurity.com/2012/11/experts-warn-of-zero-day-exploit-for-...

Adobe Patches Critical Memory Vulnerabilities in Flash Player, AIR | threatpost
http://threatpost.com/en_us/blogs/adobe-patches-critical-memory-vulnerab...

COLUMBIA, S.C. - Lawsuit over SC Revenue security breach expanded - State & Regional - TheState.com
http://www.thestate.com/2012/11/05/2508579/lawsuit-over-sc-revenue-secur...

PixSteal-A Trojan Steals Images, Uploads to Iraqi FTP Server | threatpost
http://threatpost.com/en_us/blogs/pixsteal-trojan-steals-images-uploads-...

M3AAWG Recommends New DKIM Best Practices | threatpost
http://threatpost.com/en_us/blogs/m3aawg-recommends-new-dkim-best-practi...

Google Adds Malware Scanner to Jelly Bean 4.2 | threatpost
http://threatpost.com/en_us/blogs/google-adds-malware-scanner-jelly-bean...

Android Smishing Vulnerability Found in Android Open Source Project Firmware | threatpost
http://threatpost.com/en_us/blogs/android-smishing-vulnerability-found-a...

Coke Gets Hacked And Doesn't Tell Anyone - Businessweek
http://www.businessweek.com/news/2012-11-04/coke-hacked-and-doesn-t-tell

More VMware ESX Source Code Posted Online | threatpost
http://threatpost.com/en_us/blogs/more-vmware-esx-source-code-posted-onl...

Team Ghostshell Allegedly Spills 2.5 M Russian Records | threatpost
http://threatpost.com/en_us/blogs/team-ghostshell-allegedly-spills-25-m-...

Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1 | threatpost
http://threatpost.com/en_us/blogs/apple-patches-kernel-passcode-lock-and...

Apache Server-Status Publicly Viewable on Top Sites | threatpost
http://threatpost.com/en_us/blogs/apache-server-status-publicly-viewable...

China Most Threatening Cyberspace Force, U.S. Panel Says - Bloomberg
http://www.bloomberg.com/news/2012-11-05/china-most-threatening-cyberspa...

Facebook password-bypass flaw fixed | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57544933-83/facebook-password-bypass-fl...

Hotmail Takes on Election Duties as Servers in New Jersey Crash | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/11/new-jersey-email-fai/

Hackers expose British Navy email logins - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322232,hackers-expose-british-navy-ema...

Fraudsters launder cash though grants startup - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/322118,fraudsters-launder-cash-though-...

www.cs.unc.edu/~reiter/papers/2012/CCS.pdf
http://www.cs.unc.edu/~reiter/papers/2012/CCS.pdf

Japanese Android developers arrested for infecting 10 million users - Hacker News , Security updates
http://thehackernews.com/2012/10/japanese-android-developers-arrested.ht...

,

The critical memory it has is really something. We need to get ourselves busy with that one. - Flemings Ultimate Garage

,

Link to Sophail: Applied attacks against Sophos Antivirus
https://lock.cmpxchg8b.com/sophailv2.pdf

Risky Business #262 -- Side channel VM crypto attacks are badass
0:00 / 52:41

Risky Business Podcast

November 02, 2012

Risky Business #261 -- Divide by zero, destroy power grid

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

We've got a great feature interview in this week's show with a computer science undergrad in the US who worked on a paper dealing with GPS security. You'll find out how you can melt down power lines with GPS haxx! Fun for the whole family!

This week's show is sponsored by Tenable Network Security. We'll be having Tenable product manager Jack Daniel on the line to talk about the death of periodical vulnerbility scanning. Apparently continuous scanning is all the rage these days!

I've spent the entire week down with the manflu, as you will probably hear, so apologies if the energy levels are down a bit this week.

Show notes

VUPEN Researchers Say They Have Zero-Day Windows 8 Exploit | threatpost
http://threatpost.com/en_us/blogs/vupen-researchers-say-they-have-zero-d...

Deloitte audit report that makes NZ government look like jerks:
http://www.msd.govt.nz/documents/about-msd-and-our-work/newsroom/media-r...

NY Post Pisses Its Pants Over Terrorism Homework; And You Should Too | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/terrorism-homework/

Homeland Security chief: Banks 'under attack' by hackers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57543300-83/homeland-security-chief-ban...

Huawei looks to German security researchers for help | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57542809-83/huawei-looks-to-german-secu...

Anonymous takes aim at Zynga | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541801-83/anonymous-takes-aim-at-zynga/

Millions of SSNs lifted from South Carolina database | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541481-83/millions-of-ssns-lifted-fro...

Feds charge 14 with making ATM cashouts appear like one - SC Magazine
http://www.scmagazine.com/feds-charge-14-with-making-atm-cashouts-appear...

Outages hit Google App Engine, Dropbox, Tumblr, and more | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541195-83/outages-hit-google-app-engi...

China blocks NY Times over story on leader's 'hidden fortune' | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57541137-83/china-blocks-ny-times-over-...

U.S. looks to replace human surveillance with computers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57540826-83/u.s-looks-to-replace-human-...

Cisco Patches Vulnerabilities in Data Center and Web Conferencing Products | threatpost
http://threatpost.com/en_us/blogs/cisco-patches-vulnerabilities-data-cen...

ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining | threatpost
http://threatpost.com/en_us/blogs/zeroaccess-botnet-cashing-click-fraud-...

Here's the paper discussed in this week's feature interview!
http://users.ece.cmu.edu/~dbrumley/courses/18487-f12/readings/Nov28_GPS.pdf

If you enjoyed the music in this week's show, buy it!

Shop \xab Andrea Soler
http://andreasoler.com/shop/

,

Windows 8 is really good. I don't really think it will be particularly good in there. - ReputationAdvocate.com

Risky Business #261 -- Divide by zero, destroy power grid
0:00 / 59:57

Risky Business Podcast

October 26, 2012

Risky Business #260 -- News, Ducklin, Arkin and more!

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week's show is brought to you by our benevolent overlords at Adobe! And this week's sponsor interview is a must listen. Adobe's director of product security and privacy Brad Arkin joins us to discuss the breach at Adobe HQ that lead to malicious binaries being signed as valid by their code signing boxes.

Yes, it's a sponsor interview but Brad does a great job at answering some tough questions about the known extent of the compromise. I found that conversation extremely interesting and I suspect you will too.

We also chat to him about some new security features in Flash Player and Reader.

Also this week we're chatting with Paul Ducklin of Sophos Australia. Duck is well known to most Risky Business listeners, he's a regular guest, and this week he's joining us to talk about a few items of interest -- Oracle's awful patching schedule, a Sony lawsuit getting tossed and some weak DKIM issues that affected Google.

Insomnia Security's Mark Piper joins us to discuss the week's news headlines. You can find links to all our news in this week's show notes.

Risky Business #260 -- News, Ducklin, Arkin and more!
0:00 / 58:11

Risky Business Podcast

October 20, 2012

Risky Business #259 -- MSDfail, Brett Moore and moooore!

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This week's show is being produced entirely on the ground at the Ruxcon Breakpoint security conference in my old home town of Melbourne Australia! And it's a shorter show than usual because I'm pretty busy down here producing a bunch of podcasts as a part of some joint coverage I'm doing for both Risky.Biz and The Register. If you want to check out some audio and blog posts from Breakpoint, head to http://risky.biz/breakpoint. They're not up yet, but you'll soon find some interviews with people like Barnaby Jack and Joshua Drake (jduck) there\u2026 or you can subscribe to the RB2 podcast feed at http://risky.biz/feeds if you want that content automagically.

In this week's sponsor interview we're chatting with Insomnia Security founder Brett Moore. Thanks to Insomnia security for all its support of this podcast. If you're a CSO in New Zealand and you've never had a pen test from these guys you're doing it wrong.

It's a company founded by Brett Moore and staffed by the likes of our regular news co-host Adam Boileau and his sometime fill in Mark Piper, as well as a few other guys. Brett joins us to recap Breakpoint and tell us what he thinks of the epic MSDfail in NZ. Why do organisations commission expert advice if they're just going to ignore it?

Show notes

MSD admits not acting on early system breach alerts... | Stuff.co.nz
http://www.stuff.co.nz/technology/digital-living/7826984/MSD-admits-not-...

Russian Anti-Virus Firm Plans Secure Operating System to Combat Stuxnet | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/kaspersky-operating-system/

Second LulzSec member pleads out in Sony Pictures attack - SC Magazine
http://www.scmagazine.com/second-lulzsec-member-pleads-out-in-sony-pictu...

Pentagon Hacker McKinnon Wins 10-Year Extradition Battle | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/mckinnon-extradition-win/

State-Sponsored Malware 'Flame' Has Smaller, More Devious Cousin | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/miniflame-espionage-tool/

WikiLeaks Goes Behind Paywall, Anonymous Cries Foul | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/wikileaks-paywall-anonymous/

Cyberthieves steal $400,000 from Bank of America | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57533007-83/cyberthieves-steal-$400000-from-bank-of-america/

Hackers target Fairfax holiday site Stayz, altering bank details on listings | News.com.au
http://www.news.com.au/travel/australia/hackers-target-fairfax-holiday-s...

Roxon issues discussion paper on mandatory data breach laws - Risk - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/319578,roxon-issues-discussion-paper-o...

Zero-day attacks last much longer than most would believe - SC Magazine
http://www.scmagazine.com/zero-day-attacks-last-much-longer-than-most-wo...

Pacemakers, defibrillators open to attack \u2022 The Register
http://www.theregister.co.uk/2012/10/17/pacemakers_open_to_wireless_attack/

Information Disclosure Zero-Day Discovered in Novell ZENworks | threatpost
http://threatpost.com/en_us/blogs/information-disclosure-zero-day-discov...

Oracle Patch Update to Include 109 Patches | threatpost
http://threatpost.com/en_us/blogs/oracle-patch-update-include-109-patche...

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update | threatpost
http://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-unt...

Adobe Extends Security of Reader and Acrobat With Better Sandbox, Force ASLR | threatpost
http://threatpost.com/en_us/blogs/adobe-extends-security-reader-and-acro...

Exploit Code Released Targeting Firefox 16 Vulnerability | threatpost
http://threatpost.com/en_us/blogs/exploit-code-released-targeting-firefo...

The Cactus Channel - Official Site
http://www.thecactuschannel.com/

,

The breach in the system is always there. We need to get used to it sometimes. - Mission Maids

Risky Business #259 -- MSDfail, Brett Moore and moooore!
0:00 / 38:46

Risky Business Podcast

October 11, 2012

Risky Business #258 -- Kevin Mitnick on identity verification

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week's show we're chatting with Kevin Mitnick! Arguably the world's best known hacker, Kevin used to be a very naughty boy, and that saw him sent to prison a few times... but since his most recent release over 12 years ago he's established himself as a security consultant, author and globetrotting public speaker.

We're chatting to him about the fundamentals of identity verification. How can you be sure that person on the phone requesting a password reset really is your customer? Can you rely solely on static identity information in this day and age?

This week's show is brought to you by PacketLoop, an Australian start-up doing really interesting packet capture analysis. It's big data security analytics! It's really interesting stuff and we're thrilled to have the support of a local company doing new things.

We'll be chatting to PacketLoop co-founder and CTO Michael Baker in this week's sponsor interview about roughly what they're doing.

PacketLoop is also sponsoring our coverage of Ruxcon Breakpoint next week. Just head to http://risky.biz/breakpoint for all our breakpoint coverage, with thanks to PacketLoop. I'll be down there dual filing stories and audio for Risky.Biz and The Register.

Show notes

Report: Chinese Tech Firms Should Be Viewed With Suspicion, Barred From U.S. Networks | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/chinese-telecoms-suspicious/

Hackable Huawei - F-Secure Weblog : News from the Lab
http://www.f-secure.com/weblog/archives/00002442.html

Philippines court halts a contentious cybercrime law | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57529298-83/philippines-court-halts-a-c...

Worm spreading on Skype IM installs ransomware | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57528353-83/worm-spreading-on-skype-im-...

Symantec: Russian criminals sell Web 'proxy' with backdoors | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57528254-83/symantec-russian-criminals-...

Middle East cyberattacks on Google users increasing | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57525334-83/middle-east-cyberattacks-on...

Microsoft Patches Critical Word Flaw; Certificate Key Length Changes are Official | threatpost
http://threatpost.com/en_us/blogs/microsoft-patches-critical-word-flaw-c...

Adobe, Microsoft Issue Updates for Critical Flaws in Flash Player | threatpost
http://threatpost.com/en_us/blogs/adobe-microsoft-issue-updates-critical...

New Tactics Helping Toll Fraud Malware on Android Avoid Detection | threatpost
http://threatpost.com/en_us/blogs/new-tactics-helping-toll-fraud-malware...

Zitmo Growing More Sophisticated, Prevalent in Android | threatpost
http://threatpost.com/en_us/blogs/zitmo-growing-more-sophisticated-preva...

Malware Signed by Adobe Certificate Only Used in Limited Targeted Attacks | threatpost
http://threatpost.com/en_us/blogs/malware-signed-adobe-certificate-only-...

Hack In The Box: Pirate Bay MIA, Chrome vulnerability found | ZDNet
http://www.zdnet.com/hack-in-the-box-pirate-bay-mia-chrome-vulnerability...

Proof-of-Concept Exploits HTML5 Fullscreen API for Social Engineering | threatpost
http://threatpost.com/en_us/blogs/proof-concept-exploits-html5-fullscree...

\ufeffGoogle App Engine open to session jacking - Web/client - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/318610,65279google-app-engine-open-to-...

Flaws allow 3G devices to be tracked - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/317819,flaws-allow-3g-devices-to-be-tr...

3000 EU infosec pros engage in mock attacks - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/318261,3000-eu-infosec-pros-engage-in-...

Twitter outage caused by human error, domain briefly yanked | Internet & Media - CNET News
http://news.cnet.com/8301-1023_3-57528165-93/twitter-outage-caused-by-hu...

Hacker Goes on Massive WoW Killing Spree; World Survives | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/hacker-kills-thousands-in-wow/

Packetloop
http://www.packetloop.com/

The Izzys: Change Your Mind
http://www.shazam.com/music/web/track?id=57992307

,

The US are really careful of China. They have these kind of measures to ensure they don't get so far. - James D. Sterling

Risky Business #258 -- Kevin Mitnick on identity verification
0:00 / 62:13

Risky Business Podcast

October 05, 2012

Risky Business #257 -- Exploits for Win8 no mean feat

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

On this week's show we're taking a look at Windows 8 with Alex Ionescu. Alex works for Crowdstrike, he's a genuine expert in Windows internals and he says exploit writing and persistence when it comes to owning windows boxes is about to get a whole lot harder. That's after the news.

This week's show is brought to you by Insomnia Security. Insomnia is a New Zealand-based consultancy founded by Brett Moore. But these days Insomnia is much bigger than Brett. It has six full timers and they're all very clever chaps. Adam Boileau works there, as does this week's sponsor guest Mark Piper! We're chatting to Mark about what "typical" APT attackers get up to. What does the run of the mill APT MO actually look like?

Show notes

Hackers Breached Adobe Server in Order to Sign Their Malware | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/09/adobe-digital-cert-hacked/

Adobe to revoke code signing certificate | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57521794-83/adobe-to-revoke-code-signin...

White House confirms 'spearphishing' intrusion | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57523621-83/white-house-confirms-spearp...

Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent - Krebs on Security
https://krebsonsecurity.com/2012/09/chinese-hackers-blamed-for-intrusion...

Regulators shut down global PC 'tech support' scam | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57525250-83/regulators-shut-down-global...

Australia Post customers exposed in direct object reference flaw - Web/client - SC Magazine Australia
http://www.scmagazine.com.au/News/317651,australia-post-customers-expose...

FTC Takes On Scareware Marketers, Court Imposes $163M Judgment | threatpost
http://threatpost.com/en_us/blogs/ftc-takes-scareware-marketers-court-im...

Web security protocol HSTS wins proposed standard status | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57524915-83/web-security-protocol-hsts-...

SHA-3 Winner Chosen, But It May Be Years Before Keccak Has an Effect | threatpost
http://threatpost.com/en_us/blogs/sha-3-winner-chosen-it-may-be-years-ke...

Authentication Implications in Uniquely Identifiable Graphics Cards | threatpost
http://threatpost.com/en_us/blogs/authentication-implications-uniquely-i...

Microsoft Reaches Settlement with Site Linked to Nitol Botnet | threatpost
http://threatpost.com/en_us/blogs/microsoft-reaches-settlement-site-link...

Mozilla's Persona Web Authentication System Moves into Beta | threatpost
http://threatpost.com/en_us/blogs/mozillas-persona-web-authentication-sy...

DHS Issued False 'Water Pump Hack' Report; Called It a 'Success' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2012/10/dhs-false-water-pump-hack/

Cisco Patches Numerous Bugs in IOS, UCM | threatpost
http://threatpost.com/en_us/blogs/cisco-patches-numerous-bugs-ios-ucm-09...

City of Tulsa website not hacked after all | Tulsa World
http://www.tulsaworld.com/news/article.aspx?subjectid=334&articleid=2012...

IBM - My notifications
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&...

Nmap Development: Re: Hakin9's new Nmap Guide
http://seclists.org/nmap-dev/2012/q4/18

Breakpoint 2012 Speakers List
http://www.ruxconbreakpoint.com/speakers/#Alex Ionescu

Insomnia Security, New Zealand
http://www.insomniasec.com/

Breakpoint 2012 Training List
http://www.ruxconbreakpoint.com/training/

Bag Raiders - So Demanding - YouTube
http://www.youtube.com/watch?v=_Q0VERQxy_w

,

The signing certificate has been pretty good so far. That is really good if we need to do that. - Flemings Ultimate Garage

Risky Business #257 -- Exploits for Win8 no mean feat
0:00 / 61:44