Risky Business Podcast

Your weekly security podcast, Risky Business, is available for download, with thanks to this week's sponsor Check Point Software. We're in our second four-day week here in Australia, so please forgive the lateness.

On this week's show:

• Brian "Jericho" Martin from Attrition.org discusses the Hannaford stores data breach in the US and resulting law suits

• Securus Global's Declan Ingram talks forensic recovery -- prosecution is hard and Australian businesses are increasingly reluctant to spend the money to recover court-usable evidence

• Check Point Software's Aviv Abramovich, Senior Security Architect, has a chat about these nasty new iframe attacks affecting Web-sites vulnerable to XSS

This week's podcast features an Australian exclusive -- an interview with Robert Malan. He's the founder and CTO of Arbor Networks, a company that does all sorts of cunning things "in the cloud" to mitigate the effects of DDoS attacks. Take that, Ruskies!

Arbor recently acquired Ellacoya networks. They want to start operating closer to the edge of carrier networks, clamping down further on other bot nets badness through policy enforcement.

This week's podcast is brought to you by McAfee and is hosted, as always, by Vigabyte virtual hosting.

On this week's show:

• ZDNet Australia's Munir Kotadia discusses the week's news with Patrick Gray
• Patrick Gray mispronounces Robert Malan's last name several times, then interviews him.
• Mike Sentonas from McAfee pops in for this week's sponsor interview

NOTE (20/3): After wondering why this week's download numbers were a bit slow, I realised the post didn't actually go into the RSS feed. Argh. Reposted now, two days later. Sorry!

This week's Risky Business is sponsored by the fine folk at Symantec. We have a special guest on today's podcast -- Greg Shipley, the CTO of Chicago-based consultancy Neohapsis. Host Patrick Gray\xc2\xa0chatted to\xc2\xa0Shipley while he was in Australia on vacation, and he has some very interesting things to say about the shambles we call the IT security industry.
\xc2\xa0
Oh, and in case you missed it, last week's Risky Business story about Adam Boileau's release of Winlockpwn was followed up by around 50 different news outlets worldwide. We rule.

On this week's podcast:

• ZDNet Australia editor Munir Kotadia discusses the week's news headlines with host Patrick Gray
• Neohapsis CTO Greg Shipley talks security kit, SIEM, whitelisting and more
• Symantec's Senior Director of Product Management Brian Foster tells us what the team at the big yellow box are focussing on these days in this week's sponsor interview

This week's podcast is brought to you by Check Point Software. On this week's show we've got a bit of an exclusive. Adam Boileau has released the software he developed to unlock Windows workstations with Firewire trickery. With all this talk of Cold Boot attacks, Boileau's old attack is suddenly new again.

On this week's show:

• ZDNet Australia's Munir Kotadia discusses this week's security news headlines with host Patrick Gray
• Immunity Inc's Adam Boileau talks Firewire, TPMs, Cold Boot attacks and more
• Check Point's Fred B\xc3\xb6rjesson talks data breach disclosure laws

Links:

Metlstorm's project page for the firewire attack
Arbor Networks blog post on Pakistan's accidental nuking of YouTube
More reading on Cold Boot
More reading on Winlockpwn
SoundFoundation.com.au's purchase page for this week's featured song

On this week's show we look at the James Bond-style attack on BitLocker involving frozen RAM. We also chat about Microsoft's "good worm" brainwave, the Australian Institute of Criminology's cyber-crime survey and more. This week's show is brought to you by Sophos and hosted by Vigabyte.

On this week's show:

• ZDNet Australia's Liam Tung discusses the week's news with host Patrick Gray
• "Homeless hacker" turned legit computer security consultant Adrian Lamo gives his take on the frozen RAM attack
• Sophos' APAC head of technology, Paul Ducklin, talks good worms in this week's sponsor interview
• The Australian Institute of Criminology's principal criminologist Dr. Russell Smith discusses Australia's largest every computer crime survey, which is coming soon!

This week's SoundFoundation track is Geek Manifesto by the Winnie Coopers.

This week's Risky Business is brought to you by Symantec, so a big thanks to the big yellow box! On this week's show we're looking at a different type of information security threat: listening devices and bugging.

Corporate espionage is real a problem in Australia, with incidents going unreported for obvious reasons. Risky Business spoke to bug-hunter and counter intelligence expert Les Goldsmith about Australia's bug problem.

On this week's show:

• Munir Kotadia discusses the week's news with host Patrick Gray
• ESD Group's Les Goldsmith discusses listening devices, counter-intelligence and encrypted telephony
• Senior systems engineer with Symantec, Rogan Mallon, joins us for this week's sponsor interview

This week's special, longer and stronger podcast is all about intrusion detection and prevention systems (IDS/IPS) and is hosted by the fine folk at Vigabyte virtual hosting.

By now you've been Powerpointed to death by vendor sales reps who insist their latest system can block attacks that haven't been invented yet. Of course that's utter BS, as Declan Ingram points out in his must-hear presentation on IDS and IPS.

Between 24 X 7 monitoring staff -- yours or outsourced -- slacking off and playing Xbox instead of reading real-time logs, to the inherent flaws in self-learning IPS, there's something in this talk for everyone.

On this week's show:

• ZDNet Australia's Munir Kotadia discusses the week's news with Risky Business host Patrick Gray
• Hear Securus Global consultant Declan Ingram's IDS/IPS presentation, edited for your aural pleasure

This week's edition of Risky Business is brought to you by Sophos.

On this week's podcast:

• ZDNet Australia's Munir Kotadia discusses the week's news
• Patrick Gray asks CSO Adam Pointon if robust security practices could have prevented Societe General's $8.2 billion loss to a rogue trader
• Paul Ducklin, head of technology for Sophos in the Asia Pacific, discusses multi-stage malware

The music heard at the end of this week's podcast is by Afro Dizzi Act. You can buy the track at soundfoundation.com.au.

This week's podcast looks at a few interesting topics. Apparently the bad guys are about to ditch IRC as a command and control channel for botnets and start using RSS, blogs and steganography to communicate with their zombie armies... sneakily!

The show is brought to you this week by the fine folks at Check Point Software Technologies and hosted, as always, by Vigabyte.

On the podcast:

• ZDNet Australia's Munir Kotadia discusses the week's news
• Immunity Inc's Adam Boileau talks about exploiting Windows' IGMP bug and botnet C&C
• Steve MacDonald from Check Point joins us for this week's sponsor interview

The music heard at the end of the podcast came from Sound Foundation.

This week's edition of Risky Business is brought to you by the folks at the big Yellow Box -- Symantec! Big thanks also go out to Vigabyte for providing the bandwidth for the podcast. On this week's show:

• Our favourite newshound, ZDNet Australia's Munir Kotadia, discusses the week's news
• This week's feature interview is with Graeme Neilson of Aura Software Security and we're talking BlackBerrys. Aura's developed a trojan for the gadget that Neilson uses in security audits -- he describes it as BackOriface (remember that?) for the BlackBerry -- and if you thought getting badware to run on the mobile devices is hard, you're sadly mistaken
• Symantec's Rob Pregnall joins host Patrick Gray to talk about a new banking trojan that side-steps two factor authentication in this week's sponsor interview
• Risky Business takes a quick look at some questionable marketing tactics being used by an anti-spyware software manufacturer during a chat with Netregistry CEO Larry Bloch