Risky Business

This week's feature interview is with Dave Jorm, a Brisbane-based security geek and environmental science aficionado who's done some really interesting OSINT analysis of agricultural efficiency in North Korea with publicly available satellite data. He's presenting his findings at AusCERT's annual conference on the Gold Coast next week; he joins the podcast to talk about his work and the online community of North Korea watchers. Ok, so it's not exactly about infosec, but it's really interesting stuff and I hope you all enjoy it! read more [1] [1] http://risky.biz/RB281

This week's show was being produced on the road so it's a bit of a different format -- I did a longer than usual news panel session from the conference floor! Our news discussion panel consists of: The Grugq Dominic White , SensePost Charl van der Walt , SensePost Andrew MacPherson , Paterva (Maltego) read more [1] [1] http://risky.biz/RB280

This week's edition of the show is pre-recorded because I'm off surfing in Jeffreys Bay, South Africa. There will be no show next week, but the week after that I'll be bringing you an episode from the ITWeb Security Summit in Johannesburg where I'm speaking. In this week's show we've got a great interview with Wade Baker, the managing principal of Verizon's RISK team, and the topic, of course, is this year's Verizon Data Breach Investigations Report. read more [1] [1] http://risky.biz/RB279

This week's show is jam packed. We'll be hearing from our favourite firmware hacker, sneaky Snare , all about the leak of AMI's UEFI implementation source code and firmware signing key. What will it mean for firmware research? read more [1] [1] http://risky.biz/RB278

This week's feature interview is with Mark Dowd of Azimuth Security. Mark joins the show to fill us in on the latest trends in vulnerability research and exploit development. We recap CanSecWest's Pwn2Own competition and look at what 2013 has in store research-wise. Risky.Biz is pleased to welcome a new sponsor to the lineup -- Solera Networks, makers of fine, big data security software. read more [1] [1] http://risky.biz/RB277

This week's show is another shorter one! I've been sick so I just couldn't pull together a feature interview. But we've got an extra long news segment for you with Adam Boileau. Click through to the show notes to see what we discussed. We've also got a chat with this week's sponsor guest Chris Gatford of the Australian security consulting firm HackLabs . read more [1] [1] http://risky.biz/RB276

This week's show is brought to you by our longest term sponsor, Tenable Network Security, thanks guys. In this week's sponsor interview we chat with the CEO and co-founder of Tenable, industry stalwart Ron Gula. We're chatting to him about a funny idea -- that the release of indicators of compromise might become so regular that they'll have to be handled in regular info sec team workflow. So we'll have Patch Tuesday and "which IPs owned us" Wednesday. read more [1] [1] http://risky.biz/RB275

In this week's feature interview we chat with Jennifer Granick, the Head of Civil Liberties at Stanford University's Centre for Internet and Society. Jennifer has extensive experience with cyberlaw -- she has acted for clients as diverse as Aaron Swartz and HBGary! She's done it all! And she joins the show to talk about a few things -- is active defence ever legal? And what the hell is going on with the Computer Abuse and Fraud Act over there in the USA? read more [1] [1] http://risky.biz/RB274

In this week's feature interview we're chatting to industry legend and In-Q-Tel CSO Dan Geer about the idea of offence as defence. If someone's attacking you do you have the moral right to attack them back? Dan actually thinks you do. This week's show is brought to you by Adobe. Adobe's head of product security and privacy Brad Arkin pops along to have a bit of a chat about the busy few months they've been having at Adobe dealing with some interesting bugs. read more [1] [1] http://risky.biz/RB273

On this week's show we chat to PGP Corporation co-founder Jon Callas. Jon's been in the security business for a long time and he's bringing us up to speed on his latest venture, Silent Circle. This week's show is brought to you by the Australian security consulting and penetration testing firm HackLabs . And we've got a really interesting sponsor interview with HackLabs head honcho Chris Gatford about how many, many organisations simply don't do any foot-printing... and it means they miss so much! Come on people, it's a two-day job! read more [1] [1] http://risky.biz/RB272

On this week's show we're chatting with Mandiant's Managing Director of Threat Intelligence, Dan McWhorter, about that company's report into Chinese cyber espionage activity. Mandiant dropped the report last week and it's caused quite a stir, even eliciting a response from the Whitehouse and Chinese officials. That's an interesting conversation and it's after the news. read more [1] [1] http://risky.biz/RB271

On this week's show we're taking a look at the issue of secondary targeting. These days it's borderline likely that attackers who want information on your company's upcoming mergers and acquisition activity won't even bother attacking you to get the intel. They'll go for your law firm instead... or your accountants... or another partner. CERT Australia Executive Manager Dr. Carolyn Patterson joins the show to talk about that. read more [1] [1] http://risky.biz/RB270

On this week's show we have a chat with industry stalwart Dave Aitel of Immunity Inc. Dave joins us to chat about a few things -- like what it will be like when clientside memory corruption exploits become as rare as server side corruption exploits are now. How will that change the security discipline? We also have a chat about El Jefe and sneaky ways of handling command and control. read more [1] [1] http://risky.biz/RB269

This week's feature interview is with Casey Ellis of BugCrowd.com -- a new business that runs outsourced bug bounty programs. It's a great idea and it's one that I personally think will really take off over the next couple of years. This week's show is brought to you by our good friends at Adobe. read more [1] [1] http://risky.biz/RB268

This week's show takes a look back at some of the big issues and stories of 2012: The arrest of the Lulzsec crew, the release of Stratfor's email by Wikileaks and the Australian government ban on Huawei participating in the NBN rollout. With bonus lulz. This is the final episode of Risky Business for 2012. We'll be back in February 2013!