Risky Business

On this week’s show we chat with Charlie Miller all about the security of autonomous vehicles. As you’ll hear, he says autonomous vehicle security all comes down to some security fundamentals that are, in fact, being taken seriously by carmakers.

We’ve got an absolutely fantastic sponsor interview for you this week. This week’s show is brought to you by Senrio. They make an IoT network monitoring solution that’s actually really good. Stephen Ridley is the founder and head honcho at Senrio. He’s a very well known researcher and he joins us this week to talk about a few things.

First up he recaps the gSOAP library bugs the Senrio team found. They were a big deal in July, but as you’ll hear, people kinda missed the point. The affected gSOAP library is absolutely everywhere, including in, ahem, browsers. So yeaaaaah. There’s that.

Then we move on to the more sponsor-y part of the sponsor interview, talking about Senrio’s experience running the IoT hacking village at DEFCON. It was a great time for them, throwing their product at the most hostile IoT network the world has ever seen. To round out the Stephen Ridley omnibus experience we’ll also hear about a few training courses he’s offering on Android hacking and software exploitation via hardware exploitation.

Adam Boileau joins the show to talk about the week’s security news, links to everything are below.

Oh, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes The U.S. Is Trying to Seize 1.3 Million Visitor Logs, DreamHost Says - The Atlantic We Fight for the Users - DreamHost.blog After Shutdown, Daily Stormer Users Are Moving to a Dark Web Version of Site - Motherboard Someone Appears to Be DDoSing the Dark Web Version of The Daily Stormer - Motherboard Researcher Who Stopped WannaCry Pleads Not Guilty to Creating Banking Malware - Motherboard Top Security Firm May Be Leaking 'Terabytes' Of Confidential Data From Fortune 100 Companies | Gizmodo Australia Beware of Security by Press Release — Krebs on Security The Shadow Brokers Have Made Almost $90,000 Selling Hacking Tools by Subscription, Researcher Says - Motherboard HBO offered hackers $250,000 'bug bounty', leaked email claims | Technology | The Guardian Russian Hackers Are Targeting Hotels Across Europe, Researchers Say - Motherboard Attackers Backdoor NetSarang Software Update Mechanism | Threatpost | The first stop for security news Seven More Chrome Extensions Compromised | Threatpost | The first stop for security news Blizzard Entertainment Hit With Weekend DDoS Attack | Threatpost | The first stop for security news Cyberattack leaves millions without mobile phone service in Venezuela — Technology — The Guardian Nigeria Newspaper – Nigeria and World News Smart Locks Bricked by Bad Update | Threatpost | The first stop for security news IMSI Catcher Detection Apps Might Not Be All That Good, Research Suggests - Motherboard Ukrainian Man Arrested, Charged in NotPetya Distribution | Threatpost | The first stop for security news Juniper Issues Security Alert Tied to Routers and Switches | Threatpost | The first stop for security news slides_bh_pdf From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks | USENIX Legal Hacking Tools Can Be Useful for Journalists, Too - Motherboard Experts in Lather Over ‘gSOAP’ Security Flaw — Krebs on Security Devil's Ivy - Senrio Senrio Training