Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #472 -- Iran DDoSed banks in 2012, US DoSed DPRK
There is no feature interview in this week’s show – it was a long weekend here in Australia plus a few things came up. But we’ve got a great show for you anyway. We’ll be discussing the week’s news headlines with Adam Boileau who’s back on deck after a short break, and then we’ll get straight into this week’s sponsor interview with Lee Weiner of Rapid7.
He’s the Chief Product Officer there and he’s joining us this week to explain why so many vendors are suddenly so obsessed with automation and orchestration. It’s a trend that actually makes a bunch of sense for a bunch of reasons, but the key is 100% going to be in the execution.
Links to everything are below.
Oh, and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes Clapper: U.S. shelved 'hack backs' due to counterattack fears Trump signed presidential directive ordering actions to pressure North Korea - The Washington Post As US launches DDoS attacks, N. Korea gets more bandwidth—from Russia | Ars Technica 6 Fresh Horrors From Equifax CEO Richard Smith's Congressional Hearing | WIRED Joseph Cox on Twitter: "Former Equifax CEO says company scans failed to identify system that was vuln to Struts bug https://t.co/SMWTVgiOsz https://t.co/SnYLamAqlG" The Equifax Hack Has the Hallmarks of State-Sponsored Pros - Bloomberg Certification Revocation List – GeoTrust Facebook says 10 million U.S. users saw Russia-linked ads Russian Facebook ads featured anti-immigrant messages, puppies, women with rifles | Ars Technica Google admits citing 4chan to spread fake Vegas shooter news | Ars Technica After the Las Vegas Mass Shooting, Watch Out For Hoaxes and Bad Info | WIRED SEC.gov | SEC Announces Enforcement Initiatives to Combat Cyber-Based Threats and Protect Retail Investors White House wants to end Social Security numbers as a national ID | Ars Technica Every Yahoo account that existed—all 3 billion—was compromised in 2013 hack | Ars Technica Whole Foods Market Payment Card Investigation Notification - Whole Foods Market Newsroom ICANN Postpones Scheduled DNS Crypto Key Rollover | Threatpost | The first stop for security news Breaking DKIM - on Purpose and by Chance Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have - Motherboard Understanding the prevalence of web traffic interception Code-execution flaws threaten users of routers, Linux, and other OSes | Ars Technica Three WordPress Plugin Zero-Days Exploited in the Wild Net Neutrality Activists Targeted by Clever Pornhub-Themed Phishing Campaign Security Failure: EpiPen’s Database Of Everyone W... | ClickHole