Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #502 -- Inside China's hacker scene
On this week’s show we chat with Peter Wesley. Peter’s well known around the Australian security scene, but a few years back he relocated to China, where security is booming. He did a presentation at the AusCERT conference on the Gold Coast last week all about the Chinese hacker scene and security industry. He joins us in this week’s feature interview to tell us about how the Chinese scene evolved and what its current relationship with the Chinese government looks like.
This week’s sponsor interview is a cracker. We’ll be joined by Ryan Kalember, Senior Vice President of Strategy with Proofpoint, the email filtering company. Ryan is along to talk about a phenomenon the Proofpointers are very interested in – we’ve all heard of VIPs, but he’s here to talk about VAPs – Very Attacked People.
So much attacker behaviour these days is driven by email-based attacks, and the people getting hit the most with this sort of stuff might not be the ones you expect. Ryan joins us later on for that conversation in this week’s sponsor interview, with thanks to Proofpoint.
The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.
Show notes What Will Microsoft's GitHub Buy Mean For Controversial Code? | WIRED A host of new security enhancements is coming to iOS and macOS | Ars Technica Apple Is Testing a Feature That Could Kill Police iPhone Unlockers - Motherboard Microsoft Adds Post-Quantum Cryptography to an OpenVPN Fork Oracle WebLogic RCE Deserialization Vulnerability (CVE-2018-2628) - DZone Security Data from 92 million accounts stolen from DNA testing site MyHeritage Hacker Defaces Ticketfly’s Website, Steals Customer Database - Motherboard SS7 routing-protocol breach of US cellular carrier exposed customer data | Ars Technica Judge dismisses Kaspersky lawsuits, U.S. government ban will stand Playing nice? FireEye CEO says U.S. malware is more restrained than adversaries' Former DIA official allegedly sold secrets to China, including possible Cyber Command information ICANN Launches GDPR Lawsuit to Clarify the Future of WHOIS | Threatpost | The first stop for security news With possible summit approaching, North Korean espionage hacks continue | Ars Technica Synack offers free penetration testing for election systems ahead of 2018 midterms CrowdStrike announces $1 million warranty for breaches that happen under its watch IE Zero-Day Adopted by RIG Exploit Kit After Publication of PoC Code CVE-2018-8174 | Windows VBScript Engine Remote Code Execution Vulnerability Chrome and Firefox leaks let sites steal visitors’ Facebook names, profile pics | Ars Technica Zip Slip Vulnerability Affects Thousands of Projects Across Multiple Ecosystems Malicious Git Repository Can Lead to Code Execution on Remote Systems The NSA Just Released 136 Historical Propaganda Posters - Motherboard NSA Security Posters 1950s-1970s - Album on Imgur