In this week’s podcast episode, #152: we talk with Akamai researcher Larry Cashdollar about his discovery of Silex, a new example of IoT killing malware allegedly authored by a 14 year old. Also: Steve Mullaney, the CEO of the cloud security start up Aviatrix joins us to talk about Amazon’s new cloud security conference: Re:Inforce.
When Akamai researcher Larry Cashdollar checked the contents of a honeypot operates from his home network on a recent morning, he was surprised by what he saw. Buried in a binary file that turned up in his honeypot was an apologetic message from an unknown malware author for hacking and then bricking his device.
Malware…and an Apology
The binary turned out to be a new malicious program, which Cashdollar dubbed Silex, that was designed to break into and then wipe clean any Internet of Things device running embedded versions of the Linux operating system.
In our first segment, we talk to Larry about his discovery and about its alleged teenage author. We also talk about the bigger problem of insecure Internet of things devices, which are proving to be easy targets for malicious programs.
When Amazon brought its re:inforce show to Boston in late June, the goal was to highlight the latest efforts that the massive cloud computing provider is taking to make its environment friendly for application developers and for security companies. But is Amazon and its AWS service a playground for new security startups, or a competitor to them?
In securing the Cloud is Amazon Friend or Foe?
Watch out RSA Conference. Amazon – the world’s biggest cloud provider – hosted its first ever security conference last week: Re:inforce. But for would be cloud security providers, is the world’s biggest commercial cloud company a partner or a competitor?
In our second segment this week, we’re joined by someone who should know. Steve Mullaney, the President and CEO Of Aviatrix, a startup that focuses on securing multi-cloud environments. In this conversation, Steve and I talk about the rapid computing transformation, as enterprise IT migrates swiftly to the cloud. Steve and I discuss the security needs that companies have as they migrate to cloud environments like AWS and whether Amazon, Google and Microsoft are partners to security providers, or competitors.
As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloud, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.