Black Hat

Parisa Tabriz of Google at Black Hat

Special Black Hat Coverage: Google’s Parisa Tabriz Says Don’t Be A Jerk

Podcast: Play in new window | Download (Duration: 29:46 — 34.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this special Black Hat edition of the Podcast, sponsored by UL: Parisa Tabriz, Google’s Director of Engineering for the Chrome Web browser, brought some strong medicine to Las Vegas for her Black Hat keynote speech. We talk about why her simple message was so groundbreaking. Also: Ken Modeste of UL joins us from the Black Hat briefings to talk about UL’s efforts to make cyber security as important to consumers in the 21st century as product safety was in the 20th.

Episode 107: What’s Hot at Black Hat & does DHS need its new Risk Management Center?

Podcast: Play in new window | Download (Duration: 46:44 — 53.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of The Security Ledger Podcast (#107): Hacker Summer Camp takes place in Las Vegas this week as the Black Hat, DEFCON and B-Sides conferences take place. We’re joined by DigiCert Chief Technology Officer Dan Timpson to talk about the presentations that are worth seeing. And, in our second segment, The Department of Homeland Security launched a new Risk Analysis Center that sounds a whole lot like some programs it already runs. Is this bureaucratic overkill or is DHS on to something?

Iran Centrifuge

Researchers use radio to jump air gapped industrial control systems

Researchers at CyberX say they have found a way to sneak sensitive data off of industrial control system networks using radio frequency communications. The attack could be used to compromise so-called “air gapped” networks that are not connected to the Internet.

Information Security has a MeToo Problem

Podcast: Infosec has a #MeToo Problem also TOR-ifying Wikipedia

Podcast: Play in new window | Download (Duration: 1:01:53 — 113.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast, we talk with Genevieve Southwick, CEO of the B-Sides Las Vegas hacker conference about the information security industry’s #metoo problem and what steps conference organizers are taking to stem sexual assault and harassment at information security events. Also: researcher Alec Muffet talks with us about making a TOR version of Wikipedia (and why it’s not sticking around). Finally, Martin McKeay of Akamai talks about the state of Internet security one year after Mirai. (Spoiler alert: Mirai is still a problem.)

Hero WannaCry Researcher Charged over Links to Kronos Trojan

In-brief: A British researcher who became a hero after he stopped the WannaCry ransomware from spreading globally has been apprehended in Nevada and charged with distributing the Kronos banking trojan in the U.S. between July 2014 and July 2015.