Podcasts

Autosploit simply combines two, existing hacking tools. But it does make hacking the IoT easier for low skill "script kiddies" says Brian Knopf of the firm Neustar.

Episode 82: the skinny on the Autosploit IoT hacking tool and a GDPR update from the front lines

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s episode of The Security Ledger Podcast (#82), we take a look at Autosploit, the new Internet of Things attack tool that was published on the open source code repository Github last week. Brian Knopf of the firm Neustar joins us to talk about what the new tool might mean for attacks on Internet of Things endpoints in 2018. Also: the go-live date for the EU General Data Protection Regulation is just months away, but many firms are still unaware that the regulation even exists. We’ll hear two reports from the front lines of GDPR, first from Sam Peifle of the International Association of Privacy Professionals and then by Shane Nolan of IDA, the Irish Development Authority.

The insides of a Revolar device, one of three tested by DUO Security, which found wide discrepancies in the security of the personal safety wearables. (Image courtesy of DUO Security.)

Episode 81: Hacking IoT with Physics, Poor Grades for Safety Wearables and Peak Ransomware

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report. 

In this week's podcast, we talk with three different experts about APT (advanced persistent threat) actors in Russia, North Korea and the Middle East. (Image courtesy of US Dept. of Defense)

Episode 80: APT Three Ways

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast, Episode – number 80 – we look at Advanced Persistent Threat (or APT) actors three ways with three different experts offering their take on the world’s most sophisticated hacking groups in Russia, North Korea and the Middle East. 

Faced with blowback from its cyber operations in the US and Western Europe, will Russia reconsider the utility of such tools? Flashpoint said that is one possible development to watch for in 2018. (Image courtesy of the U.S. Department of Defense.)

Spotlight Podcast: Is Russia rethinking its Cyber Offense?

Podcast: Play in new window | DownloadSubscribe: Android | RSSIf 2016 and 2017 saw aggressive efforts by the government of Russia to use hacking and online information operations to influence politics in the U.S. and Western Europe, 2018 may see the country reckoning with the aftermath of those campaigns. And that may result in a rethink of the utility of online information and hacking operations, says Flashpoint in its Business Risk Intelligence report. 

We talk with PAS Global about a Chatham House report on the hacking risk to nuclear weapons.

Episode 79: Hackable Nukes and Dissecting Naughty Toys

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.