SSCC 74 - fighting hi-tech crime, Kelihos botnet, iCode for USA, Amazon Silk tablet, Mac malware and the BEAST

Filed Under: Apple, Botnet, Cryptography, Featured, Law & order, Malware, Microsoft, Mobile, OS X, Podcast, Privacy

Sophos Security Chet Chat logoThis week, Chester Wisniewski discusses the interesting and important stories of the week with Paul Ducklin, Head of Technology, Asia Pacific, at Sophos.

Chet and Duck talk about:

* co-operating to fight hi-tech crime;

* tackling the Kelihos botnet;

* taking on zombified home users to fight bots at source in the USA;

* weighing up the risks of the new, low-cost Amazon Silk tablet;

* and understanding the BEAST.

If you haven't been following security news lately, the BEAST is a recently released proof-of-concept toolkit which can extract encrypted data from SSL3/TLS1 sessions.

The vulnerability it uses was addressed with an update to the TLS standards five years ago; Chet and Duck discuss some of the reasons why we're still stuck in the TLS 1.0 mud.

Listen now:

(30 September 2011, duration 16:23 minutes, size 15.7 MBytes)

Don't want to listen online? Download the podcast for later:

Download Podcast

Sophos podcasts are also available via Stitcher, on iTunes or from our own podcast RSS feed.

, , , , , , , , , , , , , , , , , , , , , , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog