Risky Business #431 -- What should the USA do about Russian hacks? Risky Business #559 -- Maybe it was the Israelis hacking the Russians to masquerade as Iranians? For the companies that have provided generous sponsorship for the event, some of this money has already been spent on the venue deposit, art work, website design, crafting and various other sundry. Risky Business #76 -- MythBusters mauled, BGP borked, MIFARE mangled, Risky Business #75 -- Red Hat gets pwned hard, RaceToZero wrap, Risky Business #74 -- HOWTO: Make your own Elvis bin Laden e-passport, Risky Business #73 -- PCI DSS and kiosk hacking 101, Risky Business #72 -- HOWTO: Launder money, Risky Business #71 -- H D Moore talks DNS bugs. Risky Business #275 -- Patch Tuesday, Indicator Wednesday? Risky Business #180 -- 2010: Wikileaks, Stuxnet and CyberWar Inc. Risky Business #179 -- Turning black boxes clear, Risky Business #178 -- Bricking police radios with P25 vulnerabilities, Risky Business #177 -- Silvio Cesare discusses his AV PhD, Risky Business #176 -- A conversation with Brian Snow. Risky Business #346 -- Haters gonna hate, Americans gonna 'muric, Risky Business #345 -- Advanced sock puppetry and news website manipulation, Risky Business #344 -- Super Mario Cisco adventures, Risky Business #343 -- Special news guest HD Moore. Risky Business #13 -- Web application research and consumer liability for online fraud, Risky Business #12 -- Hacker extraditions and the national ID card, Risky Business #9 -- VoIP security and the vulnerability drinking game, Risky Business #8 -- Richard A. Clarke interview. Risky Business #217 -- Patrick Webster joins the show. Risky Business #310 -- Export exploits? Risky Business #152 -- Playing in the sandbox with Mark Dowd, Risky Business #151 -- Didier Stevens talks about cmd.dll. Risky Business #443 -- CrowdStrike and NSS face off, Hal Martin charged and more, Risky Business #442 -- A bad week for Freedomhosting II, Cellebrite and Polish banks, Risky Biz Soap Box 1: DevOps, appsec and squandered opportunities, Risky Business #441 -- Gone in 60 seconds: Attacking ephemeral resources, Risky Business #440 -- Matt "PwnAllTheThings" Tait on the politicisation of infosec. Being respectably middle-aged and law-abiding hackers, Kawaiicon will be exceeding the, This means you need to show your current NZ Vaccine Pass so we can scan it. Original stories and articles may be republished without charge provided that attribution is provided to the source and author. Risky Business #430 -- LulzSec's Tflow talks NSA exploits, justice and remorse, Risky Business #429 -- Kreb's dumped, satellite hacking, election insecurity and more, Risky Business #428 -- Cross-platform Tor Browser pwnership with Ryan Duff, Risky Business #427 -- Cahill law partner Brad Bondi on MedSec suit, Risky Business #426 -- House Oversight Committee drops OPM breach report PLUS St Jude sues MedSec, Risky Business #425 -- MedSec CEO Justine Bone on the Muddy Waters short. Risky Business #392 -- A look at Silverpush with Kevin Finisterre, Risky Business #390 -- Crypto derpery abounds in wake of Paris attacks.
Original stories and articles may be republished for free provided that attribution is provided to the source and author.
Risky Business #274 -- Is "active defence" legal?
All 2022 tickets will be transferred to 202X.
Risky Business #525 -- Back on deck for 2019! Yahoo! If you are a user of Plan Study Abroad or Global Reach. Well do our best to let you know when and if it changes again. Risky Business #292 -- Jon Callas: Why Silent Mail got the bullet, Risky Business #291 All your SIMs are belong to Karsten Nohl, Risky Business #290 -- A chat with Howard Schmidt, Risky Business #289 -- Smart TVs are kinda stoopid, Risky Business #288 -- Planet Android safe from flaming pwncomet. Risky Business #128 -- Metasploit acquired by Rapid7, Risky Business #127 -- Extra Chunky Cyber Security with David Rice, Risky Business #126 -- Doing it right and getting owned anyway, Risky Business #125 -- Bottle Domains appeals, bank sued by phishing victim, Risky Business #124 -- Blogger brazenly pwns Web apps, publishes results. Risky Business #368 -- AusCERT edition: Brian Krebs, Eva Galperin and more! It sucks to feel like you might be missing out, but its best to go home and watch the live stream (if we get one going).
Risky Business #85 -- H D Moore talks Metasploit 3.2, IPv6, Risky Business #83 -- The Military Digital Complex, Risky Business #82 -- The Paul Craig Omnibus Experience, Risky Business #81 -- Reports of the death of the Internet are greatly exaggerated (again), Risky Business #80 -- The Kiwicon II Panel, PLUS Secure-Freedom.org, Risky Omni(bus)iness #79 -- GOVCERT.NL special, Risky Business #78 -- Geekonomics author David Rice. Risky Business #599 -- You get domain admin! MergeBase! Risky Business #436 -- Do you know your supply chain is horrible?
Risky Business #388 -- Cyber shrinkery, IoT shenanigans and guest Troy Hunt.
PLUS Dan Guido on DARPA's Cyber Grand Challenge. Subscribe to our new RSS feed to see new articles as they are posted. Risky Business #249 -- Did the BlueHat prize experiment succeed? Our paid services are listed on the website and must be paid directly.
Risky Business #462 -- Does the Australian government want to break encryption? Risky Business #514 -- New NSO Group report released and another State Department email breach. Wiped!
Risky Business #140 -- Former NSA tech director, info assurance, Brian Snow, Risky Business #139 -- Moore bugs for moar software, Risky Business #138 -- Dan Geer on the future of computing. You can get this through, You can get a NZ Vaccine Pass by either being up-to-date on your vaccinations, having a temporary exemption, or having a medical exemption. Or if the pandemic never ends (Ed note: hush now), or the Great Old Ones awaken in the deep, a spam can lodging in their eldritch rugose nostrils?
Risky Biz Soap Box: HD Moore on taking Rumble to the cloud, Risky Business #668 -- Microsoft is hiding its Azure security problems, Risky Business #667 -- "Shields Up" for cyber's forever war, Risky Business #666 -- The msdt RTF of DOOM, Risky Business -- #665 You can ransomware whole countries now, SAMPLE PODCAST: Risky Biz News: FSB-linked DDoS tool could also be used for disinformation campaigns, Risky Biz Soap Box: While you're watching a quiet one a noisy one will kill you, Risky Business #664 -- The Spanish Prime Minister got Pegasus'd, Risky Business #663 -- Israel cracks down on spyware exports, Risky Business #662 -- It's a bad month to be an electricity grid, Snake Oilers: Vectra, Google Security and SecureStack, Risky Business #661 -- Viasat hack details firm up, Snake Oilers: PentesterLab, AttackForge and Sysdig, Risky Business #660 -- Lapsus$ arrests, latest on Okta incident, Risky Biz Soap Box: Why allowlisting is ready for prime time, Risky Business #659 -- Okta and Microsoft meet LAPSUS$, Risky Business #658 -- Germany sounds alarm on Kaspersky software, Risky Business #657 -- Belarus targets refugee data, Risky Business #656 We expected a cyberwar but got an infowar, Risky Biz Soap Box: US Government will embrace "phishing resistant MFA", Risky Business #655 -- USG: Expect Russian cyber drama, Risky Biz Feature: "Everyone has a plan until they get punched in the face", Risky Business #654 -- FBI arrests deeply annoying cryptocurrency influencers, Risky Biz Soap Box: The state of malicious mass scanning with Andrew Morris, Risky Business #653 -- REvil arrests: Sometimes a banana is just a banana, Risky Business #652 -- Cyber Partisans take down Belarusian rail systems, Risky Business #651 -- Russia's ransomware diplomacy, Risky Biz Soap Box: Rolling your own threat intelligence with Steve Miller, Risky Business #650 -- USG drops Russia advisory as Ukraine tensions mount, Risky Business #649 -- Java being a fiddly mess saves the day, Risky Biz Soap Box: Why Thinkst gives its honeytoken tech away for free, Risky Business #648 -- Adios, 2021, it's been real, Risky Business #647 -- Israel slashes cyber exports, Interpol takes down 1,000 crooks, Risky Business #646 -- Apple cracks the sads, sues NSO Group, Risky Biz Soap Box: DDoS crews will hit you creatively, Risky Business #645 -- How Israel used NSO to make friends in low places, Risky Biz Soap Box: Linux is an infrastructure OS, act accordingly, Risky Business #644 -- USA sanctions NSO Group, hits REvil, Risky Business #643 -- Iranian fuel stations targeted, PNG ransomware a regional security risk, Risky Biz Feature Interview: Mark Dowd on the 0day market and future of exceptional access, Risky Business #642 -- Brits, Dutch and Aussies embrace Hounds Doctrine, Risky Business #641 -- Lawsuit: Ransomware contributed to baby's death, Risky Biz Snake Oilers: Mike Wiacek launches Stairwell, Red Canary on modern MDR and Datadog pitches full stack monitoring, Risky Business #640 -- Huh. Risky Business #553 -- Imperva's cloud WAF gets owned hard, Risky Biz Soap Box: Casey Ellis on "match.com for hackers", Risky Business #552 -- Guest host Alex Stamos on all the week's security news, Risky Business #551 -- Post Vegas edition, more news than we can handle. We are going to try to have rapid antigen tests (RATs) available. Noooope, Risky Business #498 -- There sure is a lot of Microsoft Defender out there these days, Risky Biz Soap Box: Root9b on agentless threat hunting, Risky Business #497 -- Silvio's greatest hits, Risky Business #496 -- The China supply chain problem, Risky Business #495 -- Russian Internet users are having a bad time, Risky Business #494 -- Cisco customers have a bad week, plus a deep dive on WebAuthn, Risky Business #493 -- SWIFT, pipeline attacks, Chrome's AV feature and more. Risky Business #439 -- Does WhatsApp have an NSA backdoor? Risky Business #416 -- Post holiday carnage edition, Risky Business #415 -- Lauri Love talks extradition, Risky Business #414 - Trading on OSINT for fun and profit, Risky Business #413 -- Matthew Green: The case against backdoors, Risky Business #412 -- Former NSA general counsel Stewart A Baker, Risky Business #411 -- Ruining the ImageMagick party. Drink! Risky Business #272 -- Jon Callas talks Silent Circle, Risky Business #271 -- All your funnycats R belong 2 APT1, Risky Business #270 -- Red teaming your law firm for fun and profit, Risky Business #269 -- Dave Aitel on the end of clientsides. Risky Business #243 -- Quickly! Risky Business #451 -- Shadowbrokers nothingburger edition, Risky Business #450 -- From Mirai to mushroom clouds in five easy steps, Risky Biz Soap Box: Senrio tackles IoT problem for CISOs, developers. Risky Business #449 -- Machine Learning: Woot or woo? If the Traffic light level goes to red or there are indoor limits in place in Wellington, we have to postpone (again). We are going to scan vaccine passes, so they have to be current. Over! Quite a lot. Risky Business #571 -- Is Joshua Schulte The Shadow Brokers?
Risky Business #248 -- Being Big Brother on a budget. Risky Business #110 -- Industry pioneer Nir Zuk, Gumblar, PCI lawsuits and more, Risky Business #109 -- Open source intelligence with Maltego creator Roelof Temmingh. Wassenaar says no, Risky Business #309 -- All your clipboards R belong 2 OJ.
Testing regularly will help reduce the amount of time infectious people are at the con. Risky Business #247 -- Could a quantum leap spell the end of crypto? Risky Business #245 -- Drop boxes for the win.
Risky Business #230 -- Can security tester accreditation work? If you start feeling unwell at all, please go home. REPOSTED (SEE NOTE): Risky Biz Snake Oilers: Roll up roll up! Wed prefer to avoid regular con flu, not just covid.
We've got a fix for what ails ya! This may be for you.
This year we arent able to do this and were big sad about it :(, Many kids havent been able to be vaccinated yet and we are requiring everyone at the event to be vaccinated. So, even at orange we want to help you (and help us) avoid spreading any kind of con flu. Weve had to do that once already, which is how the con ended up half a year offset. Well cross that bridge when we come to it, and set it on fire. Running a con is already a hard gig, and we are doing the best we can to give the NZ community hackers their hacker holiday. Risky Business #373 -- Hacking Team gets owned. Risky Business #145 -- Gonzalez sentenced, spooks MITM SSL and more! Risky Biz Soap Box: 12 years since Operation Aurora. And YOU get domain admin! Risky Business #218 -- Precisely how badly does Android support suck? If you already have a ticket, then we will honour that ticket for whenever the heck we can do an in person conference again. AMIRITE?? Risky Business #150 -- Is Near Real Time the detection method of the future? Risky Business #244 -- Padding oracle attacks on crypto tokens: How bad?
Check in with yourself - are you ready for a big day ahead of you? Were taking this pretty darn seriously, and hope that you are too. All Rights Reserved. Risky Business #341 -- Beware of the poodle, Risky Business #340 -- BPX droppin' iOS8 remote jailbreaks like it "ain't no thang", Risky Business #339 -- Neel Mehta on Heartbleed, Shellshock, Risky Business #338 -- BASHPOCALYPSE 2014, Risky Business #337 -- The Grugq and John Brooks on invisible.im and Ricochet, Risky Business #335 -- Whaledump hacker could change NZ government, Risky Business #334 -- Brian Snow reflects on 34 years at NSA, Snowden, Risky Business #333 -- Yahoo CISO Alex Stamos joins the show, Risky Business #332 -- Evading IDS with Multipath TCP, Risky Business #331 -- The Tails bug that wasn't, the Tor talk that isn't, Risky Business #330 -- Setting the infosec agenda, Risky Business #329 -- BitCoins ARE money, Snowden seeks Russia stay, Risky Business #328 -- HD Moore talks massive scanning and invisible.im, Risky Business #327 -- PayPal grounded by Flight Mode, Risky Business #326 -- Code Spaces, Nokia blackmailed in hacks, Risky Business #325 -- China's old stuff more popular than its new stuff, Risky Business #324 -- More SSL bugs, plus a chat with Andy Greenberg. Risky Business #286 -- The one where we talk about Snowden, Risky Business #285 -- Beating the G20 Internet cafe, Risky Business #284 -- Snowden and the Internet counter-culture, Risky Business #283 -- America, we need to talk, Risky Business #282 -- The future of hacktivism, Risky Business #280 -- South Africa edition, Risky Business #279 -- Retarded Persistent Threat, Risky Business #278 -- Pentest revenue figures puzzling, Risky Business #277 -- Vuln research trends with Mark Dowd, Risky Business #276 -- Cold and flu edition.
Snake Oilers 10 part 2: Do too many users have VPN access to your prod environment? Risky Business #236 -- What to do with 300mb of VMware source? So if you had an old, expired vaccine pass you do need to get a new one. In the unlikely event that you cant attend any more because you are getting married on the to be confirmed date for the 202X conference, you know who you are, email us. Risky Business #102 -- Washington spanks PCI DSS, Risky Business 101 -- DECT hacking plus special guest Paul Asadoorian, Risky Business #100 -- L0phtCrack is back, Risky Business #99 -- H D Moore rang 4500 times. We cant get those orders refunded and we really dont want to mail out thousands of hoodies and shirts. AAARRggGgGGHHH!!!! Are you hydrated? Risky Business #185 -- Peter Gutmann talks SSD forensics, Risky Business #184 -- Kevin Poulsen on his new book Kingpin, Risky Business #183 -- All tip and no iceberg, Risky Business #182 -- Major flaws in Microsoft's AppLocker, Risky Business #181 -- Android security FTL. Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Risky Business #453 -- The Intel bugs: How freaked out should you be? We will try to have some RAT kits on hand so you can grab one on the way out. If you need to change your mask, well have plenty and you can crack open a fresh one. We are filling the venue to 75% capacity (about 1,700 hackers). Check out below for how postponing will work. Risky Biz Soap Box: From 2 billion events to 350 alerts with Respond Software, Risky Business #524 -- Huawei CFO arrested, US Government dumps on Equifax, Snake Oilers 8 part 2: Forticode's Cipherise, device features from Exabeam and SentinelOne on "active EDR", Snake Oilers 8 part 1: Rapid7's InsightAppSec, WhiteSource and Virus Total Enterprise, Risky Business #522 -- Alex Stamos co-hosts the show, reflects on Snowden disclosures.
If this does happen lets call that future-date-we-hope-to-not-have-to-use 202X. There is nothing stopping you from expressing yourself in other ways (wear your favourite boots, decorate your claws in whichever way you like, go hard on the eye shadow, cosplay as your favourite space cowboy). Well be extending the length of the breaks to allow for more time to leave the venue for meals. Breach!
This plan is subject to change because government, viruses, and friends are all hard to predict.
Risky Business #112 -- Pollie wanna hacker? Risky Business #215 -- Aussie researcher heavied, Mitnick and more! Drop us an email at kiwicon@kiwicon.org. Risky Business #205 -- Who's the real Shady RAT? Only the person carrying out vaccine pass checks will know your government-issued identity details. Risky Business #513 -- The DPRK indictment, BA gets owned, Webauthn issues and more [CORRECTED], Snake Oilers 7 part 2: Assetnote.io launch, InQuest and Aiculus, Risky Business #512 -- Five Eyes nations send clear message on encryption, Risky Business feature interview: Linux malware is booming, thanks to IoT, Risky Business #511 -- Australia, Japan to ban Huawei, Struts drama, DNC lols and more, Snake Oilers 7 part 1: Rapid7 on changes to InsightVM, ITProTV on online training, Risky Business feature interview: Bob Lord, CSO, Democratic National Committee, Risky Business feature: Adam Boileau recaps Black Hat and DEF CON, Risky Business #509 -- Just the usual mayhem and ownage, Risky Business #508 -- Special guest Greg Shipley of In-Q-Tel's Cyber Reboot, Risky Biz Soap Box: Zane Lackey of Signal Sciences talks DevOps, Risky Biz Soap Box: Cylance: Driving machine learning model development with threat research, Snake Oilers 6 part 2: Proofpoint on cred phishing, Exabeam defines next-gen SIEM, Risky Business #506 -- How security teams can work with PR, Risky Business #505 -- Sanger vs FireEye, Reality Winner cops a plea, Snake Oilers 6 part 1: InsightIDR from Rapid7, whitelisting with Airlock Digital and testing your SOC personnel with AttackIQ, Risky Business #504 -- Latest email frauds and changes to money muling, Risky Business #503 -- North Korean tech in the global supply chain, Risky Business #502 -- Inside China's hacker scene. We have decided to trim down the conference to the essentials - that means we wont be organising extra events like parties in the evenings. We want to see you in the meatspace, not via some Zoom session. Do not leave your mask off in order to continuously snack or drink.
Were feeling pretty wangawanga about the pandemic.
Risky Business #448 -- Dan Geer on cloud providers: Too big to fail? Risky Business #311 -- Does NameCoin have legs? Risky Business #2^6 -- Cisco rootkits and the return of Rux, Risky Business #63 -- Gutmann gleeful, Ranum raves. And, be kind? Risky Business #387 -- Hack people to death! Risky Business #541 -- NSO Group makes global headlines. Risky Business #253 -- All your internal IP ranges R belong 2 Maltego, Risky Business #252 -- Attacks on Aramco likely state sponsored, Risky Business #251 -- Thunderbolt strikes Mac EFI, Risky Business #250 -- Hack it like it's 1999.
Risky Business #454 -- Intel AMT latest, TavisO's horror-show Windows bug, Macron leaks and more! If you need to remove your mask for a quick sip or snack, thats okay. Risky Business #347 -- So what does Detekt detect?
The CIA really was out to neck Assange, Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective.
kiwicon 2022 schedule
