Risky Business #444 — $350m! Wiped! Off! Yahoo! Over! Breach!

POSTED on February 22, 2017

On this week’s show we’re chatting with Peter Gutmann about a couple of things that have combined to form a legit problem: The abuse of the Lets-Encrypt domain validated certificate authority combined with recent UI changed in Chrome are a phishers wet dream. We chat with Peter about that. The tl;dr is the browser makers need to get off their asses and do something about that, pronto.

This week’s show is sponsored by Exabeam. They just took $30m in funding from a VC and Cisco and they’re looking at doing some really interesting stuff in the SIEM world with, you guessed it, machine learning! In this week’s sponsor interview we’re chatting with Exabeam co-founder Sylvain Gil about a few things – the conversation does veer a bit into their products but it actually stays interesting, mostly because he discusses things like Exabeam’s roadmap in terms of problems they’re trying to solve. So even if you have no desire to buy a new SIEM, you’ll still probably find that one interesting from an academic point of view.

Adam Boileau, as always, stops in to discuss the week’s news, and Jake Davis is back with a… reinterpretation(?!) of the Hacker Manifesto.

Links to items discussed in this week’s show have moved – they’re now included in this post, below.

Oh, and do add Patrick, Jake or Adam on Twitter if that’s your thing.