Disclaimer: These lines do not substitute the listening of the interview. The statements mentioned are close to literal or slightly summarised or just a subjective interpretation. Kudos to the pauldotcom crew!
Minute 8: Brian's IT network was taken over by the lion worm.
Minute 10: People start in security because either they were hacked or they were hacking and decided to change sides and go to the more difficult defence.
Minute 14: He writes about topics that are news to him. This way, they will also be news to everybody else.
Minute 18: A lot of the bad guys have multiple identities in different fora. Most of them specialise on a specific topic and they outsource the rest. [...] They are somehow open since they need to be reachable by their clientele.
Minute 21: Outsourcing in cybercrime is a constant. Even testing services to assess outsourced tasks are outsourced.
Minute 24-26: Ukraine is one of the main sources of attacks, even more than Russia: very technically savvy individuals with very low payslips in legal jobs.
Minute 32: A lot of people buy spam-announced pharmaceutical products.
Minute 34: Their prescription runs out, suddenly they see those announcements and they buy them. The medicine seems to work and it is a third of the real price. However, there is no guarantee that the medicine has the same quality every time [also from minute 44].
Minute 36: Some of those cheap medicines are made in China or India.
Minute 37: Usually those sites ship a pack of "Viasgra" for free with any other order medicine requested.
Minute 39-40: Rogue pharmacy is the driver of fraud on Internet nowadays. Although it is probably not the most lucrative business.
Minute 41: The most lucrative business in cybercrime is stealing from a corporate bank account through a piece of malware sent to someone in the organisation.
Minute 41: Changing your online banking credentials regularly is hardly done nowadays. This is why stolen credentials are still valid months after.
Minute 48: The gas station card skimmers is currently over the top as a real business.
Minute 50: ATM skimming figures - average skimmer scam takes around USD 60000 (not confirmed figure).
Minute 52: Gift card fraud is huge. However, given the high margins gift cards have, sellers tolerate it.
Minute 66: We need to clearly explain to people the consequences of not caring about security.
Minute 67: (Unfortunately) Only life-threatening factors will make people security conscientious.
Minute 73: Brian Krebs is reachable for any anonymous security news anyone would like to share with the public.
Happy reading/listening!
Happy new year 2011!
Happy new year 2011!