Defensive Security Podcast Episode 118

http://www.symantec.com/connect/fr/blogs/check-your-sources-trojanized-open-source-ssh-software-used-steal-information

https://nakedsecurity.sophos.com/2015/05/21/anatomy-of-a-logjam-another-tls-vulnerability-and-what-to-do-about-it/

http://krebsonsecurity.com/2015/05/carefirst-blue-cross-breach-hits-1-1m/

http://www.forbes.com/sites/thomasbrewster/2015/05/20/guns-bombs-hacking-cars-and-planes-dangerous-tweets-for-a-security-researcher/

3 thoughts on “Defensive Security Podcast Episode 118

  1. Hey guys, great show as usual.

    Here is how I’m planning to deal with the look-alike domains discussed in the show.

    On my inbound email system I’m going to use a regex string to detect partial matches to the domain I’m trying to protect in the sender address and message body (for links).

    For example, if I’m attempting to protect the defensivesecurity.org domain I’d match on any sender string that contains “@de” and ends with “ty.org” (obvious tweaking necessary for message body and links, etc).

    For messages that meet this match I’ll alert our SecOps and include a Warning in the subject line or maybe defang the link altogether.

Leave a Reply