Tag Archives: badbios

Defensive Security Podcast Episode 46

More security thoughts from Bob; A paper on thwarting targeted email attacks from Japan; Security recommendations for SMB’s from Sophos; An update on Badbios; How to handle our parent’s infected home computers over the holidays.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Guide on preventing targeted email attacks and one on preventing apt: http://www.ipa.go.jp/security/english/newattack_en.html

SMB’s putting themselves at risk: http://www.networkworld.com/news/2013/112613-small-businesses-put-themselves-at-276393.html?source=nww_rss

Badbios update:
PoC audio comms: http://news.cnet.com/8301-1009_3-57614442-83/malware-jumps-air-gap-between-non-networked-devices/
Investigation continues, slowly: https://plus.google.com/app/basic/stream/z13zzjjaun3iwj32g23cz52wykrrvjjce#_MBDG1 –

Defensive Security Podcast Episode 41

New trojan looking for SAP installations, possibly a harbinger of things to come; Turns out Adobe used symmetric encryption to store the 130M passwords that were stolen; A dicey list of suggestions on how not to be the guy that gets your company owned; The results of the 2013 social engineering capture the flag are not pretty; Some security researchers completely compromise a government agency with a fake Facebook profile of an attractive lady; and all sorts of craziness about #badbios.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.infoworld.com/d/security/new-malware-variant-suggests-cybercriminals-targeting-sap-users-230014
http://arstechnica.com/security/2013/11/how-an-epic-blunder-by-adobe-could-strengthen-hand-of-password-crackers/
http://qz.com/120946/the-complete-guide-to-not-being-that-idiot-who-got-the-company-hacked/
http://www.darkreading.com/vulnerability/social-engineers-pwn-the-human-network-i/240163379
http://www.zdnet.com/government-agency-compromised-by-fake-facebook-hottie-7000022700/
BadBIOS intro: http://blog.erratasec.com/2013/10/badbios-features-explained.html
BadBIOS rebuttal: http://www.rootwyrm.com/2013/11/the-badbios-analysis-is-wrong/