Tag Archives: Cold Fusion

Defensive Security Podcast Episode 64

Some advice from Bob, arrest made in the heartbleed attack on the Canadian Revenue Agency; Heartbleed used to bypass 2 factor controls,;Mandiant’s 2014 M-Trends report; The economics of security controls; 3 million credit cards stolen from Michaels and Aaron’s stores; Hardward company Lacie has a year long data breach.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.theregister.co.uk/2014/04/16/mounties_get_their_man_canadian_heartbleed_hacker_nabbed

https://www.mandiant.com/blog/attackers-exploit-heartbleed-openssl-vulnerability-circumvent-multifactor-authentication-vpns/

http://www.v3.co.uk/v3-uk/news/2340171/hackers-hit-harley-medical-group-in-customer-data-extortion-attempt

https://www.mandiant.com/blog/mtrends-2014-threat-report-revealed/

http://www.fireeye.com/blog/corporate/2014/04/the-economics-of-security.html

http://krebsonsecurity.com/2014/04/3-million-customer-credit-debit-cards-stolen-in-michaels-aaron-brothers-breaches/

http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/

Defensive Security Podcast Episode 52

Coke loses 55 laptops and 56000 records over 7 years; Private cyber espionage network in India; Review of the Shell_Crew hack using Adobe Cold Fusion exploit; Should we punish employees who fall for phishing emails?; Assuming your network has been hacked; more details on the Target breach are emerging.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Defensive Security Podcast Episode 33

Cause of recent DOE breach revealed to be outdated Coldfusion; 30% of adults willingly open emails they know are malicious; Spear phishing led to successful attacks on the nyt and twitter; DNS attack types

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Cause of recent DOE breach revealed to be outdated Coldfusion: http://www.informationweek.com/security/attacks/energy-dept-hack-details-emerge/240160685

30% of adults willingly open emails they know are malicious: http://www.csoonline.com/article/738869/social-engineering-study-finds-americans-willingly-open-malicious-emails?page=1

Spear phishing led to successful attacks on the nyt and twitter: http://www.networkworld.com/news/2013/082813-spear-phishing-led-to-dns-273297.html?page=1

DNS attack types: http://images.infoworld.com/d/security/3-types-of-dns-attacks-and-how-deal-them-225826

Defensive Security Podcast Episode 18

Adobe warns customers of a Cold Fusion 0day, Washing courts owned by that 0day, web servers found compromised with the Cdorked/Darkleech, critical vulnerability in Nginx, Anonymous’ opUSA turned out to be a bunch of nothing, too many admins is bad for security, Name.com gets compromised, The Onion’s twitter feed is compromise by the SEA, slippery slope of BYOD and Google’s plans for authentication.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

 

Cold fusion: http://www.networkworld.com/news/2013/050913-adobe-warns-customers-of-unpatched-269596.html