Tag Archives: compliance

Defensive Security Podcast Episode 69

Advice from Bob on the importance of an accurate inventory; TrueCrypt meets an unfortunate end; Weak passwords are responsible for the initial intrusion in 31% of breaches; 71% of exploits used Java; 59% of malicious email used an attachment, 41% used a link; NTT’s Global Threat Intelligence Report finds that most incidents are the result of failing to take basic precautions; DHS reports about a public utility compromised by a brute force attack; There is an apparent discrepancy between the severity of the breaches detailed in the recent  DOJ indictment of alleged Chinese hackers and the way that the breached companies categorize was was stolen, and whether that loss needed to be reported to share holders.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://arstechnica.com/security/2014/05/bombshell-truecrypt-advisory-backdoor-hack-hoax-none-of-the-above/
http://blog.itgovernance.co.uk/weak-passwords-responsible-for-31-of-cyber-attacks/

http://www.techcentral.co.za/surge-in-security-breaches-report/48374/
http://t.esecurityplanet.com/esecurityplanet/#!/entry/lowes-acknowledges-third-party-data-breach,5383580a025312186c0cf074
http://www.myce.com/news/only-51-of-anti-virus-scanners-detect-zero-day-malware-71652/
http://www.itproportal.com/2014/05/26/stop-the-blame-game-report-reveals-the-secrets-to-business-it-security/
http://news.techworld.com/security/3520791/public-utility-compromised-after-brute-force-attack-dhs-says/
http://mobile.bloomberg.com/news/2014-05-21/u-s-companies-hacked-by-chinese-didn-t-tell-investors.html

Defensive Security Podcast Episode 67

Doctor finds out the hard way that Google likes to index stuff; What’s old is new again – the current focus on improving detection is not new; Microsoft’s Security Incident Response Report and the malware explosion; Security vs. compliance.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.computerworld.com/s/article/9248205/IT_malpractice_Doc_operates_on_server_costs_hospitals_4.8M
http://www.brookings.edu/~/media/research/files/papers/2014/05/07%20strategy%20not%20speed%20digital%20defenders%20early%20cybersecurity%20thinkers%20bejtlich/voices%20from%20the%20cyber%20past%20final
http://www.zdnet.com/microsoft-report-downloaded-malware-exploded-in-late-2013-7000029131/#ftag=RSS4d2198e

Defensive Security Podcast Episode 40

Federal employees circumventing onerous security controls resulting in breaches;  Cryptolocker is scary stuff; PHP.net hacked, and the response; DDOS attacks getting much larger, but lasting less time; Our discussion on advanced malware.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.networkworld.com/news/2013/101713-federal-security-breaches-traced-to-274944.html
http://www.securelist.com/en/blog/208214109/Cryptolocker_Wants_Your_Money
http://bartblaze.blogspot.com/2013/10/phpnet-compromised.html
http://arstechnica.com/security/2013/10/hackers-compromise-official-php-website-infect-visitors-with-malware/
http://www.pcworld.com/article/2056188/brace-for-stronger-ddos-attacks-security-firm-warns.html