Tag Archives: phishing

Defensive Security Podcast Episode 47

More advice from Bob; Chinese spear phish diplomats with Mrs Bruni-Sarkozy’s nude pictures; Network segmentation could have mitigated phishing attacks on governments; Krebs find organizations having systems with open RDP connections rented out; Generation Y employees have a dubious view on security; 61% of web traffic is automated; 5 recommendations on improving the security situation; Some great incident response documents from Society Generale; More ideas on cleaning up family’s computers when visiting for the holidays.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.businessinsider.com/nicolas-sarkozys-naked-wife-used-as-bait-by-g20-hackers-2013-12

http://www.networkworld.com/news/2013/121113-security-tactics-might-have-helped-276821.html?page=1

http://krebsonsecurity.com/2013/12/hacked-via-rdp-really-dumb-passwords/

http://www.net-security.org/secworld.php?id=16096

http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013

http://www.networkworld.com/news/2013/121013-a-fistful-of-security-fixes-276800.html

https://cert.societegenerale.com/en/publications.html

Defensive Security Podcast Episode 24

Kaspersky study indicates 200,000 malware variants are released daily, the Carberp trojan’s source code is leaked and an 0day is discovered, FINRA reports on prolific cyber attacks against its members, the FT is attacked by the Syrian Electronic Army and gives a play by play on what happened, Kaspersky reports an 87% increase in phishing attacks, Google reports that compromised legitimate sites are more dangerous than malicious sites, Sophos says 30,000 SMB sites are hacked per day to spread malware, the age old debate about administrator rights, password complexity, and the unintended consequences of leaks: foreign companies defect to more hospitable countries, renewed focus on systems administrators, and we can stop pretending to not know where Stuxnet came from. Continue reading Defensive Security Podcast Episode 24

Defensive Security Podcast Episode 9

Episode 9 – From Las Vegas
Comments/questions/hate mail to info@defensivesecurity.org
Follow podcast on twitter @defensivesec

DDOS attack on Bank of the West masked a $900,000 theft from the account of Ascent Builders. http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/

Bible.org- https://isc.sans.edu/diary/When+web+sites+go+bad%3A+bible+.+org+compromise/15250
Site compromised – serving malware, had rudimentary defense against automated analysis

Bit9 update: https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
– kudos to bit9 for transparency and disclosure – hopefully works in their favor

Continue reading Defensive Security Podcast Episode 9