All posts by jb

Defensive Security Podcast Episode 51

Podcast

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Bob’s wisdom for the week;  Learning from the Target breach; Question: given the massive Target breach, the Neiman Marcus breach and rumors of 6 other significant retailers being breached, assuming Target and others were complying with PCI rules, what will be the PCI council’s response?  AWS & GoDaddy hosting malware.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Why we don’t rely on AV: https://securosis.com/blog/a-very-telling-antivirus-metric

Target:
1. http://arstechnica.com/security/2014/01/point-of-sale-malware-infecting-target-found-hiding-in-plain-sight/
2. http://www.f-secure.com/weblog/archives/00002660.html

Risk Science Podcast Episode 10: http://riskscience.net/2013/12/26/episode-10-speculation-and-conjecture/

AWS & godaddy: http://m.slashdot.org/story/196881.

Defensive Security Podcast Episode 50

Podcast,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Advice from Bob; the Threat of Powerlocker, a new variant of ransomware; Senior managers are bad at security; More details emerge about the Target breach; and Jerry’s rant about the PTV situation.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.informationweek.com/security/attacks-and-breaches/beware-powerlocker-ransomware/d/d-id/1113344

http://www.csoonline.com/article/745703/senior-managers-fumble-security-much-more-often-than-rank-and-file

http://www.csoonline.com/article/745806/rising-impact-of-target-breach-indicates-deeper-hack-into-systems?page=1

http://www.reuters.com/article/2014/01/12/us-target-databreach-retailers-idUSBREA0B01720140112

https://www.maliciouslink.com/a-different-perspective-on-the-ptv-website-vulnerability-debacle/

Defensive Security Podcast Episode 49

Podcast, , , , , , , ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

More wisdom from Bob; Yahoo’s ad network delivers the magnitude exploit kit; OpenSSL site defaced by way of the hypervisor; How a 4 year long HIPAA breach highlights the need for activity monitoring; Credit Union files lawsuit against Target, seems to lack some facts; US CERT issues advisory on POS malware; 7 dodgy tips for protecting your organization from data breaches and why this security stuff is hard; A political rant on the state of security.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Yahoo ad network delivering malware:  http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/
OpenSSL/hypervisor http://feedly.com/k/1bIBvK1
Importance of monitoring activity: http://www.healthcareitnews.com/news/four-year-long-hipaa-data-breach-discovered
Lawsuit accused Target of not complying with PCI: http://feedly.com/k/1lJp6v0
Probably completely coincidental to the Target breach: http://www.us-cert.gov/ncas/alerts/TA14-002A
7 tips for protecting your business from a data breach: http://feedly.com/k/1alpWsA

http://www.freerepublic.com/focus/f-news/558347/posts

 

Defensive Security Podcast Episode 48

Podcast,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

More advice from Bob; The Target breach; Hacking hard drive controllers; NSA shenanigans; Compromised BBC server for sale; 2014 predictions.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://blog.cryptographyengineering.com/2013/12/can-hackers-decrypt-targets-pin-data.html

http://spritesmods.com/?art=hddhack

http://www.spiegel.de/international/world/nsa-secret-toolbox-ant-unit-offers-spy-gadgets-for-every-need-a-941006.html

http://www.dailymail.co.uk/news/article-2531062/BBC-takes-three-days-regain-control-computer-server-hacker-breaks-tries-sell-access-cyber-criminals.html

Defensive Security Podcast Episode 47

Podcast, ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

More advice from Bob; Chinese spear phish diplomats with Mrs Bruni-Sarkozy’s nude pictures; Network segmentation could have mitigated phishing attacks on governments; Krebs find organizations having systems with open RDP connections rented out; Generation Y employees have a dubious view on security; 61% of web traffic is automated; 5 recommendations on improving the security situation; Some great incident response documents from Society Generale; More ideas on cleaning up family’s computers when visiting for the holidays.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://www.businessinsider.com/nicolas-sarkozys-naked-wife-used-as-bait-by-g20-hackers-2013-12

http://www.networkworld.com/news/2013/121113-security-tactics-might-have-helped-276821.html?page=1

http://krebsonsecurity.com/2013/12/hacked-via-rdp-really-dumb-passwords/

http://www.net-security.org/secworld.php?id=16096

http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013

http://www.networkworld.com/news/2013/121013-a-fistful-of-security-fixes-276800.html

https://cert.societegenerale.com/en/publications.html

Defensive Security Podcast Episode 46

Podcast, , ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

More security thoughts from Bob; A paper on thwarting targeted email attacks from Japan; Security recommendations for SMB’s from Sophos; An update on Badbios; How to handle our parent’s infected home computers over the holidays.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Guide on preventing targeted email attacks and one on preventing apt: http://www.ipa.go.jp/security/english/newattack_en.html

SMB’s putting themselves at risk: http://www.networkworld.com/news/2013/112613-small-businesses-put-themselves-at-276393.html?source=nww_rss

Badbios update:
PoC audio comms: http://news.cnet.com/8301-1009_3-57614442-83/malware-jumps-air-gap-between-non-networked-devices/
Investigation continues, slowly: https://plus.google.com/app/basic/stream/z13zzjjaun3iwj32g23cz52wykrrvjjce#_MBDG1 –

Defensive Security Podcast Episode 45

Podcast,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

99% of Indian programmers lack secure coding skills; Gartner’s 5 styles of defending against advanced threats; Malware: the war without end; a discussion on the value of penetration testing.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://m.infoworld.com/d/security/malware-war-without-end-231654
http://www.networkworld.com/news/2013/103013-gartner-defense-attacks-275438.html

Defensive Security Podcast Episode 44

Podcast, , , , , , ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Another tip from Bob; Anonymous blamed for stealing US Department of Health and Human Services Data; Cupid Media loses 42M unencrypted passwords in a breach they apparently did not disclose; Looking at a Ponemon study about views of IT security staff; Botnet take downs might be more marketing than helpful; New malware uses I2P for C&C; A longer than expected discussion on Stuxnet.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Anonymous government hacks: http://www.reuters.com/article/2013/11/15/us-usa-security-anonymous-fbi-idUSBRE9AE17C20131115

http://krebsonsecurity.com/2013/11/cupid-media-hack-exposed-42m-passwords/

http://blogs.technet.com/b/mmpc/archive/2013/11/20/carberp-based-trojan-attacking-sap.aspx

http://sophos.files.wordpress.com/2013/11/2013-ponemon-institute-midmarket-trends-sophos.pdf

http://www.networkworld.com/news/2013/112013-expert-botnet-takedowns-are-about-276161.html

Block TOR and i2p: http://www.infoworld.com/d/security/cyber-crime-forum-advertises-financial-malware-uses-stealthy-i2p-communications-231410

Brief mention of the stuxnet report: http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a-centrifuge.pdf

Defensive Security Podcast Episode 43

Podcast, , ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

More advice from Bob; PCI 3 is here; Stats from a survey of malware analysts; A report from EastWest on measuring the Cyber Security Problem; The benefits of a GRC program; and we talk about web defacements.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
PCI 3: http://www.bankinfosecurity.com/critiquing-new-version-pci-dss-a-6208
Study of malware analysts, highlighting that it’s apparently common to not disclose breaches: http://www.threattracksecurity.com/documents/malware-analysts-study.pdf
EastWest produces document outlining need for better incident/breach metrics: https://dl.dropboxusercontent.com/s/84odmpmtoee7rbu/MCP%20Final%2010_22_2013.pdf
VERIS Community already has this: http://www.veriscommunity.net/doku.php?id=public and it’s part of the input for the DBIR
Benefits of a grc application: http://www.computerworld.com/s/article/9243025/The_best_data_security_offense_is_a_good_defense?taxonomyId=17&pageNumber=1

 

 

Defensive Security Podcast Episode 42

Podcast, , ,

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Bob drops some more advice on malware; More details emerge about the Adobe password breach and it isn’t pretty; Long live the security perimeter; Snowden highlights the importance of not sharing passwords, and the downside to when it happens; A new 0day impacting Internet Explorer is making the rounds; And part 2 of our talk on advanced malware.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/

http://www.networkworld.com/news/2013/110513-long-live-perimeter-275650.html?page=1

http://news.cnet.com/8301-1009_3-57611528-83/nsa-workers-reportedly-shared-their-passwords-with-snowden/
http://arstechnica.com/security/2013/11/internet-explorer-users-face-drive-by-attacks-targeting-new-0day-bug/