Defensive Security Podcast Episode 12

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://www.informationweek.com/security/vulnerabilities/cisco-password-fumble-hardware-security/240151244

Etsy’s solution for running java: http://codeascraft.etsy.com/2013/03/18/java-not-even-once/

http://www.infosecurity-magazine.com/view/31372/seoul-cautious-in-blaming-north-korea-for-massive-cyberattack-

http://blogs.mcafee.com/mcafee-labs/south-korean-banks-media-companies-targeted-by-destructive-malware

http://arstechnica.com/security/2013/03/your-hard-drive-will-self-destruct-at-2pm-inside-the-south-korean-cyber-attack/

https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+Mechanism+-+Part+1/15394
https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+-+Part+2/15406
https://isc.sans.edu/diary/Wipe+the+drive!++Stealthy+Malware+Persistence+-+Part+3/15448
https://isc.sans.edu/diary/Wipe+the+drive%21++Stealthy+Malware+Persistence+-+Part+4/15460

The Usefulness of Security Education

The Importance of Reinstalling After a Virus or Malware Infection

In episode 11, I made some comments about wiping a compromised system rather than trying to clean it. I saw in my twitter feed a bit ago that the 2013 Shmoocon videos were posted. I looked through and one talk stuck out and I wanted to share here, given my comments: Wipe The Drive – Techniques for malware persistence..

Basically, the presenters show why it’s such a bad idea to simply clean a computer after a virus infection. I like to think this is common knowledge, but I meet people daily who so not understand the reasons behind taking this draconian approach.

Protect Yourself From The Latest Java Zero Day

Brian Krebs is reporting that a new zero day vulnerability and matching exploit are making the rounds, with no patch or fix in sight.

My recommendation is to consider disabling the java browser plugin or implementing no script with a policy to only allow java originating from intranet sites.

Be careful out there!