Category Archives: Podcast

Defensive Security Podcast Episode 85

http://arstechnica.com/tech-policy/2014/09/senior-it-worker-at-top-tech-law-firm-arrested-for-insider-trading/

Defensive Security Podcast Episode 84

http://www.businessweek.com/articles/2014-09-11/home-depot-hack-malware-points-to-different-hackers-than-targets

http://www.csoonline.com/article/2605857/security-awareness/successful-security-awareness-programs-hold-employees-hands-to-the-fire-in.html

http://www.networkworld.com/article/2604411/security0/ernst-and-young-accused-by-canadian-used-computer-dealer-of-data-breach.html

http://www.cyber-security-blog.com/2013/08/Responding-to-a-Domain-Admin-Account-Compromise-Bootstrapping-Trust-A-Billion-Dollar-Cyber-Security-Problem.html

http://digital-forensics.sans.org/blog/2013/06/20/overview-of-microsofts-best-practices-for-securing-active-directory

Defensive Security Podcast Episode 83

[1] http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/
[2a] http://nakedsecurity.sophos.com/2014/04/18/pci-dss-whats-new-in-v3-0/
[2b] https://www.pcisecuritystandards.org/documents/DSS_and_PA-DSS_Change_Highlights.pdf
[3] http://news.techworld.com/security/3543504/phishing-emails-fool-most-employees-but-is-this-their-problem-or-emails/
[4] https://www.nccgroup.com/en/blog/2014/09/phishing-all-you-need-is-one/
[5] http://hackerhurricane.blogspot.com/2014/09/infosec-industry-partly-responsible-for.html?m=1

Defensive Security Podcast Episode 82

http://www.databreachtoday.com/buying-cyber-insurance-5-tips-a-7250
http://www.csoonline.com/article/2600212/data-protection/why-russian-hackers-are-beating-us.html
http://www.aorato.com/labs/report/untold-story-target-attack-step-step/
http://www.csoonline.com/article/2599257/network-security/security-council-blames-breaches-on-poor-pci-standard-support.html#tk.rss_all

Defensive Security Podcast Episode 81

 

http://www.csoonline.com/article/2466084/data-protection/community-health-systems-blames-china-for-recent-data-breach.html
http://www.csoonline.com/article/2466726/data-protection/heartbleed-to-blame-for-community-health-systems-breach.html
http://www.csoonline.com/article/2597389/data-protection/more-problems-emerge-on-the-community-health-systems-network.html
http://www.securityweek.com/secret-service-over-1000-business-infected-backoff-point-sale-malware
http://nakedsecurity.sophos.com/2014/08/22/the-ups-store-breach-what-went-wrong-and-what-ups-got-right

Defensive Security Podcast Episode 80

[1] Recovering from a hacked website

[2] Albertson’s and Supervalu hacked

[3] VNC everywhere!!!!

[4] HTTPS as a solution to network injection appliances

[5] Tennessee company sues its bank to recover stolen money

[6] 7 places to check for signs of a targeted attack in your network

===================

[1] http://blog.soundidea.co.za/articles/Your_websites_been_hacked_now_what-378.html
[2] http://money.cnn.com/2014/08/15/technology/security/albertsons-supervalu-hack/index.html
[3] http://www.forbes.com/sites/kashmirhill/2014/08/13/so-many-pwns/
[4] http://www.theregister.co.uk/2014/08/16/time_to_ditch_http_state_network_injection_attacks_documented_in_the_wild/
[5] http://krebsonsecurity.com/2014/08/tenn-utility-sues-bank-over-327k-cyberheist/
[6] http://blog.trendmicro.com/trendlabs-security-intelligence/7-places-to-check-for-signs-of-a-targeted-attack-in-your-network/

Defensive Security Podcast Episode 79

[1] Cisco’s mid-year report
[2] Poorly trained IT workers pose a risk to organizations
[3] Cyber security should be professionalized
[4] How hackers are using Google to steal data’
[5] PCI creates a check-box mentality
[6] Gamma’s ownage detailed on pastebin
[7] 1.2 Billion passwords, Russians and controversy
Web Site | Subscribe in iTunes | Podcast RSS Feed | Twitter Email

[1] https://blogs.cisco.com/security/cisco-2014-midyear-security-report-exposing-weak-links-to-strengthen-the-security-chain/
[2] http://www.telegraph.co.uk/technology/internet-security/11011249/Poorly-trained-IT-workers-are-gateway-for-hackers.html
[3] http://www.csoonline.com/article/2461669/security-leadership/cybersecurity-should-be-professionalized.html
[4] http://www.csoonline.com/article/2462409/data-protection/how-hackers-used-google-in-stealing-corporate-data.html
[5] http://www.csoonline.com/article/2460607/security/pci-regime-has-bred-complacent-tick-box-security-among-retailers-tripwire-survey-finds.html
[6] http://pastebin.com/cRYvK4jb
[7] http://www.youarenotpayingattention.com/2014/08/08/the-lie-behind-1-2-billion-stolen-passwords/

Defensive Security Podcast Episode 78

Web Site | Subscribe in iTunes | Podcast RSS Feed | Twitter Email

[1] Researchers to demonstrate attacks by reprogramming firmware of commodity USB devices
[2] Survey find that enterprises are not paying attention to 3rd party risks, despite recent headlines
[3] Ransomware attack failed thanks to security awareness training
[4] Stubhub defrauded out of $1.6M using stolen passwords of its users
[5] Maricopa County fires IT manager in the wake of a data breach that the IT manager apparently warned the school about
[6] Why PCI can’t stop RAM scraping malware
[7] Plans for Israel’s Iron Dome apparently stolen by Chinese hackers

[1] http://nakedsecurity.sophos.com/2014/08/02/badusb-what-if-you-could-never-trust-a-usb-device-again/
[2] http://www.csoonline.com/article/2458048/security-leadership/insecure-connections-enterprises-hacked-after-neglecting-third-party-risks.html#tk.rss_all
[3] http://www.csoonline.com/article/2459961/security-leadership/security-managers-journal-a-ransomware-flop-thanks-to-security-awareness.html#tk.rss_all
[4] http://www.darkreading.com/7-arrested-3-more-indicted-for-roles-in-cyber-fraud-ring-that-stung-stubhub/d/d-id/1297510
[5] http://www.azfamily.com/news/School-fires-IT-manager-who-warned-of-security-breach-268218462.html
[6] http://www.darkreading.com/attacks-breaches/ram-scraper-malware-why-pci-dss-cant-fix-retail/a/d-id/1297501
[7] http://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-firms-that-built-iron-dome-missile-defense-system/

Defensive Security Podcast Episode 77

Russians steal the NASDAQ; Importance of AV in incident response; Report finds poor security communication between staff and executives; Microsoft recommends reusing weak passwords; Government malware found being used by criminals; Don’t use security as an excuse to resist the cloud.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.businessweek.com/printer/articles/213544-how-russian-hackers-stole-the-nasdaq
http://www.bankinfosecurity.com/nasdaq-hack-attribution-questioned-a-7080
http://blogs.technet.com/b/neilcar/archive/2009/11/23/incident-response-the-importance-of-anti-virus.aspx
http://searchsecurity.techtarget.com/news/2240224785/Report-finds-poor-security-communication-among-executives
http://www.darknet.org.uk/2014/07/microsoft-says-re-use-passwords-across-sites/
http://www.sentinel-labs.com/wp-content/uploads/2014/07/Sentinel-Labs-Intelligence-Report_0714.pdf
http://images.infoworld.com/d/cloud-computing/sorry-cloud-resisters-control-does-not-equal-security-246386?source=rss_security

Defensive Security Podcast Episode 76

A question from Bob on Active Directory; 67 percent of critical infrastructure providers were breached last year; Malware coming from shipping scanners; It’s the end of the road for Windows Server 2003; Details emerge on the Boeing hack; Testing your APT response plan; Revamping your insider threat program; Beware of computers in hotel business centers.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.esecurityplanet.com/network-security/67-percent-of-critical-infrastructure-providers-were-breached-last-year.html
http://www.securityweek.com/hackers-attack-shipping-and-logistics-firms-using-malware-laden-handheld-scanners
http://blogs.technet.com/b/canitpro/archive/2014/06/10/migrating-from-windows-server-2003-to-windows-server-2012-r2.aspx
http://www.databreachtoday.com/details-emerge-boeing-hack-a-7053
http://www.databreachtoday.com/interviews/testing-your-apt-response-plan-i-2382
http://www.csoonline.com/article/2453392/security/revamping-your-insider-threat-program.html?nsdr=true
http://krebsonsecurity.com/2014/07/beware-keyloggers-at-hotel-business-centers/