Category Archives: Security

Defensive Security Podcast Episode 9

Episode 9 – From Las Vegas
Comments/questions/hate mail to info@defensivesecurity.org
Follow podcast on twitter @defensivesec

DDOS attack on Bank of the West masked a $900,000 theft from the account of Ascent Builders. http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/

Bible.org- https://isc.sans.edu/diary/When+web+sites+go+bad%3A+bible+.+org+compromise/15250
Site compromised – serving malware, had rudimentary defense against automated analysis

Bit9 update: https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
– kudos to bit9 for transparency and disclosure – hopefully works in their favor

Continue reading Defensive Security Podcast Episode 9

Defensive Security Podcast Episode 8

News:

Burger King & Jeep twitter accounts hacked

Microsoft and Apple hacked with same exploit that hit Facebook

NBC.com’s site is hacked, injecting an iframe directing visitors to a site that served an exploit kit and installed the Citadel trojan. Continue reading Defensive Security Podcast Episode 8

Defensive Security Podcast Episode 4

Happy New Year!

In this week’s podcast, I cover an article about the alleged Chinese hacking of Solid Oak due to a lawsuit over China’s improper use of Solid Oak’s software CYBERsitter covered in a Business Week post.

First, a bit of news.  Unless you’re still recovering from an egg-nog hangover, you’ve probably heard about the Internet Explorer zero day exploit. Note that it doesn’t impact the latest versions of IE, only 6, 7 and 8. Continue reading Defensive Security Podcast Episode 4

Defensive Security Podcast Episode 3

2013 security predictions

I have collected security predictions from many IT security vendors

While there are many, many unrelated predictions, and some that are self-serving, some trends emerge:

Continue reading Defensive Security Podcast Episode 3

Defensive Security Episode 2

Episode 2 – December 16, 2012

Topics

South Carolina released a report on the attack which resulted in the loss of millions of tax payers information

Continue reading Defensive Security Episode 2

Fortune Cookies

2013 Security Predictions

It’s late fall, and time for vendors around the world to start guessing at what threats the coming year will bring.

First up, Symantec’s 5 Security Predictions for 2013:

  • Cyber conflict becomes the norm
  • Ransomware is the new scareware
  • Madware adds to the insanity
  • Monetization of social networks introduces new dangers
  • As users shift to mobile and cloud, so will attackers

Continue reading 2013 Security Predictions