Defensive Security Podcast Episode 7

  • defensive security episode 7Please rate the podcast on iTunes!
  • Follow me on twitter @defensivesec
  • Send comments to info@defensivesecurity.org

News:

Zombie attack

  • EAS at a Montana TV station was hacked
  • Mad rush to point fingers at systemic weaknesses in EAS gear
  • Security is too hard for smaller TV stations

PDF exploit

  • Enable protected view.

Spear phishing using recent flash vulnerability outlined by Alien Vault and FireEye

  • Word doc containing a flash object
  • Attachments claim to be an IEEE conference schedule and an ADP notice.

Mcafee portal defaced

Presidential policy directive 21 issued

  • Charges the government to identify the scope of critical infrastructure organizations
  • A key piece of the executive order is requires federal agencies overseeing critical infrastructure areas to identify organizations “where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security.”
  • The order doesn’t compel designated companies to comply with new standards, but it’s expected that a lot of pressure will be applied to those who don’t.

Lockheed Martin describes its response to an attempted attack after the RSA breach.

  • LM has a sophisticated strategy for detecting improper activity, particularly data access and exfiltration attempts.
  • You are probably not LM, neither am I

Facebook announces it was hacked

  • Facebook’s monitoring of DNS queries on its network showed lookups of a ‘suspicious’ domain
  • That lookup prompted the pc which made the request to be inspected
  • The pc was found to be infected with malware
  • A forensic analysis of the system showed the infection came via a zero day java exploit on a mobile developer web site
  • What they did right:
    • Have proactive monitoring in place
    • Pay attention to the proactive monitoring
    • We’re able to track down the offending system
    • Took the infection seriously and thoroughly investigated the infection
    • Had previously performed fire drills that let this activity happen more easily

13 Security Myths Debunked

Leave a Reply