- defensive security episode 7Please rate the podcast on iTunes!
- Follow me on twitter @defensivesec
- Send comments to firstname.lastname@example.org
- EAS at a Montana TV station was hacked
- Mad rush to point fingers at systemic weaknesses in EAS gear
- Security is too hard for smaller TV stations
- Enable protected view.
- Word doc containing a flash object
- Attachments claim to be an IEEE conference schedule and an ADP notice.
Mcafee portal defaced
- Charges the government to identify the scope of critical infrastructure organizations
- A key piece of the executive order is requires federal agencies overseeing critical infrastructure areas to identify organizations “where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security.”
- The order doesn’t compel designated companies to comply with new standards, but it’s expected that a lot of pressure will be applied to those who don’t.
Lockheed Martin describes its response to an attempted attack after the RSA breach.
- LM has a sophisticated strategy for detecting improper activity, particularly data access and exfiltration attempts.
- You are probably not LM, neither am I
Facebook announces it was hacked
- Facebook’s monitoring of DNS queries on its network showed lookups of a ‘suspicious’ domain
- That lookup prompted the pc which made the request to be inspected
- The pc was found to be infected with malware
- A forensic analysis of the system showed the infection came via a zero day java exploit on a mobile developer web site
- What they did right:
- Have proactive monitoring in place
- Pay attention to the proactive monitoring
- We’re able to track down the offending system
- Took the infection seriously and thoroughly investigated the infection
- Had previously performed fire drills that let this activity happen more easily