Defensive Security Podcast Episode 6

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Suggestions to podcast@defensivesecurity.org

News:

  • ISD Podcast shuts down
  • Noticeable uptick in phishing attacks recently, leading to various exploit kit web sites
  • Yet another Java update.  Oracle seems to have gotten the message.
  • Combofix, a free tool for removing certain kinds of malware, was infected with Sality
    • Do not download repackaged software from other file hosting sites.  Bad!
  • Cisco released it’s 2013 security report.
    • Legitimate sites much more likely to be malicious than traditional pornography
    • Ad networks and content delivery networks worst offenders
  • Anonymous stole information on 4600 bank executives from a Federal Reserve emergency communication application.

Defensive Security Podcast Episode 5

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Download the MP3 here

Suggestions? ideas? feedback? Send an email to podcast@defensivesecurity.org

A lot has happened since the last Podcast:

Protect Yourself From The Latest Java Zero Day

Brian Krebs is reporting that a new zero day vulnerability and matching exploit are making the rounds, with no patch or fix in sight.

My recommendation is to consider disabling the java browser plugin or implementing no script with a policy to only allow java originating from intranet sites.

Be careful out there!

Defensive Security Podcast Episode 4

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Happy New Year!

In this week’s podcast, I cover an article about the alleged Chinese hacking of Solid Oak due to a lawsuit over China’s improper use of Solid Oak’s software CYBERsitter covered in a Business Week post.

First, a bit of news.  Unless you’re still recovering from an egg-nog hangover, you’ve probably heard about the Internet Explorer zero day exploit. Note that it doesn’t impact the latest versions of IE, only 6, 7 and 8. Continue reading “Defensive Security Podcast Episode 4”

Defensive Security Podcast Episode 3

Podcast: Play in new window | Download | Embed

Subscribe: RSS

2013 security predictions

I have collected security predictions from many IT security vendors

While there are many, many unrelated predictions, and some that are self-serving, some trends emerge:

Continue reading “Defensive Security Podcast Episode 3”

Defensive Security Episode 2

Episode 2 – December 16, 2012

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Topics

South Carolina released a report on the attack which resulted in the loss of millions of tax payers information

Continue reading “Defensive Security Episode 2”

2013 Security Predictions

It’s late fall, and time for vendors around the world to start guessing at what threats the coming year will bring.

First up, Symantec’s 5 Security Predictions for 2013:

  • Cyber conflict becomes the norm
  • Ransomware is the new scareware
  • Madware adds to the insanity
  • Monetization of social networks introduces new dangers
  • As users shift to mobile and cloud, so will attackers

Continue reading “2013 Security Predictions”

DNS Reflection Attacks

One of the interesting things about owning a server on the Internet is trying to keep the constant barrage of attackers at bay.  A few weeks back, I had been watching the raw traffic with tcpdump, trying to diagnose a problem and saw a huge number of DNS requests.  A closer look revealed the queries were coming in batches of about 3000 to 5000 from the same IP address over the course of a minute or so.  All of the queries were the same: an ANY request for one of the domains I host.  Continue reading “DNS Reflection Attacks”