Tag Archives: APT

Defensive Security Podcast Episode 78

Web Site | Subscribe in iTunes | Podcast RSS Feed | Twitter Email

[1] Researchers to demonstrate attacks by reprogramming firmware of commodity USB devices
[2] Survey find that enterprises are not paying attention to 3rd party risks, despite recent headlines
[3] Ransomware attack failed thanks to security awareness training
[4] Stubhub defrauded out of $1.6M using stolen passwords of its users
[5] Maricopa County fires IT manager in the wake of a data breach that the IT manager apparently warned the school about
[6] Why PCI can’t stop RAM scraping malware
[7] Plans for Israel’s Iron Dome apparently stolen by Chinese hackers

[1] http://nakedsecurity.sophos.com/2014/08/02/badusb-what-if-you-could-never-trust-a-usb-device-again/
[2] http://www.csoonline.com/article/2458048/security-leadership/insecure-connections-enterprises-hacked-after-neglecting-third-party-risks.html#tk.rss_all
[3] http://www.csoonline.com/article/2459961/security-leadership/security-managers-journal-a-ransomware-flop-thanks-to-security-awareness.html#tk.rss_all
[4] http://www.darkreading.com/7-arrested-3-more-indicted-for-roles-in-cyber-fraud-ring-that-stung-stubhub/d/d-id/1297510
[5] http://www.azfamily.com/news/School-fires-IT-manager-who-warned-of-security-breach-268218462.html
[6] http://www.darkreading.com/attacks-breaches/ram-scraper-malware-why-pci-dss-cant-fix-retail/a/d-id/1297501
[7] http://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-firms-that-built-iron-dome-missile-defense-system/

Defensive Security Podcast Episode 77

Russians steal the NASDAQ; Importance of AV in incident response; Report finds poor security communication between staff and executives; Microsoft recommends reusing weak passwords; Government malware found being used by criminals; Don’t use security as an excuse to resist the cloud.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.businessweek.com/printer/articles/213544-how-russian-hackers-stole-the-nasdaq
http://www.bankinfosecurity.com/nasdaq-hack-attribution-questioned-a-7080
http://blogs.technet.com/b/neilcar/archive/2009/11/23/incident-response-the-importance-of-anti-virus.aspx
http://searchsecurity.techtarget.com/news/2240224785/Report-finds-poor-security-communication-among-executives
http://www.darknet.org.uk/2014/07/microsoft-says-re-use-passwords-across-sites/
http://www.sentinel-labs.com/wp-content/uploads/2014/07/Sentinel-Labs-Intelligence-Report_0714.pdf
http://images.infoworld.com/d/cloud-computing/sorry-cloud-resisters-control-does-not-equal-security-246386?source=rss_security

Defensive Security Podcast Episode 76

A question from Bob on Active Directory; 67 percent of critical infrastructure providers were breached last year; Malware coming from shipping scanners; It’s the end of the road for Windows Server 2003; Details emerge on the Boeing hack; Testing your APT response plan; Revamping your insider threat program; Beware of computers in hotel business centers.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.esecurityplanet.com/network-security/67-percent-of-critical-infrastructure-providers-were-breached-last-year.html
http://www.securityweek.com/hackers-attack-shipping-and-logistics-firms-using-malware-laden-handheld-scanners
http://blogs.technet.com/b/canitpro/archive/2014/06/10/migrating-from-windows-server-2003-to-windows-server-2012-r2.aspx
http://www.databreachtoday.com/details-emerge-boeing-hack-a-7053
http://www.databreachtoday.com/interviews/testing-your-apt-response-plan-i-2382
http://www.csoonline.com/article/2453392/security/revamping-your-insider-threat-program.html?nsdr=true
http://krebsonsecurity.com/2014/07/beware-keyloggers-at-hotel-business-centers/

Defensive Security Podcast Episode 74

Advice from Bob; Airport breaches and the apparently misguided priorities of security pros; Hospitals are leaking data; Attackers hack legitimate downloads to deliver industrial control malware; Listener mail.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.csoonline.com/article/2378585/data-protection/airport-breach-a-sign-for-it-industry-to-think-security-not-money.html
http://www.wired.com/2014/06/hospital-networks-leaking-data/
http://arstechnica.com/security/2014/06/attackers-poison-legitimate-apps-to-infect-sensitive-industrial-control-systems/
http://www.coso.org/documents/COSOKRIPaperFull-FINALforWebPostingDec110_000.pdf

Defensive Security Podcast Episode 66

Advice from Bob; We have entered the post AV world; Target reboots it’s CEO; Microsoft backs down and patches IE 0day for XP; How to communicate to users in situations like the IE 0day; Results from a survey of executives on data protection; Australian real estate company has bank account hacked, advice is to stop using Internet email and Facebook on business computers; A report on Non-advanced Persistent Threats

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://online.wsj.com/news/article_email/SB10001424052702303417104579542140235850578-lMyQjAxMTA0MDAwNTEwNDUyWj
http://consumerist.com/2014/05/05/target-ceo-clocks-out-in-wake-of-data-breach/
http://blogs.technet.com/b/msrc/archive/2014/05/01/out-of-band-release-to-address-microsoft-security-advisory-2963983.aspx
http://m.slashdot.org/story/201515
http://www.networkworld.com/news/2014/043014-survey-execs-clueless-security-pros-281183.html
http://www.rebonline.com.au/breaking-news/7583-cyber-thieves-steal-50-000-from-real-estate-agency
http://www.imperva.com/docs/HII_The_Non-Advanced_Persistent_Threat.pdf

Defensive Security Podcast Episode 64

Some advice from Bob, arrest made in the heartbleed attack on the Canadian Revenue Agency; Heartbleed used to bypass 2 factor controls,;Mandiant’s 2014 M-Trends report; The economics of security controls; 3 million credit cards stolen from Michaels and Aaron’s stores; Hardward company Lacie has a year long data breach.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
http://www.theregister.co.uk/2014/04/16/mounties_get_their_man_canadian_heartbleed_hacker_nabbed

https://www.mandiant.com/blog/attackers-exploit-heartbleed-openssl-vulnerability-circumvent-multifactor-authentication-vpns/

http://www.v3.co.uk/v3-uk/news/2340171/hackers-hit-harley-medical-group-in-customer-data-extortion-attempt

https://www.mandiant.com/blog/mtrends-2014-threat-report-revealed/

http://www.fireeye.com/blog/corporate/2014/04/the-economics-of-security.html

http://krebsonsecurity.com/2014/04/3-million-customer-credit-debit-cards-stolen-in-michaels-aaron-brothers-breaches/

http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/

Defensive Security Podcast Episode 57

Security recommendations from Bob; Meetup.com rides out a DDOS attack rather than pay a ransom; How to test the security savvy of your employees; Why companies need to think about this insider threat; 6 lessons learned from advanced attacks; How IT can establish better cloud control; Council on Cyber Security releases version 5 of critical security controls.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

http://meetupblog.meetup.com/post/78413031007/no-doubt-this-has-been-a-tough-weekend-for
http://www.networkworld.com/research/2014/022414-how-to-test-the-security-279049.html
http://www.networkworld.com/news/2014/022014-why-companies-need-to-check-278927.html
http://www.networkworld.com/news/2014/022414-6-lessons-learned-about-the-279082.html
http://www.networkworld.com/news/2014/022414-how-it-can-establish-better-279048.html
http://www.counciloncybersecurity.org/attachments/article/12/CSC-MASTER-VER50-2-27-2014.pdf

 

Defensive Security Podcast Episode 9

Episode 9 – From Las Vegas
Comments/questions/hate mail to info@defensivesecurity.org
Follow podcast on twitter @defensivesec

DDOS attack on Bank of the West masked a $900,000 theft from the account of Ascent Builders. http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/

Bible.org- https://isc.sans.edu/diary/When+web+sites+go+bad%3A+bible+.+org+compromise/15250
Site compromised – serving malware, had rudimentary defense against automated analysis

Bit9 update: https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
– kudos to bit9 for transparency and disclosure – hopefully works in their favor

Continue reading Defensive Security Podcast Episode 9