Tag Archives: EDA

Defensive Security Podcast Episode 26

Vulnerability market, OWASP top 10 still relevant, HP Storage back door, Default root ssh keys in EAS servers, IPMI Vulnerabilities, Dark Seoul update, Incident response goes horribly wrong, Dropbox and WordPress leveraged by attackers

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Vulnerability market: http://www.nytimes.com/2013/07/14/world/europe/nations-buying-as-hackers-sell-computer-flaws.html

OWASP top 10 still relevant: http://www.cyberwarzone.com/dutch-domain-registrar-hacked-sqli

HP Storage back door: http://www.infoworld.com/t/data-security/hp-admits-undocumented-backdoors-in-two-separate-storage-lines-222614

Default root ssh keys in EAS servers: http://www.infosecurity-magazine.com/view/33372/eas-vulnerability-bodies-of-the-dead-could-rise-again/

IPMI Vulnerabilities: http://www.infoworld.com/d/security/serious-flaws-found-in-ipmi-server-management-protocol-222107

Dark Seoul update: http://arstechnica.com/security/2013/07/hard-drive-wiping-malware-that-hit-s-korea-tied-to-military-espionage/
http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf

Incident response goes horribly wrong: http://arstechnica.com/information-technology/2013/07/us-agency-baffled-by-modern-technology-destroys-mice-to-get-rid-of-viruses/

Dropbox and WordPress leveraged by attackers: http://www.pcadvisor.co.uk/news/security/3457260/dropbox-wordpress-used-in-cyberespionage-campaign/