Slack channel: https://defensivesecurity.org/slack-channel/
Doctor finds out the hard way that Google likes to index stuff; What’s old is new again – the current focus on improving detection is not new; Microsoft’s Security Incident Response Report and the malware explosion; Security vs. compliance.
More wisdom from Bob; Yahoo’s ad network delivers the magnitude exploit kit; OpenSSL site defaced by way of the hypervisor; How a 4 year long HIPAA breach highlights the need for activity monitoring; Credit Union files lawsuit against Target, seems to lack some facts; US CERT issues advisory on POS malware; 7 dodgy tips for protecting your organization from data breaches and why this security stuff is hard; A political rant on the state of security.
Yahoo ad network delivering malware: http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/
Importance of monitoring activity: http://www.healthcareitnews.com/news/four-year-long-hipaa-data-breach-discovered
Lawsuit accused Target of not complying with PCI: http://feedly.com/k/1lJp6v0
Probably completely coincidental to the Target breach: http://www.us-cert.gov/ncas/alerts/TA14-002A
7 tips for protecting your business from a data breach: http://feedly.com/k/1alpWsA
Suggestions? ideas? feedback? Send an email to email@example.com
A lot has happened since the last Podcast:
- HIPAA mega rule released – all 563 pages
- Zero day in Java
- Freak-outs ensued
- Oracle released a Java patch
- Freak-outs continued
- Word of new vulnerabilities have emerged Continue reading Defensive Security Podcast Episode 5