Tag Archives: malware

Defensive Security Podcast Episode 40

October 28, 2013Podcastadvanced malware, compliance, DDOS, hacking, malware, phpjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Federal employees circumventing onerous security controls resulting in breaches; Cryptolocker is scary stuff; PHP.net hacked, and the response; DDOS attacks getting much larger, but lasting less time; Our discussion on advanced malware.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://www.networkworld.com/news/2013/101713-federal-security-breaches-traced-to-274944.html
http://www.securelist.com/en/blog/208214109/Cryptolocker_Wants_Your_Money
http://bartblaze.blogspot.com/2013/10/phpnet-compromised.html
http://arstechnica.com/security/2013/10/hackers-compromise-official-php-website-infect-visitors-with-malware/
http://www.pcworld.com/article/2056188/brace-for-stronger-ddos-attacks-security-firm-warns.html

Defensive Security Podcast Episode 39

October 21, 2013Podcasthacking, incident response, malwarejb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Hackers hide drugs coming through Belgium port by repeatedly hacking port computer systems; Aligning security with business priorities and other sage advice; how [not] to respond to a malware incident; on the security of jump boxes; reminder about security risks to small businesses; defining metrics for an incident response organization.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://www.csoonline.com/article/741530/security-spending-continues-to-run-a-step-behind-the-threats?page=1
http://www.techrepublic.com/blog/it-security/how-to-respond-to-a-malware-incident/
http://www.infoworld.com/d/security/jump-boxes-improve-security-if-you-set-them-right-228742
http://www.marketplace.org/topics/tech/hacked-small-businesses-often-have-no-place-turn
Presentation at RSA security analytica: https://www.youtube.com/watch?v=EDR6SwQ_i0I | https://community.emc.com/docs/DOC-27380

Defensive Security Podcast Episode 28

July 27, 2013Podcastapplication whitelisting, cyber crime, espionage, malware, VERISjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Perception of risk as an art vs science, Estimating the economic impact of cybercrime and espionage, The futility of analyzing malware and the need to get better at detecting its activity, An attempt to link bad metrics to data loss trends, Insurance is getting cyber security savvy, Application whitelisting, Don’t forget about risks from security devices, Verizon releases the VERIS community database.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

Perception of risk as an art vs science: http://www.tripwire.com/ponemon/2013/#riskmetrics

Estimating the economic impact of cyber crime and espionage: http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime.pdf

The futility of analyzing malware and the need to get better at detecting its activity: https://blog.damballa.com/archives/2052

An attempt to link bad metrics to data loss trends: http://www.techrepublic.com/blog/it-security/why-security-metrics-arent-helping-prevent-data-loss/

Insurance is getting cyber security savvy: http://www.tripwire.com/state-of-security/it-security-data-protection/security-controls/enterprise-insurance-policies-and-the-20-critical-security-controls/

Application white listing: http://www.infoworld.com/d/security/the-one-security-technology-actually-works-222763

Don’t forget about risks from security devices: http://krebsonsecurity.com/2013/07/security-vendors-do-no-harm-heal-thyself/

Verizon releases the VERIS community database: http://www.verizonenterprise.com/security/blog/index.xml?postid=4642

Defensive Security Podcast Episode 26

July 14, 2013Podcastdark seoul, eas, EDA, HP, incident response, ipmi, malware, OWASPjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Vulnerability market, OWASP top 10 still relevant, HP Storage back door, Default root ssh keys in EAS servers, IPMI Vulnerabilities, Dark Seoul update, Incident response goes horribly wrong, Dropbox and WordPress leveraged by attackers

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

Vulnerability market: http://www.nytimes.com/2013/07/14/world/europe/nations-buying-as-hackers-sell-computer-flaws.html

OWASP top 10 still relevant: http://www.cyberwarzone.com/dutch-domain-registrar-hacked-sqli

HP Storage back door: http://www.infoworld.com/t/data-security/hp-admits-undocumented-backdoors-in-two-separate-storage-lines-222614

Default root ssh keys in EAS servers: http://www.infosecurity-magazine.com/view/33372/eas-vulnerability-bodies-of-the-dead-could-rise-again/

IPMI Vulnerabilities: http://www.infoworld.com/d/security/serious-flaws-found-in-ipmi-server-management-protocol-222107

Dark Seoul update: http://arstechnica.com/security/2013/07/hard-drive-wiping-malware-that-hit-s-korea-tied-to-military-espionage/
http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf

Incident response goes horribly wrong: http://arstechnica.com/information-technology/2013/07/us-agency-baffled-by-modern-technology-destroys-mice-to-get-rid-of-viruses/

Dropbox and WordPress leveraged by attackers: http://www.pcadvisor.co.uk/news/security/3457260/dropbox-wordpress-used-in-cyberespionage-campaign/

Defensive Security Podcast Episode 25

July 7, 2013Podcastdrive by infection, encryption, ICS, infosec, malware, microsoftjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Snowden offered asylum, Germany’s interior minister cautions Germans against using US-based services, California AG urges legislation to require the use of encryption, 85% of virus infections are from drive by download, Attacks on energy sector, Texas government infections, MS Tuesday

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

85% of virus infections are from drive by downloads: http://www.csis.dk/en/csis/news/3981/

Attacks on energy sector: http://securityaffairs.co/wordpress/15820/security/ics-cert-surge-in-attacks-against-energy-industry.html

Texas government infections: http://www.kens5.com/news/State-computers-compromised-but-theres-not-enough-staff-to-fix-it-214231541.html

MS Tuesday: http://www.theregister.co.uk/2013/07/05/ms_july_2013_patch_tuesday_prealert/

Defensive Security Podcast Episode 24

June 30, 2013PodcastCarberp, FINRA, malware, phishing, stuxnet, Syrian Electronic Armyjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Kaspersky study indicates 200,000 malware variants are released daily, the Carberp trojan’s source code is leaked and an 0day is discovered, FINRA reports on prolific cyber attacks against its members, the FT is attacked by the Syrian Electronic Army and gives a play by play on what happened, Kaspersky reports an 87% increase in phishing attacks, Google reports that compromised legitimate sites are more dangerous than malicious sites, Sophos says 30,000 SMB sites are hacked per day to spread malware, the age old debate about administrator rights, password complexity, and the unintended consequences of leaks: foreign companies defect to more hospitable countries, renewed focus on systems administrators, and we can stop pretending to not know where Stuxnet came from. Continue reading Defensive Security Podcast Episode 24 →

Defensive Security Podcast Episode 22

June 16, 2013Podcastfda, Java, malware, OWASPjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Risk Science Podcast, Forensic 4Cast podcast, Gartner security myths, 2013 OWASP top ten, FDA finds security risk in medical devices, Oracle fixes 40 more java bugs, B-sides Rhode Island videos, Can the Germans break PGP?

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

Risk Science Podcast: http://riskscience.net/

Forensic4Cast :http://forensic4cast.com/

Gartner security myths: http://www.networkworld.com/news/2013/061113-gartner-reveals-top-10-it-270738.html

2013 OWASP top ten: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

FDA finds security risk in medical devices: http://www.networkworld.com/news/2013/061413-federal-regulators-address-rising-security-270844.html

Oracle fixes 40 more java bugs: https://www.infoworld.com/d/security/oracle-ship-40-security-fixes-java-se-220758

B-sides Rhode Island videos: http://www.irongeek.com/i.php?page=videos%2Fbsidesri2013%2Fmainlist

Can the Germans break PGP? http://malwarejake.blogspot.com/2013/06/are-germans-really-breaking-pgp-and-ssh.html

Defensive Security Podcast Episode 21

June 9, 2013PodcastCitadel, Java, malware, microsoft, PRISMjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Verizon, PRISM and Edward Snowden, Java users are bad at patching, cost of breaches is up, Microsoft operation takes down 1462 Citadel botnets, malware increasingly using peer to peer communications for command and control, and malware trends.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email Continue reading Defensive Security Podcast Episode 21 →

Defensive Security Podcast Episode 20

June 2, 2013Podcast, Securitymalwarejb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

US power grid is highly vulnerable and under constant attack, Iran attacking energy companies, increase in sophisticated attacks against keys and certificates, Indian government site redirects to black hole exploit kit, FSB report find that only 36% of small businesses regularly patch, 5 quick wins from the DBIR, Google to give software vendors 7 days prior to releasing information on active exploits, and planning for the failure of malware prevention.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email Continue reading Defensive Security Podcast Episode 20 →