Podcast: Play in new window | Download | Embed
Subscribe: RSS
Adobe and Microsoft patches, signed Mac malware, EC Council website hacked, 7 steps to secure Java, Microsoft on invulnerable software, more on OpUSA, Ohio city’s taxpayer database stolen and the importance of malware being invisible.
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email Continue reading Defensive Security Podcast Episode 19
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
I’ll be picking someone to give an e-copy of @Taosecurity’s new book “The Practice of Network Security” who sends me an email with feedback on the show.
Encrypt your drives, eve. If you don’t think the computer will leave the office: http://feedly.com/k/ZM172z
Spate of MS and Adobe patches fix numerous remote code execution and priv escalation bugs
SEC filings seem to disagree with the growing furor over cyber attacks: http://feedly.com/k/ZM1IRB
51 weeks of windows XP left
FireEye threat report: http://feedly.com/k/11mWyAn
2 ideas for better security: http://feedly.com/k/14VTn5V
A review of APT1 http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf
http://packetstormsecurity.com/news/view/22398/Author-Of-The-SSH-Protocol-Wants-A-New-One.html
http://www.networkworld.com/news/2013/041013-shylock-bank-trojan-upgraded-with-268583.html?source=nww_rss
http://packetstormsecurity.com/news/view/22399/Porn-Sites-Pose-Growing-Malware-Risk.html
http://www.bankinfosecurity.com/global-closes-breach-investigation-a-5684?rf=2013-04-15-eb&elq=593a933acd7a48d4b7e39bcc55f49e62&elqCampaignId=6440
Podcast: Play in new window | Download | Embed
Subscribe: RSS
The Internet destroying ddos attack that wasn’t
http://krebsonsecurity.com/2013/03/missouri-court-rules-against-440000-cyberheist-victim/
http://hothardware.com/News/Huge-Spike-In-Mobile-Data-Traffic-Drives-IEEE-400-Gigabit-Ethernet-Standard/
http://adamcaudill.com/2013/04/04/security-done-wrong-leaky-ftp-server/
http://nakedsecurity.sophos.com/2013/04/05/ransomware-child-buse/
http://blog.trendmicro.com/trendlabs-security-intelligence/three-lessons-from-the-south-korea-mbr-wiper-attacks/
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
http://www.informationweek.com/security/vulnerabilities/cisco-password-fumble-hardware-security/240151244
Etsy’s solution for running java: http://codeascraft.etsy.com/2013/03/18/java-not-even-once/
http://www.infosecurity-magazine.com/view/31372/seoul-cautious-in-blaming-north-korea-for-massive-cyberattack-
http://blogs.mcafee.com/mcafee-labs/south-korean-banks-media-companies-targeted-by-destructive-malware
http://arstechnica.com/security/2013/03/your-hard-drive-will-self-destruct-at-2pm-inside-the-south-korean-cyber-attack/
https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+Mechanism+-+Part+1/15394
https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+-+Part+2/15406
https://isc.sans.edu/diary/Wipe+the+drive!++Stealthy+Malware+Persistence+-+Part+3/15448
https://isc.sans.edu/diary/Wipe+the+drive%21++Stealthy+Malware+Persistence+-+Part+4/15460
In episode 11, I made some comments about wiping a compromised system rather than trying to clean it. I saw in my twitter feed a bit ago that the 2013 Shmoocon videos were posted. I looked through and one talk stuck out and I wanted to share here, given my comments: Wipe The Drive – Techniques for malware persistence..
Basically, the presenters show why it’s such a bad idea to simply clean a computer after a virus infection. I like to think this is common knowledge, but I meet people daily who so not understand the reasons behind taking this draconian approach.
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
Krebs Swatted: http://krebsonsecurity.com/2013/03/the-world-has-no-room-for-cowards/
China: http://www.slate.com/articles/technology/future_tense/2013/03/the_u_s_response_to_chinese_cyberespionage_will_backfire.html
http://www.crn.com/news/security/240150929/new-exploit-evades-all-antivirus-products-for-almost-a-day.htm
http://www.net-security.org/malware_news.php?id=2441
http://m.threatpost.com/en_us/blogs/ramnit-malware-back-and-better-avoiding-detection-031513
http://www.honeynet.org/node/1031
http://arstechnica.com/security/2013/03/national-vulnerability-database-taken-down-by-vulnerability-exploiting-hack/
Mandiant report: http://www.mandiant.com/library/M-Trends_2013.pdf
Solutionary report: http://www.solutionary.com/dms/solutionary/Files/SERT/2013GTIR.pdf