Podcast: Play in new window | Download | Embed
Subscribe: RSS
Book recommendations: https://defensivesecurity.org/resources/recommended-books/
Slack channel: http://https://defensivesecurity.org/slack-channel/
https://nakedsecurity.sophos.com/2016/11/11/yahoo-staff-knew-they-were-breached-two-years-ago/
Podcast: Play in new window | Download | Embed
Subscribe: RSS
https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html
http://www.databreachtoday.com/wyndham-agrees-to-settle-ftc-breach-case-a-8737
https://technet.microsoft.com/en-us/library/security/ms15-127.aspx
https://www.reddit.com/r/sysadmin/comments/3wa8rl/early_warning_system_for_cryptowall_crypto_canary/
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Doctor finds out the hard way that Google likes to index stuff; What’s old is new again – the current focus on improving detection is not new; Microsoft’s Security Incident Response Report and the malware explosion; Security vs. compliance.
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
http://www.computerworld.com/s/article/9248205/IT_malpractice_Doc_operates_on_server_costs_hospitals_4.8M
http://www.brookings.edu/~/media/research/files/papers/2014/05/07%20strategy%20not%20speed%20digital%20defenders%20early%20cybersecurity%20thinkers%20bejtlich/voices%20from%20the%20cyber%20past%20final
http://www.zdnet.com/microsoft-report-downloaded-malware-exploded-in-late-2013-7000029131/#ftag=RSS4d2198e
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Snowden offered asylum, Germany’s interior minister cautions Germans against using US-based services, California AG urges legislation to require the use of encryption, 85% of virus infections are from drive by download, Attacks on energy sector, Texas government infections, MS Tuesday
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
85% of virus infections are from drive by downloads: http://www.csis.dk/en/csis/news/3981/
Attacks on energy sector: http://securityaffairs.co/wordpress/15820/security/ics-cert-surge-in-attacks-against-energy-industry.html
Texas government infections: http://www.kens5.com/news/State-computers-compromised-but-theres-not-enough-staff-to-fix-it-214231541.html
MS Tuesday: http://www.theregister.co.uk/2013/07/05/ms_july_2013_patch_tuesday_prealert/
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Verizon, PRISM and Edward Snowden, Java users are bad at patching, cost of breaches is up, Microsoft operation takes down 1462 Citadel botnets, malware increasingly using peer to peer communications for command and control, and malware trends.
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
Continue reading Defensive Security Podcast Episode 21
Podcast: Play in new window | Download | Embed
Subscribe: RSS
This week: Twitter account hacks highlight opportunity for exploitation by attackers, Microsoft and Malwarebytes both release bad patches, Oracle releases a Java patch which fixes 42 security bugs, Oracle announces that Java 8 is delayed due to the focus on Java 7, a new botnet is being created by compromising WordPress installations for some unknown purpose, Linode was compromised in an attack targeted at some Linode customers, Microsoft finds a trojan that cleans up after itself in the next wave of anti-forensics, the Boston marathon bombing and West, Texas explosions see many phishing scams leading to malware installations, spam is down, targeted attacks via email are up, Microsoft released it’s second half 2012 Security Intelligence Report with some odd mixes of data, Microsoft releases EMET 4.0 beta, and a former employee has been charged with planting back doors on 2723 Hostgator servers.
Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
60 minutes, 48 hours, NPR, BBC twitter accounts recently hacked.
MS and Malwarebytes released bad updates
http://krebsonsecurity.com/2013/04/java-update-plugs-42-security-holes/
http://mreinhold.org/blog/secure-the-train
http://krebsonsecurity.com/2013/04/brute-force-attacks-build-wordpress-botnet/
http://www.theregister.co.uk/2013/04/16/linode_breach/
http://m.darkreading.com/133696/show/b7639d290f6c32534f633e85cfe6ac04/
Boston bombing used to spread malware in multiple ways
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Z6nE3UFETb0/
http://news.cnet.com/8301-1009_3-57579847-83/targeted-cyberattacks-jump-42-percent-in-2012-symantec-says/
SIR: http://download.microsoft.com/download/E/0/F/E0F59BE7-E553-4888-9220-1C79CBD14B4F/Microsoft_Security_Intelligence_Report_Volume_14_Key_Findings_Summary_English.pdf
http://blogs.technet.com/b/srd/archive/2013/04/18/introducing-emet-v4-beta.aspx
http://arstechnica.com/security/2013/04/former-employee-arrested-charged-with-rooting-2700-hostgator-servers/