Tag Archives: security

Defensive Security Podcast Episode 71

June 10, 2014Podcastbreach, data breach, exploit, hacking, information security, infosec, security, Targetjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Advice from Bob; SEC asks public companies to disclose more breaches; 230k IPMI devices found in Internet scan; PF Changs may have been hacked; Building network security to fail; 5 lessons from companies that get security right; Advice in responding to Anonymous threats; Bank of England announces assessment framework; Target shoppers don’t seem to be fazed by breach; Target board is under fire; Truecrypt may be coming back.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email
http://www.reuters.com/article/2014/06/10/sec-cybersecurity-aguilar-idUSL2N0OR13U20140610

https://securityledger.com/2014/06/ipmi-insecurity-affects-200k-systems/

http://krebsonsecurity.com/2014/06/banks-credit-card-breach-at-p-f-changs/

http://www.forbes.com/sites/davelewis/2014/06/03/network-security-build-to-fail/

http://www.infoworld.com/d/security/5-lessons-companies-get-computer-security-right-243407

http://cyberwarzone.com/hackers-behind-oppetrol-will-attack-june-20-2014/

http://www.mondovisione.com/media-and-resources/news/bank-of-england-launches-new-framework-to-test-for-cyber-vulnerabilities/

http://www.dailyfinance.com/2014/06/05/target-data-breach-shoppers-dont-care/

http://www.startribune.com/business/261527581.html

http://www.wired.com/2014/06/bleed/

http://www.forbes.com/sites/jameslyne/2014/06/02/truecrypt-is-back-but-should-it-be/

Fuckyer: https://m.youtube.com/watch?v=2I-nudEqz7o

Defensive Security Podcast Episode 67

May 13, 2014Podcastbreach, compliance, HHS, HIPAA, malware, microsoft, securityjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Doctor finds out the hard way that Google likes to index stuff; What’s old is new again – the current focus on improving detection is not new; Microsoft’s Security Incident Response Report and the malware explosion; Security vs. compliance.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://www.computerworld.com/s/article/9248205/IT_malpractice_Doc_operates_on_server_costs_hospitals_4.8M
http://www.brookings.edu/~/media/research/files/papers/2014/05/07%20strategy%20not%20speed%20digital%20defenders%20early%20cybersecurity%20thinkers%20bejtlich/voices%20from%20the%20cyber%20past%20final
http://www.zdnet.com/microsoft-report-downloaded-malware-exploded-in-late-2013-7000029131/#ftag=RSS4d2198e

Defensive Security Podcast Episode 57

March 3, 2014Podcast, SecurityAPT, DDOS, hacking, infosec, insider threat, malware, securityjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Security recommendations from Bob; Meetup.com rides out a DDOS attack rather than pay a ransom; How to test the security savvy of your employees; Why companies need to think about this insider threat; 6 lessons learned from advanced attacks; How IT can establish better cloud control; Council on Cyber Security releases version 5 of critical security controls.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://meetupblog.meetup.com/post/78413031007/no-doubt-this-has-been-a-tough-weekend-for
http://www.networkworld.com/research/2014/022414-how-to-test-the-security-279049.html
http://www.networkworld.com/news/2014/022014-why-companies-need-to-check-278927.html
http://www.networkworld.com/news/2014/022414-6-lessons-learned-about-the-279082.html
http://www.networkworld.com/news/2014/022414-how-it-can-establish-better-279048.html
http://www.counciloncybersecurity.org/attachments/article/12/CSC-MASTER-VER50-2-27-2014.pdf

Defensive Security Podcast Episode 56

February 24, 2014PodcastActive Directory, breach, hacking, least privilege, Malware. APT, security, Targetjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Tip from Bob; US Cyber Security Framework; Challenges with deploying insecure technology; Target vendor compromised through email and some discussions on vendor risks; Healthcare organizations are UNDER SIEGE by cyber attacks; The DSD’s ranking of security controls; 6 tips to combat APT; The importance of not running with administrator rights; Neiman Marcus breach details begin to emerge, 60,000 events went uninvestigated.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

http://www.networkworld.com/news/2014/021214-white-house-pushes-cybersecurity-framework-278705.html

http://www.networkworld.com/news/2014/021114-it-innovation-challenging-security-pros39-278671.html

http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/

https://www.maliciouslink.com/what-the-target-breach-should-tell-us/

https://www.maliciouslink.com/what-the-target-breach-can-teach-us-about-vendor-management/

http://m.slashdot.org/story/198359

http://www.asd.gov.au/publications/Mitigation_Strategies_2014.pdf

http://www.networkworld.com/news/2014/021814-6-tips-to-combat-advanced-278854.html

http://www.networkworld.com/news/2014/021914-time-to-drop-unnecessary-admin-278888.html & http://www.networkworld.com/research/2014/021914-one-tweak-can-make-your-278933.html

https://www.maliciouslink.com/one-weird-trick-to-secure-you-pcs/

http://www.businessweek.com/news/2014-02-21/neiman-marcus-hackers-set-off-60-000-alerts-in-bagging-card-data

https://www.maliciouslink.com/lessons-from-the-neiman-marcus-breach/

Defensive Security Podcast Episode 38

October 14, 2013Podcastandroid, dns, infosec, iOS, security, watering holejb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Study on personality traits and susceptibility to phishing; Android is apparently more secure than iOS; Don’t forget to factor malicious BHO’s into your plans; Don’t forget to factor malicious BHO’s into your plans; More registrar attacks; Insider threats are number 1; Defending against watering hole attacks.

Subscribe in iTunes | Podcast RSS Feed | Twitter | Email

Pages: 1 2

Defensive Security Podcast Episode 4

January 7, 2013Podcast, Securityinformation security, securityjb

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Happy New Year!

In this week’s podcast, I cover an article about the alleged Chinese hacking of Solid Oak due to a lawsuit over China’s improper use of Solid Oak’s software CYBERsitter covered in a Business Week post.

First, a bit of news. Unless you’re still recovering from an egg-nog hangover, you’ve probably heard about the Internet Explorer zero day exploit. Note that it doesn’t impact the latest versions of IE, only 6, 7 and 8. Continue reading Defensive Security Podcast Episode 4 →

Defensive Security Podcast Episode 1

December 8, 2012Podcasthacking, information security, securityjb

Episode 1 – December 7, 2012

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Introduction

Continue reading Defensive Security Podcast Episode 1 →

2013 Security Predictions

November 19, 2012Securitysecurity, security predictions 2013jb

It’s late fall, and time for vendors around the world to start guessing at what threats the coming year will bring.

First up, Symantec’s 5 Security Predictions for 2013:

Cyber conflict becomes the norm
Ransomware is the new scareware
Madware adds to the insanity
Monetization of social networks introduces new dangers
As users shift to mobile and cloud, so will attackers

Continue reading 2013 Security Predictions →