Tag Archives: Target

Defensive Security Podcast Episode 52

Coke loses 55 laptops and 56000 records over 7 years; Private cyber espionage network in India; Review of the Shell_Crew hack using Adobe Cold Fusion exploit; Should we punish employees who fall for phishing emails?; Assuming your network has been hacked; more details on the Target breach are emerging.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Defensive Security Podcast Episode 51

Bob’s wisdom for the week;  Learning from the Target breach; Question: given the massive Target breach, the Neiman Marcus breach and rumors of 6 other significant retailers being breached, assuming Target and others were complying with PCI rules, what will be the PCI council’s response?  AWS & GoDaddy hosting malware.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Why we don’t rely on AV: https://securosis.com/blog/a-very-telling-antivirus-metric

1. http://arstechnica.com/security/2014/01/point-of-sale-malware-infecting-target-found-hiding-in-plain-sight/
2. http://www.f-secure.com/weblog/archives/00002660.html

Risk Science Podcast Episode 10: http://riskscience.net/2013/12/26/episode-10-speculation-and-conjecture/

AWS & godaddy: http://m.slashdot.org/story/196881.

Defensive Security Podcast Episode 50

Advice from Bob; the Threat of Powerlocker, a new variant of ransomware; Senior managers are bad at security; More details emerge about the Target breach; and Jerry’s rant about the PTV situation.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email






Defensive Security Podcast Episode 49

More wisdom from Bob; Yahoo’s ad network delivers the magnitude exploit kit; OpenSSL site defaced by way of the hypervisor; How a 4 year long HIPAA breach highlights the need for activity monitoring; Credit Union files lawsuit against Target, seems to lack some facts; US CERT issues advisory on POS malware; 7 dodgy tips for protecting your organization from data breaches and why this security stuff is hard; A political rant on the state of security.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Yahoo ad network delivering malware:  http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/
OpenSSL/hypervisor http://feedly.com/k/1bIBvK1
Importance of monitoring activity: http://www.healthcareitnews.com/news/four-year-long-hipaa-data-breach-discovered
Lawsuit accused Target of not complying with PCI: http://feedly.com/k/1lJp6v0
Probably completely coincidental to the Target breach: http://www.us-cert.gov/ncas/alerts/TA14-002A
7 tips for protecting your business from a data breach: http://feedly.com/k/1alpWsA



Defensive Security Podcast Episode 48

More advice from Bob; The Target breach; Hacking hard drive controllers; NSA shenanigans; Compromised BBC server for sale; 2014 predictions.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email