Tag Archives: vulnerabilities

Defensive Security Podcast Episode 194

https://hotforsecurity.bitdefender.com/blog/heartbleed-still-hurting-hard-uk-council-fined-100000-after-data-breach-18205.html

https://threatpost.com/ransomware-attack-hobbles-prestigious-university-college-london/126299/

http://www.securityweek.com/web-hosting-provider-pays-1-million-ransomware-attackers

https://infosec.engineering/improving-the-effectiveness-of-vulnerability-remediation-targeting/ 

Defensive Security Podcast Episode 169

http://www.csoonline.com/article/3110975/techology-business/how-do-you-measure-success-when-it-comes-to-stopping-phishing-attacks.html

http://www.databreachtoday.com/equation-group-hacking-tool-dump-5-lessons-a-9358

http://www.csoonline.com/article/3109982/security/attackers-dont-need-vulnerabilities-when-the-basics-work-just-as-well.html

http://www.securityweek.com/attacker-uses-virtual-machine-hide-malicious-activity

http://www.networkworld.com/article/3110653/security/imperva-application-layer-ddos-attacks-are-on-the-rise.html

http://arstechnica.com/security/2016/08/actively-exploited-ios-flaws-that-hijack-iphones-likely-spread-for-years/

Defensive Security Podcast Episode 164

http://blog.erratasec.com/2016/06/etheriumdao-hack-similfied.html#.V3BKyvkrJhE

http://www.zdnet.com/article/cvss-scores-are-not-enough-for-modern-security/

http://www.crn.com/news/security/300081157/sophos-slams-cylance-in-blog-post-as-market-for-endpoint-security-heats-up.htm?itc=refresh

Defensive Security Podcast Episode 31

Windows XP vulnerabilities may be stored up until after end of support on April 8, 2014; Department of Energy hacked for a second time in 2013; using metasploit and exploitDB to prioritize vulnerability patching; and a number of discussions on Lavabit.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

 Department of Energy hacked for second time this year; they are out front on the effort to protect critical infrastructure: http://www.theverge.com/2013/8/16/4628284/department-of-energy-hackers-steal-personal-data-from-14000-employees

Lavabit: 

 Note: 

Here is the link to the Society for Information Risk Analysts I mentioned: https://www.societyinforisk.org/ – the mailing list is here: http://lists.societyinforisk.org/mailman/listinfo/sira