Defensive Security Podcast Episode 283 “They Can’t All Be Winners” In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat explore several pressing cybersecurity topics as of October 2024. The discussion begins by addressing the rapid increase in vulnerability exploitation speeds, with a highlight that 70% of exploitable flaws in 2023 were zero-days, now being exploited … Continue reading Defensive Security Podcast Episode 283 →
See more
10/21/2024 • 53 minutes, 26 seconds Defensive Security Podcast Episode 282 Episode 282: Exploiting Trust in Cybersecurity Practices In episode 282 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kallett discuss several cybersecurity topics. They highlight a phishing attack outlined by Microsoft, where cybercriminals leverage file-hosting services like OneDrive and Dropbox to exploit trust and compromise identities. The episode also explores concerns about AI … Continue reading Defensive Security Podcast Episode 282 →
See more
10/12/2024 • 38 minutes, 11 seconds Defensive Security Podcast Episode 281 In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity events and issues. The episode opens with discussion on the recent weather impacts affecting Asheville and lessons for disaster preparedness in the security industry. A significant portion of the episode is dedicated to CrowdStrike’s recent Capitol Hill testimony, … Continue reading Defensive Security Podcast Episode 281 →
See more
9/30/2024 • 57 minutes, 14 seconds Defensive Security Podcast Episode 280 In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kellett delve into key cybersecurity topics. They discuss a recent statement by CISA director Jen Easterly on holding software manufacturers accountable for product defects rather than vulnerabilities, and the need for derogatory names for threat actors to deter cybercrime. The episode also … Continue reading Defensive Security Podcast Episode 280 →
See more
9/23/2024 • 51 minutes, 37 seconds Defensive Security Podcast Episode 279 In Episode 279 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss the latest cybersecurity news and issues. Stories include Transportation for London requiring in-person password resets after a security incident, Google’s new ‘air-gapped’ backup service, the impact of a rogue ‘Whois’ server, and the ongoing ramifications of the Moveit breach. The episode … Continue reading Defensive Security Podcast Episode 279 →
See more
Defensive Security Podcast Episode 278 In episode 278 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss various recent cybersecurity topics. The episode starts with light-hearted banter about vacations before diving into the main topics. Key discussions include a new vulnerability in YubiKey that requires sophisticated physical attacks, resulting in a low overall risk but sparking debate about … Continue reading Defensive Security Podcast Episode 278 →
See more
9/9/2024 • 51 minutes, 54 seconds Defensive Security Podcast Episode 277 In this episode, Jerry Bell and Andrew Kalat discuss various topics in the cybersecurity landscape, including the influence of cyber insurance on risk reduction for companies and how insurers offer guidance to lower risks. They touch upon the potential challenges with cybersecurity maturity in organizations and the consultant effect. The episode also goes into detail … Continue reading Defensive Security Podcast Episode 277 →
See more
8/26/2024 • 1 hour, 1 minute, 54 seconds Defensive Security Podcast Episode 276 Check out the latest Defensive Security Podcast Ep. 276! From cow milking robots held ransom to why IT folks dread patching, Jerry Bell and Andrew Kalat cover it all. Tune in and stay informed on the latest in cybersecurity! Summary: In episode 276 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat delve … Continue reading Defensive Security Podcast Episode 276 →
See more
8/16/2024 • 46 minutes, 11 seconds Defensive Security Podcast Episode 275 Links: https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf https://www.theregister.com/2024/08/05/crowdstrike_is_not_at_all/ https://www.theverge.com/2024/8/6/24214371/microsoft-delta-letter-crowdstrike-response-comments https://www.linkedin.com/posts/alexstamos_why-crowdstrikes-baffling-bsod-disaster-activity-7224046054076243969-1An8?utm_source=combined_share_message&utm_medium=ios_app https://www.linkedin.com/posts/choff_why-crowdstrikes-baffling-bsod-disaster-activity-7224078879445958658-ymuc?utm_source=combined_share_message&utm_medium=member_ios https://www.securityweek.com/thousands-of-devices-wiped-remotely-following-mobile-guardian-hack/ https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/ https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/ Transcript: Jerry: Today is Wednesday, August 7th, 2024. And this is episode 275 of the Defensive Security Podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kalat. Andrew: Good evening, Jerry. How are you? Good, sir. Jerry: I am amazing. … Continue reading Defensive Security Podcast Episode 275 →
See more
Defensive Security Podcast Episode 274 https://www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/ https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/ https://www.darkreading.com/cybersecurity-operations/crowdstrike-outage-losses-estimated-staggering-54b https://cdn.prod.website-files.com/64b69422439318309c9f1e44/66a24d5478783782964c1f6f_CrowdStrikes%20Impact%20on%20the%20Fortune%20500_%202024%20_Parametrix%20Analysis.pdf https://www.darkreading.com/vulnerabilities-threats/unexpected-lessons-learned-from-the-crowdstrike-event Summary: Episode 274: Malware on GitHub, North Korean Developer Scam & Secure Boot Failures In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss several notable security stories and issues. They start with a malware distribution service that leverages compromised GitHub accounts and WordPress … Continue reading Defensive Security Podcast Episode 274 →
See more
8/2/2024 • 59 minutes, 42 seconds Defensive Security Podcast Episode 273 The Joe Sullivan Verdict – Unfair? – Which Part? (cybertheory.io) Fujitsu Details Non-Ransomware Cyberattack (webpronews.com) 5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy (thehackernews.com) Sizable Chunk of SEC Charges Vs. SolarWinds Dismissed (darkreading.com) CrowdStrike CEO apologizes for crashing IT systems around the world, details fix | CSO Online Summary: Cybersecurity Updates: Uber’s … Continue reading Defensive Security Podcast Episode 273 →
See more
7/24/2024 • 1 hour, 5 minutes, 19 seconds Defensive Security Podcast Episode 272 On episode 272 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a variety of pressing cybersecurity topics. These include the responsibilities of CISOs in avoiding legal repercussions following data breaches, highlighted by the case of Uber's former CISO, Joe Sullivan. The hosts also delve into the impact of the recent U.S. Supreme Court decision overturning the Chevron deference doctrine on cybersecurity regulations, the risk of dynamic loading of JavaScript libraries, and the wide-reaching implications of the OpenSSH regression vulnerability. Throughout, practical advice and insightful commentary are provided on maintaining security in an ever-evolving threat landscape.
00:00 Introduction and Episode Overview
01:08 CISO's Guide to Avoiding Jail After a Breach
03:29 Challenges and Complexities of the CISO Role
13:35 US Supreme Court Ruling and Its Impact on Cyber Regulation
20:51 Polyfill.io Issue: A Modern Supply Chain Attack?
28:54 Understanding Polyfill Confusion and Risks
29:23 Maintaining Open Source Software Health
30:04 The Need for Open Source Health Ratings
30:41 Challenges with Third-Party Code and Security
34:08 Vendor Questionnaires and False Urgency
39:50 The Regression Vulnerability in OpenSSH
41:18 Cloud Security Best Practices
48:29 Final Thoughts and Recommendations
49:52 Conclusion and Farewell
See more
7/11/2024 • 51 minutes, 40 seconds Defensive Security Podcast Episode 271 7/3/2024 • 56 minutes, 58 seconds Defensive Security Podcast Episode 270 2/6/2023 • 46 minutes, 42 seconds Defensive Security Podcast Episode 269 https://www.bleepingcomputer.com/news/security/cosmicstrand-uefi-malware-found-in-gigabyte-asus-motherboards/ https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/ https://www.techcircle.in/2022/07/31/paytm-mall-refutes-cyber-breach-report-says-users-data-safe
See more
7/31/2022 • 21 minutes, 56 seconds Defensive Security Podcast Episode 268 Stories: https://www.scmagazine.com/feature/incident-response/why-solarwinds-just-may-be-one-of-the-most-secure-software-companies-in-the-tech-universe https://www.computerweekly.com/news/252522789/Log4Shell-on-its-way-to-becoming-endemic https://www.bleepingcomputer.com/news/security/hackers-impersonate-cybersecurity-firms-in-callback-phishing-attacks/ https://www.cybersecuritydive.com/news/microsoft-rollback-macro-blocking-office/627004/ jerry: [00:00:00] All right, here we go today. Sunday, July 17th. 2022. And this is episode 268. Of the defensive security podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kellett. Andy: Hello, Jerry. How are you, sir? jerry: great. How are you … Continue reading Defensive Security Podcast Episode 268 →
See more
7/17/2022 • 32 minutes, 46 seconds Defensive Security Podcast Episode 267 Defensive Security Podcast Episode 267 Links: https://www.justice.gov/opa/pr/aerojet-rocketdyne-agrees-pay-9-million-resolve-false-claims-act-allegations-cybersecurity https://us-cert.cisa.gov/ncas/alerts/aa22-187a https://www.zdnet.com/article/these-are-the-cybersecurity-threats-of-tomorrow-that-you-should-be-thinking-about-today/ jerry: [00:00:00] Alright, here we go. Today is Sunday, July 10th, 2022. And this is episode 267 of the defensive security podcast. My name is Jerry Bell and joining me tonight as always. Is Mr. Andrew Kellett. Andy: Good evening, Jerry, how are you? Good, … Continue reading Defensive Security Podcast Episode 267 →
See more
7/10/2022 • 35 minutes, 41 seconds Defensive Security Podcast Episode 266 https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html https://thehackernews.com/2022/06/conti-leaks-reveal-ransomware-gangs.html?m=1 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896
See more
6/12/2022 • 31 minutes, 17 seconds Defensive Security Podcast Episode 265 Google Exposes Initial Access Broker Ties With Ransomware Actors (bankinfosecurity.com) Okta says hundreds of companies impacted by security breach | TechCrunch Okta: “We made a mistake” delaying the Lapsus$ hack disclosure (bleepingcomputer.com) Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code | TechCrunch DEV-0537 criminal actor targeting organizations for data exfiltration and destruction … Continue reading Defensive Security Podcast Episode 265 →
See more
3/27/2022 • 56 minutes, 27 seconds Defensive Security Podcast Episode 264 Adafruit discloses data leak from ex-employee’s GitHub repo (bleepingcomputer.com) Malware now using NVIDIA’s stolen code signing certificates (bleepingcomputer.com) NSA report: This is how you should be securing your network | ZDNet
See more
3/13/2022 • 30 minutes, 37 seconds Defensive Security Podcast Episode 263 https://www.govinfosecurity.com/data-breach-exposes-booking-details-19-million-customers-a-18505 https://www.helpnetsecurity.com/2022/02/11/cloud-security-training/ https://www.bankinfosecurity.com/massive-breach-hits-500-e-commerce-sites-a-18492 https://www.darkreading.com/cloud/linux-malware-on-the-rise-including-illicit-use-of-cobalt-strike https://www.darkreading.com/attacks-breaches/google-cuts-account-compromises-in-half-with-simple-change
See more
2/20/2022 • 39 minutes, 30 seconds Defensive Security Podcast Episode 262 https://www.darkreading.com/edge-threat-monitor/most-common-cause-of-data-breach-in-2021-phishing-smishing-bec https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/ https://www.csoonline.com/article/3648991/dhs-announces-the-creation-of-the-cyber-safety-review-board.html https://www.darkreading.com/application-security/disclosure-panic-patch-can-we-do-better-
See more
2/7/2022 • 39 minutes, 18 seconds Defensive Security Podcast Episode 261 https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/ https://blog.f-secure.com/insight-from-a-large-scale-phishing-study/ https://www.darkreading.com/attacks-breaches/log4j-proved-public-disclosure-still-helps-attackers https://www.csoonline.com/article/3647756/how-to-prioritize-and-remediate-vulnerabilities-in-the-wake-of-log4j-and-microsofts-patch-tuesday-b.html
See more
1/31/2022 • 51 minutes, 21 seconds Defensive Security Podcast Episode 260 https://www.csoonline.com/article/3647209/why-you-should-secure-your-embedded-server-management-interfaces.html https://www.csoonline.com/article/3646613/cybercrime-group-elephant-beetle-lurks-inside-networks-for-months.html https://www.zdnet.com/article/when-open-source-developers-go-bad/ https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-january-windows-server-updates/
See more
1/17/2022 • 31 minutes, 23 seconds Defensive Security Podcast Episode 259 1/3/2022 • 49 minutes, 49 seconds Defensive Security Podcast Episode 258 https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ https://arstechnica.com/gadgets/2021/07/feds-list-the-top-30-most-exploited-vulnerabilities-many-are-years-old/ https://www.securityweek.com/hospital-network-reveals-cause-2020-cyberattack https://www.csoonline.com/article/3628331/recent-shadow-it-related-incidents-present-lessons-to-cisos.html https://www.natlawreview.com/article/another-court-orders-production-cybersecurity-firm-s-forensic-report-data-breach https://www.secureworld.io/industry-news/ciso-lawsuit-solarwinds
See more
8/15/2021 • 49 minutes, 35 seconds Defensive Security Podcast Episode 257 https://therecord.media/using-vms-to-hide-ransomware-attacks-is-becoming-more-popular/ https://blog.erratasec.com/2021/07/ransomware-quis-custodiet-ipsos-custodes.html?m=1 https://www.databreachtoday.com/how-mespinoza-ransomware-group-hits-targets-a-17086 https://krebsonsecurity.com/2021/07/dont-wanna-pay-ransom-gangs-test-your-backups/ https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/
See more
7/25/2021 • 41 minutes, 26 seconds Defensive Security Podcast Episode 256 https://www.csoonline.com/article/3623760/printnightmare-vulnerability-explained-exploits-patches-and-workarounds.html#tk.rss_all https://www.securityweek.com/continuous-updates-everything-you-need-know-about-kaseya-ransomware-attack https://www.databreachtoday.com/kaseya-raced-to-patch-before-ransomware-disaster-a-17006
See more
7/11/2021 • 42 minutes, 48 seconds Defensive Security Podcast Episode 255 https://www.reuters.com/technology/us-sec-official-says-agency-has-begun-probe-cyber-breach-by-solarwinds-2021-06-21/ https://www.databreachtoday.com/cisa-firewall-rules-could-have-blunted-solarwinds-malware-a-16919 https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/ https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/
See more
6/27/2021 • 40 minutes, 42 seconds Defensive Security Podcast Episode 254 We’re baaaack
See more
Defensive Security Podcast Episode 253 https://www.securityinformed.com/news/intruder-research-mongodb-databases-breached-connected-internet-co-1594211095-ga-co-1594211806-ga.1594215158.html https://www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/ https://www.csoonline.com/article/3564726/privilege-escalation-explained-why-these-flaws-are-so-valuable-to-hackers.html#tk.rss_all https://arstechnica.com/information-technology/2020/06/theft-of-top-secret-cia-hacking-tools-was-result-of-woefully-lax-security/
See more
7/15/2020 • 46 minutes, 50 seconds Defensive Security Podcast Episode 252 https://www.bankinfosecurity.com/capital-one-must-turn-over-mandiant-forensics-report-a-14352 https://www.databreachtoday.com/insider-threat-lessons-from-3-incidents-a-14312 https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/
See more
5/31/2020 • 26 minutes, 35 seconds Defensive Security Podcast Episode 251 https://www.securityweek.com/recent-salt-vulnerabilities-exploited-hack-lineageos-ghost-digicert-servers https://www.zdnet.com/article/ransomware-mentioned-in-1000-sec-filings-over-the-past-year/
See more
Defensive Security Podcast Episode 250 https://www.zdnet.com/article/dhs-cisa-companies-are-getting-hacked-even-after-patching-pulse-secure-vpns/ https://www.bankinfosecurity.com/attackers-increasingly-using-web-shells-to-create-backdoors-a-14179 https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-los-angeles-county-city-leaks-files/
See more
5/3/2020 • 44 minutes, 25 seconds Defensive Security Podcast Episode 249 https://www.tomsguide.com/news/zoom-security-privacy-woes https://www.bankinfosecurity.com/blogs/learn-from-how-others-get-breached-equifax-edition-p-2870 https://www.zdnet.com/article/microsoft-how-one-emotet-infection-took-out-this-organizations-entire-network/ https://www.microsoft.com/security/blog/wp-content/uploads/2020/04/Case-study_Full-Operational-Shutdown.pdf
See more
4/5/2020 • 56 minutes, 33 seconds Defensive Security Podcast Episode 248 Be well, be safe, take care of yourselves, and take care of others (from an appropriate distance). https://www.businessinsider.com/coronavirus-apple-secrecy-work-from-home-difficult-2020-3 https://www.csoonline.com/article/3531963/8-key-security-considerations-for-protecting-remote-workers.html https://www.zdnet.com/article/microsoft-99-9-of-compromised-accounts-did-not-use-multi-factor-authentication/
See more
3/28/2020 • 56 minutes, 52 seconds Defensive Security Podcast Episode 247 https://www.securityweek.com/state-sponsored-cyberspies-use-sophisticated-server-firewall-bypass-technique https://www.zdnet.com/article/ransomware-victims-thought-their-backups-were-safe-they-were-wrong/ https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdf
See more
3/22/2020 • 42 minutes, 22 seconds Defensive Security Podcast Episode 246 https://www.darkreading.com/risk/cybercriminals-swap-phishing-for-credential-abuse-vuln-exploits/d/d-id/1337019 https://www.businessinsider.com/phishing-scams-getting-more-sophisticated-what-to-look-out-for-2020-2#hackers-will-start-by-targeting-low-level-employees-then-moving-laterally-to-compromise-executives-accounts-1 https://krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/ https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign.pdf
See more
2/23/2020 • 42 minutes, 24 seconds Defensive Security Podcast Episode 245 https://www.bankinfosecurity.com/judge-rules-insurer-must-pay-for-ransomware-damage-a-13673 https://www.zdnet.com/google-amp/article/new-york-state-wants-to-ban-government-agencies-from-paying-ransomware-demands/ https://www.bankinfosecurity.com/nist-drafts-guidelines-for-coping-ransomware-a-13679 https://arstechnica.com/information-technology/2020/01/dozens-of-companies-have-data-dumped-online-by-ransomware-ring-seeking-leverage/ https://www.bankinfosecurity.com/doppelpaymer-ransomware-threatens-to-dump-victims-data-a-13683
See more
2/9/2020 • 33 minutes, 52 seconds Defensive Security Podcast Episode 244 https://www.securityweek.com/attacker-installs-backdoor-blocks-others-exploiting-citrix-adc-vulnerability https://www.securityweek.com/court-approves-equifax-data-breach-settlement https://www.infosecurity-magazine.com/news/equifax-breach-settlement-could/ https://www.natlawreview.com/article/ico-issues-fine-against-national-retailer-security-failings
See more
1/21/2020 • 41 minutes, 5 seconds Defensive Security Podcast Episode 243 https://www.irishtimes.com/news/crime-and-law/courts/high-court/firm-being-blackmailed-by-hackers-for-6m-obtains-irish-court-injunction-1.4128069 https://inews.co.uk/inews-lifestyle/travel/travelex-hack-cyber-attack-ransomware-sodinokibi-travel-money-uk-firm-data-breach-explained-1358454 https://securityaffairs.co/wordpress/96046/hacking/microsoft-rdp-brute-force-study.html https://www.zdnet.com/article/company-shuts-down-because-of-ransomware-leaves-300-without-jobs-just-before-holidays/
See more
1/13/2020 • 34 minutes, 56 seconds Defensive Security Podcast Episode 242 https://www.wwltv.com/article/news/crime/city-government-in-recovery-mode-after-cyberattack/289-514a376e-16de-4b43-9756-a30baefe4c28 https://arstechnica.com/information-technology/2019/11/hackers-paradise-louisianas-ransomware-disaster-far-from-over/ https://www.csoonline.com/article/3488816/how-a-nuclear-plant-got-hacked.html
See more
12/21/2019 • 29 minutes, 22 seconds Defensive Security Podcast Episode 241 https://www.bleepingcomputer.com/news/security/allied-universal-breached-by-maze-ransomware-stolen-data-leaked/ https://www.csoonline.com/article/3454443/how-a-bank-got-hacked-a-study-in-how-not-to-secure-your-networks.html
See more
11/25/2019 • 39 minutes, 57 seconds Defensive Security Podcast Episode 240 https://arstechnica.com/information-technology/2019/11/breach-affecting-1-million-was-caught-only-after-hacker-maxed-out-targets-storage/ https://www.csoonline.com/article/3452747/what-you-need-to-know-about-the-new-owasp-api-security-top-10-list.html https://www.securityweek.com/pci-dss-compliance-between-audits-declining-verizon https://krebsonsecurity.com/2019/11/study-ransomware-data-breaches-at-hospitals-tied-to-uptick-in-fatal-heart-attacks/
See more
11/21/2019 • 58 minutes, 53 seconds Defensive Security Podcast Episode 239 https://securityaffairs.co/wordpress/92484/data-breach/imperva-data-breach-2.html https://arstechnica.com/information-technology/2019/10/the-count-of-managed-service-providers-getting-hit-with-ransomware-mounts/ https://www.zdnet.com/article/city-of-johannesburg-held-for-ransom-by-hacker-gang/
See more
11/6/2019 • 31 minutes, 4 seconds Defensive Security Podcast Episode 238 https://www.csoonline.com/article/3441220/marriott-data-breach-faq-how-did-it-happen-and-what-was-the-impact.html
See more
10/7/2019 • 31 minutes, 46 seconds Defensive Security Podcast Episode 237 https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
See more
9/23/2019 • 25 minutes, 43 seconds Defensive Security Podcast Episode 236 Get well soon, Mr. Kalat!
See more
6/15/2019 • 17 minutes, 6 seconds Defensive Security Podcast Episode 235 https://www.theregister.co.uk/2019/03/20/steffan_needham_aws_rampage_prison_sentence_voova/
https://www.zdnet.com/google-amp/article/study-shows-programmers-will-take-the-easy-way-out-and-not-implement-proper-password-security/
https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/
https://matrix.org/blog/2019/04/11/security-incident/index.html
See more
4/15/2019 • 25 minutes, 58 seconds Defensive Security Podcast Episode 234 https://www.zdnet.com/article/hackers-wipe-us-servers-of-email-provider-vfemail/ https://www.securityweek.com/russian-state-sponsored-hackers-are-fastest-crowdstrike https://www.zdnet.com/article/icann-there-is-an-ongoing-and-significant-risk-to-dns-infrastructure/ https://www.infosecurity-magazine.com/news/password-managers-no-more-secure-1/ https://www.zdnet.com/article/microsoft-do-these-things-now-to-protect-your-network/
See more
3/4/2019 • 40 minutes, 40 seconds Defensive Security Podcast Episode 233 https://www.securityweek.com/hackers-using-rdp-are-increasingly-using-network-tunneling-bypass-protections https://www.zdnet.com/article/trojan-malware-is-back-and-its-the-biggest-hacking-threat-to-your-business/ https://www.csoonline.com/article/3336923/security/phishing-has-become-the-root-of-most-cyber-evil.html https://www.darkreading.com/attacks-breaches/ransomware-attack-via-msp-locks-customers-out-of-systems/d/d-id/1333825 https://www.dlapiper.com/~/media/files/insights/publications/2019/02/dla-piper-gdpr-data-breach-survey-february-2019.pdf
See more
2/12/2019 • 49 minutes, 10 seconds Defensive Security Podcast Episode 232 https://www.zdnet.com/article/popular-wordpress-plugin-hacked-by-angry-former-employee/ https://www.zdnet.com/article/notpetya-an-act-of-war-cyber-insurance-firm-taken-to-task-for-refusing-to-pay-out/ https://www.zdnet.com/article/employees-sacked-ceo-fined-in-singhealth-security-breach/ – https://www.zdnet.com/article/firms-fined-1m-for-singhealth-data-security-breach/ https://www.securityweek.com/new-variant-bec-seeks-divert-payroll-deposits https://www.zdnet.com/article/oklahoma-gov-data-leak-exposes-millions-of-department-files-fbi-investigations/
See more
1/22/2019 • 42 minutes, 50 seconds Defensive Security Podcast Episode 231 https://lifehacker.com/why-smart-people-make-stupid-mistakes-1831503216 https://www.chicagotribune.com/business/ct-biz-tribune-publishing-malware-20181230-story,amp.html https://www.securityweek.com/was-north-korea-wrongly-accused-ransomware-attacks https://www.healthcareitnews.com/news/staff-lapses-and-it-system-vulnerabilities-are-key-reasons-behind-singhealth-cyberattack https://www.nextgov.com/cybersecurity/2019/01/hhs-releases-voluntary-cybersecurity-practices-health-industry/153835/ https://www.zdnet.com/article/data-of-2-4-million-blur-password-manager-users-left-exposed-online/ https://arstechnica.com/information-technology/2018/12/iranian-phishers-bypass-2fa-protections-offered-by-yahoo-mail-and-gmail/
See more
1/15/2019 • 48 minutes, 33 seconds Defensive Security Podcast Episode 230 https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/ https://krebsonsecurity.com/2018/11/marriott-data-on-500-million-guests-stolen-in-4-year-breach/ https://krebsonsecurity.com/2018/12/what-the-marriott-breach-says-about-security/
See more
12/4/2018 • 54 minutes, 57 seconds Defensive Security Podcast Episode 229 https://www.dutchnews.nl/news/2018/11/internet-con-men-ripped-off-pathe-nl-for-e19m-in-sophisticated-fraud/ https://lifehacker.com/how-password-constraints-give-you-a-false-sense-of-secu-1830564360 https://www.csoonline.com/article/3319704/data-protection/the-end-of-security-as-we-know-it.html https://www.careersinfosecurity.com/breach-settlement-has-unusual-penalty-a-11669 https://motherboard.vice.com/en_us/article/bje8na/massive-data-leaks-keep-happening-because-big-companies-can-afford-to-lose-your-data https://www.zdnet.com/article/city-of-valdez-alaska-admits-to-paying-off-ransomware-infection/
See more
11/27/2018 • 1 hour, 4 minutes, 18 seconds Defensive Security Podcast Episode 228 https://www.zdnet.com/article/this-is-how-artificial-intelligence-will-become-weaponized-in-future-cyberattacks/ https://www.securityinfowatch.com/article/12434583/everyone-needs-to-take-responsibility-for-cybersecurity-in-the-workplace https://www.zdnet.com/article/adobe-coldfusion-servers-under-attack-from-apt-group/ https://www.securityweek.com/troubled-waters-how-new-wave-cyber-attacks-targeting-maritime-trade https://securityaffairs.co/wordpress/77676/malware/industrial-facilities-malware.html
See more
11/13/2018 • 46 minutes, 47 seconds Defensive Security Podcast Episode 227 https://www.zdnet.com/article/equifax-engineer-who-designed-breach-portal-gets-8-months-of-house-arrest-for-insider-trading/ https://www.csoonline.com/article/3314557/security/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html https://www.securityweek.com/insurer-anthem-will-pay-record-16m-massive-data-breach https://blog.sucuri.net/2018/10/malicious-redirects-from-newsharecounts-com-tweet-counter.html https://www.thinkadvisor.com/2018/09/26/sec-hits-voya-financial-advisors-with-1m-fine-over/ https://www.healthcareitnews.com/news/debunking-cybersecurity-thought-humans-are-weakest-link
See more
10/30/2018 • 57 minutes, 58 seconds Defensive Security Podcast Episode 226 redux Note: this episode is being re-released to fix a problem with the mp3 download. https://www.tripwire.com/state-of-security/security-data-protection/bec-as-a-service-offers-hacked-business-accounts-for-as-little-as-150/ https://www.bleepingcomputer.com/news/security/ic3-issues-alert-regarding-remote-desktop-protocol-rdp-attacks/ https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/
See more
10/8/2018 • 1 hour, 39 seconds Defensive Security Podcast Episode 225 https://motherboard.vice.com/en_us/article/pa8emg/russian-indicted-jp-morgan-chase-hack https://www.zdnet.com/article/us-government-releases-post-mortem-report-on-equifax-hack/ https://www.zdnet.com/article/phishing-alert-north-korean-hacking-attacks-shows-your-email-is-still-the-weakest-link/ https://www.verizon.com/about/news/lifting-lid-cybercrime
See more
9/9/2018 • 53 minutes, 1 second Defensive Security Podcast Episode 224 https://www.zdnet.com/article/this-destructive-ransomware-has-made-crooks-6m-by-encrypting-data-and-backups/ https://www.bleepingcomputer.com/news/security/reddit-announces-security-breach-after-hackers-bypassed-staffs-2fa/ https://www.databreachtoday.com/art-steal-fin7s-highly-effective-phishing-a-11286 https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
See more
8/31/2018 • 43 minutes, 56 seconds Defensive Security Podcast Episode 223 https://www.straitstimes.com/singapore/personal-info-of-15m-singhealth-patients-including-pm-lee-stolen-in-singapores-most https://www.bankinfosecurity.com/labcorp-still-recovering-from-ransomware-attack-a-11235 https://www.securityweek.com/cyber-axis-evil-rewriting-cyber-kill-chain https://arstechnica.com/information-technology/2018/07/prolific-hacking-group-steals-almost-1-million-from-russian-bank/#p3 https://www.bleepingcomputer.com/news/government/us-charges-12-russian-intelligence-officers-for-hacking-dnc-running-dcleaks/
See more
7/31/2018 • 45 minutes, 54 seconds Defensive Security Podcast Episode 222 https://www.csoonline.com/article/3285982/data-protection/4-reasons-why-cisos-must-think-like-developers-to-build-cybersecurity-platforms.html https://www.csoonline.com/article/3287655/phishing/stop-training-your-employees-to-fall-for-phishing-attacks.html https://www.bankinfosecurity.com/cryptojacking-displaces-ransomware-as-top-malware-threat-a-11165 https://wiki.gentoo.org/wiki/Project:Infrastructure/Incident_Reports/2018-06-28_Github
See more
7/15/2018 • 52 minutes, 3 seconds Defensive Security Podcast Episode 221 https://www.esecurityplanet.com/network-security/security-projects-cisos-should-consider-gartner.html Data breach defendant must hand over computer forensics reports: court https://www.theregister.co.uk/2018/06/26/digitally_signed_malware/ https://www.bankinfosecurity.com/californias-new-privacy-law-its-almost-gdpr-in-us-a-11149 https://blog.erratasec.com/2018/06/lessons-from-npetya-one-year-later.html
See more
7/3/2018 • 42 minutes, 48 seconds Defensive Security Podcast Episode 220 https://www.wired.com/story/exactis-database-leak-340-million-records/ https://www.helpnetsecurity.com/2018/06/19/opm-breach-fraud/ https://www.tenable.com/blog/should-you-still-prioritize-exploit-kit-vulnerabilities
See more
6/28/2018 • 40 minutes, 15 seconds Defensive Security Podcast Episode 219 https://www.csoonline.com/article/3276584/ransomware/what-does-a-ransomware-attack-cost-beware-the-hidden-expenses.html https://www.bankinfosecurity.com/mental-health-provider-pays-ransom-to-recover-data-a-11040 https://www.itbusinessedge.com/blogs/data-security/did-we-see-our-first-data-breach-of-the-gdpr-era.html
See more
6/19/2018 • 35 minutes, 31 seconds Defensive Security Podcast Episode 218 https://www.zdnet.com/article/wannacry-ransomware-crisis-one-year-on-are-we-ready-for-the-next-global-cyber-attack/ https://www.zdnet.com/article/enterprise-vulnerability-management-as-effective-as-random-chance/ https://www.zdnet.com/article/enterprise-codebases-plagued-by-open-source-vulnerabilities/ https://www.databreachtoday.com/nuance-communications-breach-affected-45000-patients-a-11002
See more
5/28/2018 • 52 minutes, 18 seconds Defensive Security Podcast Episode 217 https://www.csoonline.com/article/3262168/ransomware/customers-describe-the-impact-of-the-allscripts-ransomware-attack.html https://www.infosecurity-magazine.com/news/atlanta-city-splurges-27m/ https://arstechnica.com/information-technology/2018/04/insecure-rsa-conference-app-leaked-attendee-data/ https://www.wired.com/story/inside-the-unnerving-supply-chain-attack-that-corrupted-ccleaner/
See more
4/24/2018 • 44 minutes, 47 seconds Defensive Security Podcast Episode 216 https://www.verizonenterprise.com/verizon-insights-lab/dbir/
See more
4/21/2018 • 52 minutes, 39 seconds Defensive Security Podcast Episode 215 https://www.bankinfosecurity.com/nj-ag-smacks-practice-hefty-fine-for-vendor-breach-a-10774 https://www.bankinfosecurity.com/panera-bread-data-leak-persisted-for-eight-months-a-10760 http://www.eweek.com/security/best-buy-delta-sears-hit-by-third-party-chat-widget-breach http://www.baltimoresun.com/news/maryland/crime/bs-md-ci-hack-folo-20180328-story.html
See more
4/13/2018 • 51 minutes, 41 seconds Defensive Security Podcast Episode 214 https://www.csoonline.com/article/3265024/privacy/are-you-letting-gdpr-s-privacy-rules-trump-security.html http://www.zdnet.com/article/doj-indicts-iranian-hackers-for-stealing-data-from-144-us-universities/ https://www.databreachtoday.com/report-guccifer-20-unmasked-at-last-a-10737 https://www.databreachtoday.com/expedias-orbitz-suspects-880000-payment-cards-stolen-a-10729 https://www.csoonline.com/article/3266364/security/samsam-group-deletes-atlantas-contact-portal-after-the-address-goes-public.html https://www.securityweek.com/top-vulnerabilities-exploited-cybercriminals
See more
3/29/2018 • 49 minutes, 42 seconds Defensive Security Podcast Episode 213 https://www.theguardian.com/business/2018/mar/14/equifax-insider-trading-data-breach-jun-ying-charged https://gizmodo.com/us-power-company-fined-2-7-million-over-security-flaws-1823745994 https://www.csoonline.com/article/3262551/data-protection/are-your-employees-unwittingly-invalidating-your-cyber-liability-insurance.html https://www.cisecurity.org/controls/
See more
3/21/2018 • 41 minutes, 41 seconds Defensive Security Podcast Episode 212 https://www.csoonline.com/article/3258817/data-breach/sec-guidance-on-it-security-would-you-report-security-risks-before-a-breach.html http://www.zdnet.com/article/hackers-are-selling-legitimate-code-signing-certificates-to-evade-malware-detection/ http://au.news.yahoo.com/a/39380423/equifax-expects-net-200-million-in-breach-related-costs-in-2018/ http://www.eweek.com/security/crowdstrike-reveals-time-to-breakout-as-key-cyber-security-metric https://www.securityweek.com/sophisticated-cyberspies-target-middle-east-africa-routers
See more
3/13/2018 • 1 hour, 7 minutes, 37 seconds Defensive Security Podcast Episode 211 https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/ https://www.cyberscoop.com/atos-olympics-hack-olympic-destroyer-malware-peyongchang/ https://www.bankinfosecurity.com/blogs/attribution-games-dont-rush-to-blame-p-2594 http://www.zdnet.com/article/meltdown-spectre-flaws-weve-found-new-attack-variants-say-researchers/ https://news.iu.edu/stories/2018/02/iub/releases/13-paper-suggests-agency-to-prevent-cyberattacks.html
See more
2/19/2018 • 45 minutes, 23 seconds Defensive Security Podcast Episode 209 https://www.csoonline.com/article/3247653/data-protection/5-mistakes-ive-made-and-how-to-avoid-them.html https://www.csoonline.com/article/3244650/disaster-recovery/why-we-continue-to-fail-lessons-learned-from-the-atlanta-airport-fiasco.html https://www.wired.com/story/meltdown-and-spectre-patches-take-toll/
See more
1/17/2018 • 1 hour, 10 minutes, 51 seconds Defensive Security Podcast Episode 208 https://www.upguard.com/breaches/cloud-leak-alteryx?ilink=1 https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/
See more
12/30/2017 • 1 hour, 5 minutes, 34 seconds Defensive Security Podcast Episode 207 https://www.csoonline.com/article/3239645/data-protection/3-common-cybersecurity-maturity-failings.html https://www.troyhunt.com/the-trouble-with-politicians-sharing-passwords/ https://krebsonsecurity.com/2017/12/phishers-are-upping-their-game-so-should-you/ https://www.reuters.com/article/us-uber-cyber-payment-exclusive/exclusive-uber-paid-20-year-old-florida-man-to-keep-data-breach-secret-sources-idUSKBN1E101C
See more
12/14/2017 • 1 hour, 3 minutes, 31 seconds Defensive Security Podcast Episode 206 http://www.zdnet.com/article/national-credit-federation-leaked-us-citizen-data-through-unsecured-aws-bucket/ http://www.mercurynews.com/2017/11/21/uber-concealed-attack-that-exposed-data-of-57-million/
See more
12/5/2017 • 42 minutes, 8 seconds Defensive Security Podcast Episode 205 https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/ https://www.bankinfosecurity.com/mayer-strengthened-defense-couldnt-stop-massive-breaches-a-10442 http://www.securityweek.com/phishing-poses-biggest-threat-users-google
See more
11/13/2017 • 38 minutes, 33 seconds Defensive Security Podcast Episode 204 https://www.bleepingcomputer.com/news/security/59-percent-of-employees-hit-by-ransomware-at-work-paid-ransom-out-of-their-own-pockets/ https://motherboard.vice.com/en_us/article/ne3bv7/equifax-breach-social-security-numbers-researcher-warning https://www.csoonline.com/article/3234675/data-protection/6-reasons-why-awareness-programs-fail-even-when-following-best-practices.html https://cyberbalancesheet.com/
See more
11/6/2017 • 52 minutes, 31 seconds Defensive Security Podcast Episode 203 https://www.bloomberg.com/news/features/2017-09-29/the-equifax-hack-has-all-the-hallmarks-of-state-sponsored-pros https://www.databreachtoday.com/ex-ceo-blames-human-error-tech-failures-for-equifax-breach-a-10349 http://www.zdnet.com/article/wsj-kaspersky-software-likely-used-in-russian-backed-nsa-breach/ https://www.washingtonpost.com/world/national-security/israel-hacked-kaspersky-then-tipped-the-nsa-that-its-tools-had-been-breached/2017/10/10/d48ce774-aa95-11e7-850e-2bdd1236be5d_story.html https://www.bleepingcomputer.com/news/legal/it-admin-trashes-railroad-companys-network-before-he-leaves/
See more
10/16/2017 • 54 minutes, 17 seconds Defensive Security Podcast Episode 202 https://arstechnica.com/information-technology/2017/09/ccleaner-backdoor-infecting-millions-delivered-mystery-payload-to-40-pcs/ https://www.theregister.co.uk/2017/09/26/equifax_ceo_resigns/ https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/comment-page-2/ https://www.theregister.co.uk/2017/09/26/deloitte_leak_github_and_google/
See more
10/2/2017 • 56 minutes, 26 seconds Defensive Security Podcast Episode 201 https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/ https://www.welivesecurity.com/2017/09/06/security-vulnerability-leaves-fortune-100-firms-vulnerable/ http://nypost.com/2017/09/08/equifax-blames-giant-breach-on-vendor-software-flaw/amp/ https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax https://qz.com/1073221/the-hackers-who-broke-into-equifax-exploited-a-nine-year-old-security-flaw/
See more
9/11/2017 • 55 minutes, 39 seconds Defensive Security Podcast Episode 200 http://www.securityweek.com/three-questions-every-ciso-should-be-able-answer https://arstechnica.com/information-technology/2017/08/powerful-backdoor-found-in-software-used-by-100-banks-and-energy-cos/?amp=1 https://krebsonsecurity.com/2017/08/blowing-the-whistle-on-bad-attribution/ http://www.csoonline.com/article/3213030/security/when-it-comes-to-the-cloud-do-cisos-have-their-heads-in-the-sand.html http://www.zdnet.com/article/petya-ransomware-cyber-attack-costs-could-hit-300m-for-shipping-giant-maersk/ https://www.helpnetsecurity.com/2017/08/24/crystal-finance-millennium-compromised/ https://www.lacyberlab.org/what-los-angeles-cyber-lab
See more
8/29/2017 • 51 minutes, 24 seconds Defensive Security Podcast Episode 199 https://www.theregister.co.uk/2017/08/10/salesforce_fires_its_senior_security_engineers_after_defcon_talk/?mt=1502653861726 PR fight ensues after claims of leaked Carbon Black data https://www.theregister.co.uk/2017/08/10/carbon_black_denies_sec_sys_broken/ http://www.databreachtoday.com/ocr-tells-organizations-to-step-up-phishing-scam-awareness-a-10174 https://www.infosecurity-magazine.com/news/anthem-medicare-patients-hit-breach/ https://www.theregister.co.uk/2017/08/07/cba_blames_software_for_money_laundering_miss/
See more
8/14/2017 • 52 minutes, 5 seconds Defensive Security Podcast Episode 198 https://www.darkreading.com/vulnerabilities—threats/wannacry-inspires-worm-like-module-in-trickbot/d/d-id/1329491 http://www.securityweek.com/one-million-exposed-adware-hijacked-chrome-extension https://www.darkreading.com/risk/can-your-risk-assessment-stand-up-under-scrutiny/a/d-id/1329435
See more
8/7/2017 • 53 minutes, 20 seconds Defensive Security Podcast Episode 197 http://thehackernews.com/2017/07/adwind-rat-malware.html https://www.theregister.co.uk/2017/07/13/swiss_domain_name_hijack/ http://www.databreachtoday.com/fedex-warns-notpetya-will-negatively-affect-profits-a-10118 http://www.cnbc.com/2017/07/21/a-cyberattack-is-going-to-cause-this-tech-company-to-miss-earnings.html http://www.securityweek.com/alarming-percentage-employees-hide-security-incidents-report
See more
7/24/2017 • 48 minutes, 35 seconds Defensive Security Podcast Episode 196 http://www.databreachtoday.com/notpetya-patient-zero-ukrainian-accounting-software-vendor-a-10080 http://blog.talosintelligence.com/2017/07/the-medoc-connection.html?m=1 http://www.databreachtoday.com/police-seize-backdoored-firms-servers-to-stop-attacks-a-10083 https://www.bleepingcomputer.com/news/security/m-e-doc-software-was-backdoored-3-times-servers-left-without-updates-since-2013/ https://www.wired.com/story/petya-plague-automatic-software-updates/ https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/https://apnews.com/962db1cd370d4fdda6083d064b94dd1b https://infosec.engineering/notpetya-complex-attacks-and-the-fog-of-war/
See more
7/12/2017 • 1 hour, 14 minutes, 26 seconds Defensive Security Podcast Episode 195 http://securityaffairs.co/wordpress/60243/data-breach/dra-data-leak.html https://www.wired.com/story/crash-override-malware/ https://threatpost.com/fin10-extorting-canadian-mining-companies-casinos/126382/ http://variety.com/2017/digital/features/netflix-orange-is-the-new-black-leak-dark-overlord-larson-studios-1202471400/amp/ https://arstechnica.com/information-technology/2017/06/32tb-of-windows-10-beta-builds-driver-source-code-leaked/ https://arstechnica.com/security/2017/06/5-weeks-after-wcry-outbreak-nsa-derived-worm-shuts-down-a-honda-factory/
See more
6/27/2017 • 58 minutes, 36 seconds Defensive Security Podcast Episode 194 https://hotforsecurity.bitdefender.com/blog/heartbleed-still-hurting-hard-uk-council-fined-100000-after-data-breach-18205.html https://threatpost.com/ransomware-attack-hobbles-prestigious-university-college-london/126299/ http://www.securityweek.com/web-hosting-provider-pays-1-million-ransomware-attackers https://infosec.engineering/improving-the-effectiveness-of-vulnerability-remediation-targeting/
See more
Defensive Security Podcast Episode 193 http://www.csoonline.com/article/3198492/security/ceos-risky-behaviors-compromise-security.html https://www.bleepingcomputer.com/news/security/ex-admin-deletes-all-customer-data-and-wipes-servers-of-dutch-hosting-provider http://thehackernews.com/2017/06/intel-amt-firewall-bypass.html http://thehackernews.com/2017/06/microsoft-powerpoint-malware.html
See more
6/12/2017 • 30 minutes, 52 seconds Defensive Security Podcast Episode 192 http://www.csoonline.com/article/3198496/compliance/sometimes-it-is-necessary-to-bend-the-rules-a-bit.html http://www.securityweek.com/nature-vs-nurture-bad-cybersecurity-our-dna http://gizmodo.com/top-defense-contractor-left-sensitive-pentagon-files-on-1795669632 https://nakedsecurity.sophos.com/2017/06/02/onelogin-warns-that-attacker-could-be-able-to-decrypt-data/
See more
6/6/2017 • 36 minutes, 2 seconds Defensive Security Podcast Episode 191 https://arstechnica.com/security/2017/05/windows-7-not-xp-was-the-reason-last-weeks-wcry-worm-spread-so-widely/ http://www.publictechnology.net/articles/news/nhs-cyber-attack-forces-week-long-council-email-block https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loose-then-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html https://www.grahamcluley.com/companies-keeping-bitcoin-hand-case-ransomware-attacks/ http://www.eweek.com/security/zomato-docusign-breaches-reveal-common-security-risks
See more
5/25/2017 • 48 minutes, 3 seconds Defensive Security Podcast Episode 190 http://www.verizonenterprise.com/resources/reports/rp_DBIR_2017_Report_en_xg.pdf
See more
5/10/2017 • 1 hour, 49 minutes, 3 seconds Defensive Security Podcast Episode 189 https://www.wsj.com/articles/cybersecurity-startup-tanium-exposed-california-hospitals-network-in-demos-without-permission-1492624287 95% of enterprise risk assessments find employees using TOR, private VPNs to bypass security, report says http://www.csoonline.com/article/3191286/security/most-employees-willing-to-share-sensitive-information-survey-says.html https://www.bleepingcomputer.com/news/security/over-36-000-computers-infected-with-nsas-doublepulsar-malware/
See more
4/25/2017 • 51 minutes, 58 seconds Defensive Security Podcast Episode 188 https://arstechnica.com/security/2017/04/purported-shadow-brokers-0days-were-in-fact-killed-by-mysterious-patch/ https://www.bleepingcomputer.com/news/security/former-sysadmin-accused-of-planting-time-bomb-in-companys-database/ http://www.computerworld.com/article/3189059/security/what-prevents-breaches-process-technology-or-people-one-answer-is-pc-and-one-is-right.html http://www.csoonline.com/article/3187422/network-security/report-30-of-malware-is-zero-day-missed-by-legacy-antivirus.amp.html How Hackers Hijacked a Bank’s Entire Online Operation http://news.softpedia.com/news/two-laptops-with-hong-kong-s-3-7-million-voters-data-stolen-514346.shtml Threat Brief: Credential Theft – The Keystone of the Shamoon 2 Attacks
See more
4/17/2017 • 1 hour, 4 minutes, 2 seconds Defensive Security Podcast Episode 187 http://www.itworld.com/article/3182431/security/some-https-inspection-tools-might-weaken-security.html https://www.bleepingcomputer.com/news/legal/former-it-admin-accused-of-leaving-backdoor-account-accessing-it-700-times/ http://www.securityweek.com/what-cisos-can-learn-er-doctors http://www.csoonline.com/article/3180762/data-breach/inside-the-russian-hack-of-yahoo-how-they-did-it.html https://arstechnica.com/security/2017/03/microsofts-silence-over-unprecedented-patch-delay-doesnt-smell-right/
See more
3/28/2017 • 47 minutes, 57 seconds Defensive Security Podcast Episode 186 http://www.bankinfosecurity.com/emory-healthcare-database-breach-what-happened-a-9745 http://www.networkworld.com/article/3176718/security/dealing-with-overwhelming-volume-of-security-alerts.html#tk.rss_security http://www.networkworld.com/article/3175030/security/trend-micro-report-ransomware-booming.html https://www.helpnetsecurity.com/2017/03/02/yahoo-cookie-forging-incident/ http://www.darkreading.com/risk/new-cybersecurity-regulations-begin-today-for-ny-banks/d/d-id/1328295 http://www.pcworld.com/article/3179348/security/after-cia-leak-intel-security-releases-detection-tool-for-efi-rootkits.html https://arstechnica.com/security/2017/03/wikileaks-publishes-what-it-says-is-trove-of-cia-hacking-tools/ http://www.csoonline.com/article/3177994/security/cia-false-flag-team-repurposed-shamoon-data-wiper-other-malware.html
See more
3/14/2017 • 56 minutes, 11 seconds Defensive Security Podcast Episode 185 https://www.bleepingcomputer.com/news/security/malware-used-to-attack-polish-banks-contained-false-flags-blaming-russian-hackers/ http://www.csoonline.com/article/3173639/security/bleeding-clouds-cloudflare-server-errors-blamed-for-leaked-customer-data.html http://www.csoonline.com/article/3174153/security/carders-capitalize-on-cloudflare-problems-claim-150-million-logins-for-sale.amp.html http://www.securityweek.com/what-hackers-think-your-defenses http://www.csoonline.com/article/3171154/security/verizon-knocks-off-350m-from-yahoo-deal-after-breaches.html
See more
2/28/2017 • 52 minutes, 36 seconds Defensive Security Podcast Episode 184 https://gallery.technet.microsoft.com/ATA-Playbook-ef0a8e38/file/169827/1/ATA%20Playbook.pdf http://www.securityweek.com/google-shares-data-corporate-email-attacks http://www.databreachtoday.com/reworked-ny-cybersecurity-regulation-takes-effect-in-march-a-9733 http://www.computerworld.com/article/3169386/security/recent-malware-attacks-on-polish-banks-tied-to-wider-hacking-campaign.html#tk.rss_security http://www.computerworld.com/article/3166824/security/polish-banks-on-alert-after-mystery-malware-found-on-computers.html http://www.forbes.com/sites/thomasbrewster/2017/02/16/dnc-fancy-bear-russia-hackers-mac-malware-hacking-team-fbi-fsb/#3998bc7812bc
See more
2/20/2017 • 47 minutes, 36 seconds Defensive Security Podcast Episode 183 https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/?amp=1 http://www.darkreading.com/risk/7-tips-for-getting-your-security-budget-approved/d/d-id/1328004 https://www.asd.gov.au/publications/protect/essential-eight-explained.htm http://www.csoonline.com/article/3163068/application-development/how-to-secure-active-directory.html https://securosis.com/mobile/tidal-forces-software-as-a-service-is-the-new-back-office/full
See more
2/14/2017 • 1 hour, 1 minute, 15 seconds Defensive Security Podcast Episode 182 http://www.securityweek.com/cyber-threat-intelligence-shows-majority-cybercrime-not-sophisticated http://www.databreachtoday.com/new-in-depth-analysis-anthem-breach-a-9627 http://www.databreachtoday.com/475000-hipaa-penalty-for-tardy-breach-notification-a-9624 http://www.databreachtoday.com/insurer-slapped-22-million-hipaa-settlement-a-9643 https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/ https://securosis.com/mobile/tidal-forces-endpoints-are-different-more-secure-and-less-open/full
See more
1/23/2017 • 1 hour, 4 minutes, 38 seconds Defensive Security Podcast Episode 181 http://www.businessinsider.com/russian-hacking-fears-reportedly-triggered-by-vermont-employee-checking-his-email-2017-1 http://www.cio.com/article/3153706/security/4-information-security-threats-that-will-dominate-2017.html http://www.databreachtoday.com/major-breach-insurer-blames-system-integrator-a-9603 http://www.zdnet.com/article/this-ransomware-targets-hr-departments-with-fake-job-applications/ https://securosis.com/mobile/tidal-forces-the-trends-tearing-apart-security-as-we-know-it/full https://securosis.com/blog/network-security-in-the-cloud-age-everything-changes http://blog.erratasec.com/2017/01/notes-about-ftc-action-against-d-link.html Slack Channel: http://https://defensivesecurity.org/slack-channel/
See more
1/9/2017 • 59 minutes, 19 seconds Defensive Security Podcast Episode 180 https://www.bleepingcomputer.com/news/security/new-scheme-spread-popcorn-time-ransomware-get-chance-of-free-decryption-key/ http://arstechnica.com/tech-policy/2016/12/disgraced-it-worker-stole-confidential-expedia-e-mails-even-after-he-left/ http://arstechnica.com/security/2016/12/millions-exposed-to-malvertising-that-hid-attack-code-in-banner-pixels/ http://www.reuters.com/article/us-cyber-heist-bangladesh-exclusive-idUSKBN1411ST http://motherboard.vice.com/read/newly-uncovered-site-suggests-nsa-exploits-for-direct-sale http://arstechnica.com/security/2016/12/what-can-you-do-with-a-billion-yahoo-passwords-lots-of-bad-things/
See more
12/20/2016 • 49 minutes, 25 seconds Defensive Security Podcast Episode 179 2016 HOLIDAY PODCAST MASHUP With: PVC Security Podcast: http://www.pvcsec.com/ Brakeing Down Security Podcast: http://www.brakeingsecurity.com/ Advanced Persistent Security Podcast: https://advancedpersistentsecurity.net/ …and Amanda Berlin!
See more
12/18/2016 • 1 hour, 14 minutes, 21 seconds Defensive Security Podcast Episode 178 Slack channel: https://defensivesecurity.org/slack-channel/ http://blog.checkpoint.com/2016/11/24/imagegate-check-point-uncovers-new-method-distributing-malware-images/ http://www.csoonline.com/article/3143713/analytics/shall-we-care-about-zero-day.html http://www.databreachtoday.com/umass-amherst-hit-650000-hipaa-settlement-a-9554 http://arstechnica.com/security/2016/11/elegant-0day-unicorn-underscores-serious-concerns-about-linux-security/ http://www.securityweek.com/disgruntled-gamer-likely-behind-october-us-hacking-expert http://www.theregister.co.uk/2016/11/17/google_hacker_pleads_try_whitelists_not_just_bunk_antivirus_ids/ https://blog.instant2fa.com/an-economic-model-for-security-spending-3d982d05d0c1#.fpcnkz5qn http://www.securityweek.com/when-ransomware-hits-business-paying-unlikely-guarantee-resolution http://www.csoonline.com/article/3142889/security/ransomware-victims-able-to-thwart-attacks-report-says.html
See more
11/28/2016 • 1 hour, 13 minutes, 4 seconds Defensive Security Podcast Episode 177 Book recommendations: https://defensivesecurity.org/resources/recommended-books/ Slack channel: http://https://defensivesecurity.org/slack-channel/ http://arstechnica.com/information-technology/2016/11/kaspersky-accuses-microsoft-of-anticompetitive-bundling-of-antivirus-software/ https://nakedsecurity.sophos.com/2016/11/11/yahoo-staff-knew-they-were-breached-two-years-ago/ http://www.csoonline.com/article/3139311/security/412-million-friendfinder-accounts-exposed-by-hackers.html
See more
11/14/2016 • 37 minutes, 37 seconds Defensive Security Podcast Episode 176 https://www.helpnetsecurity.com/2016/11/03/overconfidence-risk-attacks/ http://arstechnica.com/security/2016/11/windows-zero-day-exploited-by-same-group-behind-dnc-hack/ http://www.bankinfosecurity.com/those-suing-anthem-seek-security-audit-documents-a-9498 https://it.slashdot.org/story/16/11/05/1744231/it-workers-facing-layoffs-jolted-by-ceos-message
See more
11/7/2016 • 54 minutes, 19 seconds Defensive Security Podcast Episode 175 http://www.securityweek.com/shadow-brokers-leaks-servers-allegedly-hacked-nsa http://www.bankinfosecurity.com/online-ad-industry-threatened-by-security-issues-a-9488 http://m.elpasoinc.com/news/local_news/article_92e82ee0-9f84-11e6-b429-0b2b853bae0b.html?mode=jqm http://researchcenter.paloaltonetworks.com/2016/10/unit42-psa-conference-invite-used-lure-operation-lotus-blossom-actors/
See more
11/2/2016 • 1 hour, 5 minutes, 55 seconds Defensive Security Podcast Episode 174 https://threatpost.com/serious-dirty-cow-linux-vulnerability-under-attack/121448/ http://news.softpedia.com/news/hackers-steal-research-and-user-data-from-japanese-nuclear-research-lab-509380.shtml https://www.databreaches.net/rainbow-childrens-clinic-notifies-33368-patients-of-ransomware-attack/ https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/
See more
10/24/2016 • 40 minutes, 38 seconds Defensive Security Podcast Episode 173 http://conferences.oreilly.com/security/network-data-security-ny/public/content/buy-one-get-one-discount https://www.eventbrite.com/e/bsides-atlanta-2016-tickets-27895813128 http://www.cnbc.com/2016/10/14/british-banks-keep-cyber-attacks-under-wraps-to-protect-image.html http://www.lexology.com/library/detail.aspx?g=f17c1e55-5768-4ea6-a7e6-d555c4052eef https://www.nist.gov/news-events/news/2016/10/security-fatigue-can-cause-computer-users-feel-hopeless-and-act-recklessly
See more
10/16/2016 • 40 minutes, 8 seconds Defensive Security Podcast Episode 172 http://cybersecurity.oxfordjournals.org/content/early/2016/08/08/cybsec.tyw001 https://www.helpnetsecurity.com/2016/09/29/risky-password-practices/ http://www.nytimes.com/2016/09/29/technology/yahoo-data-breach-hacking.html?_r=0 http://www.databreachtoday.com/blogs/yahoo-breach-great-nation-state-cop-out-p-2260
See more
10/3/2016 • 42 minutes, 38 seconds Defensive Security Podcast Episode 171 http://www.csoonline.com/article/3119965/security/a-single-ransomware-network-has-pulled-in-121-million.html https://www.sans.org/reading-room/whitepapers/dataprotection/data-breaches-prevention-practical-37267 http://www.bankinfosecurity.com/aligning-cyber-framework-organizations-strategy-goals-a-9401 http://arstechnica.com/security/2016/09/swift-fraudsters-detection-system-bangladesh-bank-heist/ http://www.bankinfosecurity.com/blogs/ransomware-victims-please-come-forward-p-2255 http://www.nytimes.com/2016/09/17/business/dealbook/wells-fargo-warned-workers-against-fake-accounts-but-they-needed-a-paycheck.html
See more
9/22/2016 • 58 minutes, 24 seconds Defensive Security Podcast Episode 170 http://news.softpedia.com/news/retiring-sysadmin-fakes-cyber-attack-to-get-away-with-data-theft-507992.shtml https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf http://money.cnn.com/2016/09/08/investing/wells-fargo-created-phony-accounts-bank-fees/index.html http://spectrum.ieee.org/view-from-the-valley/computing/it/facebook-engineers-crash-data-centers-in-realworld-stress-test http://www.bloomberg.com/news/articles/2016-09-08/cisco-s-network-bugs-are-front-and-center-in-bankruptcy-fight
See more
9/11/2016 • 58 minutes, 42 seconds Defensive Security Podcast Episode 169 http://www.csoonline.com/article/3110975/techology-business/how-do-you-measure-success-when-it-comes-to-stopping-phishing-attacks.html http://www.databreachtoday.com/equation-group-hacking-tool-dump-5-lessons-a-9358 http://www.csoonline.com/article/3109982/security/attackers-dont-need-vulnerabilities-when-the-basics-work-just-as-well.html http://www.securityweek.com/attacker-uses-virtual-machine-hide-malicious-activity http://www.networkworld.com/article/3110653/security/imperva-application-layer-ddos-attacks-are-on-the-rise.html http://arstechnica.com/security/2016/08/actively-exploited-ios-flaws-that-hijack-iphones-likely-spread-for-years/
See more
8/30/2016 • 44 minutes, 50 seconds Defensive Security Podcast Episode 168 https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/ http://www.extremetech.com/extreme/234031-your-guide-to-the-shadow-brokers-nsa-theft-which-puts-the-snowden-leaks-to-shame http://phys.org/news/2016-08-people-software-percent.html http://www.csoonline.com/article/3108025/cyber-attacks-espionage/cerber-ransomware-earns-2-3mil-with-0-3-response-rate.html
See more
8/21/2016 • 51 minutes, 28 seconds Defensive Security Podcast Episode 167 http://www.csoonline.com/article/3101863/security/report-only-3-percent-of-u-s-companies-pay-attackers-after-ransomware-infections.html http://www.bankinfosecurity.com/fed-reserve-a-9282 http://www.tripwire.com/state-of-security/featured/does-dropping-malicious-usb-sticks-really-work-yes-worryingly-well/ http://arstechnica.com/security/2016/08/frequent-password-changes-are-the-enemy-of-security-ftc-technologist-says/ http://spectrum.ieee.org/tech-talk/telecom/security/nigerian-scammers-infect-themselves-with-own-malware-revealing-new-wirewire-fraud-scheme http://www.csoonline.com/article/3106076/data-protection/disable-wpad-now-or-have-your-accounts-and-private-data-compromised.html http://fortune.com/2016/08/12/delta-airlines-outages/
See more
8/14/2016 • 1 hour, 2 minutes, 46 seconds Defensive Security Podcast Episode 166 http://www.bankinfosecurity.com/report-new-york-fed-fumbled-cyber-heist-response-a-9281 http://motherboard.vice.com/read/ransomware-gang-claims-fortune-500-company-hired-them-to-hack-the-competition http://www.lexology.com/library/detail.aspx?g=d0f4e774-6c6a-4783-b993-4f165f1dcc7e
See more
7/25/2016 • 48 minutes, 19 seconds Defensive Security Podcast Episode 165 Tiaracon: http://tiaracon.org/ http://www.cbc.ca/news/technology/antivirus-software-1.3668746 http://www.csoonline.com/article/3089439/business-continuity/9-critical-controls-for-todays-threats.html http://www.bankinfosecurity.com/interviews/heartbleed-update-america-vulnerable-i-3242 http://www.bankinfosecurity.com/blogs/av-wars-sophos-vs-cylance-p-2172 http://www.reuters.com/article/us-cyber-fdic-china-idUSKCN0ZT20M http://blog.talosintel.com/2016/07/ranscam.html
See more
7/17/2016 • 57 minutes, 34 seconds Defensive Security Podcast Episode 164 http://blog.erratasec.com/2016/06/etheriumdao-hack-similfied.html#.V3BKyvkrJhE http://www.zdnet.com/article/cvss-scores-are-not-enough-for-modern-security/ http://www.crn.com/news/security/300081157/sophos-slams-cylance-in-blog-post-as-market-for-endpoint-security-heats-up.htm?itc=refresh
See more
6/30/2016 • 1 hour, 2 minutes, 56 seconds Defensive Security Podcast Episode 163 http://www.darkreading.com/vulnerabilities—threats/windows-badtunnel-attack-hijacks-network-traffic/d/d-id/1325875 http://krebsonsecurity.com/2016/06/adobe-update-plugs-flash-player-zero-day/ http://krebsonsecurity.com/2016/06/banks-credit-card-breach-at-cicis-pizza/ http://ieee-security.org/TC/SP2016/papers/0824a018.pdf https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/ https://www.washingtonpost.com/world/national-security/guccifer-20-claims-credit-for-dnc-hack/2016/06/15/abdcdf48-3366-11e6-8ff7-7b6c1998b7a0_story.html http://fox4kc.com/2016/06/15/platte-county-commissioners-give-treasurer-one-week-to-repay-funds-lost-to-email-scam/ http://www.abc.net.au/news/2016-06-18/software-legal-battle-could-put-sa-patients’-safety/7522934
See more
6/20/2016 • 1 hour, 30 seconds Defensive Security Podcast Episode 162 https://threatpost.com/teamviewer-denies-hack-blames-password-reuse-for-compromises/118427/ http://www.businessinsurance.com/article/20160602/NEWS06/160609935/chubb-p-f-changs-federal-insurance-co-cybersecurity-by-chubb-credit http://www.csoonline.com/article/3075385/backup-recovery/will-your-backups-protect-you-against-ransomware.html#jump http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html#jump http://venturebeat.com/2016/06/04/federal-reserve-bank-was-hacked-more-than-50-times-between-2011-and-2015/ http://www.csoonline.com/article/3075758/data-breach/up-to-a-dozen-banks-are-reportedly-investigating-potential-swift-breaches.html#jump http://www.theregister.co.uk/2016/06/03/swift_threatens_insecure_bank_suspensions/
See more
6/5/2016 • 50 minutes, 37 seconds Defensive Security Podcast Episode 161 Vote for us! https://www.surveymonkey.com/r/secbloggerwards2016 http://www.csoonline.com/article/3071337/cyber-attacks-espionage/cybercriminals-are-increasingly-embracing-a-sophisticated-business-model-approach.html#tk.rss_all https://www.yahoo.com/news/special-report-cyber-thieves-exploit-banks-faith-swift-052100312–finance.html?ref=gs http://www.securityweek.com/google-soon-kill-sslv3-rc4-support-gmail https://threatpost.com/microsoft-warns-of-sneaky-new-macro-trick/118227/ http://www.networkworld.com/article/3073495/security/kansas-heart-hospital-hit-with-ransomware-paid-but-attackers-demanded-2nd-ransom.html
See more
5/23/2016 • 33 minutes, 22 seconds Defensive Security Podcast Episode 160 http://www.bankinfosecurity.com/researcher-hacks-symantecs-av-via-email-a-9109 http://www.v3.co.uk/v3-uk/news/2457773/hackers-exploiting-six-year-old-sap-software-flaw-warns-us-cert http://arstechnica.com/security/2016/05/1b-bangladesh-heist-officials-say-swift-technicians-left-bank-vulnerable/ http://www.csoonline.com/article/3069502/data-breach/malware-attacks-on-two-banks-have-links-with-2014-sony-pictures-hack.html https://www.surveymonkey.com/r/secbloggerwards2016
See more
5/18/2016 • 58 minutes, 40 seconds Defensive Security Podcast Episode 159 http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/ https://blog.osvdb.org/2016/04/27/a-note-on-the-verizon-dbir-2016-vulnerabilities-claims/
See more
5/2/2016 • 1 hour, 27 minutes, 5 seconds Defensive Security Podcast Episode 158 http://baesystemsai.blogspot.nl/2016/04/two-bytes-to-951m.html https://threatpost.com/bangladesh-bank-hackers-accessed-swift-system-to-steal-cover-tracks/117637/ http://www.csoonline.com/article/3061229/fraud/swift-banking-network-warns-customers-of-cyberfraud-cases.html http://www.theregister.co.uk/2016/04/22/i_hacked_facebook_and_found_someone_had_beaten_me_to_it/
See more
4/28/2016 • 41 minutes, 55 seconds Defensive Security Podcast Episode 157 https://www.helpnetsecurity.com/2016/04/15/eu-data-protection-rules/ http://pastebin.com/raw/0SNSvyjJ https://threatpost.com/apple-deprecates-quick-time-for-windows-wont-patch-new-flaws/117427/ http://www.welivesecurity.com/2016/04/13/medical-data-breach-leads-record-cash-settlement/
See more
4/19/2016 • 46 minutes, 50 seconds Defensive Security Podcast Episode 156 https://offensivetechblog.wordpress.com/2016/03/29/systems-admins-we-need-to-talk/ http://m.sfgate.com/business/technology/article/Hackers-broke-into-hospitals-despite-software-7229722.php http://www.wired.co.uk/news/archive/2016-04/06/panama-papers-mossack-fonseca-website-security-problems http://arstechnica.com/security/2016/04/ok-panic-newly-evolved-ransomware-is-bad-news-for-everyone/
See more
4/13/2016 • 51 minutes, 33 seconds Defensive Security Podcast Episode 155 https://www.cooley.com/california-attorney-general-2016-data-breach-report http://www.csoonline.com/article/3049392/security/chinese-scammers-take-mattel-to-the-bank-phishing-them-for-3-million.html http://www.oreilly.com/security/newsletter http://conferences.oreilly.com/security/network-data-security-ny
See more
4/5/2016 • 1 hour, 36 seconds Defensive Security Podcast Episode 154 https://threatpost.com/apt-attackers-flying-more-false-flags-than-ever/116814/ http://www.csoonline.com/article/3048334/security/verizons-breach-experts-missed-one-right-under-their-noses.html http://www.wsj.com/articles/hackers-in-bangladesh-bank-account-heist-part-of-larger-breach-1458582678 http://krebsonsecurity.com/2016/03/hospital-declares-internet-state-of-emergency-after-ransomware-infection/
See more
3/29/2016 • 39 minutes, 29 seconds Defensive Security Podcast Episode 153 http://www.csoonline.com/article/3043975/security/compromised-data-goes-public-as-staminus-recovers-from-attack.html#tk.rss_all http://www.darkreading.com/endpoint/patch-management-still-plagues-enterprise/d/d-id/1324615 http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/ http://arstechnica.com/security/2016/03/a-typo-costs-bank-hackers-nearly-1b/ http://www.cnet.com/news/home-depot-offers-19m-to-settle-customers-hacking-lawsuit/
See more
3/15/2016 • 48 minutes, 9 seconds Defensive Security Podcast Episode 152 http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf?_ga=1.157194172.685877305.1433735448 https://blog.agilebits.com/2015/06/17/1password-inter-process-communication-discussion/ http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest_xg_en.pdf
See more
3/7/2016 • 1 hour, 35 seconds Defensive Security Podcast Episode 151 http://www.databreachtoday.com/anthem-breach-lessons-one-year-later-a-8897 http://www.dw.com/en/hackers-hold-german-hospital-data-hostage/a-19076030 http://krebsonsecurity.com/2016/02/breached-credit-union-comes-out-of-its-shell/ http://arstechnica.com/security/2016/02/hackers-did-indeed-cause-ukrainian-power-outage-us-report-concludes/
See more
2/28/2016 • 39 minutes, 39 seconds Defensive Security Podcast Episode 150 http://www.scmagazineuk.com/russian-bank-licences-revoked-for-using-hackers-to-withdraw-funds/article/474464/ http://arstechnica.com/security/2016/02/hospital-pays-17k-for-ransomware-crypto-key/ http://news.softpedia.com/news/us-school-agrees-to-pay-8-500-to-get-rid-of-ransomware-500684.shtml http://www.scmagazineuk.com/44-of-ransomware-victims-in-the-uk-have-paid-to-recover-their-data/article/475426/ http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
See more
2/25/2016 • 46 minutes, 47 seconds Defensive Security Podcast Episode 149 http://www.tripwire.com/state-of-security/latest-security-news/cisco-patches-critical-asa-ike-buffer-overflow-vulnerability/ http://www.securityweek.com/we-cant-give-preventing-breaches http://www.csoonline.com/article/3033160/security/ransomware-takes-hollywood-hospital-offline-36m-demanded-by-attackers.html http://arstechnica.com/security/2016/02/clever-bank-hack-allowed-crooks-to-make-unlimited-atm-withdrawals/
See more
2/16/2016 • 49 minutes, 55 seconds Defensive Security Podcast Episode 148 http://www.theregister.co.uk/2016/02/04/norse_corp_ceo_fired/ http://www.secureworks.com/resources/blog/ransomware-used-as-a-distraction/ http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/ http://mobile.reuters.com/article/idUSKCN0VD14X http://www.csoonline.com/article/3025787/security/defending-against-insider-security-threats-hangs-on-trust.html http://www.securityforrealpeople.com/2016/02/poor-ux-leads-to-poorly-secured-soho.html
See more
2/11/2016 • 57 minutes, 14 seconds Defensive Security Podcast Episode 147 Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/tickets/ http://www.theregister.co.uk/2016/01/28/nsas_top_hacking_boss_explains_how_to_protect_your_network_from_his_minions/?page=1 https://www.youtube.com/watch?v=bDJb8WOJYdA http://krebsonsecurity.com/2016/01/sources-security-firm-norse-corp-imploding/ http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/
See more
2/1/2016 • 42 minutes, 24 seconds Defensive Security Podcast Episode 146 https://blog.malwarebytes.org/intelligence/2016/01/draft-lechiffre-a-manually-run-ransomware/ http://www.tripwire.com/state-of-security/security-data-protection/boeing-supplier-hacked-claims-55-million-worth-of-damage-as-stock-price-falls/ http://krebsonsecurity.com/2016/01/firm-sues-cyber-insurer-over-480k-loss/ http://shawnetuma.com/2016/01/08/supervalu-data-breach-class-action-dismissed-for-lack-of-harm/ Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/tickets/
See more
1/27/2016 • 39 minutes, 49 seconds Defensive Security Podcast Episode 145 http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/ http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/ http://www.csoonline.com/article/3021774/security/trend-micro-flaw-could-have-allowed-attacker-to-steal-all-passwords.html
See more
1/21/2016 • 36 minutes, 10 seconds Defensive Security Podcast Episode 144 http://www.welivesecurity.com/2016/01/03/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry/ http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html http://www.databreaches.net/191-million-voters-personal-info-exposed-by-misconfigured-database/ http://darkmatters.norsecorp.com/2015/12/28/the-cybersecurity-information-sharing-act-cisa-passed/
See more
1/3/2016 • 42 minutes, 36 seconds Defensive Security Podcast Episode 143 This is our 2015 holiday episode with the Brakeing Down Security and PVC Security podcasts.
See more
1/3/2016 • 1 hour, 21 minutes, 37 seconds Defensive Security Podcast Episode 142 https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html http://www.csoonline.com/article/3012443/security/how-the-nsa-uses-behavior-analytics-to-detect-threats.html#tk.rss_all http://www.databreachtoday.com/wyndham-agrees-to-settle-ftc-breach-case-a-8737 https://technet.microsoft.com/en-us/library/security/ms15-127.aspx https://www.reddit.com/r/sysadmin/comments/3wa8rl/early_warning_system_for_cryptowall_crypto_canary/
See more
12/13/2015 • 43 minutes, 11 seconds Defensive Security Podcast Episode 141 http://www.zdnet.com/article/vtech-hack-gets-worse-kids-photos-chat-logs-also-stolen/ http://krebsonsecurity.com/2015/12/dhs-giving-firms-free-penetration-tests/ http://www.csoonline.com/article/3011580/data-protection/insurance-companies-will-crack-down-on-cyber-security-in-2016-report.html http://www.forbes.com/sites/joannabelbey/2015/11/30/7-tips-from-the-fbi-to-prepare-your-firm-for-a-cyber-attack/
See more
12/6/2015 • 46 minutes, 48 seconds Defensive Security Podcast Episode 140 http://krebsonsecurity.com/2015/11/breach-at-it-automation-firm-landesk/ http://www.slate.com/articles/technology/users/2015/11/sony_employees_on_the_hack_one_year_later.html http://www.csoonline.com/article/3006816/cyber-attacks-espionage/damballa-finds-tools-related-to-the-malware-that-hit-sony.html http://www.databreachtoday.com/interviews/what-jpmorgan-chase-breach-teaches-us-i-2982 http://www.healthcaredive.com/news/ftc-data-breach-case-dismissal-raises-bar-for-demonstrating-consumer-harm/409634/
See more
11/26/2015 • 44 minutes, 41 seconds Defensive Security Podcast Episode 139 http://www.bloomberg.com/news/articles/2015-11-10/hackers-accused-by-u-s-of-targeting-top-banks-mutual-funds http://www.trust.org/item/20151113203615-j3cyu http://krebsonsecurity.com/2015/11/jpmorgan-hackers-breached-anti-fraud-vendor-g2-web-services/#more-32855 http://consumerist.com/2015/11/13/lack-of-windows-3-1-technicians-causes-traffic-backup-at-french-airport/ http://securityaffairs.co/wordpress/41950/cyber-crime/fakben-ransomware-as-a-service.html
See more
11/16/2015 • 46 minutes, 20 seconds Defensive Security Podcast Episode 138 http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/ http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/ http://www.theregister.co.uk/2015/11/02/pagefair_malware_snare_scare_in_halloween_hack_of_adblocker_blocker/ http://www.infosecurity-magazine.com/news/it-personnel-are-the-riskiest/
See more
11/8/2015 • 55 minutes, 3 seconds Defensive Security Podcast Episode 137 http://blog.erratasec.com/2015/10/dumb-dumber-and-cybersecurity.html http://www.businessinsider.com/talktalk-didnt-use-encryption-hack-protect-4-million-customer-details-2015-10 https://grahamcluley.com/2015/10/talktalk-hacked-silly-ask-data-encrypted/ http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/ http://www.securityweek.com/hacking-impact-short-lived-sony-boss https://threatpost.com/european-aviation-agency-warns-of-aircraft-hacking/114987/
See more
10/26/2015 • 38 minutes, 28 seconds Defensive Security Podcast Episode 136 http://www.threatconnect.com/threat-intelligence-driven-risk-analysis/http://www.theregister.co.uk/2015/10/15/inside_mandiants_biggest_forensics_breach_battle_is_this_anthem/http://www.theregister.co.uk/2015/10/16/dow_jones_denies_russian_hackers_plundered_its_servers_for_insider_trading_tips/http://m.nextgov.com/cybersecurity/2015/10/opm-fully-do-away-passwords-network-access-2-years/122768/
See more
10/21/2015 • 51 minutes, 15 seconds Defensive Security Podcast Episode 135 tp://www.databreachtoday.com/report-usps-workers-vulnerable-to-phishing-scams-a-8579 http://krebsonsecurity.com/2015/10/at-experian-security-attrition-amid-acquisitions/#more-32501 http://www.databreachtoday.com/etrade-dow-jones-issue-breach-alerts-a-8586 http://www.bankinfosecurity.asia/blogs/cyber-insurance-primer-for-insurers-insured-p-1946 http://www.csoonline.com/article/2990471/social-engineering/near-flawless-social-engineering-attack-spoiled-by-single-flaw.html#tk.rss_all
See more
10/13/2015 • 54 minutes, 48 seconds Defensive Security Podcast Episode 134 http://arstechnica.com/security/2015/10/patreon-was-warned-of-serious-website-flaw-5-days-before-it-was-hacked/ http://www.scmagazine.com/sec-hits-security-adviser-with-75000-penalty-in-breach-settlement/article/440268/ http://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/ http://www.wired.com/2015/10/hack-brief-hackers-steal-15m-t-mobile-customers-data-experian/ http://time.com/4056928/trump-hotels-hacked/ http://fortune.com/2015/10/02/american-bankers-association-breach/
See more
10/5/2015 • 37 minutes, 46 seconds Defensive Security Podcast Episode 133 http://www.pvcsec.com/ http://brakeingsecurity.com/
See more
9/30/2015 • 1 hour, 7 minutes, 12 seconds Defensive Security Podcast Episode 132 http://www.thenationaltriallawyers.org/2015/09/standing-neiman-marcus-data-breach/ http://krebsonsecurity.com/2015/09/bidding-for-breaches-redefining-targeted-attacks/ http://www.miltonstart.com/blog/2015/09/22/morgan-stanley-employee-pleads-guilty-in-data-breach-case/
See more
9/29/2015 • 1 hour, 16 minutes, 4 seconds Defensive Security Podcast Episode 131 http://www.bizjournals.com/atlanta/blog/atlantech/2015/09/atlantas-bitpay-got-hacked-for-1-8-million-in.html http://www.securityweek.com/excellus-data-breach-impacts-10-million http://www.databreachtoday.com/attacks-on-insurers-lessons-learned-a-8530 http://federalnewsradio.com/cybersecurity/2015/09/us-certs-dos-and-donts-for-after-the-cyber-hack/ http://www.theguardian.com/technology/2015/sep/10/cyber-threat-data-manipulation-us-intelligence-chief http://www.csoonline.com/article/2984543/vulnerabilities/as-containers-take-off-so-do-security-concerns.html
See more
9/21/2015 • 1 hour, 4 minutes, 47 seconds Defensive Security Podcast Episode 130 http://www.theregister.co.uk/2015/09/04/mozilla_firefox_bugzilla_leak/ http://darkmatters.norsecorp.com/2015/09/03/four-non-technical-measures-for-mitigating-insidious-insiders/ http://arstechnica.com/tech-policy/2015/08/ftc-can-sue-companies-with-poor-information-security-appeals-court-says/ https://nakedsecurity.sophos.com/2015/09/02/microsoft-word-intruder-revealed-inside-a-malware-construction-kit/ http://www.securityweek.com/executive-it-security-problem-lessons-learned-hillary-clinton
See more
9/12/2015 • 1 hour, 5 minutes, 56 seconds Defensive Security Podcast Episode 129 http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/security-reverse-engineering-and-eulas/ http://arstechnica.com/security/2015/08/my-browser-visited-drudgereport-and-all-i-got-was-this-lousy-malware/ http://arstechnica.com/security/2015/08/attackers-actively-exploit-windows-bug-that-uses-usb-sticks-to-infect-pcs/ http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapware/ http://socialmedia.umich.edu/blog/hacked/
See more
8/25/2015 • 42 minutes, 28 seconds Defensive Security Podcast Episode 128 8/25/2015 • 29 minutes, 36 seconds Defensive Security Podcast Episode 127 http://resources.infosecinstitute.com/can-user-awareness-really-prevent-spear-phishing/ http://www.net-security.org/secworld.php?id=18702 http://link.springer.com/article/10.1007/s12290-015-0355-5/fulltext.html
See more
8/11/2015 • 1 hour, 56 seconds Defensive Security Podcast Episode 126 http://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/ http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/phishing-up-74-in-q2-2015-reveals-infoblox-dns-threat-index/ http://blog.trendmicro.com/trendlabs-security-intelligence/angler-exploit-kit-used-to-find-and-infect-pos-systems/ http://www.welivesecurity.com/2015/07/28/new-report-explains-gulf-security-experts-non-experts/
See more
8/3/2015 • 1 hour, 18 minutes, 15 seconds Defensive Security Podcast Episode 125 http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/ http://www.mcafee.com/us/resources/reports/rp-aspen-holding-line-cyberthreats.pdf http://arstechnica.com/tech-policy/2015/07/obama-administration-decides-not-to-blame-china-publicly-for-opm-hack/ http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/
See more
7/27/2015 • 44 minutes, 32 seconds Defensive Security Podcast Episode 124 http://arstechnica.com/tech-policy/2015/07/hacking-teams-surveillance-software-sold-to-kgb-successor/ http://arstechnica.com/security/2015/07/hackingteams-evil-android-app-had-code-to-bypass-google-play-screening/ http://www.scmagazine.com/ios-devices-dont-have-to-be-jailbroken-for-spyware-sold-by-hacking-team-to-be-installed/article/426137/ https://krebsonsecurity.com/2015/07/hacking-team-used-spammer-tricks-to-resurrect-spy-network/ http://www.scmagazine.com/fireeye-intern-morgan-culbertson-arrested-in-darkode-bust/article/427139/2/ http://erpscan.com/wp-content/themes/supercms/Publications/Chinese_attack_on_USIS_using_SAP_vulnerability_Detailed_review_and_comments.pdf
See more
7/19/2015 • 53 minutes, 26 seconds Defensive Security Podcast Episode 123 http://labs.bromium.com/2015/07/10/government-grade-malware-a-look-at-hackingteams-rat/ http://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/ https://www.tenable.com/blog/lessons-to-learn-from-the-opm-breach http://arstechnica.com/tech-policy/2015/07/opm-director-resigns-after-news-that-hack-affected-21-5-million-people/ http://www.ffiec.gov/cyberassessmenttool.htm
See more
7/13/2015 • 53 minutes, 37 seconds Defensive Security Podcast Episode 122 http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/ & http://www.csoonline.com/article/2945200/vulnerabilities/adobe-to-patch-flash-0-day-created-by-hacking-team.html http://securityaffairs.co/wordpress/38372/cyber-crime/kins-malware-builder-leaked.html https://threatpost.com/cyber-ul-could-become-reality-under-leadership-of-hacker-mudge/113538 http://www.federaltimes.com/story/government/omr/opm-cyber-report/2015/06/23/keypoint-usis-opm-breach/28977277/
See more
7/9/2015 • 37 minutes, 8 seconds Defensive Security Podcast Episode 121 http://www.databreaches.net/fbi-cyber-division-bulletin-on-tools-reportedly-used-by-opm-hackers/ https://fortune.com/sony-hack-part-1/ http://www.csoonline.com/article/2938310/data-protection/lieberman-mandiant-and-verizon-wrong-on-unstoppable-threats.html http://www.itworld.com/article/2939255/windows/the-us-navys-warfare-systems-command-just-paid-millions-to-stay-on-windows-xp.html
See more
6/30/2015 • 51 minutes, 27 seconds Defensive Security Podcast Episode 120 http://www.bankinfosecurity.com/blogs/did-fisma-facilitate-opm-hack-p-1879/op-1 http://www.csoonline.com/article/2936723/data-breach/user-error-is-an-expected-business-problem.html http://www.databreachtoday.com/blogs/post-malware-outbreak-rip-replace-p-1877 http://www.csoonline.com/article/2936615/data-breach/6-breaches-lessons-reminders-and-potential-ways-to-prevent-them.html http://www.nytimes.com/2015/06/17/sports/baseball/st-louis-cardinals-hack-astros-fbi.html
See more
6/23/2015 • 53 minutes, 2 seconds Defensive Security Podcast Episode 119 http://www.theregister.co.uk/2015/05/28/cottage_healthcare_system_sued/ http://arstechnica.com/security/2015/06/report-hack-of-government-employee-records-discovered-by-product-demo/ http://www.reddit.com/r/netsec/comments/36obxt/what_i_know_about_us_export_controls_and_hacking/ http://www.bis.doc.gov/index.php/policy-guidance/faqs http://www.wired.com/2015/06/kaspersky-finds-new-nation-state-attack-network/
See more
6/15/2015 • 51 minutes, 38 seconds Defensive Security Podcast Episode 118 http://www.symantec.com/connect/fr/blogs/check-your-sources-trojanized-open-source-ssh-software-used-steal-information https://nakedsecurity.sophos.com/2015/05/21/anatomy-of-a-logjam-another-tls-vulnerability-and-what-to-do-about-it/ http://krebsonsecurity.com/2015/05/carefirst-blue-cross-breach-hits-1-1m/ http://www.forbes.com/sites/thomasbrewster/2015/05/20/guns-bombs-hacking-cars-and-planes-dangerous-tweets-for-a-security-researcher/
See more
5/27/2015 • 59 minutes, 9 seconds Defensive Security Podcast Episode 117 http://www.computerworld.com/article/2918406/cybercrime-hacking/cybercriminals-borrow-from-apt-playbook-in-attacking-pos-vendors.html http://www.welivesecurity.com/2015/05/12/5-practical-tips-avoid-ransomware-email/ http://www.zdnet.com/article/what-causes-enterprise-data-breaches-the-terrible-complexity-and-fragility-of-our-it-systems/ http://www.computing.co.uk/ctg/news/2408602/venom-security-vulnerability-allows-hackers-to-infiltrate-networks-via-the-cloud http://arstechnica.com/security/2015/05/penn-state-severs-engineering-network-after-incredibly-serious-intrusion/
See more
5/18/2015 • 1 hour, 4 minutes, 44 seconds Defensive Security Podcast Episode 116 John’s book: http://www.amazon.com/Offensive-Countermeasures-Art-Active-Defense/dp/1491065966/ref=sr_1_1?ie=UTF8&qid=1431313328&sr=8-1&keywords=active+defense
See more
5/11/2015 • 42 minutes, 33 seconds Defensive Security Podcast Episode 115 http://www.wsj.com/articles/five-simple-steps-to-protect-corporate-data-1429499477 http://www.politico.com/story/2015/04/sony-hackers-fake-emails-117200.html http://www.japantimes.co.jp/news/2015/04/21/national/tepcos-frugality-rapped-after-48000-pcs-found-running-windows-xp/ http://www.darkreading.com/attacks-breaches/zero-day-malvertising-attack-went-undetected-for-two-months/d/d-id/1320092 http://www.csoonline.com/article/2913884/access-control/credit-card-terminals-have-used-same-password-since-1990s-claim-researchers.html#tk.rss_all
See more
4/28/2015 • 53 minutes, 19 seconds Defensive Security Podcast Episode 114 http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigation-report-2015_en_xg.pdf http://arstechnica.com/security/2015/04/researcher-who-joked-about-hacking-a-jet-plane-barred-from-united-flight/
See more
4/20/2015 • 59 minutes, 44 seconds Defensive Security Podcast Episode 113 http://arstechnica.com/tech-policy/2015/04/police-chief-paying-the-bitcoin-ransom-was-the-last-resort/ http://www.computerworld.com/article/2907088/russian-hackers-accessed-white-house-email.html http://www.darkreading.com/endpoint/so-you-dont-believe-in-security-education-/a/d-id/1319793? – my post regarding this: https://www.maliciouslink.com/applying-science-to-cyber-security/ http://www.reuters.com/article/2015/04/07/us-cybersecurity-americas-idUSKBN0MY06Z20150407
See more
4/12/2015 • 46 minutes, 34 seconds Defensive Security Podcast Episode 112 HTCIA conference: http://www.htciaconference.org http://www.databreachtoday.com/new-malware-attacks-prey-on-banks-a-8076 http://www.databreachtoday.com/cyber-attacks-target-energy-firms-a-8068/op-1 http://www.techworld.com/news/security/removing-admin-rights-would-ease-97-percent-of-critical-microsoft-flaws-3605895/ http://www.ffiec.gov/press/pr033015.htm http://www.csoonline.com/article/2905682/data-breach/employees-have-no-qualms-in-selling-corporate-passwords.html
See more
4/7/2015 • 49 minutes, 4 seconds Defensive Security Podcast Episode 111 High Tech Crime Investigation Association Conference: http://www.htciaconference.org http://www.databreachtoday.com/pci-issues-penetration-test-guidance-a-8056 http://arstechnica.com/security/2015/03/github-battles-largest-ddos-in-sites-history-targeted-at-anti-censorship-tools/
See more
3/31/2015 • 39 minutes, 46 seconds Defensive Security Podcast Episode 110 http://www.infoworld.com/article/2898658/security/premera-anthem-data-breaches-linked-by-similar-hacking-tactics.html http://www.theregister.co.uk/2015/03/23/premera_healthcare_hipaa/ http://arstechnica.com/security/2015/03/all-four-major-browsers-take-a-stomping-at-pwn2own-hacking-competition/ http://www.csoonline.com/article/2898128/disaster-recovery/godaddy-accounts-vulnerable-to-social-engineering-and-photoshop.html http://blog.norsecorp.com/2015/03/23/bitwhisper-breaching-air-gapped-systems-via-thermal-manipulation/ http://rt.com/news/243397-canada-cyber-spying-snowden/ http://www.dailydot.com/technology/michael-hamelin-legacy-encryption-death/
See more
3/25/2015 • 52 minutes, 15 seconds Defensive Security Podcast Episode 109 http://www.firstcoastnews.com/story/news/local/2015/03/09/cyber-thieves-target-orange-park-bank/24682713/ https://blogs.mcafee.com/mcafee-labs/targeted-attack-campaign-indian-organizations-continues-exploits-focused-national-events http://mobile.esecurityplanet.com/network-security/pci-compliance-still-a-challenge-verizon.html http://www.zdnet.com/article/feds-hot-on-the-trail-of-jpmorgan-hackers/ http://www.pnj.com/story/news/2015/03/16/sacred-heart-health-system-billing-information-hacked/24859975/
See more
3/18/2015 • 42 minutes, 45 seconds Defensive Security Podcast Episode 108 http://arstechnica.com/security/2015/03/ubers-epic-db-blunder-is-hardly-an-exception-github-is-awash-in-passwords/ http://www.csoonline.com/article/2892417/security-awareness/5-steps-to-incorporate-threat-intelligence-into-your-security-awareness-program.html http://www.csoonline.com/article/2892327/malware-cybercrime/driveby-attack-relies-on-hacked-godaddy-accounts.html#tk.rss_all http://www.csoonline.com/article/2889850/security/insurance-firm-staysure-fined-175000-for-unbelievable-credit-card-hack.html#tk.rss_all http://www.huffingtonpost.com/2015/03/04/clinton-ran-own-computer-_n_6797824.html http://www.theguardian.com/us-news/2015/mar/08/clinton-double-standard-on-email-scott-gration
See more
3/10/2015 • 54 minutes, 38 seconds Defensive Security Podcast Episode 107 http://www.bloomberg.com/news/articles/2015-02-19/morgan-stanley-probe-said-to-examine-whether-adviser-got-hacked http://gizmodo.com/state-department-computer-systems-hit-by-hackers-1659549503/1686899463/+chris-mills http://www.theregister.co.uk/2015/02/25/gemalto_everythings_fine_security_industry_hang_on_a_minute/ https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf http://www.csoonline.com/article/2887930/network-security/how-better-log-monitoring-can-prevent-data-breaches.html
See more
3/1/2015 • 43 minutes, 45 seconds Defensive Security Podcast Episode 106 http://training.pcisecuritystandards.org/pci-ssc-bulletin-on-impending-revisions-to-pci-dss-pa-dss-assessor http://www.theguardian.com/technology/2015/feb/05/company-loses-17m-in-email-scam http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=0 http://www.group-ib.com/files/Anunak_APT_against_financial_institutions.pdf http://arstechnica.com/security/2015/02/pwned-in-7-seconds-hackers-use-flash-and-ie-to-target-forbes-visitors/ http://www.csoonline.com/article/2883248/data-protection/zero-days-last-up-to-six-months-for-some-malware.html#tk.rss_all http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/
See more
2/16/2015 • 58 minutes, 59 seconds Defensive Security Podcast Episode 105 http://www.techworld.com/news/security/dating-site-topface-pays-hacker-who-stole-20-million-credentials-3596333/ http://www.securityweek.com/disconnected-security-increases-risk http://www.csoonline.com/article/2879444/data-breach/hack-to-cost-sony-35-million-in-it-repairs.html http://www.csoonline.com/article/2879655/malware-cybercrime/malicious-advertisements-on-major-sites-compromised-many-computers.html http://www.csoonline.com/article/2880095/cyber-attacks-espionage/crowdstrike-demonstrates-how-attackers-wiped-the-data-from-the-machines-at-sony.html http://www.huffingtonpost.com/2015/02/06/anthem-hackers-december_n_6634440.html
See more
2/9/2015 • 55 minutes, 5 seconds Defensive Security Podcast Episode 104 http://www.scmagazine.com/travelers-accuses-web-firm-of-shoddy-practices/article/394588/ https://www.htbridge.com/blog/ransomweb_emerging_website_threat.html http://blogs.gartner.com/anton-chuvakin/2015/01/28/defeat-the-casual-attacker-first/ http://www.csoonline.com/article/2876310/security-leadership/7-ideas-for-security-leaders.html http://blog.erratasec.com/2015/01/some-notes-on-ghost.html
See more
2/1/2015 • 45 minutes, 9 seconds Defensive Security Podcast Episode 103 http://www.abc.net.au/pm/content/2015/s4164603.htm http://breakingbits.net/2015/01/18/taking-over-godaddy-accounts-using-csrf/ http://recode.net/2015/01/20/heres-what-helped-sonys-hackers-break-in-zero-day-vulnerability/ http://www.darkreading.com/attacks-breaches/nsa-report-how-to-defend-against-destructive-malware/d/d-id/1318734 http://www.databreachtoday.com/court-rules-in-favor-breached-retailer-a-7822 http://www.csoonline.com/article/2872329/data-breach/6-biggest-business-security-risks-and-how-you-can-fight-back.html#tk.rss_all http://www.csoonline.com/article/2871922/malware-cybercrime/gap-between-perception-and-reality-of-cyberthreats-widened-in-2015.html#tk.rss_all
See more
1/26/2015 • 56 minutes, 51 seconds Defensive Security Podcast Episode 102 http://www.darkreading.com/a-lot-of-security-purchases-remain-shelfware/d/d-id/1318648 http://arstechnica.com/information-technology/2015/01/google-drops-more-windows-0-days-somethings-gotta-give/ http://www.eweek.com/security/effective-computer-security-means-covering-all-your-bases.html http://krebsonsecurity.com/2015/01/park-n-fly-onestopparking-confirm-breaches/ http://www.databreachtoday.com/report-mercenaries-behind-apt-attacks-a-7806 http://www.zdnet.com/article/new-report-the-dhs-is-a-mess-of-cybersecurity-incompetence/
See more
1/19/2015 • 54 minutes, 38 seconds Defensive Security Podcast Episode 101 http://www.wsj.com/articles/puzzle-forms-in-morgan-stanley-data-breach-1420590326 http://www.economist.com/news/leaders/21637390-states-should-police-corporate-cyber-security-more-toughlybut-react-breaches-cautiously-losing http://www.securityweek.com/google-discloses-new-unpatched-windows-81-privilege-escalation-flaw http://www.cultofmac.com/308478/confidential-apple-product-plans-quanta/ http://www.networkworld.com/article/2867565/microsoft-subnet/hackers-dump-over-30-000-confidential-client-emails-after-bank-refuses-to-pay-ransom.html
See more
1/15/2015 • 39 minutes, 50 seconds Defensive Security Podcast Episode 100 http://www.darkreading.com/attacks-breaches/long-running-cyberattacks-become-the-norm/d/d-id/1318392 http://www.hotforsecurity.com/blog/top-10-data-breaches-of-2014-lessons-learned-for-a-safer-2015-11101.html http://www.net-security.org/secworld.php?id=17784 http://m.healthcareitnews.com/news/phi-485k-swiped-usps-data-breach http://www.databreachtoday.com/breach-prevention-5-lessons-learned-a-7757/op-1 http://www.securityweek.com/morgan-stanley-fires-employee-stealing-client-data
See more
1/7/2015 • 51 minutes, 18 seconds Defensive Security Podcast Episode 99 https://securityledger.com/2014/12/new-clues-in-sony-hack-point-to-insiders-away-from-dprk/http://www.databreachtoday.com/blogs/6-sony-breach-lessons-we-must-learn-p-1786 http://www.theregister.co.uk/2014/12/26/isc_org_hacked/ http://www.darkreading.com/attackers-leverage-it-tools-as-cover-/d/d-id/1318365 http://www.theregister.co.uk/2014/12/23/jpmorgan_breach_probe_latest/ https://www.maliciouslink.com/jpmc-is-getting-off-easy/
See more
12/30/2014 • 53 minutes, 12 seconds Defensive Security Podcast Episode 98 http://www.bizjournals.com/atlanta/news/2014/12/19/home-depot-data-breach-forces-community-banks-to.html?ana=twt http://www.itworld.com/article/2861675/cyberattack-on-german-steel-factory-causes-massive-damage.html http://www.csoonline.com/article/2860737/social-engineering/icann-targeted-by-spear-phishing-attack-several-systems-impacted.html#tk.rss_all http://gizmodo.com/sony-execs-knew-about-extensive-it-flaws-two-months-bef-1670203774 http://for.tn/1x7xPTe
See more
12/23/2014 • 1 hour, 1 minute, 44 seconds Defensive Security Podcast Episode 97 12/19/2014 • 1 hour, 26 minutes, 30 seconds Defensive Security Podcast Episode 96 http://www.cio.com/article/2439324/risk-management/your-guide-to-good-enough-compliance.html https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack/ http://recode.net/2014/12/07/sony-describes-hack-attack-as-unprecedented/ http://www.theregister.co.uk/2014/12/08/kaspersky_deets_on_sony_malware/ http://securelist.com/blog/research/67985/destover/ https://www.bluecoat.com/security-blog/2014-12-04/custom-sony-malware-indicates-previous-knowledge
See more
12/9/2014 • 1 hour, 8 minutes, 27 seconds Defensive Security Podcast Episode 95 http://www.welivesecurity.com/2014/11/25/craigslist-redirected-prank-site-via-dns-hijack/ https://nakedsecurity.sophos.com/2014/11/28/syrian-electronic-army-returns-with-thanksgiving-press-hack/ http://www.theregister.co.uk/2014/12/02/us_parking_garage_breach/ http://arstechnica.com/security/2014/12/critical-networks-in-us-15-nations-completely-owned-by-iran-backed-hackers/ http://www.wired.com/2014/12/sony-hack-what-we-know/
See more
12/4/2014 • 49 minutes, 44 seconds Defensive Security Podcast Episode 94 http://rt.com/usa/206663-detroit-bitcoin-ransom-database/ http://www.databreachtoday.com/fdic-what-to-expect-in-new-guidance-a-7596/op-1 http://blog.cobaltstrike.com/2014/11/12/adversary-simulation-becomes-a-thing/ http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
See more
11/25/2014 • 48 minutes, 25 seconds Defensive Security Podcast Episode 93 http://www.securityweek.com/postal-service-suspends-telecommuting-vpn-access-breach-investigation-continues http://www.browserstack.com/attack-and-downtime-on-9-November http://www.techweekeurope.co.uk/security/hotel-wifi-hacked-executives-kaspersky-155165 http://www.washingtonpost.com/world/national-security/state-department-shuts-down-its-e-mail-system-amid-concerns-about-hacking/2014/11/16/92cf0722-4815-41ca-b602-9bfe8ecdb256_story.html http://www.securityweek.com/security-operations-what-your-signal-noise-ratio
See more
11/18/2014 • 53 minutes, 10 seconds Defensive Security Podcast Episode 92 http://www.securityweek.com/nc-dermatology-center-discovers-hacked-server-two-years-after-attack http://krebsonsecurity.com/2014/11/home-depot-hackers-stole-53m-email-addreses/ http://www.csoonline.com/article/2842532/data-breach/6-things-we-learned-from-this-years-security-breaches.html http://www.net-security.org/article.php?id=2156
See more
11/11/2014 • 54 minutes, 43 seconds Defensive Security Podcast Episode 91 http://news.yahoo.com/j-p-morgan-found-hackers-breach-corporate-event-010203954–sector.html http://www.scmagazine.com/research-helps-companies-determine-if-theyve-suffered-data-leaks/article/380063/ http://www.darkreading.com/attacks-breaches/drupal-attacks-started-within-hours-of-patch-release/d/d-id/1317145 http://www.bankinfosecurity.com/home-depot-breach-cost-cus-60-million-a-7504/op-1 http://www.bankinfosecurity.com/phishing-attack-leads-to-bank-breach-a-7502
See more
11/4/2014 • 41 minutes, 8 seconds Defensive Security Podcast Episode 90 http://www.darkreading.com/operations/10-things-it-probably-doesnt-know-about-cyber-insurance/d/d-id/1316862 http://www.csoonline.com/article/2838025/data-protection/disaster-as-cryptowall-encrypts-us-firms-entire-server-installation.html#tk.rss_all http://www.csoonline.com/article/2836568/data-breach/fraudulent-activity-is-first-hint-of-a-staples-data-breach.html#tk.rss_all http://www.csoonline.com/article/2836843/data-breach/pci-compliance-under-scrutiny-following-big-data-breaches.html#tk.rss_all http://sfspodcast.libsyn.com/episode-145-the-interview-episode-feat-hackingdave-selenakyle
See more
10/28/2014 • 49 minutes, 16 seconds Defensive Security Podcast Episode 89 http://www.healthcareitnews.com/news/hipaa-breach-letters-go-out-after-email-hack https://blog.gdatasoftware.com/blog/article/new-frameworkpos-variant-exfiltrates-data-via-dns-requests.html http://www.zdnet.com/average-company-now-attacked-every-four-days-with-no-end-to-the-cybercrime-wave-in-sight-7000034755/ http://arstechnica.com/security/2014/10/ghost-in-the-bourne-again-shell-fallout-of-shellshock-far-from-over/ http://www.databreachtoday.com/defending-against-government-intrusions-a-7452
See more
10/21/2014 • 1 hour, 21 seconds Defensive Security Podcast Episode 88 https://www.imperialviolet.org/2014/10/14/poodle.html http://www.cnbc.com/id/102070655 https://www.nsslabs.com/blog/all%E2%80%99s-well-ends-well http://www.csoonline.com/article/2692415/data-protection/an-inside-look-at-russian-cybercriminals.html#tk.rss_all http://krebsonsecurity.com/2014/10/signed-malware-is-expensive-oops-for-hp/ http://krebsonsecurity.com/2014/10/dairy-queen-confirms-breach-at-395-stores/ http://krebsonsecurity.com/2014/10/malware-based-credit-card-breach-at-kmart/#comments
See more
10/16/2014 • 56 minutes, 23 seconds Defensive Security Podcast Episode 87 Derbycon Videos: http://www.irongeek.com/i.php?page=videos/derbycon4/mainlist http://www.tripwire.com/state-of-security/top-security-stories/att-discovers-second-insider-breach-this-year/ http://www.zdnet.com/yahoo-confirms-servers-infected-but-not-by-shellshock-7000034411/ http://www.futuresouth.us/wordpress/?p=32 http://www.theregister.co.uk/2014/10/05/report_says_russians_behind_jpmorgan_chase_cyber_attack/ http://nakedsecurity.sophos.com/2014/10/06/badusb-now-with-do-it-yourself-instructions/ http://hackaday.com/2014/10/05/badusb-means-were-all-screwed/ http://www.csoonline.com/article/2689609/network-security/threat-intelligence-firm-mistakes-research-for-nation-state-attack.html#tk.rss_all Lacie the security dog:
See more
10/8/2014 • 52 minutes, 36 seconds Defensive Security Podcast Episode 86 http://www.zdnet.com/shellshock-makes-heartbleed-look-insignificant-7000034143/ https://www.maliciouslink.com/post-traumatic-vulnerability-disorder/
See more
9/30/2014 • 38 minutes, 32 seconds Defensive Security Podcast Episode 85 http://arstechnica.com/tech-policy/2014/09/senior-it-worker-at-top-tech-law-firm-arrested-for-insider-trading/ http://www.finextra.com/news/fullstory.aspx?newsitemid=26446 http://arstechnica.com/security/2014/09/home-depots-former-security-architect-had-history-of-techno-sabotage/ http://www.nytimes.com/2014/09/20/business/ex-employees-say-home-depot-left-data-vulnerable.html http://online.wsj.com/articles/fraudulent-transactions-surface-in-wake-of-home-depot-breach-1411506081 http://risky.biz/RB337_notes http://www.csoonline.com/article/2686453/security/malicious-advertisements-distributed-by-doubleclick-zedo-networks.html Http://www.reddit.com/r/AskNetsec/comments/2h0dtu/what_are_your_recommended_resources_for/ckopv80
See more
9/24/2014 • 1 hour, 6 minutes, 4 seconds Defensive Security Podcast Episode 84 http://www.businessweek.com/articles/2014-09-11/home-depot-hack-malware-points-to-different-hackers-than-targets http://www.csoonline.com/article/2605857/security-awareness/successful-security-awareness-programs-hold-employees-hands-to-the-fire-in.html http://www.networkworld.com/article/2604411/security0/ernst-and-young-accused-by-canadian-used-computer-dealer-of-data-breach.html http://www.cyber-security-blog.com/2013/08/Responding-to-a-Domain-Admin-Account-Compromise-Bootstrapping-Trust-A-Billion-Dollar-Cyber-Security-Problem.html http://digital-forensics.sans.org/blog/2013/06/20/overview-of-microsofts-best-practices-for-securing-active-directory
See more
9/16/2014 • 59 minutes, 42 seconds Defensive Security Podcast Episode 83 [1] http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/ [2a] http://nakedsecurity.sophos.com/2014/04/18/pci-dss-whats-new-in-v3-0/ [2b] https://www.pcisecuritystandards.org/documents/DSS_and_PA-DSS_Change_Highlights.pdf [3] http://news.techworld.com/security/3543504/phishing-emails-fool-most-employees-but-is-this-their-problem-or-emails/ [4] https://www.nccgroup.com/en/blog/2014/09/phishing-all-you-need-is-one/ [5] http://hackerhurricane.blogspot.com/2014/09/infosec-industry-partly-responsible-for.html?m=1
See more
9/9/2014 • 1 hour, 10 minutes, 39 seconds Defensive Security Podcast Episode 82 http://www.databreachtoday.com/buying-cyber-insurance-5-tips-a-7250 http://www.csoonline.com/article/2600212/data-protection/why-russian-hackers-are-beating-us.html http://www.aorato.com/labs/report/untold-story-target-attack-step-step/ http://www.csoonline.com/article/2599257/network-security/security-council-blames-breaches-on-poor-pci-standard-support.html#tk.rss_all
See more
9/5/2014 • 1 hour, 2 seconds Defensive Security Podcast Episode 81 http://www.csoonline.com/article/2466084/data-protection/community-health-systems-blames-china-for-recent-data-breach.html http://www.csoonline.com/article/2466726/data-protection/heartbleed-to-blame-for-community-health-systems-breach.html http://www.csoonline.com/article/2597389/data-protection/more-problems-emerge-on-the-community-health-systems-network.html http://www.securityweek.com/secret-service-over-1000-business-infected-backoff-point-sale-malware http://nakedsecurity.sophos.com/2014/08/22/the-ups-store-breach-what-went-wrong-and-what-ups-got-right
See more
Defensive Security Podcast Episode 80 [1] Recovering from a hacked website [2] Albertson’s and Supervalu hacked [3] VNC everywhere!!!! [4] HTTPS as a solution to network injection appliances [5] Tennessee company sues its bank to recover stolen money [6] 7 places to check for signs of a targeted attack in your network =================== [1] http://blog.soundidea.co.za/articles/Your_websites_been_hacked_now_what-378.html [2] http://money.cnn.com/2014/08/15/technology/security/albertsons-supervalu-hack/index.html [3] http://www.forbes.com/sites/kashmirhill/2014/08/13/so-many-pwns/ [4] http://www.theregister.co.uk/2014/08/16/time_to_ditch_http_state_network_injection_attacks_documented_in_the_wild/ [5] http://krebsonsecurity.com/2014/08/tenn-utility-sues-bank-over-327k-cyberheist/ [6] http://blog.trendmicro.com/trendlabs-security-intelligence/7-places-to-check-for-signs-of-a-targeted-attack-in-your-network/
See more
8/19/2014 • 1 hour, 2 minutes, 45 seconds Defensive Security Podcast Episode 79 [1] Cisco’s mid-year report [2] Poorly trained IT workers pose a risk to organizations [3] Cyber security should be professionalized [4] How hackers are using Google to steal data’ [5] PCI creates a check-box mentality [6] Gamma’s ownage detailed on pastebin [7] 1.2 Billion passwords, Russians and controversy Web Site | Subscribe in iTunes | Podcast RSS Feed | Twitter | Email [1] … Continue reading Defensive Security Podcast Episode 79 →
See more
Defensive Security Podcast Episode 78 Web Site | Subscribe in iTunes | Podcast RSS Feed | Twitter | Email [1] Researchers to demonstrate attacks by reprogramming firmware of commodity USB devices [2] Survey find that enterprises are not paying attention to 3rd party risks, despite recent headlines [3] Ransomware attack failed thanks to security awareness training [4] Stubhub defrauded out of $1.6M using stolen passwords of … Continue reading Defensive Security Podcast Episode 78 →
See more
8/5/2014 • 1 hour, 8 minutes, 25 seconds Defensive Security Podcast Episode 77 Russians steal the NASDAQ; Importance of AV in incident response; Report finds poor security communication between staff and executives; Microsoft recommends reusing weak passwords; Government malware found being used by criminals; Don’t use security as an excuse to resist the cloud. Subscribe in iTunes | Podcast RSS Feed | Twitter | Email http://www.businessweek.com/printer/articles/213544-how-russian-hackers-stole-the-nasdaq http://www.bankinfosecurity.com/nasdaq-hack-attribution-questioned-a-7080 http://blogs.technet.com/b/neilcar/archive/2009/11/23/incident-response-the-importance-of-anti-virus.aspx http://searchsecurity.techtarget.com/news/2240224785/Report-finds-poor-security-communication-among-executives http://www.darknet.org.uk/2014/07/microsoft-says-re-use-passwords-across-sites/ http://www.sentinel-labs.com/wp-content/uploads/2014/07/Sentinel-Labs-Intelligence-Report_0714.pdf http://images.infoworld.com/d/cloud-computing/sorry-cloud-resisters-control-does-not-equal-security-246386?source=rss_security
See more
7/22/2014 • 58 minutes, 51 seconds Defensive Security Podcast Episode 76 A question from Bob on Active Directory; 67 percent of critical infrastructure providers were breached last year; Malware coming from shipping scanners; It’s the end of the road for Windows Server 2003; Details emerge on the Boeing hack; Testing your APT response plan; Revamping your insider threat program; Beware of computers in hotel business centers. … Continue reading Defensive Security Podcast Episode 76 →
See more
7/17/2014 • 54 minutes, 55 seconds Defensive Security Podcast Episode 75 SEC investigating breached companies; How companies can rebuild trust after a security breach; Preparing your company for a ransom attack; BAE retracts the story on hedge fund hack; Hackers compromising businesses via 3rd parties and remote access. Subscribe in iTunes | Podcast RSS Feed | Twitter | Email http://www.sfgate.com/business/article/Hacked-companies-face-SEC-scrutiny-over-5596541.php http://www.forbes.com/sites/katevinton/2014/07/01/how-companies-can-rebuild-trust-after-a-security-breach/ http://akamai.infoworld.com/d/security/prepare-yourself-high-stakes-cyber-ransom-245320 http://www.theregister.co.uk/2014/07/03/bae_retracts_hedge_fund_hack_allegation/ http://www.computerworld.com/s/article/9249516/Hackers_hit_more_businesses_through_remote_access_accounts
See more
7/8/2014 • 45 minutes, 14 seconds Defensive Security Podcast Episode 74 Advice from Bob; Airport breaches and the apparently misguided priorities of security pros; Hospitals are leaking data; Attackers hack legitimate downloads to deliver industrial control malware; Listener mail. Subscribe in iTunes | Podcast RSS Feed | Twitter | Email http://www.csoonline.com/article/2378585/data-protection/airport-breach-a-sign-for-it-industry-to-think-security-not-money.html http://www.wired.com/2014/06/hospital-networks-leaking-data/ http://arstechnica.com/security/2014/06/attackers-poison-legitimate-apps-to-infect-sensitive-industrial-control-systems/ http://www.coso.org/documents/COSOKRIPaperFull-FINALforWebPostingDec110_000.pdf
See more
7/1/2014 • 1 hour, 5 minutes, 17 seconds Defensive Security Podcast Episode 73 Advice from Bob; Acoustical covert communication channel; Researchers recreate some NSA spy tools based on catalog descriptions; Why cyber insurance is such a mess; Code Spaces hacked out of business; Reuters defaced by the Syrian Electronic Army; Aviva hacked by Heartbleed bug, or was it? Subscribe in iTunes | Podcast RSS Feed | Twitter | Email http://www.tripwire.com/state-of-security/top-security-stories/covert-acoustical-mesh-networks-present-new-attack-vector/ http://www.theregister.co.uk/2014/06/19/hackers_reverseengineer_nsa_spying_devices_using_offtheshelf_parts/ http://www.slate.com/articles/technology/future_tense/2014/06/target_breach_cyberinsurance_is_a_mess.html http://www.cnbc.com/id/101770396 https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761 … Continue reading Defensive Security Podcast Episode 73 →
See more
6/25/2014 • 1 hour, 5 minutes, 18 seconds Defensive Security Podcast Episode 72 New Logo!; Dominos has 600k records stolen and held for ransome; Undisclosed number of customer records are stolen from ATT by employees of a vendor; PF Changs confirms credit card breach; Stratfor forensic report leaks; Feedly hit by DDOS attack, doesn’t pay ransom and gets it again; Inland Empire Colleges emails 35000 records to the … Continue reading Defensive Security Podcast Episode 72 →
See more
6/18/2014 • 53 minutes, 18 seconds Defensive Security Podcast Episode 71 Advice from Bob; SEC asks public companies to disclose more breaches; 230k IPMI devices found in Internet scan; PF Changs may have been hacked; Building network security to fail; 5 lessons from companies that get security right; Advice in responding to Anonymous threats; Bank of England announces assessment framework; Target shoppers don’t seem to be … Continue reading Defensive Security Podcast Episode 71 →
See more
6/11/2014 • 57 minutes, 6 seconds Defensive Security Podcast Episode 70 Privileged user security; FTC holding companies to a mysterious security standard; Information overload; business users bypass IT and go straight to the cloud. Subscribe in iTunes | Podcast RSS Feed | Twitter | Email http://www.trustedcs.com/resources/whitepapers/Ponemon-RaytheonPrivilegedUserAbuseResearchReport.pdf http://www.computing.co.uk/ctg/news/2345362/businesses-risk-data-breaches-due-to-confusion-over-privileged-user-information-security http://www.networkworld.com/news/2014/053014-companies-should-already-know-how-282091.html http://www.networkworld.com/research/2014/052914-information-overload-finding-signals-in-282019.html http://www.networkworld.com/news/2014/052714-business-users-bypass-it-and-281911.html
See more
6/4/2014 • 1 hour, 2 minutes, 55 seconds