https://media.blubrry.com/1463551/content.blubrry.com/1463551/defensive_security_podcast_episode_252.mp3Podcast: Play in new window | Download | EmbedSubscribe: RSShttps://www.bankinfosecurity.com/capital-one-must-turn-over-mandiant-forensics-report-a-14352 https://www.databreachtoday.com/insider-threat-lessons-from-3-incidents-a-14312 https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/
https://media.blubrry.com/1463551/content.blubrry.com/1463551/Defensive-security-podcast-episode-188.mp3Podcast: Play in new window | Download | EmbedSubscribe: RSShttps://arstechnica.com/security/2017/04/purported-shadow-brokers-0days-were-in-fact-killed-by-mysterious-patch/ https://www.bleepingcomputer.com/news/security/former-sysadmin-accused-of-planting-time-bomb-in-companys-database/ http://www.computerworld.com/article/3189059/security/what-prevents-breaches-process-technology-or-people-one-answer-is-pc-and-one-is-right.html http://www.csoonline.com/article/3187422/network-security/report-30-of-malware-is-zero-day-missed-by-legacy-antivirus.amp.html How Hackers Hijacked a Bank’s Entire Online Operation http://news.softpedia.com/news/two-laptops-with-hong-kong-s-3-7-million-voters-data-stolen-514346.shtml Threat Brief: Credential Theft – The Keystone of the Shamoon 2 Attacks
https://media.blubrry.com/1463551/content.blubrry.com/1463551/defensive-security-podcast-episode-183.mp3Podcast: Play in new window | Download | EmbedSubscribe: RSShttps://arstechnica.com/information-technology/2017/01/antivirus-is-bad/?amp=1 http://www.darkreading.com/risk/7-tips-for-getting-your-security-budget-approved/d/d-id/1328004 https://www.asd.gov.au/publications/protect/essential-eight-explained.htm http://www.csoonline.com/article/3163068/application-development/how-to-secure-active-directory.html https://securosis.com/mobile/tidal-forces-software-as-a-service-is-the-new-back-office/full
https://media.blubrry.com/1463551/content.blubrry.com/1463551/defensive-security-podcast-episode-51.mp3Podcast: Play in new window | Download | EmbedSubscribe: RSSBob’s wisdom for the week; Learning from the Target breach; Question: given the massive Target breach, the Neiman Marcus breach and rumors of 6 other significant retailers being breached, assuming Target and others were complying with PCI rules, what will be the PCI council’s response? AWS … Continue reading Defensive Security Podcast Episode 51→
https://media.blubrry.com/1463551/content.blubrry.com/1463551/defensive-security-podcast-episode-17.mp3Podcast: Play in new window | Download | EmbedSubscribe: RSSThis week: Twitter warns news agencies of attacks and to use dedicated PCs for using twitter, the US department of Labor website was compromised and serving up an 0day for IE8, 18 12-13 year olds in Alaska socially engineered passwords for 300 computers out of their … Continue reading Defensive Security Podcast Episode 17→
Bruce Schneier recently wrote a blog post about the value of security training on Dark Reading that is a bit provocative. Similar to the comments Dave Aitel made last year, Bruce asserts that money spent on education is more useful if spent elsewhere on improving security. I both strongly agree and disagree with this position. … Continue reading The Usefulness of Security Education→