Filtrer par genre
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
- 443 - Defensive Security Podcast Episode 270Mon, 06 Feb 2023 - 46min
- 442 - Defensive Security Podcast Episode 269https://www.bleepingcomputer.com/news/security/cosmicstrand-uefi-malware-found-in-gigabyte-asus-motherboards/
https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/
https://www.techcircle.in/2022/07/31/paytm-mall-refutes-cyber-breach-report-says-users-data-safeSun, 31 Jul 2022 - 21min - 441 - Defensive Security Podcast Episode 268
Stories:
https://www.scmagazine.com/feature/incident-response/why-solarwinds-just-may-be-one-of-the-most-secure-software-companies-in-the-tech-universe
https://www.computerweekly.com/news/252522789/Log4Shell-on-its-way-to-becoming-endemic
https://www.bleepingcomputer.com/news/security/hackers-impersonate-cybersecurity-firms-in-callback-phishing-attacks/
https://www.cybersecuritydive.com/news/microsoft-rollback-macro-blocking-office/627004/
jerry: [00:00:00] All right, here we go today. Sunday, July 17th. 2022. And this is episode 268. Of the defensive security podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kellett.
Andy: Hello, Jerry. How are you, sir?
jerry: great. How are you doing?
Andy: I’m doing good. I see nobody else can see it, but I see this amazing background that you’ve done with your studio and all sorts of cool pictures. Did you take those.
jerry: I It did not take those. They are straight off Amazon actually. It’s.
jerry: I’ll have to post the picture at some [00:01:00] point, but the pictures are actually sound absorbing panels.
Andy: Wow. I there’s jokes. I’m not going to make them, but anyway, I’m doing great. Good to see ya..
jerry: Awesome. Just a reminder that the thoughts and opinions we express on the show are ours and do not represent those of our employers. But as you are apt to point out, they could be for the right price.
Andy: That’s true. That’s true. And that, and by the way, what that really means is you’re not going to change our opinions. You’re just going to to hire them.
jerry: Correct. right. Sponsor our existing opinions.
Andy: Someday that’ll work.
jerry: All right. So we have some interesting stories today. The first one comes from SC magazine dot com. The title is why solar winds just might be one of the most secure software companies. In the tech universe.
Andy: It’s a pretty interesting one. I went into this a little.
Andy: Cynical. But there’s a lot of [00:02:00] really interesting stuff in here.
jerry: Yeah there, there is, I think
jerry: What I found interesting. A couple of things. One is very obvious. That this is a. Planted attempt to get back into the good graces of the it world. But at the same time, It is very clear that they have made some pretty significant improvements in their security posture. And I think for that, it deserves a.
jerry: A discussion.
Andy: Yeah, not only improvements, but they’re also.
Andy: Having these strong appearance of transparency and sharing lessons learned. Which we appreciate.
jerry: Correct. The one thing that I so we’ll get into it a little bit, but they still don’t really tell you. How. The thing happened.
Andy: Aliens.
jerry: Obviously it was aliens. They did tell you what happened. And so in the. Article here they describe this the [00:03:00] CISO of solar winds describes that the attack didn’t actually. Change their code base. So the attack wasn’t against their code repository. It was actually against one of their build systems.
jerry: And so they were the adversary here. Was injecting code. At build time, basically. So it wasn’t something that they could detect through code reviews. It was actually being added as part of the build proc...Sun, 17 Jul 2022 - 32min - 440 - Defensive Security Podcast Episode 267
Defensive Security Podcast Episode 267
Links:
https://www.justice.gov/opa/pr/aerojet-rocketdyne-agrees-pay-9-million-resolve-false-claims-act-allegations-cybersecurity
https://us-cert.cisa.gov/ncas/alerts/aa22-187a
https://www.zdnet.com/article/these-are-the-cybersecurity-threats-of-tomorrow-that-you-should-be-thinking-about-today/
jerry: [00:00:00] Alright, here we go. Today is Sunday, July 10th, 2022. And this is episode 267 of the defensive security podcast. My name is Jerry Bell and joining me tonight as always. Is Mr. Andrew Kellett.
Andy: Good evening, Jerry, how are you? Good, sir.
jerry: I’m doing great. How are you doing?
Andy: I’m good man. It’s hot and steamy in Atlanta. Tell you that much.
jerry: Yeah. I ‘ve been back for a month from my beach place. And I think today’s the first day that we’ve not had a heat advisory. [00:01:00]
Andy: Yeah, that’s crazy.
jerry: which it has been brutally hot here.
Andy: Now, when you say beach place, you might have to be more specific, cause you’ve got one like seven beach houses now.
jerry: Well, the Southern most beach house. Yes.
Andy: Yeah. One is the Chateau. One’s technically a compound.
jerry: One’s an island,
Andy: that’s.
Andy: We’re going to have to probably name them because. They’re tough to keep straight.
jerry: They definitely are. Yup.
Andy: But, I, for one. Appreciate your new land barronness activities. And look forward to.
Andy: Jerry Landia being launched and seceding from the United States.
jerry: Hell. Yeah. That’s right.
Andy: I’ll start applying for citizenship whenever I can.
jerry: Good plan. Good plan. All right. A reminder. We should probably already said this, but the thoughts and opinions we expressed on the show are ours and do not represent those of our employers.
Andy: But for enough money, they could
jerry: yeah. Everything is negotiable. [00:02:00] All right. Couple of really interesting stories crossed my desk. Recently and the first one comes from the US department of justice of all places. And the title here is Aerojet , Rocketdyne agrees to pay $9 million to resolve false claims act allegations.
jerry: Of cybersecurity violations in federal government contracts. So the story here is that there’s this act, as you could probably tell by the title called the false claims act that permits an employee of a company who specifically does business with the US government to Sue the company under the false claims act claiming that the company is misrepresenting itself in the execution of its contracts. And if that [00:03:00] lawsuit is successful, the person making the allegation, basically it’s a whistleblower kind of arrangement. The person making the allegation gets a cut of the settlement. And so in this particular case the whistleblower received $2.61 million dollars of the $9 million.
Andy: Wow. So his company. In theory was lying on their security controls. And he found out about it or knew about it. And was a whistleblower. About it is getting 2.61 million.
jerry: Correct. Correct.
Andy: Have to go check everything in my company. I’ll be right back.
jerry: I’m guessing that his lawyers will probably take about 2 million of the 2.61, but, Hey, it’s still.
jerry: still. money, right?
Andy: That’s crazy. It reminds me, it’s probably a lot of our listeners are too young for this, but.Sun, 10 Jul 2022 - 35min - 439 - Defensive Security Podcast Episode 266https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html
https://thehackernews.com/2022/06/conti-leaks-reveal-ransomware-gangs.html?m=1
https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/
https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896Sun, 12 Jun 2022 - 31min - 438 - Defensive Security Podcast Episode 265Google Exposes Initial Access Broker Ties With Ransomware Actors (bankinfosecurity.com)
Okta says hundreds of companies impacted by security breach | TechCrunch
Okta: “We made a mistake” delaying the Lapsus$ hack disclosure (bleepingcomputer.com)
Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code | TechCrunch
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction – Microsoft Security Blog
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica
President Biden Signs into Law the Cyber Incident Reporting Act (natlawreview.com)
SEC Proposes Rules On Cybersecurity Risk Management, Strategy, Governance, And Incident Disclosure By Public Companies – Technology – United States (mondaq.com)Sun, 27 Mar 2022 - 56min - 437 - Defensive Security Podcast Episode 264Adafruit discloses data leak from ex-employee’s GitHub repo (bleepingcomputer.com)
Malware now using NVIDIA’s stolen code signing certificates (bleepingcomputer.com)
NSA report: This is how you should be securing your network | ZDNet
Sun, 13 Mar 2022 - 30min - 436 - Defensive Security Podcast Episode 263https://www.govinfosecurity.com/data-breach-exposes-booking-details-19-million-customers-a-18505
https://www.helpnetsecurity.com/2022/02/11/cloud-security-training/
https://www.bankinfosecurity.com/massive-breach-hits-500-e-commerce-sites-a-18492
https://www.darkreading.com/cloud/linux-malware-on-the-rise-including-illicit-use-of-cobalt-strike
https://www.darkreading.com/attacks-breaches/google-cuts-account-compromises-in-half-with-simple-changeSun, 20 Feb 2022 - 39min - 435 - Defensive Security Podcast Episode 226 redux
https://www.tripwire.com/state-of-security/security-data-protection/bec-as-a-service-offers-hacked-business-accounts-for-as-little-as-150/
https://www.bleepingcomputer.com/news/security/ic3-issues-alert-regarding-remote-desktop-protocol-rdp-attacks/
https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/
https://www.youtube.com/watch?v=lwHW_W1KbK4&feature=youtu.beMon, 08 Oct 2018 - 1h 00min - 434 - Defensive Security Podcast Episode 218
https://www.zdnet.com/article/wannacry-ransomware-crisis-one-year-on-are-we-ready-for-the-next-global-cyber-attack/
https://www.zdnet.com/article/enterprise-vulnerability-management-as-effective-as-random-chance/
https://www.zdnet.com/article/enterprise-codebases-plagued-by-open-source-vulnerabilities/
https://www.databreachtoday.com/nuance-communications-breach-affected-45000-patients-a-11002Mon, 28 May 2018 - 52min - 433 - Defensive Security Podcast Episode 217
https://www.csoonline.com/article/3262168/ransomware/customers-describe-the-impact-of-the-allscripts-ransomware-attack.html
https://www.infosecurity-magazine.com/news/atlanta-city-splurges-27m/
https://arstechnica.com/information-technology/2018/04/insecure-rsa-conference-app-leaked-attendee-data/
https://www.wired.com/story/inside-the-unnerving-supply-chain-attack-that-corrupted-ccleaner/Tue, 24 Apr 2018 - 44min - 432 - Defensive Security Podcast Episode 216Sat, 21 Apr 2018 - 52min
- 431 - Defensive Security Podcast Episode 215
https://www.bankinfosecurity.com/nj-ag-smacks-practice-hefty-fine-for-vendor-breach-a-10774
https://www.bankinfosecurity.com/panera-bread-data-leak-persisted-for-eight-months-a-10760
http://www.eweek.com/security/best-buy-delta-sears-hit-by-third-party-chat-widget-breach
http://www.baltimoresun.com/news/maryland/crime/bs-md-ci-hack-folo-20180328-story.htmlFri, 13 Apr 2018 - 51min - 430 - Defensive Security Podcast Episode 214
https://www.csoonline.com/article/3265024/privacy/are-you-letting-gdpr-s-privacy-rules-trump-security.html
http://www.zdnet.com/article/doj-indicts-iranian-hackers-for-stealing-data-from-144-us-universities/
https://www.databreachtoday.com/report-guccifer-20-unmasked-at-last-a-10737
https://www.databreachtoday.com/expedias-orbitz-suspects-880000-payment-cards-stolen-a-10729
https://www.csoonline.com/article/3266364/security/samsam-group-deletes-atlantas-contact-portal-after-the-address-goes-public.html
https://www.securityweek.com/top-vulnerabilities-exploited-cybercriminalsThu, 29 Mar 2018 - 49min - 429 - Defensive Security Podcast Episode 213
https://www.theguardian.com/business/2018/mar/14/equifax-insider-trading-data-breach-jun-ying-charged
https://gizmodo.com/us-power-company-fined-2-7-million-over-security-flaws-1823745994
https://www.csoonline.com/article/3262551/data-protection/are-your-employees-unwittingly-invalidating-your-cyber-liability-insurance.html
https://www.cisecurity.org/controls/Wed, 21 Mar 2018 - 41min - 428 - Defensive Security Podcast Episode 212
https://www.csoonline.com/article/3258817/data-breach/sec-guidance-on-it-security-would-you-report-security-risks-before-a-breach.html
http://www.zdnet.com/article/hackers-are-selling-legitimate-code-signing-certificates-to-evade-malware-detection/
http://au.news.yahoo.com/a/39380423/equifax-expects-net-200-million-in-breach-related-costs-in-2018/
http://www.eweek.com/security/crowdstrike-reveals-time-to-breakout-as-key-cyber-security-metric
https://www.securityweek.com/sophisticated-cyberspies-target-middle-east-africa-routersTue, 13 Mar 2018 - 1h 07min - 427 - Defensive Security Podcast Episode 211
https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/
https://www.cyberscoop.com/atos-olympics-hack-olympic-destroyer-malware-peyongchang/
https://www.bankinfosecurity.com/blogs/attribution-games-dont-rush-to-blame-p-2594
http://www.zdnet.com/article/meltdown-spectre-flaws-weve-found-new-attack-variants-say-researchers/
https://news.iu.edu/stories/2018/02/iub/releases/13-paper-suggests-agency-to-prevent-cyberattacks.htmlMon, 19 Feb 2018 - 45min - 426 - Defensive Security Podcast Episode 209
https://www.csoonline.com/article/3247653/data-protection/5-mistakes-ive-made-and-how-to-avoid-them.html
https://www.csoonline.com/article/3244650/disaster-recovery/why-we-continue-to-fail-lessons-learned-from-the-atlanta-airport-fiasco.html
https://www.wired.com/story/meltdown-and-spectre-patches-take-toll/Wed, 17 Jan 2018 - 1h 10min - 425 - Defensive Security Podcast Episode 262https://www.darkreading.com/edge-threat-monitor/most-common-cause-of-data-breach-in-2021-phishing-smishing-bec
https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/
https://www.csoonline.com/article/3648991/dhs-announces-the-creation-of-the-cyber-safety-review-board.html
https://www.darkreading.com/application-security/disclosure-panic-patch-can-we-do-better-Mon, 07 Feb 2022 - 39min - 424 - Defensive Security Podcast Episode 261https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
https://blog.f-secure.com/insight-from-a-large-scale-phishing-study/
https://www.darkreading.com/attacks-breaches/log4j-proved-public-disclosure-still-helps-attackers
https://www.csoonline.com/article/3647756/how-to-prioritize-and-remediate-vulnerabilities-in-the-wake-of-log4j-and-microsofts-patch-tuesday-b.htmlMon, 31 Jan 2022 - 51min - 423 - Defensive Security Podcast Episode 260https://www.csoonline.com/article/3647209/why-you-should-secure-your-embedded-server-management-interfaces.html
https://www.csoonline.com/article/3646613/cybercrime-group-elephant-beetle-lurks-inside-networks-for-months.html
https://www.zdnet.com/article/when-open-source-developers-go-bad/
https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-january-windows-server-updates/Mon, 17 Jan 2022 - 31min - 422 - Defensive Security Podcast Episode 259Mon, 03 Jan 2022 - 49min
- 421 - Defensive Security Podcast Episode 258https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/
https://arstechnica.com/gadgets/2021/07/feds-list-the-top-30-most-exploited-vulnerabilities-many-are-years-old/
https://www.securityweek.com/hospital-network-reveals-cause-2020-cyberattack
https://www.csoonline.com/article/3628331/recent-shadow-it-related-incidents-present-lessons-to-cisos.html
https://www.natlawreview.com/article/another-court-orders-production-cybersecurity-firm-s-forensic-report-data-breach
https://www.secureworld.io/industry-news/ciso-lawsuit-solarwindsSun, 15 Aug 2021 - 49min - 420 - Defensive Security Podcast Episode 257https://therecord.media/using-vms-to-hide-ransomware-attacks-is-becoming-more-popular/
https://blog.erratasec.com/2021/07/ransomware-quis-custodiet-ipsos-custodes.html?m=1
https://www.databreachtoday.com/how-mespinoza-ransomware-group-hits-targets-a-17086
https://krebsonsecurity.com/2021/07/dont-wanna-pay-ransom-gangs-test-your-backups/
https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/Sun, 25 Jul 2021 - 41min - 419 - Defensive Security Podcast Episode 256https://www.csoonline.com/article/3623760/printnightmare-vulnerability-explained-exploits-patches-and-workarounds.html#tk.rss_all
https://www.securityweek.com/continuous-updates-everything-you-need-know-about-kaseya-ransomware-attack
https://www.databreachtoday.com/kaseya-raced-to-patch-before-ransomware-disaster-a-17006Sun, 11 Jul 2021 - 42min - 418 - Defensive Security Podcast Episode 255
https://www.reuters.com/technology/us-sec-official-says-agency-has-begun-probe-cyber-breach-by-solarwinds-2021-06-21/
https://www.databreachtoday.com/cisa-firewall-rules-could-have-blunted-solarwinds-malware-a-16919
https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/
https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/Sun, 27 Jun 2021 - 40min - 417 - Defensive Security Podcast Episode 254Sun, 20 Jun 2021 - 48min
- 416 - Defensive Security Podcast Episode 253
https://www.securityinformed.com/news/intruder-research-mongodb-databases-breached-connected-internet-co-1594211095-ga-co-1594211806-ga.1594215158.html
https://www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/
https://www.csoonline.com/article/3564726/privilege-escalation-explained-why-these-flaws-are-so-valuable-to-hackers.html#tk.rss_all
https://arstechnica.com/information-technology/2020/06/theft-of-top-secret-cia-hacking-tools-was-result-of-woefully-lax-security/Wed, 15 Jul 2020 - 46min - 415 - Defensive Security Podcast Episode 252
https://www.bankinfosecurity.com/capital-one-must-turn-over-mandiant-forensics-report-a-14352
https://www.databreachtoday.com/insider-threat-lessons-from-3-incidents-a-14312
https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/Sun, 31 May 2020 - 26min - 414 - Defensive Security Podcast Episode 251
https://www.securityweek.com/recent-salt-vulnerabilities-exploited-hack-lineageos-ghost-digicert-servers
https://www.zdnet.com/article/ransomware-mentioned-in-1000-sec-filings-over-the-past-year/Mon, 04 May 2020 - 28min - 413 - Defensive Security Podcast Episode 250https://www.zdnet.com/article/dhs-cisa-companies-are-getting-hacked-even-after-patching-pulse-secure-vpns/
https://www.bankinfosecurity.com/attackers-increasingly-using-web-shells-to-create-backdoors-a-14179
https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-los-angeles-county-city-leaks-files/Sun, 03 May 2020 - 44min - 412 - Defensive Security Podcast Episode 249
https://www.tomsguide.com/news/zoom-security-privacy-woes
https://www.bankinfosecurity.com/blogs/learn-from-how-others-get-breached-equifax-edition-p-2870
https://www.zdnet.com/article/microsoft-how-one-emotet-infection-took-out-this-organizations-entire-network/
https://www.microsoft.com/security/blog/wp-content/uploads/2020/04/Case-study_Full-Operational-Shutdown.pdfSun, 05 Apr 2020 - 56min - 411 - Defensive Security Podcast Episode 248
https://www.businessinsider.com/coronavirus-apple-secrecy-work-from-home-difficult-2020-3
https://www.csoonline.com/article/3531963/8-key-security-considerations-for-protecting-remote-workers.html
https://www.zdnet.com/article/microsoft-99-9-of-compromised-accounts-did-not-use-multi-factor-authentication/Sat, 28 Mar 2020 - 56min - 410 - Defensive Security Podcast Episode 247
https://www.securityweek.com/state-sponsored-cyberspies-use-sophisticated-server-firewall-bypass-technique
https://www.zdnet.com/article/ransomware-victims-thought-their-backups-were-safe-they-were-wrong/
https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdfSun, 22 Mar 2020 - 42min - 409 - Defensive Security Podcast Episode 246
https://www.darkreading.com/risk/cybercriminals-swap-phishing-for-credential-abuse-vuln-exploits/d/d-id/1337019
https://www.businessinsider.com/phishing-scams-getting-more-sophisticated-what-to-look-out-for-2020-2#hackers-will-start-by-targeting-low-level-employees-then-moving-laterally-to-compromise-executives-accounts-1
https://krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/
https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign.pdfSun, 23 Feb 2020 - 42min - 408 - Defensive Security Podcast Episode 245
https://www.bankinfosecurity.com/judge-rules-insurer-must-pay-for-ransomware-damage-a-13673
https://www.zdnet.com/google-amp/article/new-york-state-wants-to-ban-government-agencies-from-paying-ransomware-demands/
https://www.bankinfosecurity.com/nist-drafts-guidelines-for-coping-ransomware-a-13679
https://arstechnica.com/information-technology/2020/01/dozens-of-companies-have-data-dumped-online-by-ransomware-ring-seeking-leverage/
https://www.bankinfosecurity.com/doppelpaymer-ransomware-threatens-to-dump-victims-data-a-13683Sun, 09 Feb 2020 - 33min - 407 - Defensive Security Podcast Episode 244
https://www.securityweek.com/attacker-installs-backdoor-blocks-others-exploiting-citrix-adc-vulnerability
https://www.securityweek.com/court-approves-equifax-data-breach-settlement
https://www.infosecurity-magazine.com/news/equifax-breach-settlement-could/
https://www.natlawreview.com/article/ico-issues-fine-against-national-retailer-security-failingsTue, 21 Jan 2020 - 41min - 406 - Defensive Security Podcast Episode 243
https://www.irishtimes.com/news/crime-and-law/courts/high-court/firm-being-blackmailed-by-hackers-for-6m-obtains-irish-court-injunction-1.4128069
https://inews.co.uk/inews-lifestyle/travel/travelex-hack-cyber-attack-ransomware-sodinokibi-travel-money-uk-firm-data-breach-explained-1358454
https://securityaffairs.co/wordpress/96046/hacking/microsoft-rdp-brute-force-study.html
https://www.zdnet.com/article/company-shuts-down-because-of-ransomware-leaves-300-without-jobs-just-before-holidays/Mon, 13 Jan 2020 - 34min - 405 - Defensive Security Podcast Episode 242
https://www.wwltv.com/article/news/crime/city-government-in-recovery-mode-after-cyberattack/289-514a376e-16de-4b43-9756-a30baefe4c28
https://arstechnica.com/information-technology/2019/11/hackers-paradise-louisianas-ransomware-disaster-far-from-over/
https://www.csoonline.com/article/3488816/how-a-nuclear-plant-got-hacked.htmlSat, 21 Dec 2019 - 29min - 404 - Defensive Security Podcast Episode 241https://www.bleepingcomputer.com/news/security/allied-universal-breached-by-maze-ransomware-stolen-data-leaked/
https://www.csoonline.com/article/3454443/how-a-bank-got-hacked-a-study-in-how-not-to-secure-your-networks.htmlMon, 25 Nov 2019 - 39min - 403 - Defensive Security Podcast Episode 240
https://arstechnica.com/information-technology/2019/11/breach-affecting-1-million-was-caught-only-after-hacker-maxed-out-targets-storage/
https://www.csoonline.com/article/3452747/what-you-need-to-know-about-the-new-owasp-api-security-top-10-list.html
https://www.securityweek.com/pci-dss-compliance-between-audits-declining-verizon
https://krebsonsecurity.com/2019/11/study-ransomware-data-breaches-at-hospitals-tied-to-uptick-in-fatal-heart-attacks/
Thu, 21 Nov 2019 - 58min - 402 - Defensive Security Podcast Episode 239
https://securityaffairs.co/wordpress/92484/data-breach/imperva-data-breach-2.html
https://arstechnica.com/information-technology/2019/10/the-count-of-managed-service-providers-getting-hit-with-ransomware-mounts/
https://www.zdnet.com/article/city-of-johannesburg-held-for-ransom-by-hacker-gang/Wed, 06 Nov 2019 - 31min - 401 - Defensive Security Podcast Episode 238
https://www.csoonline.com/article/3441220/marriott-data-breach-faq-how-did-it-happen-and-what-was-the-impact.html
Mon, 07 Oct 2019 - 31min - 400 - Defensive Security Podcast Episode 237Mon, 23 Sep 2019 - 25min
- 399 - Defensive Security Podcast Episode 236Sat, 15 Jun 2019 - 17min
- 398 - Defensive Security Podcast Episode 235
https://www.theregister.co.uk/2019/03/20/steffan_needham_aws_rampage_prison_sentence_voova/
https://www.zdnet.com/google-amp/article/study-shows-programmers-will-take-the-easy-way-out-and-not-implement-proper-password-security/
https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/
https://matrix.org/blog/2019/04/11/security-incident/index.htmlMon, 15 Apr 2019 - 25min - 397 - Defensive Security Podcast Episode 234
https://www.zdnet.com/article/hackers-wipe-us-servers-of-email-provider-vfemail/
https://www.securityweek.com/russian-state-sponsored-hackers-are-fastest-crowdstrike
https://www.zdnet.com/article/icann-there-is-an-ongoing-and-significant-risk-to-dns-infrastructure/
https://www.infosecurity-magazine.com/news/password-managers-no-more-secure-1/
https://www.zdnet.com/article/microsoft-do-these-things-now-to-protect-your-network/Mon, 04 Mar 2019 - 40min - 396 - Defensive Security Podcast Episode 233
https://www.securityweek.com/hackers-using-rdp-are-increasingly-using-network-tunneling-bypass-protections
https://www.zdnet.com/article/trojan-malware-is-back-and-its-the-biggest-hacking-threat-to-your-business/
https://www.csoonline.com/article/3336923/security/phishing-has-become-the-root-of-most-cyber-evil.html
https://www.darkreading.com/attacks-breaches/ransomware-attack-via-msp-locks-customers-out-of-systems/d/d-id/1333825
https://www.dlapiper.com/~/media/files/insights/publications/2019/02/dla-piper-gdpr-data-breach-survey-february-2019.pdfTue, 12 Feb 2019 - 49min - 395 - Defensive Security Podcast Episode 232
https://www.zdnet.com/article/popular-wordpress-plugin-hacked-by-angry-former-employee/
https://www.zdnet.com/article/notpetya-an-act-of-war-cyber-insurance-firm-taken-to-task-for-refusing-to-pay-out/
https://www.zdnet.com/article/employees-sacked-ceo-fined-in-singhealth-security-breach/ - https://www.zdnet.com/article/firms-fined-1m-for-singhealth-data-security-breach/
https://www.securityweek.com/new-variant-bec-seeks-divert-payroll-deposits
https://www.zdnet.com/article/oklahoma-gov-data-leak-exposes-millions-of-department-files-fbi-investigations/Tue, 22 Jan 2019 - 42min - 394 - Defensive Security Podcast Episode 231
https://lifehacker.com/why-smart-people-make-stupid-mistakes-1831503216
https://www.chicagotribune.com/business/ct-biz-tribune-publishing-malware-20181230-story,amp.html
https://www.securityweek.com/was-north-korea-wrongly-accused-ransomware-attacks
https://www.healthcareitnews.com/news/staff-lapses-and-it-system-vulnerabilities-are-key-reasons-behind-singhealth-cyberattack
https://www.nextgov.com/cybersecurity/2019/01/hhs-releases-voluntary-cybersecurity-practices-health-industry/153835/
https://www.zdnet.com/article/data-of-2-4-million-blur-password-manager-users-left-exposed-online/
https://arstechnica.com/information-technology/2018/12/iranian-phishers-bypass-2fa-protections-offered-by-yahoo-mail-and-gmail/Tue, 15 Jan 2019 - 48min - 393 - Defensive Security Podcast Episode 230
https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/
https://krebsonsecurity.com/2018/11/marriott-data-on-500-million-guests-stolen-in-4-year-breach/
https://krebsonsecurity.com/2018/12/what-the-marriott-breach-says-about-security/Tue, 04 Dec 2018 - 54min - 392 - Defensive Security Podcast Episode 229https://www.dutchnews.nl/news/2018/11/internet-con-men-ripped-off-pathe-nl-for-e19m-in-sophisticated-fraud/
https://lifehacker.com/how-password-constraints-give-you-a-false-sense-of-secu-1830564360
https://www.csoonline.com/article/3319704/data-protection/the-end-of-security-as-we-know-it.html
https://www.careersinfosecurity.com/breach-settlement-has-unusual-penalty-a-11669
https://motherboard.vice.com/en_us/article/bje8na/massive-data-leaks-keep-happening-because-big-companies-can-afford-to-lose-your-data
https://www.zdnet.com/article/city-of-valdez-alaska-admits-to-paying-off-ransomware-infection/Tue, 27 Nov 2018 - 1h 04min - 391 - Defensive Security Podcast Episode 228
https://www.zdnet.com/article/this-is-how-artificial-intelligence-will-become-weaponized-in-future-cyberattacks/
https://www.securityinfowatch.com/article/12434583/everyone-needs-to-take-responsibility-for-cybersecurity-in-the-workplace
https://www.zdnet.com/article/adobe-coldfusion-servers-under-attack-from-apt-group/
https://www.securityweek.com/troubled-waters-how-new-wave-cyber-attacks-targeting-maritime-trade
https://securityaffairs.co/wordpress/77676/malware/industrial-facilities-malware.htmlTue, 13 Nov 2018 - 46min - 390 - Defensive Security Podcast Episode 227
https://www.zdnet.com/article/equifax-engineer-who-designed-breach-portal-gets-8-months-of-house-arrest-for-insider-trading/
https://www.csoonline.com/article/3314557/security/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html
https://www.securityweek.com/insurer-anthem-will-pay-record-16m-massive-data-breach
https://blog.sucuri.net/2018/10/malicious-redirects-from-newsharecounts-com-tweet-counter.html
https://www.thinkadvisor.com/2018/09/26/sec-hits-voya-financial-advisors-with-1m-fine-over/
https://www.healthcareitnews.com/news/debunking-cybersecurity-thought-humans-are-weakest-linkTue, 30 Oct 2018 - 57min - 388 - Defensive Security Podcast Episode 225
https://motherboard.vice.com/en_us/article/pa8emg/russian-indicted-jp-morgan-chase-hack
https://www.zdnet.com/article/us-government-releases-post-mortem-report-on-equifax-hack/
https://www.zdnet.com/article/phishing-alert-north-korean-hacking-attacks-shows-your-email-is-still-the-weakest-link/
https://www.verizon.com/about/news/lifting-lid-cybercrimeSun, 09 Sep 2018 - 53min - 387 - Defensive Security Podcast Episode 224
https://www.zdnet.com/article/this-destructive-ransomware-has-made-crooks-6m-by-encrypting-data-and-backups/
https://www.bleepingcomputer.com/news/security/reddit-announces-security-breach-after-hackers-bypassed-staffs-2fa/
https://www.databreachtoday.com/art-steal-fin7s-highly-effective-phishing-a-11286
https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/Fri, 31 Aug 2018 - 43min - 386 - Defensive Security Podcast Episode 223
https://www.straitstimes.com/singapore/personal-info-of-15m-singhealth-patients-including-pm-lee-stolen-in-singapores-most
https://www.bankinfosecurity.com/labcorp-still-recovering-from-ransomware-attack-a-11235
https://www.securityweek.com/cyber-axis-evil-rewriting-cyber-kill-chain
https://arstechnica.com/information-technology/2018/07/prolific-hacking-group-steals-almost-1-million-from-russian-bank/#p3
https://www.bleepingcomputer.com/news/government/us-charges-12-russian-intelligence-officers-for-hacking-dnc-running-dcleaks/Tue, 31 Jul 2018 - 45min - 385 - Defensive Security Podcast Episode 222
https://www.csoonline.com/article/3285982/data-protection/4-reasons-why-cisos-must-think-like-developers-to-build-cybersecurity-platforms.html
https://www.csoonline.com/article/3287655/phishing/stop-training-your-employees-to-fall-for-phishing-attacks.html
https://www.bankinfosecurity.com/cryptojacking-displaces-ransomware-as-top-malware-threat-a-11165
https://wiki.gentoo.org/wiki/Project:Infrastructure/Incident_Reports/2018-06-28_GithubSun, 15 Jul 2018 - 52min - 384 - Defensive Security Podcast Episode 221
https://www.esecurityplanet.com/network-security/security-projects-cisos-should-consider-gartner.html
https://www.theregister.co.uk/2018/06/26/digitally_signed_malware/
https://www.bankinfosecurity.com/californias-new-privacy-law-its-almost-gdpr-in-us-a-11149
https://blog.erratasec.com/2018/06/lessons-from-npetya-one-year-later.htmlTue, 03 Jul 2018 - 42min - 383 - Defensive Security Podcast Episode 220
https://www.wired.com/story/exactis-database-leak-340-million-records/
https://www.helpnetsecurity.com/2018/06/19/opm-breach-fraud/
https://www.tenable.com/blog/should-you-still-prioritize-exploit-kit-vulnerabilitiesThu, 28 Jun 2018 - 40min - 382 - Defensive Security Podcast Episode 219
https://www.csoonline.com/article/3276584/ransomware/what-does-a-ransomware-attack-cost-beware-the-hidden-expenses.html
https://www.bankinfosecurity.com/mental-health-provider-pays-ransom-to-recover-data-a-11040
https://www.itbusinessedge.com/blogs/data-security/did-we-see-our-first-data-breach-of-the-gdpr-era.htmlTue, 19 Jun 2018 - 35min - 381 - Defensive Security Podcast Episode 175
http://www.securityweek.com/shadow-brokers-leaks-servers-allegedly-hacked-nsa
http://www.bankinfosecurity.com/online-ad-industry-threatened-by-security-issues-a-9488
http://m.elpasoinc.com/news/local_news/article_92e82ee0-9f84-11e6-b429-0b2b853bae0b.html?mode=jqm
http://researchcenter.paloaltonetworks.com/2016/10/unit42-psa-conference-invite-used-lure-operation-lotus-blossom-actors/Wed, 02 Nov 2016 - 1h 05min - 380 - Defensive Security Podcast Episode 174
https://threatpost.com/serious-dirty-cow-linux-vulnerability-under-attack/121448/
http://news.softpedia.com/news/hackers-steal-research-and-user-data-from-japanese-nuclear-research-lab-509380.shtml
https://www.databreaches.net/rainbow-childrens-clinic-notifies-33368-patients-of-ransomware-attack/
https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/Mon, 24 Oct 2016 - 40min - 379 - Defensive Security Podcast Episode 173
http://conferences.oreilly.com/security/network-data-security-ny/public/content/buy-one-get-one-discount
https://www.eventbrite.com/e/bsides-atlanta-2016-tickets-27895813128
http://www.cnbc.com/2016/10/14/british-banks-keep-cyber-attacks-under-wraps-to-protect-image.html
http://www.lexology.com/library/detail.aspx?g=f17c1e55-5768-4ea6-a7e6-d555c4052eef
https://www.nist.gov/news-events/news/2016/10/security-fatigue-can-cause-computer-users-feel-hopeless-and-act-recklesslySun, 16 Oct 2016 - 40min - 378 - Defensive Security Podcast Episode 172
http://cybersecurity.oxfordjournals.org/content/early/2016/08/08/cybsec.tyw001
https://www.helpnetsecurity.com/2016/09/29/risky-password-practices/
http://www.nytimes.com/2016/09/29/technology/yahoo-data-breach-hacking.html?_r=0
http://www.databreachtoday.com/blogs/yahoo-breach-great-nation-state-cop-out-p-2260
Mon, 03 Oct 2016 - 42min - 377 - Defensive Security Podcast Episode 171
http://www.csoonline.com/article/3119965/security/a-single-ransomware-network-has-pulled-in-121-million.html
https://www.sans.org/reading-room/whitepapers/dataprotection/data-breaches-prevention-practical-37267
http://www.bankinfosecurity.com/aligning-cyber-framework-organizations-strategy-goals-a-9401
http://arstechnica.com/security/2016/09/swift-fraudsters-detection-system-bangladesh-bank-heist/
http://www.bankinfosecurity.com/blogs/ransomware-victims-please-come-forward-p-2255
http://www.nytimes.com/2016/09/17/business/dealbook/wells-fargo-warned-workers-against-fake-accounts-but-they-needed-a-paycheck.htmlThu, 22 Sep 2016 - 58min - 376 - Defensive Security Podcast Episode 170
http://news.softpedia.com/news/retiring-sysadmin-fakes-cyber-attack-to-get-away-with-data-theft-507992.shtml
https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf
http://money.cnn.com/2016/09/08/investing/wells-fargo-created-phony-accounts-bank-fees/index.html
http://spectrum.ieee.org/view-from-the-valley/computing/it/facebook-engineers-crash-data-centers-in-realworld-stress-test
http://www.bloomberg.com/news/articles/2016-09-08/cisco-s-network-bugs-are-front-and-center-in-bankruptcy-fightSun, 11 Sep 2016 - 58min - 375 - Defensive Security Podcast Episode 169
http://www.csoonline.com/article/3110975/techology-business/how-do-you-measure-success-when-it-comes-to-stopping-phishing-attacks.html
http://www.databreachtoday.com/equation-group-hacking-tool-dump-5-lessons-a-9358
http://www.csoonline.com/article/3109982/security/attackers-dont-need-vulnerabilities-when-the-basics-work-just-as-well.html
http://www.securityweek.com/attacker-uses-virtual-machine-hide-malicious-activity
http://www.networkworld.com/article/3110653/security/imperva-application-layer-ddos-attacks-are-on-the-rise.html
http://arstechnica.com/security/2016/08/actively-exploited-ios-flaws-that-hijack-iphones-likely-spread-for-years/Tue, 30 Aug 2016 - 44min - 374 - Defensive Security Podcast Episode 168
https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/
http://www.extremetech.com/extreme/234031-your-guide-to-the-shadow-brokers-nsa-theft-which-puts-the-snowden-leaks-to-shame
http://phys.org/news/2016-08-people-software-percent.html
http://www.csoonline.com/article/3108025/cyber-attacks-espionage/cerber-ransomware-earns-2-3mil-with-0-3-response-rate.htmlSun, 21 Aug 2016 - 51min - 373 - Defensive Security Podcast Episode 167
http://www.csoonline.com/article/3101863/security/report-only-3-percent-of-u-s-companies-pay-attackers-after-ransomware-infections.html
http://www.bankinfosecurity.com/fed-reserve-a-9282
http://www.tripwire.com/state-of-security/featured/does-dropping-malicious-usb-sticks-really-work-yes-worryingly-well/
http://arstechnica.com/security/2016/08/frequent-password-changes-are-the-enemy-of-security-ftc-technologist-says/
http://spectrum.ieee.org/tech-talk/telecom/security/nigerian-scammers-infect-themselves-with-own-malware-revealing-new-wirewire-fraud-scheme
http://www.csoonline.com/article/3106076/data-protection/disable-wpad-now-or-have-your-accounts-and-private-data-compromised.html
http://fortune.com/2016/08/12/delta-airlines-outages/Sun, 14 Aug 2016 - 1h 02min - 372 - Defensive Security Podcast Episode 166
http://www.bankinfosecurity.com/report-new-york-fed-fumbled-cyber-heist-response-a-9281
http://motherboard.vice.com/read/ransomware-gang-claims-fortune-500-company-hired-them-to-hack-the-competition
http://www.lexology.com/library/detail.aspx?g=d0f4e774-6c6a-4783-b993-4f165f1dcc7eMon, 25 Jul 2016 - 48min - 371 - Defensive Security Podcast Episode 165
Tiaracon: http://tiaracon.org/
http://www.cbc.ca/news/technology/antivirus-software-1.3668746
http://www.csoonline.com/article/3089439/business-continuity/9-critical-controls-for-todays-threats.html
http://www.bankinfosecurity.com/interviews/heartbleed-update-america-vulnerable-i-3242
http://www.bankinfosecurity.com/blogs/av-wars-sophos-vs-cylance-p-2172
http://www.reuters.com/article/us-cyber-fdic-china-idUSKCN0ZT20M
http://blog.talosintel.com/2016/07/ranscam.htmlSun, 17 Jul 2016 - 57min - 370 - Defensive Security Podcast Episode 164
http://blog.erratasec.com/2016/06/etheriumdao-hack-similfied.html#.V3BKyvkrJhE
http://www.zdnet.com/article/cvss-scores-are-not-enough-for-modern-security/
http://www.crn.com/news/security/300081157/sophos-slams-cylance-in-blog-post-as-market-for-endpoint-security-heats-up.htm?itc=refreshThu, 30 Jun 2016 - 1h 02min - 369 - Defensive Security Podcast Episode 163
http://www.darkreading.com/vulnerabilities---threats/windows-badtunnel-attack-hijacks-network-traffic/d/d-id/1325875
http://krebsonsecurity.com/2016/06/adobe-update-plugs-flash-player-zero-day/
http://krebsonsecurity.com/2016/06/banks-credit-card-breach-at-cicis-pizza/
http://ieee-security.org/TC/SP2016/papers/0824a018.pdf
https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
https://www.washingtonpost.com/world/national-security/guccifer-20-claims-credit-for-dnc-hack/2016/06/15/abdcdf48-3366-11e6-8ff7-7b6c1998b7a0_story.html
http://fox4kc.com/2016/06/15/platte-county-commissioners-give-treasurer-one-week-to-repay-funds-lost-to-email-scam/
http://www.abc.net.au/news/2016-06-18/software-legal-battle-could-put-sa-patients'-safety/7522934Mon, 20 Jun 2016 - 1h 00min - 368 - Defensive Security Podcast Episode 162
https://threatpost.com/teamviewer-denies-hack-blames-password-reuse-for-compromises/118427/
http://www.businessinsurance.com/article/20160602/NEWS06/160609935/chubb-p-f-changs-federal-insurance-co-cybersecurity-by-chubb-credit
http://www.csoonline.com/article/3075385/backup-recovery/will-your-backups-protect-you-against-ransomware.html#jump
http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html#jump
http://venturebeat.com/2016/06/04/federal-reserve-bank-was-hacked-more-than-50-times-between-2011-and-2015/
http://www.csoonline.com/article/3075758/data-breach/up-to-a-dozen-banks-are-reportedly-investigating-potential-swift-breaches.html#jump
http://www.theregister.co.uk/2016/06/03/swift_threatens_insecure_bank_suspensions/Sun, 05 Jun 2016 - 50min - 367 - Defensive Security Podcast Episode 161
Vote for us! https://www.surveymonkey.com/r/secbloggerwards2016
http://www.csoonline.com/article/3071337/cyber-attacks-espionage/cybercriminals-are-increasingly-embracing-a-sophisticated-business-model-approach.html#tk.rss_all
https://www.yahoo.com/news/special-report-cyber-thieves-exploit-banks-faith-swift-052100312--finance.html?ref=gs
http://www.securityweek.com/google-soon-kill-sslv3-rc4-support-gmail
https://threatpost.com/microsoft-warns-of-sneaky-new-macro-trick/118227/
http://www.networkworld.com/article/3073495/security/kansas-heart-hospital-hit-with-ransomware-paid-but-attackers-demanded-2nd-ransom.htmlMon, 23 May 2016 - 33min - 366 - Defensive Security Podcast Episode 160
http://www.bankinfosecurity.com/researcher-hacks-symantecs-av-via-email-a-9109
http://www.v3.co.uk/v3-uk/news/2457773/hackers-exploiting-six-year-old-sap-software-flaw-warns-us-cert
http://arstechnica.com/security/2016/05/1b-bangladesh-heist-officials-say-swift-technicians-left-bank-vulnerable/
http://www.csoonline.com/article/3069502/data-breach/malware-attacks-on-two-banks-have-links-with-2014-sony-pictures-hack.html
https://www.surveymonkey.com/r/secbloggerwards2016Wed, 18 May 2016 - 58min - 365 - Defensive Security Podcast Episode 159
http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/
https://blog.osvdb.org/2016/04/27/a-note-on-the-verizon-dbir-2016-vulnerabilities-claims/Mon, 02 May 2016 - 1h 27min - 364 - Defensive Security Podcast Episode 158
http://baesystemsai.blogspot.nl/2016/04/two-bytes-to-951m.html
https://threatpost.com/bangladesh-bank-hackers-accessed-swift-system-to-steal-cover-tracks/117637/
http://www.csoonline.com/article/3061229/fraud/swift-banking-network-warns-customers-of-cyberfraud-cases.html
http://www.theregister.co.uk/2016/04/22/i_hacked_facebook_and_found_someone_had_beaten_me_to_it/Thu, 28 Apr 2016 - 41min - 363 - Defensive Security Podcast Episode 157
https://www.helpnetsecurity.com/2016/04/15/eu-data-protection-rules/
http://pastebin.com/raw/0SNSvyjJ
https://threatpost.com/apple-deprecates-quick-time-for-windows-wont-patch-new-flaws/117427/
http://www.welivesecurity.com/2016/04/13/medical-data-breach-leads-record-cash-settlement/Tue, 19 Apr 2016 - 46min - 362 - Defensive Security Podcast Episode 156https://offensivetechblog.wordpress.com/2016/03/29/systems-admins-we-need-to-talk/
http://m.sfgate.com/business/technology/article/Hackers-broke-into-hospitals-despite-software-7229722.php
http://www.wired.co.uk/news/archive/2016-04/06/panama-papers-mossack-fonseca-website-security-problems
http://arstechnica.com/security/2016/04/ok-panic-newly-evolved-ransomware-is-bad-news-for-everyone/Wed, 13 Apr 2016 - 51min - 361 - Defensive Security Podcast Episode 155
https://www.cooley.com/california-attorney-general-2016-data-breach-report
http://www.csoonline.com/article/3049392/security/chinese-scammers-take-mattel-to-the-bank-phishing-them-for-3-million.html
http://www.oreilly.com/security/newsletter
http://conferences.oreilly.com/security/network-data-security-nyTue, 05 Apr 2016 - 1h 00min - 360 - Defensive Security Podcast Episode 154https://threatpost.com/apt-attackers-flying-more-false-flags-than-ever/116814/
http://www.csoonline.com/article/3048334/security/verizons-breach-experts-missed-one-right-under-their-noses.html
http://www.wsj.com/articles/hackers-in-bangladesh-bank-account-heist-part-of-larger-breach-1458582678
http://krebsonsecurity.com/2016/03/hospital-declares-internet-state-of-emergency-after-ransomware-infection/Tue, 29 Mar 2016 - 39min - 359 - Defensive Security Podcast Episode 153
http://www.csoonline.com/article/3043975/security/compromised-data-goes-public-as-staminus-recovers-from-attack.html#tk.rss_all
http://www.darkreading.com/endpoint/patch-management-still-plagues-enterprise/d/d-id/1324615
http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/
http://arstechnica.com/security/2016/03/a-typo-costs-bank-hackers-nearly-1b/
http://www.cnet.com/news/home-depot-offers-19m-to-settle-customers-hacking-lawsuit/Tue, 15 Mar 2016 - 48min - 358 - Defensive Security Podcast Episode 152
http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf?_ga=1.157194172.685877305.1433735448
https://blog.agilebits.com/2015/06/17/1password-inter-process-communication-discussion/
http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest_xg_en.pdf
Mon, 07 Mar 2016 - 1h 00min - 357 - Defensive Security Podcast Episode 151
http://www.databreachtoday.com/anthem-breach-lessons-one-year-later-a-8897
http://www.dw.com/en/hackers-hold-german-hospital-data-hostage/a-19076030
http://krebsonsecurity.com/2016/02/breached-credit-union-comes-out-of-its-shell/
http://arstechnica.com/security/2016/02/hackers-did-indeed-cause-ukrainian-power-outage-us-report-concludes/Sun, 28 Feb 2016 - 39min - 356 - Defensive Security Podcast Episode 150http://www.scmagazineuk.com/russian-bank-licences-revoked-for-using-hackers-to-withdraw-funds/article/474464/
http://arstechnica.com/security/2016/02/hospital-pays-17k-for-ransomware-crypto-key/
http://news.softpedia.com/news/us-school-agrees-to-pay-8-500-to-get-rid-of-ransomware-500684.shtml
http://www.scmagazineuk.com/44-of-ransomware-victims-in-the-uk-have-paid-to-recover-their-data/article/475426/
http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/Thu, 25 Feb 2016 - 46min - 355 - Defensive Security Podcast Episode 149
http://www.tripwire.com/state-of-security/latest-security-news/cisco-patches-critical-asa-ike-buffer-overflow-vulnerability/
http://www.securityweek.com/we-cant-give-preventing-breaches
http://www.csoonline.com/article/3033160/security/ransomware-takes-hollywood-hospital-offline-36m-demanded-by-attackers.html
http://arstechnica.com/security/2016/02/clever-bank-hack-allowed-crooks-to-make-unlimited-atm-withdrawals/Tue, 16 Feb 2016 - 49min - 354 - Defensive Security Podcast Episode 148
http://www.theregister.co.uk/2016/02/04/norse_corp_ceo_fired/
http://www.secureworks.com/resources/blog/ransomware-used-as-a-distraction/
http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/
http://mobile.reuters.com/article/idUSKCN0VD14X
http://www.csoonline.com/article/3025787/security/defending-against-insider-security-threats-hangs-on-trust.html
http://www.securityforrealpeople.com/2016/02/poor-ux-leads-to-poorly-secured-soho.htmlThu, 11 Feb 2016 - 57min - 353 - Defensive Security Podcast Episode 147
Hack in the Box: https://conference.hitb.org/
Circle City Con: https://circlecitycon.com/tickets/
http://www.theregister.co.uk/2016/01/28/nsas_top_hacking_boss_explains_how_to_protect_your_network_from_his_minions/?page=1
https://www.youtube.com/watch?v=bDJb8WOJYdA
http://krebsonsecurity.com/2016/01/sources-security-firm-norse-corp-imploding/
http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/Mon, 01 Feb 2016 - 42min - 352 - Defensive Security Podcast Episode 146
https://blog.malwarebytes.org/intelligence/2016/01/draft-lechiffre-a-manually-run-ransomware/
http://www.tripwire.com/state-of-security/security-data-protection/boeing-supplier-hacked-claims-55-million-worth-of-damage-as-stock-price-falls/
http://krebsonsecurity.com/2016/01/firm-sues-cyber-insurer-over-480k-loss/
http://shawnetuma.com/2016/01/08/supervalu-data-breach-class-action-dismissed-for-lack-of-harm/
Hack in the Box: https://conference.hitb.org/
Circle City Con: https://circlecitycon.com/tickets/Wed, 27 Jan 2016 - 39min - 351 - Defensive Security Podcast Episode 145
http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/
http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/
http://www.csoonline.com/article/3021774/security/trend-micro-flaw-could-have-allowed-attacker-to-steal-all-passwords.htmlThu, 21 Jan 2016 - 36min - 350 - Defensive Security Podcast Episode 144
http://www.welivesecurity.com/2016/01/03/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry/
http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html
http://www.databreaches.net/191-million-voters-personal-info-exposed-by-misconfigured-database/
http://darkmatters.norsecorp.com/2015/12/28/the-cybersecurity-information-sharing-act-cisa-passed/Sun, 03 Jan 2016 - 42min - 349 - Defensive Security Podcast Episode 143Sun, 03 Jan 2016 - 1h 21min
- 348 - Defensive Security Podcast Episode 142https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html
http://www.csoonline.com/article/3012443/security/how-the-nsa-uses-behavior-analytics-to-detect-threats.html#tk.rss_all
http://www.databreachtoday.com/wyndham-agrees-to-settle-ftc-breach-case-a-8737
https://technet.microsoft.com/en-us/library/security/ms15-127.aspx
https://www.reddit.com/r/sysadmin/comments/3wa8rl/early_warning_system_for_cryptowall_crypto_canary/Sun, 13 Dec 2015 - 43min - 347 - Defensive Security Podcast Episode 141
http://www.zdnet.com/article/vtech-hack-gets-worse-kids-photos-chat-logs-also-stolen/
http://krebsonsecurity.com/2015/12/dhs-giving-firms-free-penetration-tests/
http://www.csoonline.com/article/3011580/data-protection/insurance-companies-will-crack-down-on-cyber-security-in-2016-report.html
http://www.forbes.com/sites/joannabelbey/2015/11/30/7-tips-from-the-fbi-to-prepare-your-firm-for-a-cyber-attack/Sun, 06 Dec 2015 - 46min - 346 - Defensive Security Podcast Episode 140
http://krebsonsecurity.com/2015/11/breach-at-it-automation-firm-landesk/
http://www.slate.com/articles/technology/users/2015/11/sony_employees_on_the_hack_one_year_later.html
http://www.csoonline.com/article/3006816/cyber-attacks-espionage/damballa-finds-tools-related-to-the-malware-that-hit-sony.html
http://www.databreachtoday.com/interviews/what-jpmorgan-chase-breach-teaches-us-i-2982
http://www.healthcaredive.com/news/ftc-data-breach-case-dismissal-raises-bar-for-demonstrating-consumer-harm/409634/Thu, 26 Nov 2015 - 44min - 345 - Defensive Security Podcast Episode 139
http://www.bloomberg.com/news/articles/2015-11-10/hackers-accused-by-u-s-of-targeting-top-banks-mutual-funds
http://www.trust.org/item/20151113203615-j3cyu
http://krebsonsecurity.com/2015/11/jpmorgan-hackers-breached-anti-fraud-vendor-g2-web-services/#more-32855
http://consumerist.com/2015/11/13/lack-of-windows-3-1-technicians-causes-traffic-backup-at-french-airport/
http://securityaffairs.co/wordpress/41950/cyber-crime/fakben-ransomware-as-a-service.htmlMon, 16 Nov 2015 - 46min - 344 - Defensive Security Podcast Episode 138http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/
http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/
http://www.theregister.co.uk/2015/11/02/pagefair_malware_snare_scare_in_halloween_hack_of_adblocker_blocker/
http://www.infosecurity-magazine.com/news/it-personnel-are-the-riskiest/Sun, 08 Nov 2015 - 55min - 343 - Defensive Security Podcast Episode 137
http://blog.erratasec.com/2015/10/dumb-dumber-and-cybersecurity.html
http://www.businessinsider.com/talktalk-didnt-use-encryption-hack-protect-4-million-customer-details-2015-10
https://grahamcluley.com/2015/10/talktalk-hacked-silly-ask-data-encrypted/
http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/
http://www.securityweek.com/hacking-impact-short-lived-sony-boss
https://threatpost.com/european-aviation-agency-warns-of-aircraft-hacking/114987/Mon, 26 Oct 2015 - 38min
Podcasts similaires à Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
- Global News Podcast BBC World Service
- El Partidazo de COPE COPE
- Herrera en COPE COPE
- The Dan Bongino Show Cumulus Podcast Network | Dan Bongino
- Es la Mañana de Federico esRadio
- La Noche de Dieter esRadio
- Hondelatte Raconte - Christophe Hondelatte Europe 1
- Dateline NBC NBC News
- 財經一路發 News98
- La rosa de los vientos OndaCero
- Más de uno OndaCero
- La Zanzara Radio 24
- L'Heure Du Crime RTL
- El Larguero SER Podcast
- Nadie Sabe Nada SER Podcast
- SER Historia SER Podcast
- Todo Concostrina SER Podcast
- 安住紳一郎の日曜天国 TBS RADIO
- TED Talks Daily TED
- アンガールズのジャンピン[オールナイトニッポンPODCAST] ニッポン放送
- 辛坊治郎 ズーム そこまで言うか! ニッポン放送
- 飯田浩司のOK! Cozy up! Podcast ニッポン放送
- 吳淡如人生實用商學院 吳淡如
- 武田鉄矢・今朝の三枚おろし 文化放送PodcastQR