Posted on August 30, 2009 by datasecurityblog
30 minutes every week on data security, privacy, and the law…..(plus or minus five)
On this week’s program:
* New attacks against business bank accounts…. an earth-shaking recommendation from the banking industry.
* Hackers say they are gearing up for winter attacks – according to a survey of hackers at DefCon 2009.
* Our take on this week’s news.
–> [...]
Filed under: Breach, Legislation, Podcast, Vulnerabilities, Zero Day Project, darkweb, web server security | Tagged: Bank Security, DefCon, Drive-by download, Macbook, web application security | Leave a Comment »
Posted on August 28, 2009 by datasecurityblog
The Internet is abuzz today with the reports by Declan McCullagh that the newest version of The Cybersecurity Act of 2009 has been getting some edits by Senator Jay Rockefeller (D-WV). Although the full edits have not been release, the reports so far continue to talk about how this bill, if passed, could result in [...]
Filed under: Uncategorized | 2 Comments »
Posted on August 24, 2009 by datasecurityblog
30 minutes every week on data security, privacy, and the law…..(plus or minus five)
On this week’s program:
* The security lessons from Heartland data breach – what the newscasters didn’t tell you. Details on our Tales from The Dark Web segment.
* What if you discovered a web security flaw and their customer service staff ignored your [...]
Filed under: Annoucements, Breach, Court Cases, Exclusive, Podcast, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: American Express, Ameriprise, EMP, Heartland, ReportSecurityFlaws.com, SQL Injection, TJX | Leave a Comment »
Posted on August 17, 2009 by datasecurityblog
Web application security company Breach Security announced today that SQL Injection attacks remains the number one web attack vector, accounting for nearly one-fifth of all security breaches (19%).
Attack vectors exploiting Web 2.0 features such as user-contributed content were also commonly employed: authentication abuse was the second most active attack vector (11%), and Cross Site Request [...]
Filed under: Annoucements, Vulnerabilities, web server security | Tagged: darkweb, Drive-by download, web application security | Leave a Comment »
Posted on August 4, 2009 by datasecurityblog
30 minutes every week on data security, privacy, and the law….(plus or minus five)
On this week’s program:
SPECIAL DEFCON17 Coverage From Las Vegas
* Is YOUR tax return sitting out there on the Internet? Maybe not yours, but Larry Pesce tells us about the tax returns — and the other stuff he found without much [...]
Filed under: Breach, Conference Coverage, Exclusive, Podcast, Vulnerabilities, darkweb, eMail Security, web server security | Tagged: darkweb, DefCon17, Drive-by download, lockpicking, MiFI, RFID, Smart Grid, SSL, two factor, web application security, WiFi, XSS | Leave a Comment »
Posted on August 3, 2009 by datasecurityblog
The Data Security Podcast went to DefCon this past weekend. DefCon is the world’s largest hacker conference. We have team coverage in Episode 64, scheduled to post in the next 24 hours. Coverage will include:
-> Can you really trust an SSL Encryption Certificate?
-> Is YOUR web site on the list vulnerable to common cross site [...]
Filed under: Exclusive, Podcast | Tagged: darkweb, DefCon, web application security | Leave a Comment »
