Archive for May, 2011

May 31, 2011 – Episode 215

Posted in Breach, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on May 30, 2011 by datasecurityblog

Episode 215 of  The CyberJungle is about 30 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 17:30 mark.

To listen to Episode 215 via the flash player:

Interview

Checklist Compliance vs. Security, with Lila Kee of GlobalSign. A new study reveals that up that some healthcare providers spend 100% of their data security efforts on compliance, rather than actual risk reduction.

Our Take on The Week’s News

Privacy: Users aren’t turning on Do Not Track browser featuresAs reported by Consumer Reports

Become a “Hacker” in 15 Minutes or Less: In a controlled experiment a small group of volunteers with limited technological knowledge followed a online tutorial to hack into a computer network

Tales from the Dark Web

Lockheed and PBS Join the Roster of Recent Victims as Motives Expand; Almost Anyone Is a Target

Verizon 2011 Data Breach Investigations Report: Cyber Criminals Shifting to Smaller, More Opportunistic Attacks; External Attacks, Especially Hacking, on Rise . Read the important security essentials near the bottom of the news release.

Wrap

Dualboot MeeGoLinux or WIN7 On New Asus ultraslim portable computer

May 24, 2011 – Episode 214

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, ediscovery, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , on May 23, 2011 by datasecurityblog

Episode 214 of  The CyberJungle is about 32 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 14:30 mark.

To listen to Episode 214 via the flash player:

Interview

Seven questions to ask before signing a CloudComputing contract, with Chuck Kellner of D4.

Lee Reiber, Director of Mobile Forensics with AccessData, to get his take on the Android ClientLogin Protocol Flaw.

Here are the links Lee Reiber mentioned in the interview:

Mobile Forensics Blog

Lee Reiber’s Twitter feeds: @celldet, and @MFItraining

Cookie flaw leaves LinkedIn accounts vulnerable

Our Take on The Week’s News

Many small firms learn the hard way that they’re not ” too small” to be hit by cyber attack

Tales from the Dark Web

Tales from the Dark Web is out on assignment this week

Wrap

Salesforce.com and Toyota Build ‘Toyota Friend’ Social Network for Toyota Customers and Their Cars

May 16, 2011 – Episode 213

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Report Security Flaws, Show Notes, The CyberJungle with tags , , , , , on May 15, 2011 by datasecurityblog

Episode 212 of  The CyberJungle is about 38 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The first interview start at about the 9min mark lasts about 11min. The second interview starts at about the 25min mark, and it’s about 12 minutes long.

To listen to Episode 212 via the flash player:

Interviews

Scott Cleland, author of  Search and Destroy, Why You Can’t Trust Google Inc.  And for the other links mentioned in the interview, look on the right column here.

Alyn Hockey, Director of Product Management at security firm Clearswift. Here is their blog.

Our Take on The Week’s News

PCI Compliance Risks for Small Merchants and where they are failing: Excellent summary, with actionable information, from Brian Pennington’s blog about IT security and compliance.

Additional Information Mentioned On The Show

TechEd Atlanta 2011:  Large Microsoft technical conference

CEIC Forensics Conference: Digital Investigations Show, Orlando, Florida

AccessData 2011 Las VegasDigital Forensics Conference

May 9, 2011 – Episode 212

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, Report Security Flaws, Show Notes, The CyberJungle, web server security with tags , , , , , , on May 8, 2011 by datasecurityblog

Episode 212 of  The CyberJungle is about 35 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 25:34 mark.

To listen to Episode 212 via the flash player:

Interview

What went wrong at Sony? Well, it was more than a technical failure. Maybe management shrugged their shoulders at information security. We talk with Marc Maiffret, the co-founder of E-eye Digital SecurityMarc mentioned: blog.eeye.com and forums.eeye.com in this segment.

Our Take on The Week’s News

Ponemon Study: Most cloud service providers admit to not protecting data on their networks

Law Enforcement child porn raids and locking down WiFi networks

Tales from the Dark Web

Attention Mac Users: You are now a target for a new wave of Mac rogue/fake anti-virus 

Attention Mac Users: Skype vulnerability can hit 5.x users. Update just released by Skype.

Wrap

Ira heads to AccessData Forensics Conference next week (Monday May 16). Look for news in The CyberJungle Conference Notes. And Tweets for small items of interest from the conference.

May 1, 2011 – Episode 211

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Report Security Flaws, Show Notes, The CyberJungle, web server security with tags , , , , on May 1, 2011 by datasecurityblog

Episode 211 of  The CyberJungle is about 35 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 14:30 mark.

To listen to Episode 211 via the flash player:

Interview

Vladimir Katalov, CEO of Elcomsoft: ElcomSoft Discovers Vulnerability in Nikon’s Image Authentication System. Here are some sample faked photos that Elcomsoft claims could be “authenticated” as real. Vladimir Katalov’s blog posting on this discovery.  Elcomsoft’s main web site.

Our Take on The Week’s News

Sony sued for PlayStation Network data breach: This is probably one of many suits related to the SonyPSN breach.

ThreatMatrix and the Ponemon Institute have released the findings of their joint study on Consumers and their awareness and appreciation of online fraud. Hat tip: Brian Pennington

Tales from the Dark Web

Zeus Trojan adds investment fraud to its bag of tricks

Wrap

Verizon says it will put location warning labels on mobiles

Follow

Get every new post delivered to your Inbox.

Join 1,121 other followers