UPDATE: iTunes Access, Your Help Needed

Posted on December 14, 2009 by datasecurityblog

As we get ready to post Episode 85 today, we want to inform you about an iTunes issue.
The Data Security Podcast made some DNS changes two weeks ago, and it has affected those who listen through the iTunes Store. The iTunes Store is not showing episodes past #82.
UPDATE: Apple has yet to reply to our [...]

Filed under: Annoucements | Tagged: | Leave a Comment »

Program Note – Data Security Podcast 82

Posted on November 22, 2009 by datasecurityblog

Episode 82 of the Data Security Podcast is scheduled to post Monday over night/Tuesday early morning, Greenwich Mean Time.  In the meantime listen to Ira Victor’s two-part infosec special interviews on fighting web drive-by downloads. We posted a two part special edition last Thursday and Friday, Episode #80 and #81.

Filed under: Annoucements | Tagged: | Leave a Comment »

Data Security Podcast Episode 81, Nov 20 2009

Posted on November 20, 2009 by datasecurityblog

EXCLUSIVE – For Friday November 20th, we depart from our regular format for those with an advanced understanding of information security technologies.
This is part two of two special editions featuring technical conversations with newsmakers on new counter measures to fight web drive-by downloads. Part two features Louis Hughes, Chairman and CEO of InZero Systems; [...]

Filed under: Annoucements, Exclusive, Interview Only Edition, Podcast, darkweb, web server security | Tagged: , , , | Leave a Comment »

Special Security Geek Edition: Interview with Marsh Ray, Discoverer of SSL Flaw

Posted on November 5, 2009 by datasecurityblog

For Thursday November 5th, we depart from our regular format for those with an advanced understanding of information security technologies. This episode is a one-topic special edition, providing coverage of a major man-in-the-middle flaw discovered in the SSL protocol (see, we told you it was for security geeks).
We will return to our regular format of [...]

Filed under: Annoucements, Breach, Exclusive, darkweb | Tagged: , , | 1 Comment »

Data Security Podcast Episode 76, Nov 02 2009

Posted on November 1, 2009 by datasecurityblog

30 minutes every week on data security, privacy, and the law…..(plus or minus ten)
On this week’s program:
* Placing an online bet for the World Series? Employees of online betting sites might be selling customer data online.

* Google Book Search: What data is Google storing about readers of online books?
* Our take on this week’s [...]

Filed under: Annoucements, Breach, Court Cases, Legislation, Podcast, Vulnerabilities, criminal forensics, darkweb, ediscovery | Tagged: , , , , , , , , , , , | Leave a Comment »

BREAKING NEWS – New Twist to Zeus Bank Trojan; Well-Known Penetration Tester at ISACA Conference Calls Revelation “Disastrous”

Posted on September 30, 2009 by datasecurityblog

Reporting from the ISACA Security and Risk Management Conference in Las Vegas, we have breaking security news this morning.
Organized cyber criminals have added a new damaging element to an already viscous cyber attack. Yuval Ben-Itzhak, CTO of Finjan spoke by phone with the Data Security Podcast about a frightening new twist to the surge of [...]

Filed under: Annoucements, Breach, Conference Coverage, Court Cases, Exclusive, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: , , , , | Leave a Comment »

Labor Day Program Note – Data Security Podcast

Posted on September 6, 2009 by datasecurityblog

The Data Security Podcast is taking Labor Day off….we are working on these stories for next week’s program:
* Brian Mastenbrook’s excellent blog posting,  How I cross-site scripted Twitter in 15 minutes, and why you shouldn’t store important data on 37signals’ applications
I talked to Brian, and we will advance the story he tells  on web application [...]

Filed under: Annoucements, Report Security Flaws, Vulnerabilities | Leave a Comment »

Data Security Podcast Episode 67, Aug 24 2009

Posted on August 24, 2009 by datasecurityblog

30 minutes every week on data security, privacy, and the law…..(plus or minus five)
On this week’s program:
* The security lessons from Heartland data breach – what the newscasters didn’t tell you. Details on our Tales from The Dark Web segment.
* What if you discovered a web security flaw and their customer service staff ignored your [...]

Filed under: Annoucements, Breach, Court Cases, Exclusive, Podcast, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: , , , , , , | Leave a Comment »

REPORT: SQL Injection Attacks #1 Web Drive-by Hazard

Posted on August 17, 2009 by datasecurityblog

Web application security company Breach Security announced today that SQL Injection attacks remains the number one web attack vector, accounting for nearly one-fifth of all security breaches (19%).
Attack vectors exploiting Web 2.0 features such as user-contributed content were also commonly employed: authentication abuse was the second most active attack vector (11%), and Cross Site Request [...]

Filed under: Annoucements, Vulnerabilities, web server security | Tagged: , , | Leave a Comment »

Data Security Podcast Episode 61 – July 14 2009

Posted on July 14, 2009 by datasecurityblog

30 minutes each week on data security, privacy, and the law….(plus or minus five)
On this week’s program:
* A double whammy…. two critical zero day attacks hit users of Microsoft products.
* A non-profit security group has a plan to fight web drive-by downloads.
* Our take on this week’s news.
–>NEW! Stream This Week’s Show with our Built-In [...]

Filed under: Annoucements, Breach, Podcast, Vulnerabilities, darkweb, web server security | Tagged: , , , , , , , | Leave a Comment »

Next Page »