UPDATE: iTunes Access, Your Help Needed

As we get ready to post Episode 85 today, we want to inform you about an iTunes issue.
The Data Security Podcast made some DNS changes two weeks ago, and it has affected those who listen through the iTunes Store. The iTunes Store is not showing episodes past #82.
UPDATE: Apple has yet to reply to our [...]

Program Note – Data Security Podcast 82

Episode 82 of the Data Security Podcast is scheduled to post Monday over night/Tuesday early morning, Greenwich Mean Time.  In the meantime listen to Ira Victor’s two-part infosec special interviews on fighting web drive-by downloads. We posted a two part special edition last Thursday and Friday, Episode #80 and #81.

Data Security Podcast Episode 81, Nov 20 2009

EXCLUSIVE – For Friday November 20th, we depart from our regular format for those with an advanced understanding of information security technologies.
This is part two of two special editions featuring technical conversations with newsmakers on new counter measures to fight web drive-by downloads. Part two features Louis Hughes, Chairman and CEO of InZero Systems; [...]

Special Security Geek Edition: Interview with Marsh Ray, Discoverer of SSL Flaw

For Thursday November 5th, we depart from our regular format for those with an advanced understanding of information security technologies. This episode is a one-topic special edition, providing coverage of a major man-in-the-middle flaw discovered in the SSL protocol (see, we told you it was for security geeks).
We will return to our regular format of [...]

Data Security Podcast Episode 76, Nov 02 2009

30 minutes every week on data security, privacy, and the law…..(plus or minus ten)
On this week’s program:
* Placing an online bet for the World Series? Employees of online betting sites might be selling customer data online.

* Google Book Search: What data is Google storing about readers of online books?
* Our take on this week’s [...]

BREAKING NEWS – New Twist to Zeus Bank Trojan; Well-Known Penetration Tester at ISACA Conference Calls Revelation “Disastrous”

Reporting from the ISACA Security and Risk Management Conference in Las Vegas, we have breaking security news this morning.
Organized cyber criminals have added a new damaging element to an already viscous cyber attack. Yuval Ben-Itzhak, CTO of Finjan spoke by phone with the Data Security Podcast about a frightening new twist to the surge of [...]

Labor Day Program Note – Data Security Podcast

The Data Security Podcast is taking Labor Day off….we are working on these stories for next week’s program:
* Brian Mastenbrook’s excellent blog posting,  How I cross-site scripted Twitter in 15 minutes, and why you shouldn’t store important data on 37signals’ applications
I talked to Brian, and we will advance the story he tells  on web application [...]

Data Security Podcast Episode 67, Aug 24 2009

30 minutes every week on data security, privacy, and the law…..(plus or minus five)
On this week’s program:
* The security lessons from Heartland data breach – what the newscasters didn’t tell you. Details on our Tales from The Dark Web segment.
* What if you discovered a web security flaw and their customer service staff ignored your [...]

REPORT: SQL Injection Attacks #1 Web Drive-by Hazard

Web application security company Breach Security announced today that SQL Injection attacks remains the number one web attack vector, accounting for nearly one-fifth of all security breaches (19%).
Attack vectors exploiting Web 2.0 features such as user-contributed content were also commonly employed: authentication abuse was the second most active attack vector (11%), and Cross Site Request [...]

Data Security Podcast Episode 61 – July 14 2009

30 minutes each week on data security, privacy, and the law….(plus or minus five)
On this week’s program:
* A double whammy…. two critical zero day attacks hit users of Microsoft products.
* A non-profit security group has a plan to fight web drive-by downloads.
* Our take on this week’s news.
–>NEW! Stream This Week’s Show with our Built-In [...]