Archive for the Legislation Category

August 15, 2011 – Episode 225

Posted in Breach, Conference Coverage, criminal forensics, darkweb, ediscovery, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on August 14, 2011 by datasecurityblog

Episode 225 of  The CyberJungle is about 32 minutes long.  You can hear it by clicking on the flash player below. The interview begins at about 23min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 225 via the flash player:

Interviews

Cracking iPhone/iPad encryption;  Andrey Belenko the developer of a new iOS encryption cracking tool by ElcomSoft

Our Take On This Week’s News

A Bay Area Rapid Transit (Bart) Site Attacked by Anonymous,  thousands of rider email addresses and passwords exposed.

Unmanned areal vehicle boom? Two takes:

Open source edition: The Quadshot is a new kind of remote-control aircraft. It melds advanced open-source hardware, software and a unique airframe to provide the best parts of flying quadrocopters and airplanes. I saw the Quadshot while in the hallways of DefCon19. The creators claim it can be equipped with surveillance cameras. The next frontier in digital forensics? Quadshot is a Kickstart project, and the creators are looking to raise $25,000. Donors get the device once the funds are raised. See the link to the Kickstarter project, and all the details on the FlyQuadShot site. Download a conversation with Peter, one of the creators of Quadshot, recorded at DefCon19.

To listen to the interview with Peter, one of the creators of Quadshot, via the flash player:

Closed source edition:  Lockheed’s Maple Seed “Drone”

Read More: Will Drones Save Privacy Law? by of ConcurringOpinions.com

Tales From The Dark Web

Anonymous creating more sophisticated DoS tools: New hacking tools being developed to attack websites

Wrap

Apple Releases Full Page Welcome to IBM 30 Years Ago Yesterday

Las Vegas Hotel Point of Sale System Repeatedly “Hacked?” Read Samantha Stone’s DefCon story in the Las Vegas Review Journal

August 1, 2011 – Episode 224

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, Legislation, Report Security Flaws, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on August 1, 2011 by datasecurityblog

Episode 224 of  The CyberJungle is about 40 minutes long this week, due to extended preview coverage of BlackHat, SecurityBSides, and DefCon.  You can hear it by clicking on the flash player below. The first interview begins at about 17min, and the second interview at about 27min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 224 via the flash player:

Interviews

Brian Kennish, Founder of Anti-Web tracking tool maker Disconnect, on tracking the web trackers

Tyler Shields of Vericode, Owning your MobilePhone at every layer

Our Take On This Week’s News

The GMail Man – watch the Office365 Official Video

US Appeals Court: Ok to Check DNS of Those Arrested, from the Pittsburgh Post-Gazette


Tales From The Dark Web

Three-fourths of all rootkits on decade-old OS, says antivirus firm. Hat tip: Computerworld story by Gregg Keizer

Conference Coverage

The CyberJungle goes to BlackHat, SecurityBSides and DefCon this week. Get the reports in Conference Notes. Send your questions for Tyler Shields of Vericode via The CyberJungle Contact Form.

July 05, 2011 – Episode 220

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , on July 5, 2011 by datasecurityblog

Episode 220 of  The CyberJungle is about 34 minutes long. You can hear it by clicking on the flash player below. The interview begins at about 19min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 220 via the flash player:

Interview

Yaron Dycian, Trusteer VP: Will Fed’s new regs block banking trojans?

Our Take On This Week’s News

Bill could block some mobile device forensic captures

FoxNews’ Twitter account hijacked, what are the lessons learned?

Tales From The Dark Web

The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today

Wrap

MyMaxSpeed smartphone app could provide the evidence to fight speeding tickets


Conference Coverage

The CyberJungle went to the 2011 Gartner Security Summit this week. Get the reports in Conference Notes.

April 11, 2011 – Episode 208

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , on April 10, 2011 by datasecurityblog

Episode 208 of  The CyberJungle is about 30 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 16:50 mark.

To listen to Episode 208 via the flash player:

Interview

Brian Fox, the creator of BASH (BASH makes a lot of Linux tasks easier), is working on a brand-new project to simplify browser security called Coccoon.  According to the company, with the Cocoon Plugin you get: “No tracking. No viruses. No spam. And your browsing history truly private.”

Our Take on The Week’s News

State of IT Security: Ponemon Institute Study of Utilities and Energy Companies. Global energy and utilities organizations face a number of emerging security challenges that are unique to their industry. Ponemon Research surveyed 291 IT and IT security practitioners within the energy and utilities market, and found that most don’t take IT security seriously. Download this research paper to learn more.

Calls for revisions to an auto accident privacy law. Originally intended to protect citizens, but is it being used to block government transparency?

Disable Geolocation in popular web browsers and social tools with this handy guide by Fred de Vries. And, check out Comodo Dragon, a version of Google Chrome with tracking disabled. Comodo Dragon browser also highlights revoked SSL certs, and by default routes traffic to more secure DNS. Only for Windows users right now.

Tales from the Dark Web

Epsilon Marketing Breach: What did Epsilon know about a pending attack and when did they know it?

Wrap

Anatomy of a Tweet.  Very handy forensic guide, called “map-of-a-tweet” by

March 28, 2011 – Episode 206

Posted in Breach, criminal forensics, darkweb, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on March 27, 2011 by datasecurityblog

Episode 206 of  The CyberJungle is about 48 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 38:05 mark.

To listen to Episode 206 via the flash player:

Interview

RIM caves in. Blackberry maker bows to political pressure and removes the DUI checkpoint app. The app maker says the app will save lives by scaring people out of their cars when they have been drinking. We talk to Joe Scott, the CEO of Phantom Alert.

Our Take on The Week’s News

Big Brother crawls up your nose: The state’s war on cold medicine continues, driven by the federal effort to curb its use as an ingredient in methamphetamine. Read more about how law enforcement and the drug companies have teamed up to database everyone who purchases decongestants. Read more  at the Reasonable Reporter.

Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get? Detecting Certificate Authority compromises and web browser collusion. How-to guide for browser changes to block revoked digital certificates.

Have the inmates have taken over the asylum at RIM?

Tales from the Dark Web: This ain’t logistics. That shipping alert in your email might have more than a tracking number. How a successful old attack is making a comeback. An excellent, detailed dissection of the attack on the WebRoot blog.

March 21, 2011 – Episode 205

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Legislation, The CyberJungle, Vulnerabilities, web server security with tags , , , , on March 20, 2011 by datasecurityblog

Episode 205 of  The CyberJungle is about 43 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 30:30 mark.

To listen to Episode 205 via the flash player:

Interview

Interview: Peter Schlampp, VP Product Management, Solara Networks on the RSA SecureID breach and network forensics

Our Take on The Week’s News

Web browser anti-tracking: Read, “Do not track tools push firms to crossroad,” by James Temple in the SF Gate.

RSA SecureID breach: An Analytical Brief by NSS Labs

Does transparency webapp threaten citizen data when authenticating users? Read “Big Brother Has Been Watching

Civil court action used to take down evil botnet: Read “With Rustock, a New Twist on Fighting Internet Crime” by IDG’s Robert McMillan. CORRECTION: FireEye worked on this takedown, not eEye, as stated by Ira.

Ghostery allows you to block scripts from companies that you don’t trust, delete local shared objects, and even block images and iframes. Ghostery.com.

BetterPrivacy is a Firefox plug-in which protects from usually not deletable LSOs.

Tales from the Dark Web: What do you get when you stir up a pot full of natural disasters, social media alerts, Java exploits and rogue anti-virus? Read the M86 analysis.

Wrap

Supreme Court To Hear Arguments in ID Search Case: The case concerns an unlawful police stop. Defendant asserts that police had no basis for pulling his car over and then running his license.  EPIC’s amicus brief.

March 7, 2011 – Episode 203

Posted in Breach, Business Continuity, Court Cases, criminal forensics, ediscovery, Exclusive News, Legislation, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , , , , , , , on March 7, 2011 by datasecurityblog

Episode 203 of  The CyberJungle is about 53 minutes long.  You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 25:30 mark.

To listen to Episode 203 via the flash player:

Interviews

Charlie Miller, 3x Pwn2Own “hacking” contest winner stays home; response by Dragos, Founder of CanSecWest . Follow Charlie on Twitter.

Tales From The Dark Web

Exactly what is the “boy-in-the-browser attack?”

Our Take on The Week’s News

Lawsuit accuses Amazon of capturing and sharing customer information without permission by tricking Microsoft Internet Explorer

Google Android in app malware flap, iPad2 security, and Blackberry Playbook running Android apps + better security? Interview on Playbook security Ira Victor mentioned in this segment. You may download the segment, or listen to the conversation here:

Via the flash player:

More mobile security news, Keeping Tabs on Android Smartphone Activity.

Proof once again that disgruntled employees are among the most dangerous cybercriminals… Texas man sentenced after breaching former employer’s network and deleting critical business files.

Wrap

OtterBox Cases for slider Smartphones: Samantha and Ira give a new OtterBox the field test

Follow

Get every new post delivered to your Inbox.

Join 1,121 other followers