Archive for PDF flaws

January 04, 2011 – Episode 194

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on January 4, 2011 by datasecurityblog

Episode 194 of  The Cyberjungle  is 33 minutes long. You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 194 via the flash player:

Our Take on This Week’s News

Facing Threat From WikiLeaks, Bank Plays Defense: On Nov. 29,2010, the director of WikiLeaks, Julian Assange, said in an interview that he intended to “take down” a major American bank and reveal an “ecosystem of corruption” with a cache of data from an executive’s hard drive. Bank of America executives sprung into action the next day according to The New York Times Ira mentioned 10minutemail.com as a free tool to keep your real email address more private.

Upon launching the Spokeo website, they cleverly remind you that “it’s not your grandma’s phonebook,” which is not only a hacky reference but also literally true: the old meatspace phonebooks didn’t automatically expose all of your private information like age, income, home value, credit score, relationship status and map to your house. Who the Eff are these freaks? How did they get ALL of your info? I don’t know, but all of mine was there. Fortunately, there’s an easy way to remove yourself from the database of these privacy rapists currently thriving in Zuckerberg’s America. Hat Tip to: Chris Hardwick at The Nerdist Blog.

From the “This-Affects-Just-About-Everyone” File: Security researcher Julia Wolf of FireEye pointed out numerous, previously hardly known, security problems in connection with Adobe PDF files. Microsoft warns of Word attacks; RTF-based exploits making the rounds, apply patch pronto.

Tales From The Dark Web

A new twist on an older attack: Attackers re-use older versions of the Zues bank trojan to steal government and private sector information. See the Netwitness Blog: Cyber-Crime or Cyber-Espionage?

Interviews

Ira Victor talks with Chrisother Hadnagy, ethical Social Engineer and author of the new book, “Social Engineering: The Art of Human Hacking

Wrap-up

The CyberJungle goes to the 2011 Las Vegas Consumer Electronic Show (CES) this week. CES is the largest electronics show in the world. The CyberJungle will bring you a security, privacy and legal perspective on the technologies featured CES. Get our reports in Conference Notes. And follow (or just read) Ira on Twitter for comments and nuggets of interest.


Follow

Get every new post delivered to your Inbox.

Join 1,151 other followers