Archive for SANS

June 4th 2013, Episode 303, Show Notes

Posted in Breach, Conference Coverage, darkweb, eMail Security, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , on June 3, 2013 by datasecurityblog

Episode 303 of The CyberJungle is about 41 minutes long.  The interview with the Kevin Fiscus begins at about the 24min mark, following Tales from The Dark Web. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 303 via the flash player: http://dataclonelabs.com/security_talkworkshop/thecyberjungle_303.mp38

Interview

Links mentioned  in the interview with Kevin Fiscus, SANS Institute Instructor, and principal with Cyber Defense Advisors

Tales From The Dark Web

Oracle Tackles Java Security Holes

Our Take On This Week’s News

BT has dumped Yahoo! as email provider to its six million broadband customers following months of customer complaints over breaches

Beginning the week of June 3, 2013, older versions of Yahoo! Mail (including Yahoo! Mail Classic) will no longer be available

Yahoo Shuts Down Mail Classic, Forces Switch To New Version That Scans Your Emails

StartMail, the private email service being developed by StartPage

Evernote Adds Basic Two-Factor Authentication, Other Security Features After Hack Attempt

Wrap

Seat of Power: the computer workstation for the person with everything

Paraben's Forensic Innovations Conference

The Paraben Forensic Innovations Conference has been an annual event since 2008. Since that time it has rapidly evolved into a higher attended conference with a broader scope of topics reaching from deeply technical into the legal aspects of the forensics and eDiscovery industry. Those who attend PFIC are as diverse as our topics, from law enforcement and lawyers, to corporate entities, government agents, private investigators, and educational institutions. If you haven’t had the opportunity to attend, this is your chance to experience the fresh air and mountains of Utah as well as the fresh topics that will be the highlight of this year’s conference. If you’ve already attended, then you know what to expect and are as excited as we are about it!  PFIC 2013 will be held November 13-15th, 2013 in Salt Lake City Utah. Space for this conference is limited, and with tickets starting at $199, the show will almost surely sell out. The CyberJungle will be there, because it is one of the best bang for the buck forensic conferences of the year.

SpectorSoft

SpectorSoft: IT professionals, Risk Officers, and HR staff have more worries than ever: insider theft, inappropriate communications, inefficient processes, employee investigations, and compliance requirements. These pressing issues demand a reliable, automated, advanced technology capable of showing user, department, and division activity no matter where the users are or what devices they are using. SPECTOR 360, the de facto corporate User Activity Monitoring solution, addresses these issues and meets this demand.

SPECTOR 360 monitors, captures, and analyzes ALL user and user group activity including: email sent and received, chat/IM/BBM, websites visited, applications/programs accessed, web searches, phone calls, file transfers, and data printed or saved to removable devices.

SPECTOR 360 features automated, remote installation of the Windows and Mac clients and requires no client installation on BlackBerry devices.

 

May 28th 2013, Episode 302, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , on May 28, 2013 by datasecurityblog

Episode 302 of The CyberJungle is about 38 minutes long.  The interview with the Dr. Eric Cole, SANS Fellow begins at about the 20min mark, following Tales from The Dark Web. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 303 via the flash player: http://dataclonelabs.com/security_talkworkshop/thecyberjungle_302.mp38

Interview

Links mentioned  in the interview with Dr. Eric Cole; Author, Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization; and SecureAnchor

Tales From The Dark Web

Security lapse discovered by reporters exposes data

Our Take On This Week’s News

Iran fingered for attacks on US power firms; Syrian group tried to disrupt Haifa water system

Clearwire limiting Huawei footprint

Experts give their take on Twitter’s 2FA

Wrap

Corporate Security’s Weak Link: Click-Happy CEOs [subscription required]

 

Please support our sponsors, as they support The CyberJungle

Paraben's Forensic Innovations Conference

The Paraben Forensic Innovations Conference has been an annual event since 2008. Since that time it has rapidly evolved into a higher attended conference with a broader scope of topics reaching from deeply technical into the legal aspects of the forensics and eDiscovery industry. Those who attend PFIC are as diverse as our topics, from law enforcement and lawyers, to corporate entities, government agents, private investigators, and educational institutions. If you haven’t had the opportunity to attend, this is your chance to experience the fresh air and mountains of Utah as well as the fresh topics that will be the highlight of this year’s conference. If you’ve already attended, then you know what to expect and are as excited as we are about it!  PFIC 2013 will be held November 13-15th, 2013 in Salt Lake City Utah. Space for this conference is limited, and with tickets starting at $199, the show will almost surely sell out. The CyberJungle will be there, because it is one of the best bang for the buck forensic conferences of the year.

SpectorSoft

SpectorSoft: IT professionals, Risk Officers, and HR staff have more worries than ever: insider theft, inappropriate communications, inefficient processes, employee investigations, and compliance requirements. These pressing issues demand a reliable, automated, advanced technology capable of showing user, department, and division activity no matter where the users are or what devices they are using. SPECTOR 360, the de facto corporate User Activity Monitoring solution, addresses these issues and meets this demand.

SPECTOR 360 monitors, captures, and analyzes ALL user and user group activity including: email sent and received, chat/IM/BBM, websites visited, applications/programs accessed, web searches, phone calls, file transfers, and data printed or saved to removable devices.

SPECTOR 360 features automated, remote installation of the Windows and Mac clients and requires no client installation on BlackBerry devices.

 

October 8 2012, Episode 276, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on October 8, 2012 by datasecurityblog

Episode 276 of The CyberJungle is about 36 minutes long.  You can hear it by clicking on the flash player below. The interview with John Strand, begins at about the 22min mark.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 276 via the flash player:

Interview

John Strand InfoSec expert and Senior SANS Instructor. Find him here on PaulDotCom.com.

Tales From The Dark Web

Blitzkrieg-like bank takeover attacks coming?

Our Take on This Weeks News

*Congress: Chinese telecom firm Huawei a national security threat. The CyberJungle interview with FX following his Huawei security presentation,  at DefCon20 this summer. Listen here, starting at about the 14min mark.

‘FakeInstaller’ attacks Android users

Hotel locks breached with tool disguised as a marker

Wrap

Researchers SICK OF SPAM submit ridiculous article to mag

October 3, 2010- Episode 177

Posted in Breach, Court Cases, criminal forensics, darkweb, Legislation, Podcast, The CyberJungle, Vulnerabilities, web server security with tags , , , on October 3, 2010 by datasecurityblog

Episode 177:

This week’s regular episode of  The Cyberjungle  is 1 hour and 16 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 177 via the flash player:

Interview

Dr. Eric Cole is an instructor at the SANS Institute and a CTO with McAfee.  He discusses data security based upon actions, rather than just signatures of attacks.  Dr. Cole’s interview begins about 25 minutes into Episode 177.

Tales from the Dark Web

Restaurant Security Fails – $200,000 in fraudulent credit card charges made after a restaurant purchased a new PCI compliant point of sale system, but failed to take the other steps needed to secure the information. Many businesses are failing to secure their point of sale systems and other parts of their business. They run out of date software, insecure systems. Most small businesses still don’t think they are a target for cyber criminals.

Our Take on This Week’s News

Obama Administration seeks wiretap access through backdoors to all online communication channels. The effort would include a requirement for access to encrypted communications. The EFF points out this battle has already been won once.

Rat on your neighbor, part II – Meanwhile, Department of Homeland Security launches a suspicious activity report database.

Poor Tyler Clementi, the Rutgers student whose gay tryst was available to his roommate’s chat partners via webcam, has not yet been laid to rest, and a state lawmaker is seizing upon his suicide to get attention for herself. Thumbs way down to these vultures who climb upon the bones of dead teenagers to get publicity or to shill for legislation that would otherwise go nowhere. This is all too common.

Another episode of Databreach Theater – Courthouse News reports on a databreach case originating in a Kansas prison.  The Six Circuit Court apparently concluded that an act can be simultaneously “inadvertent” and “willful.”

Zeus arrests - Bank Account Takeover Attack gang members arrested in three countries. The Zues attacks nonetheless continue, with one of many variants now targeting mobile banking users.

Judge acquits speeding motorcyclist who used a helmet cam to record traffic antics and a traffic stop by an armed plain-clothes cop.

Stuxnet Update- The Saga Continues: Could this attack ‘inspire’ similar attacks? Was the attack targeting India rather than Iran? China has also had a taste of Stuxnet.

Bug Bounty -Should major cloud services/sites set up a bounty system for web app bugs?

CyberJungle FAQ:

Skip the Adobe PDF mess and download Foxitsoftware’s PDF reader

For easy, much more secure tool one can use for online banking, use Webconverger

September 25, 2010 – Episode 175

Posted in Annoucements, Breach, Conference Coverage, Court Cases, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , on September 26, 2010 by datasecurityblog

Episode 175:

This week’s regular episode of  The Cyberjungle  is 1 hour and 25 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 175 via the flash player:

Interview

Lance Spitzner from the SANS “Securing the Human” project joins us to discuss the final (and largest) hole in network security. It’s the users, stupid.  Millions of hours and billions of brain cells have been spent securing computers and networks.  The job will never be done until we secure the humans.  Our interview with Lance is about 5 minutes long, and it starts about 25 minutes into the show. Lance’s blog posting with slides from his presentation at SANS Las Vegas.

Tales from the Dark Web

Twitter attack is warning to social network users

We all love to give our opinions.  Apparently, the bad guys know it. The latest dark web scam involves online and email surveys.

Our Take on This Week’s News

Teacher fired for posting a blog that included references to various students. The article in the Austin Statesman is unclear, but the reader comments help us piece together the story. Apparently this teacher, who was last year’s teacher of the year, wrote a blog on which she contemplated how to approach teaching challenges presented by some of her individual students.  Her mistake was probably posting photos.  One comment indicates that she did not identify any of the students by name.  We are inclined to blame the administration for failure to make clear the policies regarding federal student privacy laws (FERPA).

“Respondent May NOT Use Internet in Any Manner to Communicate About Petitioner Ever Again.” An order handed down in a divorce case.  The question on the Volokh Conspiracy is whether the order in constitutional.  (Remember free speech?) You can’t libel someone, and maybe you can be gagged during litigation, but the government can’t permanently keep you from trashing your ex.

Wonder how many jobs this created or saved? Federal stimulus dollars are being used for an RFID program to track preschoolers.    ACLU and EFF open a can of whip-ass.

Lawyers heart Facebook! Best not to post photos of yourself looking healthy and robust on Facbook if you’re in litigation for a personal injury.  A judge has ordered  the private portions of plaintiff’s Facebook are discoverable,  since the public portions suggest she’s having more fun that she claims her physical condition permits.

U.S. Cybercommand proposing an internet “safe zone” for government and such critical industries as utilities and banking.  A super-safe segregated network might raise as many questions as it answers. Read various versions below for a variety of angles.

http://www.washingtonpost.com/wp-dyn/content/article/2010/09/23/AR2010092302171.html

http://www.washingtonpost.com/wp-dyn/content/article/2010/09/23/AR2010092305431.html

http://www.nytimes.com/2010/09/24/us/24cyber.html?_r=1&ref=technology

http://www.wired.com/dangerroom/2010/09/militarys-cyber-commander-swears-no-role-on-civilian-networks/

http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=227500515

Worm attack on Iranian nuke facility. Is this malware part of a nation-state attack?

Top ten internal threats to network securityThis how the risks stack up according to researchers at Fortinet.

Episodes 106 and 107- January 31, 2010

Posted in criminal forensics, darkweb, Show Notes, Vulnerabilities with tags , , , , , on January 31, 2010 by datasecurityblog

After some experiments with posting our new radio show, we return to our classic podcast sound.   If you were a fan of the Data Security Podcast, you will recognize the familiar sound in The CyberJungle from now on. Thanks for enduring the experimental phase.  We tried to edit out portions where the radio station played popular music under our voices.  Legally necessary, but we acknowledge that the result was choppy. There are also certain required live radio elements made the podcast versions longer than they needed to be.

If want the full radio show,   radio station KOH can legally post it and they retain full radio versions of The CyberJungle.  And of course, you can  listen live on Saturday mornings.  If you’re interested in a shorter show with just the meat and potatoes, get it here on our website.

On with the show notes:

Episode 106 is The CyberJungle’s su root interview for the technically advanced listener. Mandiant’s Rob Lee on the APT – advanced persistent threat.  Attacks used to be short-term and removable.  Now they burrow in for months or years, for the purpose of ongoing theft.  Episode 106 is the 30-minute, unedited version.  The short version of the interview can be heard in episode 107.  It starts roughly 40 minutes into the show.

Mandiant allows you to  download a copy of Rob Lee’s report here.

In Episode 107 we discuss the week’s top story – In “Digital Combat, U.S. Finds No Easy Deterrent”

A conference-room war game featuring sophisticated cyberattacks left top military officials perplexed. This article discusses the apparent head-scratching in the Pentagon over how to respond to digital threats to national security. The problem – at least in part – seems that the U.S. government is still using the language of conventional war.  Two things are troubling. First, a gee-whiz quality to this piece suggests that this is the first time the U.S. military is considering these challenges. It’s certainly not, but the portrayal of top military brass as stuck in low gear on this issue is unsettling at best. Second, it muses about an attack on the grid, OR the banking system, OR the emergency communication system.  Doesn’t venture any possibility of a “digital pearl harbor”  featuring these events simultaneously.

We also talked with Peter Eckersly of EFF. He’s heading up a project that measures your computer’s unique configuration…. and calculates whether you’re easy to track (even when you shut off cookies and do the other “prudent” things that should prevent tracking, but don’t). EFF is seeking participants in this analysis. You can get a uniqueness rating ad participate in the experiment. And no, they will not use your computer’s fingerprint for any other purpose.

Our conversation with Peter Eckersly starts about 15 minutes into Episode 107.

Speaking of tracking… the Google Toolbar appears to be spying on you even after you disable it.  No matter what Google says.  Read Ben Edelman’s account of his own exploration of  this matter. Ben says he followed Google’s instructions and found he was still being scrutinized.

More news from the week:

International survey: IT Security managers see disaster looming. The takeaway from this 40-page report, Critical Infrastructure in the Age of Cyber War :  Top management just doesn’t get it.

70 percent of major companies are considering iPhone adoption. A New Era For Corporate Culture: iPhone Use Doubles in the Enterprise Ira would rewrite this headline:  “Likelihood of secure business communication cut in half.”

Latest email scams tap into widespread interest in current events.  Like the one that tells colleagues  “I just wrote an article about the Chinese cyberattack. Hope you like it. Click here. ”  The attached PDF file is the Chinese cyberattack.  See this example from and earnest researcher at George Washington University at F-secure.

More email scams – we tried to deliver a package but you weren’t home. Click here for info. The bad guys are using physical addresses to discover email addresses.

Affluent individuals who live ‘the good life’ are 43 percent more likely to be victims.  A survey of ID theft victims who were hit based on activity profiling.

Data Security Podcast Episode 62 – July 21 2009

Posted in Breach, darkweb, ediscovery, eMail Security, Exclusive, Podcast, Vulnerabilities, web server security with tags , , , , , , , , , on July 20, 2009 by datasecurityblog

30 minutes each week on data security, privacy, and the law….(plus or minus five)

On this week’s program:

* EXCLUSIVE: New tool to fight web attacks, and add to your privacy

* Combining data loss prevention and identity management to protect confidential business data from security breaches.

* Our take on this week’s news.

–>NEW! Stream This Week’s Show with our Built-In Flash Player:

This week’s show is 33 minutes.

–> Stream, subscribe or download Episode 62 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.

Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:

  • Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
  • GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
  • SonicWall;  Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing MagazineData Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
  • DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.

Show Notes for Episode 62 of the Data Security Podcast

* Conversation: Ira talks with Tarique Mustafa, CEO and founder of data loss prevention firm, nexTier.

* Tales From The Dark Web Exclusive:  A new browser tool that blocks browser trackers, annoying pop-unders, AND some malicious web banner adverts. It’s Ghostery version 2, and  it goes live this week.  Be sure to get version 2, as version one is only logging, not blocking!

* From the News: Beaver County school district hit by cyber fraud.

* From the News:  Erin Andrews peephole video leads to malware. Read more about this attack on Graham Clueley’s Blog.

* From The News: Details on the vulnerability in Firefox 3.5.

* Correction From The News:  When Ira spoke about two factor authentication he meant to say that a password is something that you know. He apologizes for the mistake.

Follow

Get every new post delivered to your Inbox.

Join 1,114 other followers