Archive for Wikileaks

January 04, 2011 – Episode 194

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on January 4, 2011 by datasecurityblog

Episode 194 of  The Cyberjungle  is 33 minutes long. You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 194 via the flash player:

Our Take on This Week’s News

Facing Threat From WikiLeaks, Bank Plays Defense: On Nov. 29,2010, the director of WikiLeaks, Julian Assange, said in an interview that he intended to “take down” a major American bank and reveal an “ecosystem of corruption” with a cache of data from an executive’s hard drive. Bank of America executives sprung into action the next day according to The New York Times Ira mentioned 10minutemail.com as a free tool to keep your real email address more private.

Upon launching the Spokeo website, they cleverly remind you that “it’s not your grandma’s phonebook,” which is not only a hacky reference but also literally true: the old meatspace phonebooks didn’t automatically expose all of your private information like age, income, home value, credit score, relationship status and map to your house. Who the Eff are these freaks? How did they get ALL of your info? I don’t know, but all of mine was there. Fortunately, there’s an easy way to remove yourself from the database of these privacy rapists currently thriving in Zuckerberg’s America. Hat Tip to: Chris Hardwick at The Nerdist Blog.

From the “This-Affects-Just-About-Everyone” File: Security researcher Julia Wolf of FireEye pointed out numerous, previously hardly known, security problems in connection with Adobe PDF files. Microsoft warns of Word attacks; RTF-based exploits making the rounds, apply patch pronto.

Tales From The Dark Web

A new twist on an older attack: Attackers re-use older versions of the Zues bank trojan to steal government and private sector information. See the Netwitness Blog: Cyber-Crime or Cyber-Espionage?

Interviews

Ira Victor talks with Chrisother Hadnagy, ethical Social Engineer and author of the new book, “Social Engineering: The Art of Human Hacking

Wrap-up

The CyberJungle goes to the 2011 Las Vegas Consumer Electronic Show (CES) this week. CES is the largest electronics show in the world. The CyberJungle will bring you a security, privacy and legal perspective on the technologies featured CES. Get our reports in Conference Notes. And follow (or just read) Ira on Twitter for comments and nuggets of interest.


December 14, 2010 – Episode 191

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Show Notes, The CyberJungle with tags , , , , , on December 14, 2010 by datasecurityblog

Episode 191 of  The Cyberjungle  is 36 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 191 via the flash player:

Interview

Dr. Larry Ponemon releases surprising results in a new smartgrid study.

Tales from the Dark Web

McDonald’s hacked, customer data stolen, chain says. Raf Los, HP’s Security Evangelist: McDonalds Database Compromise – 3rd Party Lessons

Our Take On This Week’s News

Gawker Data Breach Could Lead to Attacks on Government Agencies: Details on the Gawker breach, as covered by The PBS Newshour.

Judge Won’t Alter Award in Equifax ID Theft Case: Eric Drew, a cancer survivor who won more than $1 million from Equifax for improperly handling his identity theft report, can keep the full award, a federal judge ruled.

Lawsuit Alleges Interclick ‘History Sniffing’ Violates Fed Computer Fraud And Wiretap Laws: A New York resident sued behavioral targeting network Interclick for allegedly using Flash cookies and history-sniffing techniques to thwart her attempts to prevent online tracking.

Wrap

Why do we let this creepy company called Google spy on our emails?


December 7, 2010 – Episode 190

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Uncategorized, Vulnerabilities with tags , , , on December 7, 2010 by datasecurityblog

Episode 190 of  The Cyberjungle  is 36 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 190 via the flash player:

Interview

Interview with Marc Maiffret, eEye CTO, on 0days, and a new free 0day detection tool. Read the announcement: eEye Delivers Centralized, End-to-End Vulnerability and Compliance Management Solution. White paper from eEye.

Tales from the Dark Web

The King of Spam gets busted while shopping for custom car accessories at SEMA Las Vegas.

Our Take On This Week’s News

Warrantless tracking of car rentals, credit card sales, and even supermarket club cards: Researcher Christopher Soghoian discovered law enforcement uses something called a “hotwatch order” that allows real-time surveillance of purchases and movement.

Think Hillary Clinton is p o’d at Julian Assange? What about this woman, whose chats, emails, photos, and facebook messages were turned over to New York Magazine, reportedly by Wikileaks. Poor Claire… now friends know she hates their weddings, and her boss knows what she thinks about him. Nice of New York Mag to redact the name of Claire’s boss, but it was kind of a meaningless gesture since they posted a photo of her.

Sherrif’s Department Data Breach could put people at risk. IT staffer posts confidential law enforcement data to an unprotected web server. Poor policy, poor procedures, or both?


October 24, 2010 – Episode 183

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on October 23, 2010 by datasecurityblog

Episode 183:

This week’s regular episode of  The Cyberjungle  is 1 hour and 18 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 183 via the flash player:

Interview

Joe Levy, Chief Technical Officer with  Solera Networks, stops by to discuss the Zeus Trojan variant that’s making its way around the IRS offices.  Joe’s  interview is 6 minutes long, and it begins about 25 minutes into Episode 183.

Tales from the Dark Web

If cybercrime were a disease, it would be a pandemic and the whole world would be sick. So says a report from Kroll and The Economist Intelligence Unit

Our Take on This Week’s News

School bus surveillance cams - School buses equipped with traffic cams.  It’s an experiment in a Maryland school district, where officials say the little darlings are in more danger as they alight from the bus than any other time, although no child in Maryland has ever been hit while alighting from a school bus.

Insurance companies view social networkers as burglary risks – Duh.  A survey by an insurance trade group indicates a significant number of Facebook and Twitter post their locations, and it’s worth considering whether to reflect this in their insurance rates.

And while we’re ragging on Facebook - Are gay users of Facebook being outed to advertisers for targeted product marketing? Duh again.

Ten oreos, two handfuls of fritos, a pint of Ben and Jerry’s - Are you aware that when you make use of web tools that allow you to keep track your personal behavior, that information could become discoverable in court? (Diet websites come to mind.)

Participants wanted- A new project to monitor BlackBerry traffic as it is sent from various countries. The results will help researchers and users understand what’s happening to the communications as RIM is pressured to cooperate with repressive governments.

More BlackBerry news -  The how and why of BlackBerry eavesdropping, and why it might not be what you think.

A new tool for good guys,- And bad guys, parents, employers, forensic investigators, and everyone who needs to keep tabs on someone.  ElcomSoft tool cracks web browser passwords.

CyberJungle FAQ

Shockwave Zero-day Attack In the Wild

Fake Microsoft Security Essentials Attack

Follow

Get every new post delivered to your Inbox.

Join 1,114 other followers