Archive for Zues Banking Trojan

October 8 2012, Episode 276, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on October 8, 2012 by datasecurityblog

Episode 276 of The CyberJungle is about 36 minutes long.  You can hear it by clicking on the flash player below. The interview with John Strand, begins at about the 22min mark.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 276 via the flash player:

Interview

John Strand InfoSec expert and Senior SANS Instructor. Find him here on PaulDotCom.com.

Tales From The Dark Web

Blitzkrieg-like bank takeover attacks coming?

Our Take on This Weeks News

*Congress: Chinese telecom firm Huawei a national security threat. The CyberJungle interview with FX following his Huawei security presentation,  at DefCon20 this summer. Listen here, starting at about the 14min mark.

‘FakeInstaller’ attacks Android users

Hotel locks breached with tool disguised as a marker

Wrap

Researchers SICK OF SPAM submit ridiculous article to mag

July 05, 2011 – Episode 220

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , on July 5, 2011 by datasecurityblog

Episode 220 of  The CyberJungle is about 34 minutes long. You can hear it by clicking on the flash player below. The interview begins at about 19min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 220 via the flash player:

Interview

Yaron Dycian, Trusteer VP: Will Fed’s new regs block banking trojans?

Our Take On This Week’s News

Bill could block some mobile device forensic captures

FoxNews’ Twitter account hijacked, what are the lessons learned?

Tales From The Dark Web

The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today

Wrap

MyMaxSpeed smartphone app could provide the evidence to fight speeding tickets


Conference Coverage

The CyberJungle went to the 2011 Gartner Security Summit this week. Get the reports in Conference Notes.

Data Security Podcast Episode 83, Nov 30 2009

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Legislation, Podcast, Vulnerabilities with tags , , , , , , on November 29, 2009 by datasecurityblog

30 minutes every week on data security, privacy, and the law…..(plus or minus ten)

On this week’s program:

* New highly damaging attack plays on the very fear of being attacked

* Stopping insider attacks with the right internal controls

* Our take on this week’s news.

–> Stream This Week’s Show with our Built-In Flash Player:

–> Scroll down to see links and show notes for this week’s show

–> Stream, subscribe or download Episode 83 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.

Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:

  • Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
  • GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
  • SonicWall;  Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing MagazineData Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
  • DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.

Show Notes for Episode 83 of the Data Security Podcast

* Ira has a conversation with Cheryl Traverse President/ Chief Executive Officer with Xceedium, a company that provides centralized, secure IT operations management.  Ira and Cheryl talk about the controls that protect against insider threats, and help put organizations in compliance with data security and privacy mandates.

* Tales From The Dark Web:  Bank attacks hides in ‘software update’ links. This attack combines the fear of not properly patching with attacks that empty business bank accounts. Hat tip to the story in Darkreading.com .

* From Out Take on The News: Reuters news story on the under-reporting of cyber attacks.

What Happens In Vegas...Goes Where??

* From Our Take on The News: Las Vegas Metro Police admits to large databreach of background check data.  Hat tip to excellent work by The Las Vegas Sun newspaper.

*  From The Wrap: We comment on the news that the Ikee worm author gets job at iPhone app firm, as posted by Graham Cluley.

Data Security Podcast Episode 72, Oct 04 2009

Posted in Breach, Business Continuity, Conference Coverage, Court Cases, darkweb, Podcast, Vulnerabilities, web server security with tags , , , , , on October 4, 2009 by datasecurityblog

30 minutes every week on data security, privacy, and the law…..(plus or minus ten)

On this week’s program:

* Polymorphic malware – every time it attacks it has a new signature.

* The balance on your bank account looks find, too bad all your money’s gone.

* Our take on this week’s news.

–> Stream This Week’s Show with our Built-In Flash Player:

–> Scroll down to see links and show notes for this week’s show

–> Stream, subscribe or download Episode 72 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.

Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:

  • Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
  • GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
  • SonicWall;  Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing MagazineData Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
  • DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.

Show Notes for Episode 72 of the Data Security Podcast

* Conversation:  Ira talks about a dangerous new twist to the banking attacks Yuval Ben-Izhak the CTO of security company Finjan. Here is the link to the Finjan Report on the new Zeus bank Trojan mentioned in the segment.

* Tales From The Dark Web: Polymorphic malware – every time it attacks it has a different signature.  That means you anti-virus won’t recognize it.  Ira talked about the presentation at ISACA Security and Risk Conference by Stuart Staniford, the Chief Scientist at FireEye.  Read the related Anti-Phishing Working Group paper on the topic.

* From Our Take on The News:  From Wired.com – Probe Targets Archives’ Handling of Data on 70 Million Vets

* From Our Take on The News:  Secure Flight Program by the TSA. EPIC (The Electronic Privacy Information Center) follows the surveillance and profiling of airline passengers. Their most recent post on the TSA “Secure Flight” program was in 2007, when the organization recommended that “secure flight should be grounded” due to privacy concerns. The program is now being expanded to require airline passengers to provide their date of birth when they purchase an airline ticket.  See: http://epic.org/privacy/airtravel/secureflight.html

Follow

Get every new post delivered to your Inbox.

Join 1,126 other followers