Data Security Podcast Episode 21 – Oct 07 2008
The Data Security Podcast is the place for 30 minutes of news every week on data security, privacy, and the law.
This weeks program: Massive cache of web server logins uncovered, web application security honeypots, and the latest data security news.
–> Stream, subscribe or download Episode 21 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.
–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.
This week’s show is sponsored by DeviceLock
Program Notes for Episode 21
1. Remember the San Francisco IT employee who brought the city’s business to a halt when he hijacked its network? Apparently, hostile employees do this from time-to-time, and they fit a certain profile.
2. iPhone Forensics, a new book authored by Jonathan Zdziarski
3. An Ohio woman has permission to sue her county after a scanned image of a traffic violation allowed her identity to be stolen.. Resulting in $20,000 in bogus purchases.
4. UFO/military systems hacker did his work over 56k modem.
5. “It’s not an Orwellian thing…” So says Denver law enforcement of their plan to have civilians monitor the city’s beefed up network of surveillance cameras. After hosting the Democratic National Convention the city has four times as many cameras as it did before.
6. The Payment Card Industry Data Security Standard (DSS) v 1.2 replaced the DSS v. 1.1 on October 1, 2008. This Summary of Changes document provides an overview of the significant differences between the two versions.
Tales From The DarkWeb: Security researcher with Aladdin uncovers cache of 200,000 site credentials for Fortune 500 firms, weapons makers, governments
Conversation: Ira talks with Ryan Barnett with The Web Application Security Consortium (WASC). “From a counter-intelligence perspective, standard honeypot/honeynet technologies have not bared much fruit in the way of web attack data….[The WASC Open Proxy Honyepot] project will use one of the web attacker’s most trusted tools against him – the Open Proxy server.” The project is looking for your help in reading logs, hosting honeypots, and other tasks. Read more