Data Security Podcast Episode 61 – July 14 2009
30 minutes each week on data security, privacy, and the law….(plus or minus five)
On this week’s program:
* A double whammy…. two critical zero day attacks hit users of Microsoft products.
* A non-profit security group has a plan to fight web drive-by downloads.
* Our take on this week’s news.
–>NEW! Stream This Week’s Show with our Built-In Flash Player:
This week’s show is 28.5 minutes
–> Stream, subscribe or download Episode 61 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.
–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.
–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.
Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:
- Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
- GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
- SonicWall; Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing Magazine. Data Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
- DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.
Show Notes for Episode 61 of the Data Security Podcast
* Conversation: StopBadware.org is a non-profit security group with a plan to fight web drive-by downloads. We spoke with Maxim Weinstein, the Executive director of the project. They will help you if your site is blacklisted, and they are looking for help from the security community in uncovering and fighting web drive-by downloads.
* Tales From The Dark Web: Two Zero Day Attacks in the news this week-
ActiveX Video Flaw. Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution. Option 1, apply the work around in the Microsoft Advisory, or upgrade all systems to Microsoft Internet Explorer 8. This Zero Day impacts users of Windows XP and Windows 2003 running IE6 or IE7. UPDATE: Microsoft’s “patch tuesday” (monthly patch cycle by Microsoft) includes a fix for this issue
Microsoft Office. Read the detailed SANS Internet Storm Center Alert: Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution. There is a long list of Windows products impacted by this flaw. Be sure to go through the Microsoft Advisory.
* From The News: Does Google Know Too Much About You? Read the details in Ian Paul’s story in PCWorld.
* From The News: Point; at Foxnews: Wireless Cybercriminals Target Clueless Vacationers. Counter Point; Summer Time, and Wireless Fear Mongering Is in the Air by Glenn Fleishman at WifiNetNews.