Data Security Podcast Episode 82, Nov 24 2009
30 minutes every week on data security, privacy, and the law…..(plus or minus ten)
On this week’s program:
* FBI Report: Latest target for the cybercriminal? Law Firms and PR Firms
* Adobe Speaks: special segment with their senior security officers
* Our take on this week’s news.
–> Stream This Week’s Show with our Built-In Flash Player:
–> Scroll down to see links and show notes for this week’s show
–> Stream, subscribe or download Episode 82 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.
–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.
–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.
Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:
- Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
- GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
- SonicWall; Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing Magazine. Data Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
- DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.
Show Notes for Episode 82 of the Data Security Podcast
* Ira has a conversation with two security officers at Adobe Systems about the allegations made by web security researcher Mike Bailey of unpatchable “Same Origin Flaws” in Adobe Flash. Brad Arkin, Director of Product Security and Privacy, and Peleus Uhley, Senior Security Researcher give their take on Mike Bailey’s claims. Here are the links mentioned in the segment:
– Browser Security Handbook, Part 2—Information on the Same-Origin Policy.
– Peleus Uhley’s article on creating more secure Flash applications / “Understanding that SWFs are Code”
* Tales From The Dark Web: FBI WARNING: U.S. LAW FIRMS AND PUBLIC RELATIONS FIRMS. That link is a copy of the FBI posting. The FBI does not contain a permanent link, so it may become hard to find as new stories are posted above this law firm alert.
* From Our Take on The News: FBI looking at UMC records leak: Agent says ‘multiple federal laws’ might have been violated. Hat tip to the Las Vegas Sun newspaper for the investigative reporting on this story.
* From Our Take on The News: Symantec exposed passwords, serials numbers; SQL Injection, full database access, from Romanian security researcher, Unu. Apologies for mis-spelling Unu’s name on the show.
* From The Wrap: Read the SANS Internet Storm Center’s reports on IE6 and IE7 web browser 0-Day Flaw, and an Update. No patch available (yet?), but Microsoft has some mitigation suggestions, linked through the Update.