Episode 406 of The CyberJungle is about 29 minutes long. The DarkWeb seglent with XYPRO CISO Steve Tcherchian on EHR, Ransomware and Healthcare InfoSec starts at 12:00. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.
Try the data recovery and digital forensics software that Ira Victor from The CyberJungle uses. Paraben has been committed to digital forensics since 2001 and their leadership has been pioneering the field for over 20 years. They believe in creating products that allow you to optimize your time and get the most data possible. If you have not used Paraben Software, give it a try with their 15-day trial.
Episode 347 of The CyberJungle is about 36 minutes long. Daniel Ayoub’s Kickstarter project for SOHO infosec starts at 13min. Adam Shostack on transparent incident response starts at about 21min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.
To listen to Episode 347 via the flash player:
Interview
Daniel Ayoub’s Kickstarter project for SOHO infosec
Please support our sponsors, as they support The CyberJungle:
Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.
BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM
Episode 337 of The CyberJungle is about 25 minutes long. Steve Ross on cybersecurity and process, IT workers targeted, and “Heartbroken.” You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.
To listen to Episode 337 via the flash player:
Interview
Risk Masters’ Steve Ross on cybersecurity and process
Please support our sponsors, as they support The CyberJungle:
Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.
BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM
Episode 328 of The CyberJungle is about 35 minutes long. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.
Please support our sponsors, as they support The CyberJungle
OUR NEWEST SPONSOR, ATOLOA TECHNOLOGIES….PLEASE VISIT THEIR SITE ATOLA.COM
Atola Insight is an all-in-one hard drive data recovery and forensic system. It offers complex data retrieval functions along with utilities for manually accessing hard drives at the lowest level. Atola Insight has several key features for data capture in forensic and e-discovery cases. Find out more at Atola.com
Episode 314 of The CyberJungle is about 26 minutes long. We break again from our normal format this week, to bring you content from Black Hat 2013 in Las Vegas and DefCon21 in Las Vegas. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.
To listen to Episode 314 via the flash player:
Interviews
Dave Porcello Founder of PwnieExpress. Here is a link to their blog.
We rely on the generosity of our sponsors, who take a vested interest in working with us to develop a conference that exemplifies what the HTCIA organizations stands for. By fostering the exchange of investigation-related information and ideas, we bring together a community of professionals who help one another understand and adapt to our rapidly evolving industry–to everyone’s benefit.
The 2013 conference is being held from September 8-11, 2013 in Las Vegas, NV [Summerlin is the western side of Las Vegas, 15min from Downtown via freeway].
The Paraben Forensic Innovations Conference has been an annual event since 2008. Since that time it has rapidly evolved into a higher attended conference with a broader scope of topics reaching from deeply technical into the legal aspects of the forensics and eDiscovery industry. Those who attend PFIC are as diverse as our topics, from law enforcement and lawyers, to corporate entities, government agents, private investigators, and educational institutions. If you haven’t had the opportunity to attend, this is your chance to experience the fresh air and mountains of Utah as well as the fresh topics that will be the highlight of this year’s conference. If you’ve already attended, then you know what to expect and are as excited as we are about it! PFIC 2013 will be held November 13-15th, 2013 in Salt Lake City Utah. Space for this conference is limited, and with tickets starting at $199, the show will almost surely sell out. The CyberJungle will be there, because it is one of the best bang for the buck forensic conferences of the year.
Episode 203 of The CyberJungle is about 53 minutes long. You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show. The interviews start at about the 25:30 mark.
To listen to Episode 203 via the flash player:
Interviews
Charlie Miller, 3x Pwn2Own “hacking” contest winner stays home; response by Dragos, Founder of CanSecWest . Follow Charlie on Twitter.
Lawsuit accuses Amazon of capturing and sharing customer information without permission by tricking Microsoft Internet Explorer
Google Android in app malware flap, iPad2 security, and Blackberry Playbook running Android apps + better security? Interview on Playbook security Ira Victor mentioned in this segment. You may download the segment, or listen to the conversation here:
Proof once again that disgruntled employees are among the most dangerous cybercriminals… Texas man sentenced after breaching former employer’s network and deleting critical business files.
Wrap
OtterBox Cases for slider Smartphones: Samantha and Ira give a new OtterBox the field test
Interview:Evan Ratliff joins us to discuss his attempt to vanish for a month, with Wired Magazine challenging readers to find him, and a $5,000 reward for anyone who snapped his photo and said the word “fluke.” An online posse developed, Evan ducked discovery for 25 days, and was caught in New Orleans, a few days shy of his goal. The interview is about 14 minutes long, and it starts about 57 minutes into Episode 131. You may stream the program here:
Discussion:The texting case that made it to the U.S. Supreme Court. We discuss with ACLU Attorney Lee Rowland Fourth Amendment protections as they apply (or don’t apply — that’s what the court is considering) to text messages, and under what circumstances. Our discussion with Lee is about 20 minutes long, and starts about 22 minutes into Episode 131
Our Take on This Week’s News
Amazon is fighting off a demand from the North Carolina Department of Revenue (the state tax collectors). The state wants a record of all Amazon purchases made by its residents, and it wants names, so it can collect the sales tax. Amazon says “privacy violation.” And remember Amazon’s original business was books, which have a special place in the law when it comes to protecting their owners from government intrusion.
Cyberattack on Google Said to Hit Password System. More has been revealed about the extent of the Aurora attack on Google. This story was apparently leaked to the New York Times by someone familiar with the investigation. It suggests huge implications for the security of all Google applications.
Facebook is becoming quite brazen about exposing user profile information. This opinion piece at EFF explains the latest piece of information to be taken out of the user’s control.
About the most straightforward information-sharing scheme we’ve seen yet: Blippy mines your email and credit card statements (with your permission) and posts every purchase you make. Blippy is the VC flavor of the month, having just received $11 million. Too bad some credit card numbers belonging to Blippy users turned up when some curious surfers hit Google with search strings containing the words “Blippy.com” and “from card”. Will Blippy survive? Probably, even in the face of a less-than-apologetic stance from the company (Co-founded by the infamous Pud, of the infamous FuckedCompany.com site from the “dot-bomb” period.) Why anyone would want to be part of Blippy, especially now, is a separate discussion.
Highly-paid SEC lawyers and accountants spent their days surfing porn sites while Bernie Madoff was making off with a whole lotta other people’s money. We ask why, in an entity whose mission revolves around audits and controls, were there no audit trails and controls to call attention to an employee with 16,000 attempts to access porn? Shouldn’t this have been nipped in the bud before it spiraled out of control?
Interview with Joe Grand, electrical engineer, hardware hacker and proprietor of Grand Idea Studio. Ira and Joe discuss hardware hacking. Hobbyists, researchers, and innovators are modifying electronic devices in greater numbers
The 23-minute interview (too long for radio) is posted by itself as episode 104. There’s a partial version of the interview contained in the show, episode 105 of theCyberJungle.
Hardware Hacking Extra: Cell phone as vehicle starter- We got quite a few comments about this. visit: “Dave Hacks, Well, not really hack, but I definitely ‘modify’ things.”
AND — You probably didn’t know this, but Thursday January 28 is International Data Privacy Day. Does the market reward businesses that protect customer privacy? There must be some reward, because there’s growing field of certified privacy professionals… and their organization has thousands of members.
NTSB recommends camera surveillance in train locomotives, after investigating a crash that killed 25. The engineer was texting and using his cell phone at the time of the crash. The union representing train engineers has objected to the recommendation on privacy grounds. Salient fact in the story – the texting engineer had 5 reprimands in his personnel file, issued over a two-and-a-half year period. Now the feds should install cameras to watch ALL engineers (including the ones who follow the rules) just because railroad management failed to fire the loose cannon in their ranks?
30 minutes every week on data security, privacy, and the law…..(plus or minus ten)
On this week’s program:
* Now the bad guys are holding computer files for ransom if you don’t buy their phony anti-virus software. We have a workaround.
* Midyear elections are coming up, and the last thing the campaigns seem to think about is data security.
* Our take on this week’s news.
–> Stream This Week’s Show with our Built-In Flash Player:
–> Scroll down to see links and show notes for this week’s show
–> Stream, subscribe or download Episode 74 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.
–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.
Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:
Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
SonicWall; Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing Magazine. Data Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.
Show Notes for Episode 74 of the Data Security Podcast
* Conversation: Ira talks with Gretchen Hellman, VP of Marketing for Vormetric about information security, the security issues with the new GOP web site, and election campaign security.
* Tales From The Dark Web: Watch the video by PandaSecurity that demonstrates a damaging new fake anti-virus that denies access to files and applications on victim systems unless a ransom is paid. The link below takes you to a video of the attack, and we have posted the keys to defeat the current variant of lock out. If you work in IT/InfoSec please write an email to users with a warning, include the keys to unlock the software, and have the end user re-image their hard drive.
Rogueware with new Ransomware Technology
Click here to view the Rogueware with new Ransomware Technology™ video. The video comes to us from Panda Security. Take note that the malware icon disappears from the computer, and when it does, the attack is in place. If you have a system that is infected with this attack, Panda has cracked the malware and has provided a list of working keys, which give access to the current variants of the TotalSecurity2009 attack:
* From Our Take on The News: Danger Will Robinson! Danger! Additional insiders have stepped forward to shed more light into Microsoft’s troubled acquisition of Danger, its beleaguered Pink Project, and what has become one of the most high profile Information Technology disasters in recent memory.
30 minutes every week on data security, privacy, and the law…..(plus or minus ten)
On this week’s program:
* Major patching in store this week, due in part to flaws revealed this summer in Las Vegas?
* A fresh look at a Zeus banking attack counter-measure
* Our take on this week’s news.
–> Stream This Week’s Show with our Built-In Flash Player:
–> Scroll down to see links and show notes for this week’s show
–> Stream, subscribe or download Episode 73 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.
–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.
Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:
Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com .
GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
SonicWall; Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing Magazine. Data Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.
Show Notes for Episode 73 of the Data Security Podcast
* Conversation: Ira takes a new look at a counter-measure for the latest wave of Zeus banking attacks in his conversation with Steven Dispensa, CTO of PhoneFactor.
* Tales From The Dark Web: It’s like clockwork…two months after security events BlackHat and Defcon every summer in Las Vegas, we see a surge in patches for attacks that were highlighted at these events. Microsoft Security Bulletin Advance Notification for October 13th 2009. Security Advisory for Adobe Reader and Acrobat for October 13th 2009, including the CVE number.
* From Our Take on The News: Danger Will Robinson! Danger! Update on Danger’s Sidekick Massive Data Loss. Read the FAQ for tips on trying to salvage your data.
