Archive for the web server security Category

March 5 2018, Episode 399, Show Notes

Posted in Breach, darkweb, ediscovery, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on March 4, 2018 by datasecurityblog

Episode 399 of The CyberJungle is about 30 minutes long.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 399 via the flash player:

Interview

Now that California is about to allow testing of self-driving cars without a driver present, we re-play our interview with Abe Chen of Nio about infosec and self driving cars.

Our Take on This Week’s News

1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen

Memcached DDoS Attackers Are Asking for a Ransom Demand

IRS, States and Tax Industry Warn Employers to Beware of Form W-2 Scam; Tax Season Could Bring New Surge in Phishing Scheme

Tales from The Dark Web

New 4G LTE attacks can spy on messages, track user location, and more

Wrap

23,000 HTTPS certificates axed after CEO emails private keys

PLEASE SUPPORT OUR SPONSOR – PFIC: Paraben Forensic Innovations 2018

This 2-day event brings together industry experts on a variety of topics in both lectures and labs. The best part of PFIC is as an attendee you get to attend 100% of the content with the unique rotating format of A and B days. One day you attend all the lectures the next you attend all the labs. Plus see Ira Victor, of the CyberJungle, speak. Register early seats are limited.

 

PFIC 2017,

 

Advertisements

Sept 27 2017, Episode 394, Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on September 27, 2017 by datasecurityblog

Episode 394 of The CyberJungle is about 29 minutes long.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 394 via the flash player:

Interview

From BSidesLV: Davi Ottenheimer, MongoDB Product Security, talks about data integrity

Our Take on This Week’s News

Deloitte breach scandal grows

DHS walks back Russian election intrusion

GPS tracking server breached

NSA code used in bank account malware

Tales from The Dark Web

From BSidesLV: Cheryl Biswas on bank attacks. Cheryl’s twitter handle.

Wrap

No wrap this episode.

Please support our sponsors, as they make The CyberJungle possible:

Free Trial from Our Sponsor: Paraben Software

Try the data recovery and digital forensics software that Ira Victor from The CyberJungle uses. Paraben has been committed to digital forensics since 2001 and their leadership has been pioneering the field for over 20 years. They believe in creating products that allow you to optimize your time and get the most data possible. If you have not used Paraben Software, give it a try with their 15-day trial.

 

https://www.paraben.com/images/home-slider/paraben-logo.png

 

April 30 2017, Episode 390, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , , , , , on April 30, 2017 by datasecurityblog

Episode 390 of The CyberJungle is about 30 minutes long.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 390 via the flash player:

Around The Corner

Hackers target payroll vulnerabilities with phishing attempts

Quote from the CEO of High-Tech Bridge regarding web security and the Verizon annual Data Breach Investigations Report (DBIR)

Ransomware, Cyberespionage Dominate Verizon DBIR

Kali Linux can now use cloud GPUs for password-cracking

Hyundai Mobile App Patched for Car Hacking Vulnerabilities

Our Take on This Week’s News

Millions of Android phones are wide open to hackers

Another Android flagship…ends up in a class-action lawsuit

Hands-on with the BlackBerry KeyOne: The most exciting Blackberry in a long time

Oregon Red Light Ticket Objector Gets Busted For Being An Engineer Without a State License

Tales from The Dark Web

Hackers exploited Word flaw for months while Microsoft investigated

OSX Malware is Catching Up, and it wants to Read Your HTTPS Traffic

Wrap

No Wrap in this episdoe

Free Trial from Our Sponsor: Paraben Software

Try the data recovery and digital forensics software that Ira Victor from The CyberJungle uses. Paraben has been committed to digital forensics since 2001 and their leadership has been pioneering the field for over 20 years. They believe in creating products that allow you to optimize your time and get the most data possible. If you have not used Paraben Software, give it a try with their 15-day trial.

 

https://www.paraben.com/images/home-slider/paraben-logo.png

Jan 22 2016, Episode 376 Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, Exclusive News, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , on January 22, 2016 by datasecurityblog

Episode 376 of The CyberJungle is about 28 minutes long. The special Tales From the Dark Web interview with Elastica’s Director of Security, Adi Sood, on Ukraine Grid Attacks begins at about 7min 45sec.  The interview with Ercan Erciyes of GetMonument, on Low Cost Private Cloud Device for Photos begins at 21min 20sec. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 376 via the flash player:

Interview

Ercan Erciyes of GetMonument, on Low Cost Private Cloud Device for Photos

Link from the segment: GetMonument.com

 

Our Take on This Week’s News

* Major Linux and Android exploit went undetected for three years

* Android malware steals one-time passcodes to hijack accounts protected by two-factor authentication

 

Tales from The Dark Web

Special Tales From the Dark Web interview with Elastica’s Director of Security, Adi Sood, on Ukraine Grid Attacks . Elastica’s blog.

Wrap

The Wrap is one winter break.

Please support our sponsors, as they help make The CyberJungle possible:

peerlyst

Peerlyst is a network of security professionals. Our goal is to make our members’ jobs easier by giving them a place to find and compare security solutions—and learn from their peers’ real‐world experiences. Peerlyst is the place where security pros can instantly connect with each other, rate and learn about products, securely collaborate on projects, grow their expertise, and discover new career opportunities.

PLEASE VISIT THEIR SITE Peerlyst.com

 

Aug 22th 2015, Episode 370 Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, eMail Security, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , on August 12, 2015 by datasecurityblog

Episode 370 of The CyberJungle is about 22 minutes long. The interview with Blackphone CTO John Callas on Android patching and the second generation Blackphone begins at about 14:30.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 370 via the flash player:

Interview

Blackphone CTO John Callas on Android patching . Correction: In the interview, Ira Victor said he was recording John Calla at BlackHat. The interview was recorded up the Las Vegas strip at DefCon.

Our Take on This Week’s News

Elastica Discloses Script Injection Vulnerability in Salesforce . More coverage at BetaNews.

SEC: CyberGang stole secrets for up to $100 million insider-trading profit

Researchers: Another critical car attack

 

Tales from The Dark Web

Ubiquiti Networks victim of $39 million social engineering attack

Wrap

Check out Conference Notes and Ira’s Twitter timeline for our takes on BSidesLV, PasswordHack2015, and DEF CON 23

Please support our sponsors, as they help make The CyberJungle possible:

peerlyst

Peerlyst is a network of security professionals. Our goal is to make our members’ jobs easier by giving them a place to find and compare security solutions—and learn from their peers’ real‐world experiences. Peerlyst is the place where security pros can instantly connect with each other, rate and learn about products, securely collaborate on projects, grow their expertise, and discover new career opportunities.

PLEASE VISIT THEIR SITE Peerlyst.com

 

July 27th 2015, Episode 369 Show Notes

Posted in Breach, criminal forensics, darkweb, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on July 27, 2015 by datasecurityblog

Episode 369 of The CyberJungle is about 32 minutes long. The interview with Richard Stiennon, author of “There Will Be Cyberwar,” begins at about 17:00.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 369 via the flash player:

Interview

Exclusive: Richard Stiennon, author of “There Will Be Cyberwar

Our Take on This Week’s News

John McAfee: The Ashley Madison hack is the death knell of secrets

Is He Cheating on You?

Fiat Chrysler in consent degree for recall process failures

Progressive Insurance Snapshot Manufacturer Breached

Tales from The Dark Web

Using HTML5 to Prevent Detection of Drive-by-Download Web Malware

Wrap

Black hat coffee hacker

Please support our sponsors, as they help make The CyberJungle possible:

peerlyst

Peerlyst is a network of security professionals. Our goal is to make our members’ jobs easier by giving them a place to find and compare security solutions—and learn from their peers’ real‐world experiences. Peerlyst is the place where security pros can instantly connect with each other, rate and learn about products, securely collaborate on projects, grow their expertise, and discover new career opportunities.

PLEASE VISIT THEIR SITE Peerlyst.com