Archive for DHS

Sept 27 2017, Episode 394, Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on September 27, 2017 by datasecurityblog

Episode 394 of The CyberJungle is about 29 minutes long.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 394 via the flash player:

Interview

From BSidesLV: Davi Ottenheimer, MongoDB Product Security, talks about data integrity

Our Take on This Week’s News

Deloitte breach scandal grows

DHS walks back Russian election intrusion

GPS tracking server breached

NSA code used in bank account malware

Tales from The Dark Web

From BSidesLV: Cheryl Biswas on bank attacks. Cheryl’s twitter handle.

Wrap

No wrap this episode.

Please support our sponsors, as they make The CyberJungle possible:

Free Trial from Our Sponsor: Paraben Software

Try the data recovery and digital forensics software that Ira Victor from The CyberJungle uses. Paraben has been committed to digital forensics since 2001 and their leadership has been pioneering the field for over 20 years. They believe in creating products that allow you to optimize your time and get the most data possible. If you have not used Paraben Software, give it a try with their 15-day trial.

 

https://www.paraben.com/images/home-slider/paraben-logo.png

 

Advertisements

Oct 2nd 2015, Episode 373 Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , , on October 2, 2015 by datasecurityblog

Episode 373 of The CyberJungle is about 24 minutes long. The interview with David Dohl from SpiderOak on a more secure alternative to Slack begins at about 13:20.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 373 via the flash player:

Interview

David Dahl from SpiderOak on a more secure alternative to Slack The interview was recorded up the Las Vegas strip at DefCon.  Links mentioned in the segment: Github.com/cryton,  @deezthugs .

Our Take on This Week’s News

* Stagefright2.0, but how many will apply patch?

* DHS CISO wants security enforcement

* VW and the DMCA

Tales from The Dark Web

Dridex malware attacks bank customers while Cuckoo Miner malware attacks the banks via staffer PCs

Wrap

Time for Mac El Capitan?

Please support our sponsors, as they help make The CyberJungle possible:

peerlyst

Peerlyst is a network of security professionals. Our goal is to make our members’ jobs easier by giving them a place to find and compare security solutions—and learn from their peers’ real‐world experiences. Peerlyst is the place where security pros can instantly connect with each other, rate and learn about products, securely collaborate on projects, grow their expertise, and discover new career opportunities.

PLEASE VISIT THEIR SITE Peerlyst.com

 

June 17, 2012, Episode 265, Show Notes

Posted in Breach, criminal forensics, darkweb, Exclusive, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , on July 17, 2012 by datasecurityblog

Episode 264 of The CyberJungle is about 44 minutes long.  You can hear it by clicking on the flash player below. The interview with Billy Rios on the weaknesses in Industrial Control Systems begins at about 12:30min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 265 via the flash player:

Interview

Billy Rios’ weekend research led to a DHS Alerts on building control systems. Here is his blog, as mentioned in the segment.

Tales From The Dark Web

Malware Turning Smartphones into a Botnet?

Our Take on This Weeks News

Anonymous hackers target oil industry giants, more than 1,000 email credentials exposed

Links to the hashed data buckets

Wrap

Secondary market signals huge drop in MacBook values.

January 18, 2011 – Episode 196

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Legislation, Podcast, Show Notes with tags , , , , , , on January 17, 2011 by datasecurityblog

Episode 196 of  The CyberJungle  is 30 minutes long. You can hear it by clicking on the flash player below. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 196 via the flash player:

Interviews

Earlier this month, while we were strolling on the floor at CES in Las Vegas, we had a chance to chat with Tony Kainuma, the Director of Navigation and Detection products at  Cobra Electronic Corporation.  We discussed Cobra’s new smartphone app that watches for red light cameras, traffic congestion and cops with radar, and relays the information to all Cobra users who subscribe.

Tales From The Dark Web

Creepy stalker uses info from  Facebook to break into email accounts and steal stuff from women.

Our Take on This Week’s News

Silliest use of the Computer Fraud and Abuse Act? We (respectfully) disagree with law professor Orin Kerr, who says Sony’s lawyers should win this prize for this argument:  You’re guilty of felony computer hacking crimes if you access your own computer in a way that violates a contractual restriction found in the fine print of the licensing restriction of the product imposed by the manufacturer. We think the honor for dopiest use of the CFAA still belongs to the prosecutors of MySpace Mom Lori Drew.

Stuxnet news: The New York Times reports the Stuxnet worm was a joint project of the U.S. and Israel, engineered to destroy the uranium centrifuges that Iran uses in it’s nuclear weapons program. As a result of this worm, the Iranian nuke program has suffered serious set-backs. All without a shot being fired.

Federal judge supports Federal Government –  Says plaintiff  EPIC did not convince him that DHS should turn over 2,000 naked images from the airport body scanners.

A proposal in congress for a law that would clarify the rights of Americans returning home from abroad, only to have their  digital devices are seized by customs agents.  Our take – for the time being, consider the  U.S border a hostile zone for  business and personal data in your laptop or smart phone.


Data Security Podcast Episode 53 – May 18 2009

Posted in Breach, criminal forensics, darkweb, ediscovery, Podcast, Vulnerabilities, web server security with tags , , , , , , , on May 17, 2009 by datasecurityblog

The Data Security Podcast is the place for 30 minutes of news every week on data security, privacy, and the law.

This weeks program – One web malware variant overtakes all others; Smart cards INSIDE MiniSD for two factor auth via cell phone. And, our take on this week’s news.

–> Stream, subscribe or download – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–> Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–> Stream, subscribe, or download via our page at Podcast.com.

This week’s show is sponsored in part by Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software.  If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com . Also sponsored by  DeviceLock Removable Media Security Software.

The Show Notes Page for this week’s The Data Security Podcast

Combining smart cards and memory on a MiniSD for two factor ID

Combining smart cards and memory on a MiniSD for two factor ID

–> Ira has a conversation with William Holmes, of Go Trust. They have developed technology to merge smart cards with MiniSD memory. This technology can be used to make rather smart two-factor authentication. Go Trust is looking for people that want to develop applications that leverage this new security technology.

–> Tales From The Dark Web: According to Graham Cluely’s Blog at Sophos, Malicious JSRedir-R script found to be biggest malware threat on the web, at least for the next 15 minutes..

–> Be sure to read a new feature on our web site: Lame Excuses, the dumb statements by people who should have been responsible for securing information.  A new entry was added this week, and we welcome your contributions.

–> From The News: The Federal Computer Week story,  Homeland Security Information Network suffers intrusions.

–> From The News: U.S. attorney’s office tells employees not to log on to Drudge Report, as reported by Jonathan Martin at POLITICO.com .