Archive for PDF

June 6, 2010 – Episode 143

Posted in Court Cases, darkweb, Legislation, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , , , , , , , , on June 6, 2010 by datasecurityblog

Episode 143 is 71 minutes long. You can listen by clicking the flash player below, or you can click here for more listening options.

To listen to Episode 143 via the flash player:

Interview segment

We talk with Gary Biller, Executive Director of the National Motorists Association, about an Ohio Supreme Court decision that says law enforcement officers do not need to back up their vehicle speed estimate with reports from a radar reading; eyeballing it is good enough. The Ohio press reports. The interview starts about 20 minutes into Episode 143.

Tales From The Dark Web

Mac Attack: Spyware trojan hitching ride on third-party screensavers for the Mac.

Advice to those sent their questions to the CyberJungle mailbox

Site for alternative PDF readers:

Site for scrubbing hard drive before you give your computer away: Darik’s Boot And Nuke

Our take on this week’s news

Researchers from the mobile industry and academia are analyzing the detailed call and text record databases from mobile phones, along with users’ geographic movement.  Information about how and when people move about promises a handsome revenue stream for cell phone carriers.

Wall Street Journal report on smartphone attacks. MasterCard launches iPhone, iPad payment app

Fake software sales on criagslist draw attention.  Pirated software can also find its way into retail stores occasionally, too. Microsoft provides a site that helps you figure out whether your software is legit.

Federal Trade Commission settles with CyberSpy Software, LLC.  Settlement requires the company to stop instructing its customers how to send its keylogging product in a stealth email attachment. Also must notify the receiving computer that the software is about to download, and receive consent.  This will put a chill on the spying.

Hackers like the Facebook “Like” button. Only six weeks after its introduction, the Like button is being used for mischief.

Legal intrigue after Digital River  management was alerted that a big batch of the company’s data was circulating , and offered for sale on the black market. Civil and criminal law in play.

Our Tether contest – win wireless access for your BlackBerry

Thanks to Tether for providing a generous number of full-value licenses to award as prizes for listeners of The CyberJungle. We love the product, and have given away 10 licenses each in episodes 141 and 143.   You can still enter by sending an email to, and telling us which version of the BlackBerry software you’re running. (Find this by going to “settings ->options->about” on your BB.)  We award the prize to the first ten requests of the week.  Our week runs Saturday-through-Friday. If you win, we ask that you send an acknowledgment once you’ve received your key, so we know you got it. Then we will delete your email, as a gesture of respect for your privacy.

BTW — there is a :60 second Tether commercial in these shows.  We are running them as a thank-you to Tether for the software keys.  We want to acknowledge the people who created some of the components in the spot.  The Free Sound Project is an awesome organization for people like us, whose ears are bigger than our budgets when it comes to production.  The audio effects in the Tether spot cam from the site, and we thank the creative producers who post their work. Especially — someone with the handle kkz who created a file called “t-weak bass” … someone with the handle dland who created a file called “to hell with vinyl”… and someone with the handle Halleck, who created “crash reverse.”  All can be heard in the Tether spot, which airs at approximately 29:50 in episode 143.


Nevada InfraGard Event – Presentation Notes

Posted in Conference Coverage, Vulnerabilities, Zero Day Project with tags , , on January 21, 2010 by datasecurityblog

Ira Victor was a speaker on Threats and Countermeasures at the Sierra Nevada InfraGard event held on January 21st in Reno, Nevada.  Here are the notes and links from that talk:

* “Aurora Zero-Day” out-of-band emergency patch scheduled for release today by MSFT

* New MSFT Windows Kernel Zero-Day vulnerability – 16bit support hazard impacts many current Windows users. Tip: Win7 64-bit (most common version on Win7) not impacted.

* Security Update Available for Shockwave Player (Win and Mac)

* Alternatives to Adobe PDF Reader  and Adobe Acrobat:

Reviews of four alternatives to Adobe PDF

More alternatives: For Windows users, CutePDF has free readers and writers

More alternatives: For Linux users, Xpdf is an open source viewer for Portable Document Format (PDF) files.

Data Security Podcast Episode 51 – May 04 2009

Posted in Breach, Business Continuity, Conference Coverage, criminal forensics, darkweb, ediscovery, eMail Security, Legislation, Podcast, Vulnerabilities with tags , , , , , , on May 4, 2009 by datasecurityblog

The Data Security Podcast is the place for 30 minutes of news every week on data security, privacy, and the law.

This weeks program – Swing Flu IT Security Tactics; A work around for the latest Adobe PDF Zero-day; And, our take on this week’s news.

–> Stream, subscribe or download – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.  Tune in or subscribe via our page at

This week’s show is sponsored by Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: .

The Show Notes Page for Episode 51 of The Data Security Podcast

-From The News: FTC delays full enforcement of it’s Red Flag Rules

-From The News: WRAL Report, Mom says Patriot Act stripped son of due process

-From the News: A fresh attack against Twitter.

-> Tales From The Dark Web: Another Adobe PDF Zero-Day

-> Ira has a conversation with Ed Cohen, VP, Corporate Development at SonicWall on IT Security planning in the event of a second wave of Swind Flu. SonicWall offers an ebook on the top trends in teleworking, and a white paper on the cost savings from teleworking.

-> Wrap-up: Ira enjoyed using the Bracktron Grip-It to hold his smartphone and listen to podcasts and other internet content when he drove from Nevada to the RSA Security Conference in San Francisco. Ira reports that it is highly adjustable, so it can accommodate a variety of devices. The Grip-It keeps devices hands free, and at eye-level. No drilling required, and it can be removed from the dash when parking to help keep away interested theives. He reports that it was stable at highway speeds, and in the sweeepers.

Bracketron Grip-It vent mount for smartphones, MP3 players, and GPS devices

Bracketron Grip-It vent mount for smartphones, MP3 players, and GPS devices