Archive for StrongWebMail

Data Security Podcast Episode 57 – June 15 2009

Posted in Breach, Business Continuity, Court Cases, criminal forensics, darkweb, ediscovery, Exclusive, Podcast, Vulnerabilities, web server security with tags , , , , , on June 14, 2009 by datasecurityblog

30 minutes each week on data security, privacy, and the law…. (plus or minus five)

On this week’s program:

  • Is Al-Qaida getting funding by stealing minutes from business phone systems?
  • $10,000 was paid out to the security researchers that uncovered the flaws in StrongWebMail. Could your email be vulnerable to that same attack?  A conversation with  StrongWebMail’s top executive.
  • EXCLUSIVE – New proof of concept browser sniffer hack that does NOT use scripting attacks.
  • Plus, our take on this week’s news.
  • More details and links in the show notes section below the audio listening instructions.

–>NEW! Stream This Week’s Show with our Built-In Flash Player: (or scroll down to try the Odeo link for a very firewall friendly player)

This week’s show is 32 minutes long

–> Stream, subscribe or download Episode 57 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–>  A simple way to listen to the show from with stricter firewalls:  Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.

This week’s show is sponsored in part by Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software.  If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com . Also sponsored by  DeviceLock Removable Media Security Software.

Show Notes for Episode 57 of the Data Security Podcast

  • Ira has a conversation with Darren Berkovitz, COO of StrongWebMail.com and Telesign.com, about why he offered $10,000 to anyone who could break into the StrongWebMail system.
  • Tales From The Dark Web: The US Justice Department files indictments against three suspected terror suspects. They are charged with stealing business phone minutes, illegally re-selling those minutes, and using the proceeds to fund Al-Qaida terror activities.
  • From The News: EXCLUSIVE TO THE DATA SECURITY PODCAST, Brendon Boshell a web developer has created a unique remote browser sniffer that does NOT use the highly common, and easily blocked, scripting attacks. This is his proof of concept, but his site only explains part of the approach. We explain more in the show.
  • From The News: Hawaii sends woman to jail for using her medical records access to post HIV-AIDS patient’s medical information on MySpace.
  • From The News: The Las Vegas Review Journal got a visit from the Feds after publishing this story … with a subpeona demanding the identities of newspaper readers who posted comments.
Advertisements

Data Security Podcast Episode 56 – June 8 2009

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Podcast, Vulnerabilities, web server security with tags , , , , , , , , , , , on June 7, 2009 by datasecurityblog

The Data Security Podcast is the place for 30 minutes of news every week on data security, privacy, and the law.

This weeks program – Twitter users are the target of a new, malicious web re-direct. How will The President’s new cybersecurity plan impact you? One of the nation’s top cryptographers weights in. And, our take on this week’s news.

–> Stream, subscribe or download – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–> Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

This week’s show is sponsored in part by Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software.  If you TRY the enterprise version, you get the home version for FREE! Go to: http://www.testdrivevipre.com . Also sponsored by  DeviceLock Removable Media Security Software.

The Show Notes Page for this week’s The Data Security Podcast

–> Ira has a conversation with Paul Kocher, President and Chief Scientist of Cryptography Research, Inc. about The Obama Administration’s new cybersecurity plans.

–> Tales From The Dark Web: Finjan‘s CTO Yuval Ben-Itzhak talks with us about a new web re-direction attack targeting users of Twitter.

–> From The News: Is there a constitutional right to informational privacy? The Ninth Circuit Court suggests there is by issuing an injunction in favor of contract employees at NASA who objected to invasive background investigations. But then the full Court declined to hear the case. So the question won’t be settled any time soon, but it raises some interesting issues.

Judge Kozinsky’s dissent (we should hear the case)

Judge Wardlaw’s concurrence (we shouldn’t hear the case)

A dissection of the privacy issues by legal blogger Eugene Volokh at the Volokh Conspiracy. Don’t scroll — the link will take you to the top of the blog, and then jump to the correct post.

–> The Wrap:  Autorun Worm Invades ZIP

Autorun Worm Invaded Zip Files

Autorun Worm Invaded Zip Files