Mon, 29 October 2012
For the first time in who knows how long, we had the whole crew on the show this evening, and we hit some really fun stories. First, there are a few upcoming InfoSec events that you might want to be aware of. First, BSidesDFW is this upcoming weekend, November the 3rd: http://www.securitybsides.com/w/page/50488342/BSidesDFW%202012. Next weekend are three different BSides events, BSidesDelaware, Portland, and Jackson: http://www.securitybsides.com/w/page/28563447/BSidesDelaware http://www.securitybsides.com/w/page/40113672/BsidesPDX http://www.securitybsides.com/w/page/53447313/BSidesJackson Then we jumped into our first story for the evening, the recent breach in South Carolina: http://www.cbsnews.com/8301-505245_162-57542255/haley-taxpayer-info-didnt-need-to-be-encrypted/ http://www.reuters.com/article/2012/10/29/us-usa-cybersecurity-southcarolina-idUSBRE89S13T20121029 Once our heads stopped spinning from some of those quotes, we went into a pretty cool, old style hack that Barnes and Noble recently disclosed: http://www.wired.com/threatlevel/2012/10/barnes-and-noble-pos-hack/ From those, we transitioned into a discussion on Incident Response: http://www.infosecisland.com/blogview/22470-Have-You-Added-Personas-to-your-Incident-Response-Program.html As well as Mike Rothman's great article on security tradeoffs: http://www.darkreading.com/blog/240010015/making-security-trade-offs.html After our MAD Security Minute for the week, we wrapped up with a discussion of IAM from Darkreading: http://www.darkreading.com/identity-and-access-management/167901114/security/news/240009630/7-costly-iam-mistakes.html As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter. |
Wed, 24 October 2012
Martin recorded an interview with Matt and Chris talking about an open source project sponsored by SecureState to bring a pragmatic and usable risk framework to "the masses". You can get more information on iRisk at: http://community.securestate.com More MAD Security minutes coming starting next episode! |
Mon, 15 October 2012
This evening we had a special guest, the always lovely @securityintern, along with our regular crowd of misfits. We wasted no time jumping straight in to our stories tonight, led off by good friend of the podcast, Wendy Nather's story on When Monitoring becomes a liability: http://www.darkreading.com/security-monitoring/blog/240008609/when-monitoring-becomes-a-liability.html We followed that up with an interesting article from Microsoft, discussing malware and software piracy: http://blogs.technet.com/b/mmpc/archive/2012/10/09/sirv13-be-careful-where-you-go-looking-for-software-and-media-files.aspx And last but not least, we dove into an article the likes of which only comes around every now and then. An article so special and full of wisdom that we had to bring it up: http://www.csoonline.com/article/718462/top-8-things-csos-wish-they-had-a-solution-for We close tonight with a brief interview with Martin's co-presenter at HouSecCon, Michelle Klinger. As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter. |
Thu, 11 October 2012
Martin got invited to speak (with the always fantastic Michelle Klinger) at HouSecCon 2012 (www.houstonseccon.com). We take a couple of minutes to talk with Michael Farnum (@m1a1vet) about the conference. |
Mon, 8 October 2012
Martin, Andy, Steve, and Yvette are together to talk about... Hakin9 gets trolled...HARD. http://www.theregister.co.uk/2012/10/05/hakin9_silliness/ City of Tulsa CiO - A Cautionary Tale http://blogs.csoonline.com/security-leadership/2394/what-happened-tulsas-cio-could-happen-you Anatomy of A Complete IT Failure and Meltdown http://www.informationweek.com/security/attacks/exclusive-anatomy-of-a-brokerage-it-melt/240008569 Word of Warcraft....Think Of The Avatars! http://arstechnica.com/gaming/2012/10/hack-temporarily-turns-wow-towns-into-piles-of-corpses/ Of course we have our MAD Security Minute and information from Jamie Arlen on how you can help Doing It Right Security... doinginfosecright.com Ten IT Ops use cases that will make you cringe...because you've probably lived them. http://www.securityweek.com/security-not-just-external-dont-forget-other-security |