Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

http://www.darkreading.com/vulnerabilities—threats/windows-badtunnel-attack-hijacks-network-traffic/d/d-id/1325875 http://krebsonsecurity.com/2016/06/adobe-update-plugs-flash-player-zero-day/ http://krebsonsecurity.com/2016/06/banks-credit-card-breach-at-cicis-pizza/ http://ieee-security.org/TC/SP2016/papers/0824a018.pdf https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/ https://www.washingtonpost.com/world/national-security/guccifer-20-claims-credit-for-dnc-hack/2016/06/15/abdcdf48-3366-11e6-8ff7-7b6c1998b7a0_story.html http://fox4kc.com/2016/06/15/platte-county-commissioners-give-treasurer-one-week-to-repay-funds-lost-to-email-scam/ http://www.abc.net.au/news/2016-06-18/software-legal-battle-could-put-sa-patients’-safety/7522934

https://threatpost.com/teamviewer-denies-hack-blames-password-reuse-for-compromises/118427/ http://www.businessinsurance.com/article/20160602/NEWS06/160609935/chubb-p-f-changs-federal-insurance-co-cybersecurity-by-chubb-credit http://www.csoonline.com/article/3075385/backup-recovery/will-your-backups-protect-you-against-ransomware.html#jump http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html#jump http://venturebeat.com/2016/06/04/federal-reserve-bank-was-hacked-more-than-50-times-between-2011-and-2015/ http://www.csoonline.com/article/3075758/data-breach/up-to-a-dozen-banks-are-reportedly-investigating-potential-swift-breaches.html#jump http://www.theregister.co.uk/2016/06/03/swift_threatens_insecure_bank_suspensions/

Vote for us! https://www.surveymonkey.com/r/secbloggerwards2016 http://www.csoonline.com/article/3071337/cyber-attacks-espionage/cybercriminals-are-increasingly-embracing-a-sophisticated-business-model-approach.html#tk.rss_all https://www.yahoo.com/news/special-report-cyber-thieves-exploit-banks-faith-swift-052100312–finance.html?ref=gs http://www.securityweek.com/google-soon-kill-sslv3-rc4-support-gmail https://threatpost.com/microsoft-warns-of-sneaky-new-macro-trick/118227/ http://www.networkworld.com/article/3073495/security/kansas-heart-hospital-hit-with-ransomware-paid-but-attackers-demanded-2nd-ransom.html

http://www.bankinfosecurity.com/researcher-hacks-symantecs-av-via-email-a-9109 http://www.v3.co.uk/v3-uk/news/2457773/hackers-exploiting-six-year-old-sap-software-flaw-warns-us-cert http://arstechnica.com/security/2016/05/1b-bangladesh-heist-officials-say-swift-technicians-left-bank-vulnerable/ http://www.csoonline.com/article/3069502/data-breach/malware-attacks-on-two-banks-have-links-with-2014-sony-pictures-hack.html https://www.surveymonkey.com/r/secbloggerwards2016

http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/ https://blog.osvdb.org/2016/04/27/a-note-on-the-verizon-dbir-2016-vulnerabilities-claims/  

http://baesystemsai.blogspot.nl/2016/04/two-bytes-to-951m.html https://threatpost.com/bangladesh-bank-hackers-accessed-swift-system-to-steal-cover-tracks/117637/ http://www.csoonline.com/article/3061229/fraud/swift-banking-network-warns-customers-of-cyberfraud-cases.html http://www.theregister.co.uk/2016/04/22/i_hacked_facebook_and_found_someone_had_beaten_me_to_it/

https://www.helpnetsecurity.com/2016/04/15/eu-data-protection-rules/ http://pastebin.com/raw/0SNSvyjJ https://threatpost.com/apple-deprecates-quick-time-for-windows-wont-patch-new-flaws/117427/ http://www.welivesecurity.com/2016/04/13/medical-data-breach-leads-record-cash-settlement/

https://offensivetechblog.wordpress.com/2016/03/29/systems-admins-we-need-to-talk/ http://m.sfgate.com/business/technology/article/Hackers-broke-into-hospitals-despite-software-7229722.php http://www.wired.co.uk/news/archive/2016-04/06/panama-papers-mossack-fonseca-website-security-problems http://arstechnica.com/security/2016/04/ok-panic-newly-evolved-ransomware-is-bad-news-for-everyone/

https://www.cooley.com/california-attorney-general-2016-data-breach-report http://www.csoonline.com/article/3049392/security/chinese-scammers-take-mattel-to-the-bank-phishing-them-for-3-million.html http://www.oreilly.com/security/newsletter http://conferences.oreilly.com/security/network-data-security-ny

https://threatpost.com/apt-attackers-flying-more-false-flags-than-ever/116814/ http://www.csoonline.com/article/3048334/security/verizons-breach-experts-missed-one-right-under-their-noses.html http://www.wsj.com/articles/hackers-in-bangladesh-bank-account-heist-part-of-larger-breach-1458582678 http://krebsonsecurity.com/2016/03/hospital-declares-internet-state-of-emergency-after-ransomware-infection/

http://www.csoonline.com/article/3043975/security/compromised-data-goes-public-as-staminus-recovers-from-attack.html#tk.rss_all http://www.darkreading.com/endpoint/patch-management-still-plagues-enterprise/d/d-id/1324615 http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/ http://arstechnica.com/security/2016/03/a-typo-costs-bank-hackers-nearly-1b/ http://www.cnet.com/news/home-depot-offers-19m-to-settle-customers-hacking-lawsuit/

http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf?_ga=1.157194172.685877305.1433735448 https://blog.agilebits.com/2015/06/17/1password-inter-process-communication-discussion/ http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest_xg_en.pdf

http://www.databreachtoday.com/anthem-breach-lessons-one-year-later-a-8897 http://www.dw.com/en/hackers-hold-german-hospital-data-hostage/a-19076030 http://krebsonsecurity.com/2016/02/breached-credit-union-comes-out-of-its-shell/ http://arstechnica.com/security/2016/02/hackers-did-indeed-cause-ukrainian-power-outage-us-report-concludes/

http://www.scmagazineuk.com/russian-bank-licences-revoked-for-using-hackers-to-withdraw-funds/article/474464/ http://arstechnica.com/security/2016/02/hospital-pays-17k-for-ransomware-crypto-key/ http://news.softpedia.com/news/us-school-agrees-to-pay-8-500-to-get-rid-of-ransomware-500684.shtml http://www.scmagazineuk.com/44-of-ransomware-victims-in-the-uk-have-paid-to-recover-their-data/article/475426/ http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/

http://www.tripwire.com/state-of-security/latest-security-news/cisco-patches-critical-asa-ike-buffer-overflow-vulnerability/ http://www.securityweek.com/we-cant-give-preventing-breaches http://www.csoonline.com/article/3033160/security/ransomware-takes-hollywood-hospital-offline-36m-demanded-by-attackers.html http://arstechnica.com/security/2016/02/clever-bank-hack-allowed-crooks-to-make-unlimited-atm-withdrawals/

http://www.theregister.co.uk/2016/02/04/norse_corp_ceo_fired/ http://www.secureworks.com/resources/blog/ransomware-used-as-a-distraction/ http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/ http://mobile.reuters.com/article/idUSKCN0VD14X http://www.csoonline.com/article/3025787/security/defending-against-insider-security-threats-hangs-on-trust.html http://www.securityforrealpeople.com/2016/02/poor-ux-leads-to-poorly-secured-soho.html

Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/tickets/ http://www.theregister.co.uk/2016/01/28/nsas_top_hacking_boss_explains_how_to_protect_your_network_from_his_minions/?page=1 https://www.youtube.com/watch?v=bDJb8WOJYdA http://krebsonsecurity.com/2016/01/sources-security-firm-norse-corp-imploding/ http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/

https://blog.malwarebytes.org/intelligence/2016/01/draft-lechiffre-a-manually-run-ransomware/ http://www.tripwire.com/state-of-security/security-data-protection/boeing-supplier-hacked-claims-55-million-worth-of-damage-as-stock-price-falls/ http://krebsonsecurity.com/2016/01/firm-sues-cyber-insurer-over-480k-loss/ http://shawnetuma.com/2016/01/08/supervalu-data-breach-class-action-dismissed-for-lack-of-harm/ Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/tickets/  

http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/ http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/ http://www.csoonline.com/article/3021774/security/trend-micro-flaw-could-have-allowed-attacker-to-steal-all-passwords.html

http://www.welivesecurity.com/2016/01/03/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry/ http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html http://www.databreaches.net/191-million-voters-personal-info-exposed-by-misconfigured-database/ http://darkmatters.norsecorp.com/2015/12/28/the-cybersecurity-information-sharing-act-cisa-passed/