Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

This is our 2015 holiday episode with the Brakeing Down Security and PVC Security podcasts.

https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html http://www.csoonline.com/article/3012443/security/how-the-nsa-uses-behavior-analytics-to-detect-threats.html#tk.rss_all http://www.databreachtoday.com/wyndham-agrees-to-settle-ftc-breach-case-a-8737 https://technet.microsoft.com/en-us/library/security/ms15-127.aspx https://www.reddit.com/r/sysadmin/comments/3wa8rl/early_warning_system_for_cryptowall_crypto_canary/

http://www.zdnet.com/article/vtech-hack-gets-worse-kids-photos-chat-logs-also-stolen/ http://krebsonsecurity.com/2015/12/dhs-giving-firms-free-penetration-tests/ http://www.csoonline.com/article/3011580/data-protection/insurance-companies-will-crack-down-on-cyber-security-in-2016-report.html http://www.forbes.com/sites/joannabelbey/2015/11/30/7-tips-from-the-fbi-to-prepare-your-firm-for-a-cyber-attack/

http://krebsonsecurity.com/2015/11/breach-at-it-automation-firm-landesk/ http://www.slate.com/articles/technology/users/2015/11/sony_employees_on_the_hack_one_year_later.html http://www.csoonline.com/article/3006816/cyber-attacks-espionage/damballa-finds-tools-related-to-the-malware-that-hit-sony.html http://www.databreachtoday.com/interviews/what-jpmorgan-chase-breach-teaches-us-i-2982 http://www.healthcaredive.com/news/ftc-data-breach-case-dismissal-raises-bar-for-demonstrating-consumer-harm/409634/

http://www.bloomberg.com/news/articles/2015-11-10/hackers-accused-by-u-s-of-targeting-top-banks-mutual-funds http://www.trust.org/item/20151113203615-j3cyu http://krebsonsecurity.com/2015/11/jpmorgan-hackers-breached-anti-fraud-vendor-g2-web-services/#more-32855 http://consumerist.com/2015/11/13/lack-of-windows-3-1-technicians-causes-traffic-backup-at-french-airport/ http://securityaffairs.co/wordpress/41950/cyber-crime/fakben-ransomware-as-a-service.html

http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/ http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/ http://www.theregister.co.uk/2015/11/02/pagefair_malware_snare_scare_in_halloween_hack_of_adblocker_blocker/ http://www.infosecurity-magazine.com/news/it-personnel-are-the-riskiest/

http://blog.erratasec.com/2015/10/dumb-dumber-and-cybersecurity.html http://www.businessinsider.com/talktalk-didnt-use-encryption-hack-protect-4-million-customer-details-2015-10 https://grahamcluley.com/2015/10/talktalk-hacked-silly-ask-data-encrypted/ http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/ http://www.securityweek.com/hacking-impact-short-lived-sony-boss https://threatpost.com/european-aviation-agency-warns-of-aircraft-hacking/114987/

http://www.threatconnect.com/threat-intelligence-driven-risk-analysis/http://www.theregister.co.uk/2015/10/15/inside_mandiants_biggest_forensics_breach_battle_is_this_anthem/http://www.theregister.co.uk/2015/10/16/dow_jones_denies_russian_hackers_plundered_its_servers_for_insider_trading_tips/http://m.nextgov.com/cybersecurity/2015/10/opm-fully-do-away-passwords-network-access-2-years/122768/

tp://www.databreachtoday.com/report-usps-workers-vulnerable-to-phishing-scams-a-8579 http://krebsonsecurity.com/2015/10/at-experian-security-attrition-amid-acquisitions/#more-32501 http://www.databreachtoday.com/etrade-dow-jones-issue-breach-alerts-a-8586 http://www.bankinfosecurity.asia/blogs/cyber-insurance-primer-for-insurers-insured-p-1946 http://www.csoonline.com/article/2990471/social-engineering/near-flawless-social-engineering-attack-spoiled-by-single-flaw.html#tk.rss_all

http://arstechnica.com/security/2015/10/patreon-was-warned-of-serious-website-flaw-5-days-before-it-was-hacked/ http://www.scmagazine.com/sec-hits-security-adviser-with-75000-penalty-in-breach-settlement/article/440268/ http://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/ http://www.wired.com/2015/10/hack-brief-hackers-steal-15m-t-mobile-customers-data-experian/ http://time.com/4056928/trump-hotels-hacked/ http://fortune.com/2015/10/02/american-bankers-association-breach/

http://www.pvcsec.com/ http://brakeingsecurity.com/  

http://www.thenationaltriallawyers.org/2015/09/standing-neiman-marcus-data-breach/ http://krebsonsecurity.com/2015/09/bidding-for-breaches-redefining-targeted-attacks/ http://www.miltonstart.com/blog/2015/09/22/morgan-stanley-employee-pleads-guilty-in-data-breach-case/

http://www.bizjournals.com/atlanta/blog/atlantech/2015/09/atlantas-bitpay-got-hacked-for-1-8-million-in.html http://www.securityweek.com/excellus-data-breach-impacts-10-million http://www.databreachtoday.com/attacks-on-insurers-lessons-learned-a-8530 http://federalnewsradio.com/cybersecurity/2015/09/us-certs-dos-and-donts-for-after-the-cyber-hack/ http://www.theguardian.com/technology/2015/sep/10/cyber-threat-data-manipulation-us-intelligence-chief http://www.csoonline.com/article/2984543/vulnerabilities/as-containers-take-off-so-do-security-concerns.html

http://www.theregister.co.uk/2015/09/04/mozilla_firefox_bugzilla_leak/ http://darkmatters.norsecorp.com/2015/09/03/four-non-technical-measures-for-mitigating-insidious-insiders/ http://arstechnica.com/tech-policy/2015/08/ftc-can-sue-companies-with-poor-information-security-appeals-court-says/ https://nakedsecurity.sophos.com/2015/09/02/microsoft-word-intruder-revealed-inside-a-malware-construction-kit/ http://www.securityweek.com/executive-it-security-problem-lessons-learned-hillary-clinton

http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/security-reverse-engineering-and-eulas/ http://arstechnica.com/security/2015/08/my-browser-visited-drudgereport-and-all-i-got-was-this-lousy-malware/ http://arstechnica.com/security/2015/08/attackers-actively-exploit-windows-bug-that-uses-usb-sticks-to-infect-pcs/ http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapware/ http://socialmedia.umich.edu/blog/hacked/

http://resources.infosecinstitute.com/can-user-awareness-really-prevent-spear-phishing/ http://www.net-security.org/secworld.php?id=18702 http://link.springer.com/article/10.1007/s12290-015-0355-5/fulltext.html

http://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/ http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/phishing-up-74-in-q2-2015-reveals-infoblox-dns-threat-index/ http://blog.trendmicro.com/trendlabs-security-intelligence/angler-exploit-kit-used-to-find-and-infect-pos-systems/ http://www.welivesecurity.com/2015/07/28/new-report-explains-gulf-security-experts-non-experts/

http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/ http://www.mcafee.com/us/resources/reports/rp-aspen-holding-line-cyberthreats.pdf http://arstechnica.com/tech-policy/2015/07/obama-administration-decides-not-to-blame-china-publicly-for-opm-hack/ http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/

http://arstechnica.com/tech-policy/2015/07/hacking-teams-surveillance-software-sold-to-kgb-successor/ http://arstechnica.com/security/2015/07/hackingteams-evil-android-app-had-code-to-bypass-google-play-screening/ http://www.scmagazine.com/ios-devices-dont-have-to-be-jailbroken-for-spyware-sold-by-hacking-team-to-be-installed/article/426137/ https://krebsonsecurity.com/2015/07/hacking-team-used-spammer-tricks-to-resurrect-spy-network/ http://www.scmagazine.com/fireeye-intern-morgan-culbertson-arrested-in-darkode-bust/article/427139/2/ http://erpscan.com/wp-content/themes/supercms/Publications/Chinese_attack_on_USIS_using_SAP_vulnerability_Detailed_review_and_comments.pdf