Infosec Weekly Podcast

Brian Honan, author of 'ISO27001 in a Windows Environment', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/iso27001-in-a-windows-environment-third-edition

This week we discuss a phishing attack target BT customers, a major vulnerability in Twitter, and a vulnerability in the Samsung Galaxy S8

This week we provide an overview of the WannaCry ransomware worm, and discuss a number of recent data breaches.

This week, we discus a data breach affecting the Guardian Soulmates dating site, a new IoT botnet potentially affecting 120,000 IP cameras, and the worst Windows remote code execution vulnerability 'in living memory'.

Michael Krausz, author of 'Managing Information Security Breaches - Studies from real life', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/managing-information-security-breaches-studies-from-real-life-2nd-edition

This week, we discuss a new Google Docs spam campaign, name the companies involved in a $100 million phishing scam, and discuss a seven-year old Intel vulnerability.

This week, we discuss a Skype vulnerability called Spyke, new Android malware that gives attackers access to networks via infected devices, and vulnerabilities affecting 25 models of Linksys router

This week, we discuss data breaches affecting customers of InterContinental Hotels, RingGo and Allrecipes, those companies’ handling of the incidents, and how incident handling will be affected by the EU’s new data protection law.

This week we discuss a data breach that may have compromised the personal information of more than 250,000 Wonga customers, the enterprising cyber crimes of four Ohio prisoners, and a series of security flaws that could allow anyone to control your Aga.

This week, we discuss a new vulnerability in LastPass's browser extensions, phishing at the Leeds Teaching Hospitals NHS Trust, Internet-connected garage door opener Garadget, and a new exploit that hacks Samsung smart TVs via radio signals.

This week, we discuss companies falling foul of existing laws while attempting to comply with the GDPR, problems for Warcraft and Minecraft players, and a bot attack affecting gift cards on nearly 1,000 websites.

This week, we discuss the arrest of a Lithuanian man over a $100 million phishing scam, an indictment against the alleged perpetrators of the Yahoo breach that compromised half a billion accounts, a number of vulnerabilities affecting LastPass's browser extensions, and the ICO's warning to local councils to prepare for the GDPR

This week, we discuss new reports from KPMG, Beaming and the NCSC, which cover a huge increase in cyber fraud, the massive business cost of phishing, and how to fight the "significant and growing" cyber threat.

This week, we discuss the re-emergence of the Shamoon/Disttrack malware, a new trove of CIA documents from WikiLeaks and "numerous security vulnerabilities" in an app used by President Trump's aides.

This week, we discuss the Cloudbleed bug, a breach affecting CloudPets, and the latest news from Yahoo.

This week, we discuss a large-scale cyber-reconnaissance operation, a former system administrator who caused $1 million of damage, and access problems at the US Department of Homeland Security

This week, we discuss yet another Yahoo breach, a university attacked by its own Internet of Things network, and a WordPress vulnerability that leaves blogs open to defacement.

This week, we discuss a hack that Sports Direct didn’t tell its staff about, a spate of malware attacks against enterprise networks, and 150,000 printers churning out ASCII robots.

This week, we discuss a Florida telemarketing company leaking hundreds of thousands of sensitive files, Google apparently mistaking the NHS network for a botnet, 11 charities breaching the data protection act, and the demise of LeakedSource

This week, we discuss a cyber attack on England’s biggest NHS trust, the appointment of Rudi Giuliani to a White House cyber security committee and new research into the biggest threat to critical infrastructure (hint: for once it’s not cyber attack).