Browsing Category: Podcasts

How The Free Market Fails Privacy-Conscious Consumers

Editor’s Note: This is the first of a two-part podcast with security researcher Chris Soghoian. It’s a truism that the pace of technological change outstrips society’s ability to grasp the impact of that change. For the most part, the consequences of this are benign and the remedies straight-forward –think: “mobile phones ringing in the movie theater.”

Read more...

Dan Guido on Attacker Math and Exploit Intelligence

Dennis Fisher talks with Dan Guido, security researcher and CEO of Trail of Bits, about the new company’s plan to help enterprises defend against targeted attacks, the way that attackers think and the value of exploits versus vulnerabilities. They also discuss a new initiative to help share security knowledge more broadly in the community.

Read more...

Richard Boscovich on the Zeus Botnet Takedown

Dennis Fisher talks with Richard Boscovich of the Microsoft Digital Crimes Unit about the operation to take down the Zeus botnet, how the company works with partners and law enforcement on these operations and the importance of getting the word out to consumers about the danger of botnets.

Read more...

Ryan Naraine on Exploit Mitigations and the MS12-020 RDP Bug

Dennis Fisher talks with Ryan Naraine about whether exploit mitigations such as ASLR and DEP really make any difference in preventing browser attacks and the seriousness of the MS12-020 RDP vulnerability that was patched during March’s Patch Tuesday release.

Read more...

Mobile Apps Space A ‘Wild West’ For Enterprises

SAN FRANCISCO – Companies that are hoping to catch a ride on the mobile wave should pay close attention to the application development firms they choose to work with, unless they want to be saddled with a buggy and insecure albatross bearing their corporate logo, a leading application security expert warns.

Read more...

Bruce Schneier on Liars and Outliers

Dennis Fisher talks with cryptographer and author Bruce Schneier about his new book, Liars and Outliers, the role of trust in society and security, the ways in which technology helps promote trust and how various groups and actors defect the norm and take advantage of that trust.

Read more...

Ryan Naraine on the Koobface Expose and SCADA 0-Day Disclosures

Dennis Fisher talks with long-lost Threatpost editor Ryan Naraine about the intricacies of the disclosure of the identities of the alleged Koobface gang members, whether we’ll see more of that kind of action and whether the recent trend toward disclosing 0-days in SCADA systems will continue.

Read more...

Dartmouth Cyber Security Chief: More Attention Needed To Human Element In Security

Shari Lawrence Pfleeger wrote the book on cyber security – or should we say “books.” The longtime researcher and expert has authored numerous textbooks on everything from software engineering, to the application of metrics in software development, to computer security. The head of research for the Institute for Information Infrastructure Protection (I3P) at Dartmouth College, Pfleeger says that many of the biggest challenges facing organizations in the realm of cyber security are social, and not technological.

Read more...

Adam Shostack on Methods of Compromise, the New School and Learning

Categories: Malware, Microsoft, Podcasts

Dennis Fisher talks with Adam Shostack of Microsoft about the taxonomy he helped develop for classifying how PCs are compromised, what he would and wouldn’t change in The New School of Information Security and who he’s learned the most from.

Read more...