Dennis Fisher talks with Costin Raiu and Ryan Naraine about the newly uncovered Red October cyberespionage campaign that has targeted embassies, diplomats, research facilities and military targets for more than five years now. Raiu explains the origins of the campaign, where the attackers likely are located, the complexity and scale of the malware tools involved and what other components might be lurking undiscovered out there.
Browsing Category: Podcasts
Dennis Fisher talks with Gary McGraw of Cigital about some of the holes in the current thinking about cyberwar, why traditional military analogies don’t hold up in cyberwar discussions and how better defense can make a difference. McGraw will be discussing his thoughts on cyberwar at King’s College London this week.
Dennis Fisher talks with Dan Guido, CEO of Trail of Bits and hacker-in-residence at NYU-Poly, about the school’s first mobile security conference, called THREADS, taking place this week in Brooklyn. Part of the college’s Cybersecurity Awareness Week (CSAW), THREADS will include speaker such as Dino Dai Zovi, Guido, Jon Oberheide and Vincenzo Iozzo.
Dennis Fisher talks with Chris Soghoian, a principal technologist at the ACLU, about the developing market for buying and selling exploits and vulnerabilities. Soghoian has been a vocal critic of exploit sales and in this podcast he discusses the reasons why and why he thinks the policymakers in Washington need to get involved.
Dennis Fisher talks with Gary McGraw of Cigital about the release of the BSIMM4 data, how software security programs have matured in the last four years and how the government has become distracted by cyberwar and is ignoring software security, to its detriment.
Dennis Fisher talks with Mike Mimoso, the new editor of Threatpost, about his decade covering security, how the industry and threat landscape have changed and how security researchers are like Bill Parcells.
Dennis Fisher talks with Al Huger of Sourcefire about the difficulty of tracking down the source of a malware infection, whether organizations should care about attribution after discovering an attack and why playing defense is so difficult.
Dennis Fisher talks with Cesar Cerrudo of IOActive Labs about his research project that used Fortune 500 executives’ corporate email addresses as the starting point to gather data about their online activities. Cerrudo found that he was able to map executives’ activities across a wide range of e-commerce, social networking and other sites with just an email address.
Dennis Fisher talks with Joe Stewart of the Dell SecureWorks Counter Threat Unit about his team’s new research on the landscape of APT malware families, who is behind the use of these tools and how poorly prepared most organizations are for attacks by these crews.
Attackers are now using DDoS services that offer attacks on telecommunication systems as part of larger attack schemes. These attacks, known as TDoS attacks, can be a relatively cheap option for cybercriminals looking into diversifying their attack vectors.