Browsing Category: Podcasts

Costin Raiu on Duqu, Stuxnet and Targeted Attacks

Dennis Fisher talks with malware researcher Costin Raiu about the investigation into Duqu, the likelihood that it was written by the same team as Stuxnet, whether a government is behind its development and what mistakes the authors made.


Ted Julian on Data Breach Response and Incident Analysis

Dennis Fisher talks with Ted Julian of CO3 about why even the more enlightened organizations still find themselves unprepared when hit with a data breach, the need for more public data to help analyze the nature and effects of breaches and how third-party breaches affect organizations.


Botnet Takedown: Researcher Describes How Kelihos Fell

Categories: Compliance, Malware, Podcasts

Dennis Fisher talks with Kaspersky Lab Researcher Tillmann Werner about the takedown of the Kelihos botnet, the network’s unique multi-tiered architecture, its custom protocol and the ethics and legality of pushing updates to disable bots on users’ machines.


Gary McGraw on the BSIMM3 Data Release

Categories: Government, Podcasts

Dennis Fisher talks with Gary McGraw of Cigital about the release of the data collected during the BSIMM 3 software security measurement project, the most pressing challenges facing companies involved in software security programs and the reasons that the US government is falling farther behind on this front.


Podcast: Culture of Lax Security Prevails Among Medical Device Makers

The news last week was that the U.S. House Energy & Commerce Committee has asked the Government Accountability Office to investigate the security of the software that runs medical devices. But a prominent researcher says that security flaws in such devices are common, and that more federal oversight is necessary to change what he describes as a culture of lax security among medical device makers.


Anup Ghosh on Targeted Attacks and the Need for Security Innovation

Dennis Fisher talks with Anup Ghosh of Invincea about the current wave of targeted attacks against high-profile companies such as RSA, the IMF and Citigroup and how the lack of innovation on the defensive side of the fence has made life easier for the attackers.