Skip to content

Categories:

Episode 147 – 15 Things

Tonight Martin, Steve, and Joseph tackled FUD, stolen medical data, and executive orders.

Remember, if it says X number of Y, you should probably just move on.

http://www.csoonline.com/article/2835080/data-breach/15-of-the-scariest-things-hacked.html

Stolen Medical Data is Now Worth Something

http://www.reuters.com/article/2014/09/24/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924

A great step forward by the government?!

http://www.csoonline.com/article/2835476/data-protection/obama-signs-executive-order-to-bolster-federal-credit-card-security.html

There are also a lot of upcoming SecurityBSides events that you should check out here: http://www.securitybsides.com/w/page/12194156/FrontPage

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Posted in Podcasts.


Episode 146 – Mitzie

In case of breach, ask reporters for money?

http://motherboard.vice.com/read/hacked-snapchat-website-demands-payment-bitcoin-to-talk-about-getting-hacked-snapsaved

POODLE explained. Is this really what the future of vulnerability disclosure looks like?

http://www.wired.com/2014/10/poodle-explained/

Rethinking the Security “Con”

http://daveshackleford.com/?p=1063

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Posted in Podcasts.


Episode 144 – The Ballad of Ricky Joe

Tonight marked the return of Yvette back to the podcast, joining Martin, Andy, and Joseph to talk about what else but more Home Depot.

http://arstechnica.com/security/2014/09/home-depot-ignored-security-warnings-for-years-employees-say/

http://arstechnica.com/security/2014/09/home-depots-former-security-architect-had-history-of-techno-sabotage/

We also managed to fit in a great discussion on chip and pin and it’s effectiveness here in the US.

http://www.csoonline.com/article/2685514/data-protection/chip-and-pin-no-panacea-but-worth-the-effort-and-the-cost.html

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Posted in Podcasts.


Episode 143 – Menudo

This week Andy made his triumphant return back to the show with Martin, Steve, and Joseph. They dove right back in on some of the recent breaches, as well as a discussion about how CISOs should respond when they find themselves in a “resume-generating event.”

“C-level security”

http://www.businessweek.com/articles/2014-09-12/home-depot-didnt-encrypt-credit-card-data-former-workers-say

What are the technical details behind the Home Depot breach? There’s a lot of people looking into that.

http://sub0day.com/2014/09/pos-hacks/

http://www.darkreading.com/home-depot-breach-may-not-be-related-to-blackpos-target/d/d-id/1315636

“Six stages of data breach denial”

http://www.csoonline.com/article/2606174/infosec-careers/caught-in-the-breach-how-a-good-cso-confronts-inevitable-bad-news.html?nsdr=true

Minecraft purchased by Microsoft, and Notch is leaving Mojang

http://pastebin.com/raw.php?i=n1qTeikM

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.


Episode 142 – Orange Aprons

It kind of felt like Groundhog Day on the show this evening as Martin, Steve, and Joseph talked about some of the pressing stories that have come to light over the past week. Steve also gave some insight into discussion of breaches in the media.

Home Depot has issued a statement confirming that they have been breached, and have posted a FAQ for the breach.

http://www.csoonline.com/article/2604320/data-protection/what-you-need-to-know-about-the-home-depot-data-breach.html

https://corporate.homedepot.com/MediaCenter/Pages/Statement1.aspx

A simple misconfiguration error led to a development server compromise for Healthcare.gov.

http://www.csoonline.com/article/2602964/data-protection/configuration-errors-lead-to-healthcare-gov-breach.html

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Posted in Podcasts.


Episode 141 – What’s goin’ on?

Tonight Martin and Joseph tackled some of the breaking news of the week.

Breaking news: Home Depot breached?

http://krebsonsecurity.com/2014/09/banks-credit-card-breach-at-home-depot/

‘Celebgate’ is upon us, apparently.

http://www.theverge.com/2014/9/2/6098107/apple-denies-icloud-breach-celebrity-nude-photo-hack

And according to Kaspersky, if we’ve done nothing wrong, we have nothing to fear.

http://www.theregister.co.uk/2014/08/29/kaspersky_backpedals_on_done_nothing_wrong_nothing_to_fear_company_article/

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.


Episode 140 – Dave Kennedy Fan Club

Tonight was an interesting news night for Martin, Steve, and Joseph. This was an episode filled with healthcare discussion.

First, CHS Hacked via Heartbleed?

https://www.trustedsec.com/august-2014/chs-hacked-heartbleed-exclusive-trustedsec/

http://www.sec.gov/Archives/edgar/data/1108109/000119312514312504/d776541d8k.htm

Second, CMS refuses to reveal details on the security behind Healthcare.gov

http://bigstory.ap.org/article/us-wont-reveal-records-health-website-security

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.


Episode 138 – A Day Late and 3917 Dogecoins Short

Tonight Martin, Yvette, Steve, and Joseph tackled some fun topics, stories are below.

Is this the end of password managers? No.

http://arstechnica.com/security/2014/07/severe-password-manager-attacks-steal-digital-keys-and-data-en-masse/

Bitcoin isn’t Money

http://www.wired.com/2014/07/silkroad-bitcoin-isnt-money/

What can you do to help your security budget?

http://www.csoonline.com/article/2369048/security-leadership/do-these-3-things-to-get-the-security-budget-you-want.html

Clearly we should track all of our special snowflakes.

http://www.npr.org/blogs/alltechconsidered/2014/07/10/330406463/a-new-device-lets-you-track-your-preschooler-and-listen-in

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.


Episode 137 – Helvetica?

Tonight went a little off the rails, but Martin (@armorguy), Steve (@steveD3), and Joseph (@jsokoly) had some fun talking about stories.

DNS is important

http://www.darkreading.com/microsofts-seizure-of-no-ip-domains-disrupted-criminals-and-innocents-alike/d/d-id/1279079

Are CISOs too confident?

http://net-security.org/secworld.php?id=17047

Has the Internet of Things gone “mainstream”?

http://www.npr.org/2014/07/05/328888392/from-thermostats-to-prison-security-more-things-going-online

Can we finally kill Comic Sans?

http://theuniversaltypeface.com/home

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.


Episode 136 – Let’s talk about pri-va-cy

Tonight Joseph, Andy, and Steve continued their theme of talking about themes. Joseph brought up a discussion of privacy and got the guys talking. The stories that they discussed are below.

http://www.macworld.com/article/2366921/why-apple-really-cares-about-your-privacy.html

http://www.wired.com/2014/06/usable-security/

http://www.networkworld.com/article/2393044/security/german-government-to-drop-verizon-because-of-us-spying.html

If you’d like to subscribe, you can find the RSS feed here: http://sfspodcast.libsyn.com/rss or on iTunes.

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter

Posted in Podcasts.