DtR Episode 81 - NewsCast for February 24th, 2014
Down the Security Rabbithole Podcast
English - February 24, 2014 19:22 - 26 minutes - 18.2 MB - ★★★★ - 91 ratingsTech News News Technology cybersecurity enterprise information cyber hacking management risk security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Topics covered
Apple had a "Goto Fail" failure - yes people at Apple Computer still use Goto statements in 2014 - http://www.computerworld.com/s/article/9246533/Apple_encryption_mistake_puts_many_desktop_applications_at_risk and Adam Langley's awesome blog - https://www.imperialviolet.org/2014/02/22/applebug.html
Look out Terps, Univ of Maryland has lost 309,000+ staff members, students and faculty worth of personal information including social security numbers ... OUCH - http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html
ICS-CERT has a new report out that bemoans the Industrial Control sector's inability to detect and respond to incidents ...mainly due to inadequate logging - http://www.govinfosecurity.com/report-cyberthreat-detection-lacking-a-6516 and the report https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_Oct-Dec2013.pdf
Websense has done a massive analysis of Dr. Watson (MS Windows crash files) file and determined there is some new kind of APT, POS attack afoot - http://www.darkreading.com/attacks-breaches/microsoft-windows-crash-reports-reveal-n/240166207
Many different outlets are reporting this in various ways but consumer endpoints (at this point lots of Linksys home routers) are being infected with a new worm targetting a flaw mainly because people choose to expose their management interfaces to the outside, why? - http://krebsonsecurity.com/2014/02/time-to-harden-your-hardware/