Hacks & Hackers

Data stolen in a breach can surface months or years after the victimized firm has returned to "business as usual," warns Thomas Hofmann of the firm Flashpoint.

Taking the Long View of Breach Fallout

In this industry perspective, Thomas Hofmann, the Vice President of Intelligence at the firm Flashpoint* warns that the effects of data breaches can often be felt months or years after the actual incident, as stolen data bubbles up in underground marketplaces. He has three pieces of advice for companies that want to develop an incident response plan that mitigates the damage of breaches in the short term and over the long term.   

The insides of a Revolar device, one of three tested by DUO Security, which found wide discrepancies in the security of the personal safety wearables. (Image courtesy of DUO Security.)

Episode 81: Hacking IoT with Physics, Poor Grades for Safety Wearables and Peak Ransomware

Podcast: Play in new window | Download (Duration: 39:57 — 45.7MB)Subscribe: Android | Email | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report. 

We talk with PAS Global about a Chatham House report on the hacking risk to nuclear weapons.

Episode 79: Hackable Nukes and Dissecting Naughty Toys

Podcast: Play in new window | Download (Duration: 35:43 — 40.9MB)Subscribe: Android | Email | RSSIn this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.