Podcast: Play in new window | Download (Duration: 42:12 — 48.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode of The Security Ledger Podcast (#86) we speak with Dr. Kevin Fu of the University of Michigan about research he conducted that casts doubts on reports of mysterious acoustic attacks on US embassy employees in Havana, Cuba. Also: Chip Block of Evolver talks about the Securities and Exchange Commission’s expanded cyber security guidance. And finally: thousands of radiologic sensors were deployed in the U.S. following the attacks of September 11 2001. We’ll look at new efforts to secure those systems from cyber attack.
Podcast: Play in new window | Download (Duration: 39:57 — 45.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report.
Researchers at CyberX say they have found a way to sneak sensitive data off of industrial control system networks using radio frequency communications. The attack could be used to compromise so-called “air gapped” networks that are not connected to the Internet.
In this 67th episode of The Security Ledger Podcast, we talk with Bob Rudis of the firm Rapid7 about KRACK, a security hole that affects most wi-fi hotspots. Also: Or Katz of Akamai talks about that company’s work analyzing fast-flux botnets, which have become like AirBnB for cyber criminals looking for a place to host malicious networks. Finally: Tim Jarrett of Veracode tells us how a single security hole in an open source library found its way into millions of applications.
Hundreds of millions of wireless devices may be affected by a flaw in WPA-2, a widely used standard for securing wireless Internet connections. (Updated to add commentary by Bob Rudis of Rapid 7.)