Podcasts

The FBI is warning medical and dental offices to be on the lookout for insecure FTP servers.

Securing Medical Devices, Rethinking OWASP’s Top 10 & BlackDuck CEO Lou Shipley

In this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what’s next for his company.

Episode 70: securing medical devices, OWASP Top 10 controversy and BlackDuck CEO Lou Shipley

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what’s next for his company.

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.

Episode 69: Honor among cyber thieves and dissecting Fancy Bear

Podcast: Play in new window | DownloadSubscribe: Android | RSSPaul Roberts of The Security Ledger speaks with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.

Episode 68: Hack Back, Mr. Robot and Spotting Sophisticated Hacks

Podcast: Play in new window | DownloadSubscribe: Android | RSSwe talk with Gadi Evron of Cymmetria, which released Mazehunter, a targeted hack-back tool this week about going on offense and staying on the right side of the law. Also: Ryan Kazanciyan of Tanium is one of the talented hackers who help design Mr. Robot’s super-realistic hacking scenes. We talk with him about bringing realistic hacks alive on the small screen. And: when Uncle Sam dishes the dirt on a state sponsored campaign against critical infrastructure, what are companies supposed to do with the information? Mark Durfresne of the firm Endgame and Itzik Kotler of the firm Safebreach give us their thoughts.