Security Ledger’s Paul Roberts talks with Kyle Wiens of Repair.org about efforts in Massachusetts and other states to pass ‘right to repair’ laws covering a wide range of connected and Internet of Things devices. Also: Facebook awarded its $100,000 Internet Defense prize to a team from UC Berkeley that came up with a better way to spot spear phishing campaigns. And: Johannes Ullrich of The SANS Internet Storm Center talks about his experiment to see how common attacks on Internet connected Digital Video Recorders are. The results may surprise you.
Podcasts
Hosted by Paul Roberts, The Security Ledger podcast features interviews with leading minds in the area of cyber security, threats and attacks. The Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
Hacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security
In-brief: on this week’s Security Ledger Podcast, we delve deeper into the question of maritime cyber security, speaking with noted researcher Ruben Santamarta of the firm IOActive about the work he’s done exposing vulnerabilities in the software that runs both commercial and navy vessels. Also: Alan Brill of Kroll joins us to talk about The Internet of Things Cybersecurity Improvement Act. And we talk to Maria Loughlin of the firm Veracode about a new survey that suggests undergraduate computer science majors aren’t receiving adequate instruction in cyber security.
Episode 60: Maritime Hacking, IoT Cyber Safety Law and Teaching Security
Security Ledger Editor in Chief Paul Roberts speaks with maritime cyber security expert Ruben Santamarta of IOActive about the recent spate of US navy collisions and whether hacking may have played a role. Also: Alan Brill of Kroll’s cyber security division talks about pending legislation on Capitol Hill that would set standards for the Internet of Things. Finally, Paul speaks with Mary Loughlin of the firm Veracode about a recent survey that found almost two thirds of computer science graduates don’t believe their security education prepared them for their current job.
OSINT University: are Colleges and Universities protecting Student Data?
In-brief: Colleges and universities collect reams of student data – including personally identifying information- as part of their student “directory” files. They then distribute it to – basically – whomever asks. In this podcast, we talk with researcher Leah Figueroa who has researched the issue. Also: where are all those Devil’s Ivy attacks? And: companies are desperate for tools and talent to beat back sophisticated threats. Is artificial intelligence the answer? We talk with Endgame about the results of a new survey.
Episode 59: Are Schools and Colleges Dumping Student Data? Also: was Devil’s Ivy a Dud?
Security Ledger publisher and Editor in Chief Paul Roberts speaks to Leah Figueroa, a Texas-based researcher who warns that colleges and universities – maybe even K-12 school districts – regularly divulge reams of student data to whomever asks, some of it is so-called personally identifying information or PII. Also: Paul talks with Assaf Harel about the future of the “Devil’s Ivy” vulnerability in gSOAP. Will it lead to the next Mirai botnet? Finally, Ashwin Almad of Endgame talks about a new Forrester survey that finds companies struggling to find the people and tools to prevent hacks and data leaks.
