Two years after it was cited for security and privacy violations in its connected toys, VTech Electronics Ltd. has been fined by the U.S. government for violations of a federal law protecting children’s online privacy.
data theft
Podcast: will Uber’s Florida Man Problem chill Bug Bounties?
In our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.
Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack
In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.
After Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why.
What makes a good CSO? In the wake of the Equifax breach, we talk about the controversy over that company’s CSO’s music degree. Also: we talk with Signal Sciences about why companies keep getting hacked via application vulnerabilities like the Apache Struts hole that felled Equifax.
Heading to College? Job 1: Lock Down your ‘Directory Information’
In-brief: Colleges in the U.S. give away personally identifying data on millions of students each year as unregulated “directory information.” Job 1 when arriving on campus: opting out and protecting your data.
