Tag: APT

China is altering vulnerability reports to cover up delays in disclosing serious security holes in common software.

Podcast Episode 87: Vulnerability Reports Down the Memory Hole in China and the Groups Hacking ICS

Podcast: Play in new window | Download (Duration: 42:05 — 48.2MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast (#87) we speak with Priscilla Moriuchi of the firm Recorded Future about China’s efforts to cover up delays in publishing information on serious and exploitable software security holes. Joe Slowick of the firm Dragos Security joins us to talk about the hacking groups targeting industrial control systems and Ken Munro of the firm Pen Test Partners tells us why the UK’s new report on securing the Internet of Things isn’t worth the paper it’s written on. 

US diplomats stationed in Cuba reported feeling ill after sonic attacks launched from a mysterious source. But is that what really happened? New research suggests maybe not. (Image courtesy of US embassy.)

Podcast Episode 86: Unraveling the Cuban Embassy’s Acoustic Mystery

Podcast: Play in new window | Download (Duration: 42:12 — 48.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode of The Security Ledger Podcast (#86) we speak with Dr. Kevin Fu of the University of Michigan about research he conducted that casts doubts on reports of mysterious acoustic attacks on US embassy employees in Havana, Cuba. Also: Chip Block of Evolver talks about the Securities and Exchange Commission’s expanded cyber security guidance. And finally: thousands of radiologic sensors were deployed in the U.S. following the attacks of September 11 2001. We’ll look at new efforts to secure those systems from cyber attack.

Hacking diversity: the information security has a diversity problem. In recognition of Black History Month, we ask how to solve it.

Episode 85: Supply Chain Attacks and Hacking Diversity with Leon Johnson

Podcast: Play in new window | Download (Duration: 32:26 — 37.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Podcast (#85), we’re joined by Adam Meyers of the firm CrowdStrike to talk about that company’s Global Threat Report for 2018. Also: we continue our observation of Black History Month in the US by talking to prominent information security professionals from the black community. This week, our guest is Leon Johnson, a principal pen tester at the firm Rapid 7 about becoming the first person in his family to go to college and then finding his way to information security.