Podcast: Play in new window | Download (Duration: 1:01:53 — 113.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast, we talk with Genevieve Southwick, CEO of the B-Sides Las Vegas hacker conference about the information security industry’s #metoo problem and what steps conference organizers are taking to stem sexual assault and harassment at information security events. Also: researcher Alec Muffet talks with us about making a TOR version of Wikipedia (and why it’s not sticking around). Finally, Martin McKeay of Akamai talks about the state of Internet security one year after Mirai. (Spoiler alert: Mirai is still a problem.)
The standard password has never been less effective or more susceptible to attacks. But some of the U.S.’s leading corporations say they’re also not ready to get rid of it.
In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us.
In-brief: Password security remains a thorn in the side of security experts as once again proven by the cyberattack on U.K. Parliament, which focused on gaining access to members’ e-mail accounts merely by guessing their passwords.
In-brief: what’s a good password? According to new guidelines from NIST: one that hasn’t already been stolen by hackers.