Tag: reports

Podcast Episode 94: Black Report takes Hacker View and Securing the Open Source Supply Chain

Podcast Episode 94: Black Report takes Hacker View and Securing the Open Source Supply Chain

Podcast: Play in new window | Download (Duration: 35:55 — 41.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of the Security Ledger Podcast we do a deep dive into the recent Black Report by NUIX – which flips the script by asking hackers and pen testers their opinions about how they hack firms and what defensive strategies and technologies work best at stopping them. Also: Rami Sass the CEO and co-founder of this week’s sponsor, WhiteSource Software, joins us in the Security Ledger studios to talk about how a white knuckle audit of his company’s open source dependencies eight years ago prompted him to start WhiteSource, which makes a tool for managing the open source software supply chains. 

China's government appears to be suppressing information on serious, exploitable security vulnerabilities in software, a study by Recorded Future found.

Podcast Episode 92: Uncle Sam Ices Tech Acquisitions and RSA Conference 2018

Podcast: Play in new window | Download (Duration: 31:45 — 36.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of The Security Ledger Podcast (#92): Adam Isles of The Chertoff Group joins us to talk about the growing specter of software supply chain risk the recent trend of the US Government shooting down major tech acquisitions by Chinese firms.  Also: with the RSA Conference * kicking off in San Francisco, we hear from two experts from LookingGlass, this week’s podcast sponsor, about how to make sense of the hot threat intelligence space. 

Researchers from Kaspersky Lab said crypto-mining is replacing ransomware thanks to the growing popularity of digital currencies.

Podcast Episode 88: Inside Russia’s DragonFly Group and How Cyber Crooks Launder Money

Podcast: Play in new window | Download (Duration: 34:30 — 39.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast (#88) we do a deep dive with researcher Vikram Thakur of the firm Symantec on “Dragonfly,” the Russian hacking group whose actions prompted the U.S. Department of Homeland Security and the FBI to issue a joint statement last week warning of intrusions into critical infrastructure in the US. Also: how do cyber criminals cash out all the loot they make from online scams? In our second segment we’ll talk to researcher Mike McGuire of the University of Surrey, who has been studying that question.