40 min listen
Unavailable
Currently unavailable
DtR Episode 43 - NewsCast for June 3rd, 2013
Currently unavailable
DtR Episode 43 - NewsCast for June 3rd, 2013
ratings:
Length:
27 minutes
Released:
Jun 3, 2013
Format:
Podcast episode
Description
It's June already?! Where has the first half of 2013 gone? James and I break down the last 2 weeks of interesting InfoSec news in a short "Monday morning quarterback" style... enjoy!
Topics Covered
Evernote adds 2-step veficication for their authentication, and follows suit with just about every other 'modern' app. Following on the hells of Twitter, LinkedIn, FaceBook, Apple and the one that started it all, Google - we're now getting multi-step authentication from Evernote. Free users not welcome ...yet? - http://blog.evernote.com/blog/2013/05/30/evernotes-three-new-security-features/
Dropbox down for more than an hour, but it wasn't a security bug (we don't think), it's just that they had 'technical difficulty'. If you depend on Dropbox for your file synchronization services, you knew this happened - http://www.computerworld.com/s/article/9239648/Dropbox_goes_down_for_more_than_an_hour
NIST 500-299 "Cloud COmputing Security Reference Architecture" document is released. There's a bit of irony here, as the document itself is a whopping 299 pages! - http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/CloudSecurity/NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf
Drupal.org has been hacked, and it appears 2013 just isn't a good year for the folks over at Drupal. Apparently about 1 million accounts have been compromised/affected, and all accounts had their passwords reset - I apparently had a Drupal account I don't remember anymore and my password was reset too - http://techcrunch.com/2013/05/29/drupal-org-hacked-user-details-exposed-and-reset/
Google changed its disclosure policy for critical issues that are actively being exploited from the standard 60 days, to 7. A week. 7 days down from 60 ... this needs more reading and discussion - http://www.csoonline.com/article/734286/google-zero-day-disclosure-change-slammed-praised
Hackers are exploiting Ruby on Rails vulnerability that was patched this past January, so zero-day no longer applies... the lesson here is to patch in a timely fashion! - http://www.computerworld.com/s/article/9239588/Hackers_exploit_Ruby_on_Rails_vulnerability_to_compromise_servers_create_botnet?taxonomyId=17
Topics Covered
Evernote adds 2-step veficication for their authentication, and follows suit with just about every other 'modern' app. Following on the hells of Twitter, LinkedIn, FaceBook, Apple and the one that started it all, Google - we're now getting multi-step authentication from Evernote. Free users not welcome ...yet? - http://blog.evernote.com/blog/2013/05/30/evernotes-three-new-security-features/
Dropbox down for more than an hour, but it wasn't a security bug (we don't think), it's just that they had 'technical difficulty'. If you depend on Dropbox for your file synchronization services, you knew this happened - http://www.computerworld.com/s/article/9239648/Dropbox_goes_down_for_more_than_an_hour
NIST 500-299 "Cloud COmputing Security Reference Architecture" document is released. There's a bit of irony here, as the document itself is a whopping 299 pages! - http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/CloudSecurity/NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf
Drupal.org has been hacked, and it appears 2013 just isn't a good year for the folks over at Drupal. Apparently about 1 million accounts have been compromised/affected, and all accounts had their passwords reset - I apparently had a Drupal account I don't remember anymore and my password was reset too - http://techcrunch.com/2013/05/29/drupal-org-hacked-user-details-exposed-and-reset/
Google changed its disclosure policy for critical issues that are actively being exploited from the standard 60 days, to 7. A week. 7 days down from 60 ... this needs more reading and discussion - http://www.csoonline.com/article/734286/google-zero-day-disclosure-change-slammed-praised
Hackers are exploiting Ruby on Rails vulnerability that was patched this past January, so zero-day no longer applies... the lesson here is to patch in a timely fashion! - http://www.computerworld.com/s/article/9239588/Hackers_exploit_Ruby_on_Rails_vulnerability_to_compromise_servers_create_botnet?taxonomyId=17
Released:
Jun 3, 2013
Format:
Podcast episode
Titles in the series (100)
DtSR Episode 349 - Verizon 2019 DBIR Double-Live Part 2: Guest: Gabriel Bassett by Backpacking Light Magazine Podcasts