Information security podcasts: 2009 archive

Listen to all of SearchSecurity.com's security podcasts from 2009: a collection of the year's best IT news and Q&A with infosec experts.

 

Security Wire WeeklySelf-defending applications
Michael Coates, a volunteer with OWASP is leading a project that helps developers inject code into applications to give them self-defense mechanisms. Also, Rich Mogull of Securosis on the addition of security guru Mike Rothman to his firm's research team.

Download MP3 | Subscribe to Security Wire Weekly



 

Threat Monitor podcastThreat Monitor -- January 12, 2010
Buffer overflow tutorial: How to find vulnerabilities, prevent attacks 
Buffer overflow exploits and vulnerabilities can lead to serious harm to corporate Web applications, as well as embarrassing and costly data security breaches and system compromises.

Download MP3 | Subscribe to our security podcasts




Podcasts for the week of December 29, 2009

Security Wire WeeklyTop cybersecurity stories of 2009 (Part 2)
In part 2 of this two-part Security Squad, security expert and blogger Adam Shostack joins the SearchSecurity editorial team to talk about the security stories that resonated in 2009. (Part 2 of 2)

Download MP3 | Subscribe to Security Wire Weekly




Security Wire Weekly
Top cybersecurity stories of 2009
Security expert Adam Shostack joins the SearchSecurity.com editorial team to talk about the cybersecurity stories that had the biggest impact on the security industry in 2009. (Part 1 of 2)

Download MP3 | Subscribe to Security Wire Weekly



 

Podcasts for the week of December 22, 2009

Security Wire Weekly podcastHoward Schmidt named to WH post 
Howard Schmidt gives his opinion on ongoing federal cybersecurity efforts in a 2008 interview. Also, Wade Baker of Verizon on the firm's data breach investigations.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire Weekly Threat Monitor -- December 21, 2009
How to prevent memory dump attacks 
Because databases are often encrypted, some attackers have switched to memory dump attacks. Michael Cobb explains how to protect your unencrypted transactions.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of December 13, 2009

Security Wire Weekly podcastConficker worm sill infects millions 
Security expert Mikko Hypponen of F-Secure talks about the latest on the Conficker worm. The Shadowserver Foundation finds up to 7 million machines still infected worldwide. Also, Mozilla Firefox, Opera and Apple Safari make a list of risky applications. Tom Murphy of Bit9 explains why.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of December 6, 2009

Security Wire Weekly podcastMicrosoft issues IE security overhaul 
Microsoft patched five vulnerabilities including a serious zero-day flaw in Internet Explorer. Jason Miller of patch management vendor Shavlik Technologies explains the impact.

Download MP3 | Subscribe to Security Wire Weekly




 

Threat Monitor podcast Threat Monitor -- December 7, 2009 
Best practices for (small) botnets 
Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice.

Download MP3 | Subscribe to all of our security podcasts


 

Podcasts for the week of November 29, 2009

Security Wire WeeklyShould cities demand data breach penalties? 
SearchSecurity.com editors discuss Los Angeles' inclusion of a data breach clause in their contract. Also, the importance of vendor security threat reports and consolidation in the Web security gateway market.

Download MP3 | Subscribe to Security Wire Weekly



 


Podcasts for the week of November 22, 2009

Threat Monitor podcast Threat Monitor-- November 24, 2007
Cut down on calls to help desk with cybersecurity awareness training 
It's no secret that human error accounts for many security blunders. But what's the best way to implement cybersecurity awareness training in your enterprise to keep employees from clicking on phishing links or downloading viruses? In this tip, learn how sending out cyber security tips can help.

Download MP3 | Subscribe to our other security podcasts


 

Podcasts for the week of November 15, 2009

Security Wire Weekly podcastMetasploit creator H.D. Moore 
Metasploit creator H.D. Moore talks about the future of the attack platform. Also Cisco's Dave Dalva on security and the Smart Grid.

Download MP3 | Subscribe to Security Wire Weekly

 

 

 

Hot Type: Surreptitious Software 
In this month's "Hot Type" podcast, authors Christian Collberg and Jasvir Nagra talk about why their book Surreptitious Software is particularly important for security professionals who may not have a strong interest in code development.

Download MP3 | Subscribe to our other security podcasts



 

 

 

Podcasts for the week of November 8, 2009

Security Wire Weekly podcastSecurity certifications pay remains strong 
David Foote of Foote Partners on his latest skill and certification research. Security skills remain strong despite the bad economy.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of October 25, 2009

Security Squad podcastSecurity Squad: Tokenization, Phishing and the Feds 
SearchSecurity editors discuss the importance of Microsoft's record breaking number of October vulnerabilities, the federal government's plan to hire 1,000 cybersecurity pros, the FBI's crackdown on a massive phishing ring and the latest payment industry tokenization plans.

Download MP3 | Subscribe to our security podcasts




 

Security Wire Weekly Silon Trojan strikes Internet Explorer users 
Amit Klein, CTO of Trusteer Inc. on a new two-headed Trojan striking Inernet Explorer users to steal login credentials.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of October 18,2009

Security Wire Weekly Heartland CIO on PCI, E3 project 
Heartland Payment Systems CIO Steve Elefant talks about the processor's new E3 security processes, end-to-end encryption, deployment and adoption issues.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of October 11, 2009

Security Wire Weekly Nuke and pave to eradicate botnets 
Security researcher Gunter Ollmann of Damballa discusses the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls "nuke and pave."

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of October 4, 2009

Security Wire Weekly Exploring encryption, DLP 
Richard Jacobs, chief technology officer of Sophos on encryption for compliance, DLP and the case for involving end users in security decisions.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of September 27, 2009

Threat Monitor podcast Threat Monitor -- October 1, 2009
Threat Monitor: An enterprise strategy for Web application security threats 
People Security founder Hugh Thompson reviews the tools and tactics, from routine assessments to Web application firewalls, that are essential to an application security strategy.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of September 20, 2009

Security Wire Weekly Digital forensics, breach incident response 
Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics, explains best practices around data breach response and digital forensics.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire Weekly Privacy gone awry
SearchSecurity editors discuss Internet privacy issues, the Apache disclosure, VMworld and Apple security.

Download MP3 | Subscribe to Security Wire Weekly





 

Podcasts for the week of September 13, 2009

Security Wire Weekly SANS Top Cybersecurity Risks 
Experts discuss the findings of the SANS Institute 2009 Top Cyber Risks Report. The SANS report, The Top Cyber Security Risks found that IT security professionals are failing to adequately address client-side application flaws and website vulnerabilities. Meanwhile, cybercriminals are using spear phishing attacks and automated SQL injection attacks to infect employee machines and ultimately gain access to company networks.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of September 6, 2009

Security Squad podcast DNSSEC – Challenges and pitfalls 
Security experts and officials involved in DNSSEC implementations share their successes and the challenges they face.
 

Program notes: DNSSEC deployments gain momentum since Kaminsky DNS bug
 

Kaminsky interview: DNSSEC addresses cross-organizational trust and security
 

Download MP3 | Subscribe to all security podcasts




 

Podcasts for the week of August 30, 2009

Security Wire Weekly VMworld 2009: Virtualization security 
Eric Ogren of The Ogren Group talks about the focus on security fundamentals and some virtualization technologies that increase security including virtual desktops. Ogren is attending VMworld this week in San Francisco.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of August 23, 2009

Security Wire Weekly Security job market heating up 
SearchSecurity.com's Carolyn Gibney interviews David Foote of Foote Partners on his latest skills and certification data. Foote says there's reason for those in the security industry to be optimistic.

Download MP3 | Subscribe to Security Wire Weekly




Security Squad podcast 
Squad: The QSA and the Heartland breach 
Editors discuss the missing federal cybersecurity coordinator, the recent debate over comments made by Heartland CEO Robert Carr blaming the PCI QSA for the breach and whether the U.S. Marines should ban social networks.

Download MP3 | Subscribe to all our security podcasts




 

Podcasts for the week of August 16, 2009

Security Squad podcast Cyberwarfare and the enterprise: Is the threat real? 
Recently, there has been a great deal of press about massive botnets and killer denial-of-service attacks. So how concerned should you really be about cyberwarfare? The threat is real, says contributor Sherri Davidoff, but the underlying problems are weaknesses in our own infrastructure. Outages can be prevented with a level head and a solid plan.

Download MP3 | Subscribe to our security podcasts




 

Security Wire Weekly Breach highlights secure coding needs 
Jim Molini, a Microsoft security professional and longtime security expert explains his work as the key architect of a new secure software certification. Also, Forrester Research analyst Rob Whiteley talks about weighing risks versus attempting to secure all data.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of August 9, 2009

Security Wire Weekly Microsoft fixes ActiveX troubles, kill-bit bypass 
Security researcher David Dewey of IBM ISS explains his team's discovery of interoperability flaws affecting Microsoft and third-party vendors. Dewey estimates that as many as 10,000 components on the Internet may be affected.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of July 26, 2009

Security Wire WeeklyBlack Hat 2009: Researchers converge; Conficker update 
Michael Mimoso, editor of Information Security magazine and Robert Westervelt, news editor of SearchSecurity.com discuss what to expect at this year's Black Hat conference. Also, listen to an interview with Mikko H. Hyppönen of F-Secure. Hyppönen plans to give an update on Conficker during a presentation at Black Hat. Visit our Black Hat 2009 news coverage page at: searchsecurity.com/blackhat2009

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of July 19, 2009

Security Squad podcastSerious Adobe Flash flaw being exploited
Purewire principal researcher Paul Royal explains the ins and outs of the Adobe Flash vulnerability. The flaw is being exploited via PDF files and drive-by attacks. Adobe said it plans to fix the flaw by July 30.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of July 12, 2009

Security Squad podcast Squad: TJX, Black Hat and Social Security numbers 
The SearchSecurity.com editors discuss TJX's settlment with 41 states over its data breach, Juniper's decision to pull a Black Hat presentation and whether our Social Security numbers are at risk.

Download MP3 | Subscribe to our security podcasts




 

Threat Monitor podcastThreat Monitor -- July 16,2009 
Software security threats and employee awareness training 
How secure is the software produced today? Is it possible to keep attackers out of your network if they're determined to get in? What strategies for employee security awareness training are most effective at stopping malware? Greg Hoglund explains how enterprises can face these challenging questions in order to strengthen their security programs and keep sensitive data in the right hands.

Download MP3 | Subscribe to our security podcasts



 

Security Wire WeeklyMicrosoft Patch Tuesday, ActiveX risks 
Sheldon Malm and Josh Abraham of Rapid7 explain some of the serious vulnerabilities addressed by Microsoft this month. Also, Eric Voskuil of BeyondTrust on ways to protect against ActiveX vulnerabilities. Microsoft has been dealing with a slew of ActiveX flaws of late.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of July 5, 2009

Security Wire Weekly New Microsoft 0day 
Jack Walsh, network IPS program manager for ICSA Labs discusses the latest Microsoft zero-day and his firm's research into the attack methods. Read the full story.

Download MP3 | Subscribe to Security Wire Weekly




 

Threat Monitor podcast Threat Monitor -- July 6, 2009
How to defend against rogue DHCP server malware 
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.

Download MP3 | Subscribe to all security podcasts




 

Podcasts for the week of June 28, 2009

Security Wire Weekly Twitter bugs, DNSSEC and broswer security 
Like it or not Web-based social networking services are here to stay. Amit Klein, founder and chief technology officer of Trusteer talks about the latest Twitter threats, how browser makers are responding to phishing and other attacks and the adoption of DNSSEC.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of June 21, 2009

Security Wire Weekly Veiled darknet unveiled; TJX settles dispute 
Security researcher Matt Wood of HP talks about a new browser-based darknet he co-developed called Veiled. Also, Pete Lindstrom of Spire Security on TJX's latest data breach news.

Download MP3 | Subscribe to Security Wire Weekly




 

Threat Monitor podcastThreat Monitor -- June 22, 2009
When BIOS updates become malware attacks 
Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS malware and how security pros can thwart such attacks.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of June 14, 2009

Security Wire WeeklySpecial Report: How to find jobs in information security 
Is the recession holding back your career plans? In this free 30-minute podcast, experts Lee Kushner and Mike Murray offer infosec job advice that will help you survive and thrive in tough times.

Download MP3 | Subscribe to our Security Wire Weekly




 

Security Wire Weekly Click fraud threatens Web advertising 
Click fraud is threatening online advertising, according to experts. This week, Anchor Intelligence lead scientist Daniel Walling and Richard Sim, vice president of product management talk about how fraudsters are getting more sophisticated. Also Jeremiah Grossman of WhiteHat Security explains why it's so easy for people to carry out click fraud.

Download MP3 | Subscribe to our Security Wire Weekly




 

Podcasts for the week of June 7, 2009

Security Squad podcast Squad: Obama, ISP shutdowns and Web security threats
SearchSecurity.com editors discuss the Obama administration's cybersecurity plans, the FTC shutdown of Triple Fiber Network and what IT security pros can do to address the growing threat posed by the use of social networks and other Web-based services.

Download MP3 | Subscribe to all security podcasts




 

Security Wire Weekly Social networking threats
Security consultant Lenny Zeltser of Savvis Security Consulting Services explains the threats posed by employee use of social networking websites and what security pros can do to address them. Zeltser is a faculty member at the SANS Institute. Also, a brief overview of Microsoft Patch Tuesday.

Download MP3 | Subscribe to Security Wire Weekly



Security Newsmakers podcast
Newsmaker: Sophos CEO Steve Munford 
Steve Munford took over Sophos' leadership as the U.K.-based AV company mounted an aggressive effort to expand its market share, particularly in North America, against industry giants Symantec and McAfee. Munford was president of ActiveState when it was acquired by Sophos in 2003 and served as president for North America from 2003-2005.
 

In this interview, Information Security magazine's Neil Roiter talks with Munford about the company's acquisition and integration of encryption vendor Utimaco and Sophos strategy for leveraging the acquisition to boost sales in North America and Europe. Munford describes how Sophos engineering culture helps it integrate acquisitions and develop technology in-house.
 

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of June 3, 2009

Security Wire Weekly The Obama Cybersecurity Plan 
Information Security magazine's Michael Mimoso reports on the Obama cybersecurity announcement. He speaks with security luminary Howard Schmidt, Paul Kocher, chief scientist of Cryptography Research and Unisys CISO Patricia Titus.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of May 31, 2009

Security Wire Weekly Security Wire Weekly: Virtualization Security Apocalypse
Christofer Hoff, chief security architect, Systems & Technology Division at Unisys, previews his upcoming Black Hat briefing, "The four horsemen of the virtualization security apocalypse." Hoff says virtualization security could prove to be very costly for companies as they try to sort out the new governance, oversight and manageability issues being introduced by the technology.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of May 24, 2009

Security Wire Weekly White House cybersecurity czar faces big challenges
Security luminary Bruce Schneier and former cybersecurity czars Amit Yoran and Gregory Garcia share their views on a possible new White House cybersecurity czar. UK-based Paul Wood, senior analyst at Symantec's MessageLabs, gives the international perspective.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of May 17, 2009

Threat Monitor podcastThreat Monitor -- May 22, 2009
Cybercrime and threat management
It's no secret that cybercrime is an ever-growing issue for today's security professionals, but what roles and responsibilities need to change as a result of the glut in illicit cyber activity?

In this video, Bill Boni, VP of information security and technology at Motorola, discusses the changing landscape of cybercrime, and how to react to it.

Download MP3 | Subscribe to our security podcasts




 

Security Wire Weekly Defeating hackers is hard 
Sophos senior security consultant Graham Cluley talks about the antivirus industry, the threat landscape, the Conficker worm and why it has been difficult to defeat international cybercriminal gangs.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of May 10, 2009

Security Wire Weekly Squad: Data breach burn-out 
SearchSecurity.com editors discuss whether the Berkeley data breach warranted so much news coverage and whether people are becoming desensitized to data breaches. Also, Heartland Payment Systems' push for better industry wide security and whether software vendors should push silent updates to users.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire Weekly Botnet threats and countermeasures
AT&T Labs' Brian Rexroad shares how the telecommunications giant detects and defends its network against botnets. Rexroad talks about the most prevalent botnets being monitored, including Conficker, how privacy concerns strain detection and eradication efforts and explains how future technologies could be used to battle the cybercriminals behind the threat. Rexroad is principal architect at AT&T Labs.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of May 3, 2009

Security Wire Weekly Kodak CISO on virtualization, compliance
Eastman Kodak CISO Bruce Jones on compliance issues, cloud computing and virtualization use. Also, security analyst Eric Ogren on virtualization and other trends from the 2009 RSA Conference.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of April 26, 2009

Security Wire WeeklySecurity skills and certification pay
SearchSecurity's Carolyn Gibney interviews David Foote of Foote Partners LLC about the firm's latest skills and certification pay research. Some security skills are holding their own in the tough economy.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Squad podcast Squad: Federal cybersecurity defenses
In this edition, SearchSecurity editors talk about the electrical grid compromise, restructuring of the federal cybersecurity authorities, who to blame for the Conficker hype and recent criticisms of the Payment Card Industry Data Security Standard.

Download MP3 | Subscribe to our security podcasts




 

Security Wire Weekly Incident response and forensics 
Trend Micro buys Third Brigade. Also Agile Risk Management's Matthew Shannon talks about incident response best practices, including ways to accelerate the process, how compliance enables better incident response, and what makes a successful incident response.

Program Links:

Trend Micro to acquire Third Brigade for virtualization: Trend Micro said Third Brigade's technology bolsters its datacenter security strategy by helping its customers protect virtual servers and cloud computing initiatives.

Video: Security incident response 101: Even the best procedures fail to overcome the stresses in the initial throes of an incident. Security consultant Lenny Zeltser explains how to run a well coordinated response.
 

Download MP3 | Subscribe to Security Wire Weekly




 

Security Squad podcast RSA cryptographer Ari Juels on RFID, encryption
SearchSecurity.com's Neil Roiter interviews well known cryptographer Ari Juels about RFID security, cloud storage innovations and his new novel.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of April 19, 2009

Security Wire Weekly Kaspersky sees Internet IDs ahead
Kaspersky Lab CEO Eugene Kaspersky predicts that one day people will need an ID card to access the Internet. In this wide ranging interview at the 2009 RSA Conference, Kaspersky talks about the Conficker worm, attacker sophistication and tracking cybercriminals.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire WeeklyAJAX platform injects security
Kyle Adams and Al Huizenga of new startup Mykonos talk about their new platform that injects security into the software development lifecycle for AJAX applications. Also, security expert David Mortman on cloud computing.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire Weekly PCI Council readying new virtualization requirements
In an interview at the 2009 RSA Conference, Troy Leach, technical director of the PCI Security Standards Council said the organization is exploring ways to address the security challenges with virtualization and cloud computing. He said new requirements are likely.

Download MP3 | Subscribe to Security Wire Weekly



 

Podcasts for the week of April 12, 2009

Security Squad podcast RSA preview: Google makes its case for defending the cloud 
Eric Feignebaum, director of security for Google Apps, asserts cloud computing can be as secure as or even more secure than traditional corporate security. Feigenbaum will participate in a panel at the 2009 RSA Conference, "Cloud computing – secure enough for primetime today?"

Download MP3 | Subscribe to our security podcasts




 

Security Wire Weekly RSA preview: Budget issues to dominate
Andreas Antonopoulos of Nemertes Research, Charles Kolodgy of IDC and Chenxi Wang of Forrester Research talk about the major trends to dominate the RSA Conference. Shrinking budgets, application security, virtualization and encryption could dominate the event, the industry analysts said.

Download MP3 | Subscribe to Security Wire Weekly




 

@33276 Enrique Salem takes charge at Symantec 
Enrique Salem, who took over as Symantec CEO for the retiring John Thompson on April 4, talks about the Symantec he worked for in the 1990s, the Symantec he inherits today, and the Symantec he envisions for the future.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of April 5, 2009

Security Wire Weekly Cloud computing security
Jim Reavis of the Cloud Security Alliance talks about the new organization's goals and the challenges ahead for cloud computing. Also, David Goldstone of Goodwin Procter on the failure of data breach class action lawsuits.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Squad podcast New model supports secure software coding 
Brian Chess of Fortify Software and Sammy Migues of Cigital talk about the "Building Security In Maturity Model" (BSIMM), a blueprint for secure software development, a collection of best practices distilled from nine of the best programs in the world.

Download MP3 | Subscribe to our security podcasts




 

Threat Monitor podcastThreat Monitor -- April 6, 2009
Short-lived Web malware: Fading fad or future trend? 
Attackers are increasingly spreading their malicious code through fly-by-night websites that seem legitimate to unsuspecting users, but are actually laden with malware. Marcos Christodonte II explains how short-lived Web malware works, and how enterprises can use Web filtering, honeytokens and good policy to mitigate the threat.

Download MP3 | Subscribe to Threat Monitor




 

Podcasts for the week of March 29, 2009

Security Wire Weekly Is Conficker worth the hype? 
We talk about the hype surrounding the Conficker worm with Pete Lindstrom, research director at Spire Security. Also, Dave Marcus of McAfee joins us to talk about malware in a down economy.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of March 22, 2009


Security Wire Weekly OWASP security benchmark study; Mobile threats real? 
This week's featured podcast is from SearchSecurity.com's Data Protection School.
Boaz Gelbord, who heads the OWASP Security Spending Benchmarks project, explains the survey results. Also, Ivan Arce of Core Security Technologies talks about smartphone threats and penetration testing.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Squad podcast 'Hot Type': The Truth about Identity Theft
In the latest edition of "Hot Type: Security Books in Audio," author Jim Stickley reveals just how easy it is for a cybercriminal to get access to your employees' passwords.

And don't forget to read an excerpt from Jim Stickley's book: The Truth about Identity Theft.

Download MP3 | Subscribe to our security podcasts




 

Podcasts for the week of March 15, 2009

Security Wire Weekly Security incident response tips; L0phtCrack is back
Security expert Lenny Zeltser gives tips on how to appropriately respond to a security incident. Also, a discussion on the relaunch of L0phtCrack password cracking tool with Chris Wysopal of Veracode.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of March 8, 2009

Security Wire Weekly Jose Nazario on botnets, cyberwarfare
(SOURCE Boston 2009) Botnets are being used more frequently to silence political dissenters, explains Jose Nazario of Arbor Networks. Nazario has been studying the rise of botnets as a tool used in cyberwarfare.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of March 1, 2009

Threat Monitor podcastThreat Monitor -- March 6, 2009
How to use (almost) free tools to find sensitive data 
No matter how much security awareness training employees get, some of them will still store sensitive data in insecure places. As a security manager, finding that data becomes of paramount importance — but how to do it? In this tip, John Soltys offers advice on ways to find insecurely stored data.

Download MP3 | Subscribe to Threat Monitor




 

Security Wire Weekly PCI officials on data breaches, PCI DSS
PCI Council general manager Bob Russo and Council chairman Lib de Veyra talk about the PCI Council's goals in 2009. Russo is frank about the latest data breaches. Also a discussion about virtualization security with Steve Herrod of VMware.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of February 22, 2009

Security Wire Weekly Attacks against SSL 
Cryptography expert Taher Elgamal of Axway Inc. defends SSL in the wake of research that bypasses it. Elgamal's research led to the development of SSL.

Download MP3 | Subscribe to Security Wire Weekly




 

Threat Monitor podcastThreat Monitor -- February 23, 2009
How to block adult websites from enterprise users by logging content 
Inappropriate content has always been a problem for enterprise security teams. What are some best practices for blocking adult content and websites from systems? In this security management tip, learn strategies for keeping users' Web habits in check.

Download MP3 | Subscribe to Threat Monitor




 

Podcasts for the week of February 15, 2009

Security Wire Weekly Chris Wysopal on secure coding
Secure coding expert Chris Wysopal talks about dynamic and static testing and the state of secure software development tools. Wysopal also explains why he's a big proponent of the SANS/CWE Top 25 Dangerous Programming Errors List.

Download MP3 | Subscribe to Security Wire Weekly




 

Threat Monitor podcast Why top lists don't work
Gary McGraw of Cigital explains why the CWE/SANS Top 25 dangerous programming errors list will fail to have a major effect on secure software development.

Download MP3 | Subscribe to Threat Monitor




 

Podcasts for the week of February 8, 2009

Security Wire Weekly Top cybersecurity priorities for the Obama administration 
Core Security's Tom Kellermann, who served on the Commission for Cybersecurity for the 44th Presidency, talks about President Obama's cybersecurity priorities. Also, Gary McGraw of Cigital explains why the CWE/SANS Top 25 list won't do much to aid secure software development.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of February 1, 2009

Threat Monitor podcastThreat Monitor -- February 6, 2009
How Threat Monitor: Are Windows Vista security features up to par? 
Expert Michael Cobb explains why attempts to bypass Windows Vista memory protections don't necessarily mean that the operating system lacks security.

Download MP3 | Subscribe to Threat Monitor




 

Security Wire Weekly Data breach cost analysis
Larry Ponemon of the Ponemon Institute explains his firm's Cost of Data Breach study. While costs are increasing, companies are struggling to avoid a second breach. Also, Henry Helgeson, CEO of payment processor Merchant Warehouse, talks about PCI and encryption in the wake of the Heartland breach.
 

Data breach costs rise as firms brace for next loss: Companies are struggling to prevent data breaches, according to a new survey that found most firms are dealing with multiple breaches.

First lawsuit filed in Heartland data security breach: A class action lawsuit was filed against Heartland claiming that the payment processor issued belated and inaccurate statements when it announced a security breach of its systems.
 

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of Jan. 25, 2009

Security Wire Weekly Microsoft Conficker dangers ahead
Thomas Cross, X-Force security researcher for IBM ISS, discusses the possible dangers posed by the Conficker/Downadup worm. Researchers are waiting for the payload.

Program links:

Microsoft Conficker worm hits peak, but payload awaits: Security researchers are fascinated by the spreading Conficker/Downadup worm, but are unsure what kind of damage it will do to corporate networks.

Microsoft RPC worm spreads in corporate networks: A worm, exploiting the Microsoft RPC vulnerability, is wreaking havoc on some corporate networks, according to researchers at security vendor, F-Secure.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of Jan. 18, 2009

Security Wire Weekly Heartland data security breach
Gartner Analayst Avivah Litan talks about the massive Heartland data security breach. Also, a discussion with Ernst & Young's Sagi Leizerov on data privacy in the retail industry.

Program links:

Payments processor discloses massive data breach: Company says an intrusion of its processing system may be part of a broader fraud operation.

Study ties fraud losses to Hannaford, TJX breaches: Experts say breach costs are far reaching and could lead banks and merchants to find alternative payment methods.

Download MP3 | Subscribe to Security Wire Weekly




 

Security Wire Weekly Are vulnerability lists helpful?
In this edition of Security Squad the editorial team debates the usefulness of the CWE/SANS Top 25 List, the state of virtualization security and they discuss the top cybersecurity news stories of 2008.

Program links:

Security experts identify 25 dangerous coding errors

PCI needs to address virtualization, experts say

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of Jan. 11, 2009

Security Wire Weekly Top 25 dangerous coding errors
Security experts explain the new Top 25 Errors list. Includes Bob Martin of MITRE Corp., Paul Kurtz, a principal author of the U.S. National Strategy to Secure Cyberspace and application security testers Jacob West of Fortify Software and Chris Wysopal of Veracode.

Download MP3 | Subscribe to Security Wire Weekly




 

Podcasts for the week of Jan. 4, 2009

Threat Monitor podcastThreat Monitor -- January 8, 2009
Threat Monitor: Future security threats: Enterprise attacks of 2009 
Will organizations be ready for next year's enterprise security threats? Expert John Strand reviews what's in store for 2009, including new weapons, old vulnerabilities, and new takes on old attack techniques.

Download MP3 | Subscribe to Threat Monitor




 

Security Wire Weekly Network access control: A look ahead
Patrick Wheeler of Symantec looks back at the market for NAC technologies in 2008 and explains what he sees ahead in 2009.

Download MP3 | Subscribe to Security Wire Weekly




 

INFORMATION SECURITY PODCAST ARCHIVES
2008 podcasts
2007 podcasts
2006 podcasts
2005 podcasts
This was first published in December 2009

Dig deeper on Emerging Information Security Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close