http://www.theregister.co.uk/2016/02/04/norse_corp_ceo_fired/ http://www.secureworks.com/resources/blog/ransomware-used-as-a-distraction/ http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/ http://mobile.reuters.com/article/idUSKCN0VD14X http://www.csoonline.com/article/3025787/security/defending-against-insider-security-threats-hangs-on-trust.html http://www.securityforrealpeople.com/2016/02/poor-ux-leads-to-poorly-secured-soho.html
Feb 11, 2016•57 min•Transcript available on Metacast Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/tickets/ http://www.theregister.co.uk/2016/01/28/nsas_top_hacking_boss_explains_how_to_protect_your_network_from_his_minions/?page=1 https://www.youtube.com/watch?v=bDJb8WOJYdA http://krebsonsecurity.com/2016/01/sources-security-firm-norse-corp-imploding/ http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/
Feb 01, 2016•42 min•Transcript available on Metacast https://blog.malwarebytes.org/intelligence/2016/01/draft-lechiffre-a-manually-run-ransomware/ http://www.tripwire.com/state-of-security/security-data-protection/boeing-supplier-hacked-claims-55-million-worth-of-damage-as-stock-price-falls/ http://krebsonsecurity.com/2016/01/firm-sues-cyber-insurer-over-480k-loss/ http://shawnetuma.com/2016/01/08/supervalu-data-breach-class-action-dismissed-for-lack-of-harm/ Hack in the Box: https://conference.hitb.org/ Circle City Con: https://circlecitycon.com/...
Jan 27, 2016•40 min•Transcript available on Metacast http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/ http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/ http://www.csoonline.com/article/3021774/security/trend-micro-flaw-could-have-allowed-attacker-to-steal-all-passwords.html
Jan 21, 2016•36 min•Transcript available on Metacast http://www.welivesecurity.com/2016/01/03/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry/ http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html http://www.databreaches.net/191-million-voters-personal-info-exposed-by-misconfigured-database/ http://darkmatters.norsecorp.com/2015/12/28/the-cybersecurity-information-sharing-act-cisa-passed/
Jan 03, 2016•43 min•Transcript available on Metacast This is our 2015 holiday episode with the Brakeing Down Security and PVC Security podcasts.
Jan 03, 2016•1 hr 22 min•Transcript available on Metacast https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html http://www.csoonline.com/article/3012443/security/how-the-nsa-uses-behavior-analytics-to-detect-threats.html#tk.rss_all http://www.databreachtoday.com/wyndham-agrees-to-settle-ftc-breach-case-a-8737 https://technet.microsoft.com/en-us/library/security/ms15-127.aspx https://www.reddit.com/r/sysadmin/comments/3wa8rl/early_warning_system_for_cryptowall_crypto_canary/
Dec 13, 2015•43 min•Transcript available on Metacast http://www.zdnet.com/article/vtech-hack-gets-worse-kids-photos-chat-logs-also-stolen/ http://krebsonsecurity.com/2015/12/dhs-giving-firms-free-penetration-tests/ http://www.csoonline.com/article/3011580/data-protection/insurance-companies-will-crack-down-on-cyber-security-in-2016-report.html http://www.forbes.com/sites/joannabelbey/2015/11/30/7-tips-from-the-fbi-to-prepare-your-firm-for-a-cyber-attack/
Dec 06, 2015•47 min•Transcript available on Metacast http://krebsonsecurity.com/2015/11/breach-at-it-automation-firm-landesk/ http://www.slate.com/articles/technology/users/2015/11/sony_employees_on_the_hack_one_year_later.html http://www.csoonline.com/article/3006816/cyber-attacks-espionage/damballa-finds-tools-related-to-the-malware-that-hit-sony.html http://www.databreachtoday.com/interviews/what-jpmorgan-chase-breach-teaches-us-i-2982 http://www.healthcaredive.com/news/ftc-data-breach-case-dismissal-raises-bar-for-demonstrating-consumer-harm/4...
Nov 26, 2015•45 min•Transcript available on Metacast http://www.bloomberg.com/news/articles/2015-11-10/hackers-accused-by-u-s-of-targeting-top-banks-mutual-funds http://www.trust.org/item/20151113203615-j3cyu http://krebsonsecurity.com/2015/11/jpmorgan-hackers-breached-anti-fraud-vendor-g2-web-services/#more-32855 http://consumerist.com/2015/11/13/lack-of-windows-3-1-technicians-causes-traffic-backup-at-french-airport/ http://securityaffairs.co/wordpress/41950/cyber-crime/fakben-ransomware-as-a-service.html
Nov 16, 2015•46 min•Transcript available on Metacast http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/ http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/ http://www.theregister.co.uk/2015/11/02/pagefair_malware_snare_scare_in_halloween_hack_of_adblocker_blocker/ http://www.infosecurity-magazine.com/news/it-personnel-are-the-riskiest/
Nov 08, 2015•55 min•Transcript available on Metacast http://blog.erratasec.com/2015/10/dumb-dumber-and-cybersecurity.html http://www.businessinsider.com/talktalk-didnt-use-encryption-hack-protect-4-million-customer-details-2015-10 https://grahamcluley.com/2015/10/talktalk-hacked-silly-ask-data-encrypted/ http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/ http://www.securityweek.com/hacking-impact-short-lived-sony-boss https://threatpost.com/european-aviation-agency-warns-of-aircraft-hacking/114987/
Oct 26, 2015•38 min•Transcript available on Metacast http://www.threatconnect.com/threat-intelligence-driven-risk-analysis/http://www.theregister.co.uk/2015/10/15/inside_mandiants_biggest_forensics_breach_battle_is_this_anthem/http://www.theregister.co.uk/2015/10/16/dow_jones_denies_russian_hackers_plundered_its_servers_for_insider_trading_tips/http://m.nextgov.com/cybersecurity/2015/10/opm-fully-do-away-passwords-network-access-2-years/122768/
Oct 21, 2015•51 min•Transcript available on Metacast tp://www.databreachtoday.com/report-usps-workers-vulnerable-to-phishing-scams-a-8579 http://krebsonsecurity.com/2015/10/at-experian-security-attrition-amid-acquisitions/#more-32501 http://www.databreachtoday.com/etrade-dow-jones-issue-breach-alerts-a-8586 http://www.bankinfosecurity.asia/blogs/cyber-insurance-primer-for-insurers-insured-p-1946 http://www.csoonline.com/article/2990471/social-engineering/near-flawless-social-engineering-attack-spoiled-by-single-flaw.html#tk.rss_all
Oct 13, 2015•55 min•Transcript available on Metacast http://arstechnica.com/security/2015/10/patreon-was-warned-of-serious-website-flaw-5-days-before-it-was-hacked/ http://www.scmagazine.com/sec-hits-security-adviser-with-75000-penalty-in-breach-settlement/article/440268/ http://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/ http://www.wired.com/2015/10/hack-brief-hackers-steal-15m-t-mobile-customers-data-experian/ http://time.com/4056928/trump-hotels-hacked/ http://fortune.com/2015/10/02/american-bankers-association-brea...
Oct 05, 2015•38 min•Transcript available on Metacast http://www.pvcsec.com/ http://brakeingsecurity.com/
Sep 30, 2015•1 hr 7 min•Transcript available on Metacast http://www.thenationaltriallawyers.org/2015/09/standing-neiman-marcus-data-breach/ http://krebsonsecurity.com/2015/09/bidding-for-breaches-redefining-targeted-attacks/ http://www.miltonstart.com/blog/2015/09/22/morgan-stanley-employee-pleads-guilty-in-data-breach-case/
Sep 29, 2015•1 hr 16 min•Transcript available on Metacast http://www.bizjournals.com/atlanta/blog/atlantech/2015/09/atlantas-bitpay-got-hacked-for-1-8-million-in.html http://www.securityweek.com/excellus-data-breach-impacts-10-million http://www.databreachtoday.com/attacks-on-insurers-lessons-learned-a-8530 http://federalnewsradio.com/cybersecurity/2015/09/us-certs-dos-and-donts-for-after-the-cyber-hack/ http://www.theguardian.com/technology/2015/sep/10/cyber-threat-data-manipulation-us-intelligence-chief http://www.csoonline.com/article/2984543/vulner...
Sep 21, 2015•1 hr 5 min•Transcript available on Metacast http://www.theregister.co.uk/2015/09/04/mozilla_firefox_bugzilla_leak/ http://darkmatters.norsecorp.com/2015/09/03/four-non-technical-measures-for-mitigating-insidious-insiders/ http://arstechnica.com/tech-policy/2015/08/ftc-can-sue-companies-with-poor-information-security-appeals-court-says/ https://nakedsecurity.sophos.com/2015/09/02/microsoft-word-intruder-revealed-inside-a-malware-construction-kit/ http://www.securityweek.com/executive-it-security-problem-lessons-learned-hillary-clinton
Sep 12, 2015•1 hr 6 min•Transcript available on Metacast http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/security-reverse-engineering-and-eulas/ http://arstechnica.com/security/2015/08/my-browser-visited-drudgereport-and-all-i-got-was-this-lousy-malware/ http://arstechnica.com/security/2015/08/attackers-actively-exploit-windows-bug-that-uses-usb-sticks-to-infect-pcs/ http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapwar...
Aug 25, 2015•42 min•Transcript available on Metacast Aug 25, 2015•30 min•Transcript available on Metacast http://resources.infosecinstitute.com/can-user-awareness-really-prevent-spear-phishing/ http://www.net-security.org/secworld.php?id=18702 http://link.springer.com/article/10.1007/s12290-015-0355-5/fulltext.html
Aug 11, 2015•1 hr 1 min•Transcript available on Metacast http://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/ http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/phishing-up-74-in-q2-2015-reveals-infoblox-dns-threat-index/ http://blog.trendmicro.com/trendlabs-security-intelligence/angler-exploit-kit-used-to-find-and-infect-pos-systems/ http://www.welivesecurity.com/2015/07/28/new-report-explains-gulf-security-experts-non-experts/
Aug 03, 2015•1 hr 18 min•Transcript available on Metacast http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/ http://www.mcafee.com/us/resources/reports/rp-aspen-holding-line-cyberthreats.pdf http://arstechnica.com/tech-policy/2015/07/obama-administration-decides-not-to-blame-china-publicly-for-opm-hack/ http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/
Jul 27, 2015•45 min•Transcript available on Metacast http://arstechnica.com/tech-policy/2015/07/hacking-teams-surveillance-software-sold-to-kgb-successor/ http://arstechnica.com/security/2015/07/hackingteams-evil-android-app-had-code-to-bypass-google-play-screening/ http://www.scmagazine.com/ios-devices-dont-have-to-be-jailbroken-for-spyware-sold-by-hacking-team-to-be-installed/article/426137/ https://krebsonsecurity.com/2015/07/hacking-team-used-spammer-tricks-to-resurrect-spy-network/ http://www.scmagazine.com/fireeye-intern-morgan-culbertson-ar...
Jul 19, 2015•53 min•Transcript available on Metacast http://labs.bromium.com/2015/07/10/government-grade-malware-a-look-at-hackingteams-rat/ http://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/ https://www.tenable.com/blog/lessons-to-learn-from-the-opm-breach http://arstechnica.com/tech-policy/2015/07/opm-director-resigns-after-news-that-hack-affected-21-5-million-people/ http://www.ffiec.gov/cyberassessmenttool.htm
Jul 13, 2015•54 min•Transcript available on Metacast http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/ & http://www.csoonline.com/article/2945200/vulnerabilities/adobe-to-patch-flash-0-day-created-by-hacking-team.html http://securityaffairs.co/wordpress/38372/cyber-crime/kins-malware-builder-leaked.html Cyber UL Could Become Reality Under Leadership of Hacker Mudge http://www.federaltimes.com/story/government/omr/opm-cyber-report/2015/06/23/keypoint-usis-opm-breach/28977277/
Jul 09, 2015•37 min•Transcript available on Metacast http://www.databreaches.net/fbi-cyber-division-bulletin-on-tools-reportedly-used-by-opm-hackers/ https://fortune.com/sony-hack-part-1/ http://www.csoonline.com/article/2938310/data-protection/lieberman-mandiant-and-verizon-wrong-on-unstoppable-threats.html http://www.itworld.com/article/2939255/windows/the-us-navys-warfare-systems-command-just-paid-millions-to-stay-on-windows-xp.html
Jun 30, 2015•51 min•Transcript available on Metacast http://www.bankinfosecurity.com/blogs/did-fisma-facilitate-opm-hack-p-1879/op-1 http://www.csoonline.com/article/2936723/data-breach/user-error-is-an-expected-business-problem.html http://www.databreachtoday.com/blogs/post-malware-outbreak-rip-replace-p-1877 http://www.csoonline.com/article/2936615/data-breach/6-breaches-lessons-reminders-and-potential-ways-to-prevent-them.html http://www.nytimes.com/2015/06/17/sports/baseball/st-louis-cardinals-hack-astros-fbi.html
Jun 23, 2015•53 min•Transcript available on Metacast http://www.theregister.co.uk/2015/05/28/cottage_healthcare_system_sued/ http://arstechnica.com/security/2015/06/report-hack-of-government-employee-records-discovered-by-product-demo/ What I know about US Export Controls and Hacking Tools byu/4d004anonymous innetsec http://www.bis.doc.gov/index.php/policy-guidance/faqs http://www.wired.com/2015/06/kaspersky-finds-new-nation-state-attack-network/
Jun 15, 2015•52 min•Transcript available on Metacast 
