Episode 42: Apple Store Gets Infected and the Growth of Malvertising with Malwarebytes’ Jerome Segura

September 25, 2015

The Apple Store experienced one of its largest compromises ever with XcodeGhost. China once again is in the news with another report tying economic espionage to the country. The OPM breach continues to get worse. More malvertising and other vulnerabilities were discovered. And a variety of companies faced fines and legal action including Comcast, LinkedIn, AT&T, and others.

This week's guest is Jerome Segura, senior security researcher at Malwarebytes, and we chat about the growth of malvertising, how it affects advertisers and publishers, and what, if anything, can be done to stop it. The interview starts at 22:30.

Episode 41: Cracking Down on Chinese Espionage and DDoS for Bitcoin with Akamai’s Lisa Beegle

September 17, 2015

China, China, and more China. It seems they are always front and center in the cyber world, and this week was no exception with a new report on Chinese espionage from Trend Micro, warnings that espionage must be curtailed from President Obama, and anticipation over the Chinese President Xi Jinping visiting the U.S. next week. We also break down the latest cyber-attacks, cyber advisories and legal news from the past week including new data breaches, new malware, and new legal developments involving Google, Target and JPMorgan Chase. And online poker players beware; cybercriminals are targeting you too.

This week’s guest is Lisa Beegle, Information Security Manager at Akamai Technologies. Akamai’s PLXsert team has been observing DD4BC, a cybercrime group that’s been threatening businesses with DDoS attacks if they do not pay an extortion fee via bitcoin, and we chat about the group and DDoS extortion. The interview starts at 18:25.

Episode 40: Another Major Health Insurance Breach and Fired Executives with Fidelis Cybersecurity’s Emilio Iasiello

September 11, 2015

A breach at health insurer Excellus affects more than 10 million people and is the latest major healthcare-related breach this year. Nearly 80,000 California State University students had their information exposed after a vendor was compromised. A variety of other cybercrime-related events occurred including a surge in DDoS extortion attacks targeting the Financials sector, a variety of Android advisories and a potential "umbrella agreement" between the United States and European Union.

This week's guest is Emilio Iasiello, Senior Cyber Intelligence Analyst at Fidelis Cybersecurity. Ashley Madison’s former CEO Noel Biderman is the latest executive to resign following a high-profile data breach, and we chat about the trend of CEOs and other executives taking the blame for cybercrime events at their organizations. The interview starts at 18:45.


Episode 39: FBI Warns Businesses, Sanctions Against China, and Fooling Attackers with TrapX’s Greg Enriquez

September 4, 2015

The FBI is warning of an uptick in business email accounts being compromised leading to fraudulent wire transfers. The Obama administration is putting together a package of "unprecedented" economic sanctions against Chinese companies and individuals engaged in cybertheft. We run through a variety of new advisories and legal actions that are underway including new malware affecting iOS devices and the banking sector, ransomware-as-a-service, and the latest settlements and lawsuits.

This week's guest is Greg Enriquez, CEO of TrapX, and we discuss how enterprises are using "deception technologies" to fool attackers and improve their defenses. The interview starts at 21:30.