Serious About Security Preston Wiley, Mike Hill, and Keith Watson

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Mike Hill, CISSP
Keith Watson, CISSP-ISSAP, CISA


Articles


Research shows how MacBook Webcams can spy on their users without warning by Ashkan Soltani and Timothy B.Lee (The Washington Post), FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance by Craig Timberg and Ellen Nakashima (The Washington Post), iSeeYou: Disabling the MacBook Webcam Indicator LED by Matthew Brocker and Stephen Checkoway (Technical Report 13-02, Department of Computer Science, Johns Hopkins University)
Liberty and Security in a Changing World by The President’s Review Group on Intelligence and Communications Technologies, White House panel recommends new limits on NSA surveillance by Ken Dilanian and Christi Parsons (Los Angeles Times), Obama Is Urged to Sharply Curb N.S.A. Data Mining by David E. Sanger and Charlie Savage (The New York Times), Obama review panel: strip NSA of power to collect phone data records by Dan Roberts and Spencer Ackerman (The Guardian), EFF Statement on President’s Review Group’s NSA Report by Rebecca Jeschke (The Electronic Frontier Foundation)

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Mike Hill, CISSP
Keith Watson, CISSP-ISSAP, CISA


Articles


For Nearly Two Decades the Nuclear Launch Code at All Minuteman Silos in the United States was 00000000 by Karl Smallwood (Today I Found Out), ‘Secret’ Nuclear Missile Launch Code During Cold War Was ‘00000000’ by Ryan Grenoble (The Huffington Post), Zero protection from nuclear code by Oliver Burkeman (The Guardian), Keeping Presidents in the Nuclear Dark by Bruce Blair (Bruce Blair’s Nuclear Column), For nearly 20 years, the launch code for US nuclear missiles was 00000000 by Lisa Vaas (nakedsecurity blog), Permissive Action Links by Steven M. Bellovin
Further improving digital certificate security by Adam Langley (Google Online Security Blog), Serious Security: Google finds fake but trusted SSL certificates for its domains, made in France by Paul Ducklin (nakedsecurity blog), Google catches French finance ministry pretending to be Google by David Meyer (GigaOM)

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Mike Hill, CISSP
Keith Watson, CISSP-ISSAP, CISA


Articles


Forward Secrecy (Wikipedia), Twitter Enables Perfect Forward Secrecy Across Sites To Protect User Data Against Future Decryption by Matthew Panzarino (TechCrunch), Forward Secrecy at Twitter by Jacob Hoffman-Andrews (Twitter Engineering Blog), Pushing for Perfect Forward Secrecy, an Important Web Privacy Protection by Parker Higgins (EFF Deeplinks Blog)
Google, Facebook, payroll accounts targeted in major password theft, security experts say by Hayley Tsukayama (The Washington Post), 2 Million Stolen Facebook, Yahoo And Google Passwords Posted Online by Alexis Kleinman (The Huffington Post), Look What I Found: Moar Pony! by Trustwave SpiderLabs

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Mike Hill, CISSP
Keith Watson, CISSP-ISSAP, CISA


Articles


Our Commitment to Protecting Your Information by Marissa Mayer (Yahoo!), After N.S.A. Disclosures, Yahoo Moves to Encrypt Internal Traffic by Nicole Perlroth (NY Times Bits Blog), Yahoo Will Follow Google In Encrypting Data Center Traffic, Customer Data Flow By Q1 ’14 by Matthew Panzarino (TechCrunch), Google encrypts data amid backlash against NSA spying by Craig Timberg (The Washington Post)
Expert to warn Congress of HealthCare.gov security bugs by Reuters, Hackers throw 16 attacks at HealthCare.gov plus a DoS for good measure by Lisa Vaas (nakedsecurity blog), Healthcare.gov ‘may already have been compromised,’ security expert says by FoxNews.com

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Mike Hill, CISSP
Keith Watson, CISSP-ISSAP, CISA


Articles


Facebook Warns Users After Adobe Breach by Brian Krebs (Krebs on Security), Facebook mines Adobe breach data for reused passwords, warns users to change them or disappear by Liam Tung (ZDNet), Anatomy of a password disaster - Adobe’s giant-sized cryptographic blunder by Paul Ducklin (naked security blog)
IE zero-day exploit disappears on reboot by Shona Ghosh (PC Pro), IE Zero Day Watering Hole Attack Injects Malicious Payload into Memory by Michael Mimoso (threat post)

Youtube

 


Show Notes

Hosts

Preston Wiley, CISSP, CCNA
Keith Watson, CISSP-ISSAP, CISA


Articles



Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps by Dan Goodin (Ars Technica), badBIOS by Bruce Schneier (Schneier on Security), Security researcher says new malware can affect your BIOS; communicate over the air by Ian Paul (PCWorld), ‘BadBIOS’ System-Hopping Malware Appears Unstoppable by Marshall Honorof (Tom’s Guide), The badBIOS Analysis Is Wrong. by Phillip Jaenke
NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say by Barton Gellman and Askan Soltani (Washington Post), How the NSA’s MUSCULAR tapped Google’s and Yahoo’s private networks by Sean Gallagher (Ars Technica), How we know the NSA had access to internal Google and Yahoo cloud data by Barton Gellman, Askkan, and Andrea Peterson (Washington Post)