DtSR Episode 211 - NewsCast for Sept 13th 2016

09/15/16 • 48 min

Down the Security Rabbithole Podcast (DtSR)

Send the hosts a message - try it now!

Chrome to label more sites as insecure in 2017

Link: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
Focus on sites that transmit passwords or credit card info over HTTP

A USB Device is all it takes to steal credentials from locked PCs

Link: http://www.pcworld.com/article/3117793/security/a-usb-device-is-all-it-takes-to-steal-credentials-from-locked-pcs.html
This is actually pretty interesting, but a little trickier than it sounds
Still - it's quite fascinating that a USB attack works cross-platform, based on network activity and default USB behaviors

DHS chief: 'Very difficult' for hackers to skew vote

Link: http://thehill.com/policy/national-security/294956-homeland-head-very-difficult-for-hackers-to-skew-vote
- Instead of dismissing the claim, let’s explore the merits
- Then let’s consider what, if anything, it means for enterprise security
“It would be very difficult through any sort of cyber intrusion to alter the ballot count, simply because it is so decentralized and so vast,” he said, noting the series of state, local and county systems involved in running elections. “It would be very difficult to alter the count.”
- Decentralized and vast - the merits
- How many companies make the systems - so is it as decentralized as we’d like
- How much of what you do in the enterprise is decentralized?
- What are your points of failure - or the easy pathways to attack?
If someone did alter the vote... would we know? How would we know?
What’s the impact of appearing to alter the vote?
Depending on your organization... how would you h

Support the show

>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

Send the hosts a message - try it now!

Chrome to label more sites as insecure in 2017

Link: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
Focus on sites that transmit passwords or credit card info over HTTP

A USB Device is all it takes to steal credentials from locked PCs

Link: http://www.pcworld.com/article/3117793/security/a-usb-device-is-all-it-takes-to-steal-credentials-from-locked-pcs.html
This is actually pretty interesting, but a little trickier than it sounds
Still - it's quite fascinating that a USB attack works cross-platform, based on network activity and default USB behaviors

DHS chief: 'Very difficult' for hackers to skew vote

Link: http://thehill.com/policy/national-security/294956-homeland-head-very-difficult-for-hackers-to-skew-vote
- Instead of dismissing the claim, let’s explore the merits
- Then let’s consider what, if anything, it means for enterprise security
“It would be very difficult through any sort of cyber intrusion to alter the ballot count, simply because it is so decentralized and so vast,” he said, noting the series of state, local and county systems involved in running elections. “It would be very difficult to alter the count.”
- Decentralized and vast - the merits
- How many companies make the systems - so is it as decentralized as we’d like
- How much of what you do in the enterprise is decentralized?
- What are your points of failure - or the easy pathways to attack?
If someone did alter the vote... would we know? How would we know?
What’s the impact of appearing to alter the vote?
Depending on your organization... how would you h

Support the show

Previous Episode

DtSR Episode 210 - Data Protection Primer

Send the hosts a message - try it now!

In this episode James and I invite Vlad Klasnja from Optiv's Office of the CISO, and Hudson Harris, Chief Privacy Officer at HarrisLOGIC, to talk about data protection. From defining the concept to providing some insight into how we can actually protect confidential information - we talk through a lot of complex issues in this segment. Join us!

Guests

Hudson Harris - Chief Privacy Officer at HarrisLOGIC
Vlad Klasnja - Data Protection and Privacy Manager at Optiv

Support the show

Next Episode

DtSR Episode 212 - Insider Threat Primer

Send the hosts a message - try it now!

In this episode, we talk with Mike Tierney, who is the brand-new CEO at Veriato. In our conversation we talk through a primer on insider threat, and use the great example of hosting a dinner party.

Mike has loads of nuggets of wisdom from his experience and we're certain that if you're a seasoned insider threat professional, or just thinking about the topic and wondering if you can do anything to protect your company - this show will be a good primer for furthering your discussion and learning.

Listen in, comment and share with your colleagues! Our show is always safe for the office and educational.

Talk back! Use our Twitter hashtag #DtSR to discuss this episode, ask questions, or suggest other topics or guests for the future!

Support the show