Go offline with the Player FM app!
DtSR Episode 189 - NewsCast for April 12th 2016
Archived series ("Inactive feed" status)
When? This feed was archived on April 01, 2023 22:02 (). Last successful fetch was on February 21, 2023 20:16 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 125432532 series 12320
In this episode...
Pros examine mossack-fonseca breach: Wordpress plugin, Drupal likely suspects
- Plug-ins seem to be a universal weakness
- Many companies have this type of 3rd party security issue
- The broader enterprise implications - how do you find these sites?
- http://www.scmagazine.com/pros-examine-mossack-fonseca-breach-wordpress-plugin-drupal-likely-suspects/article/488697/
WordPress pushes free https encryption for all hosted sites
- What's the problem we're trying to solve?
- 2 separate issues, trust vs. authentication - know which you're solving
- http://www.securityweek.com/wordpresscom-pushes-free-https-all-hosted-sites
If you can't break crypto, break the client
- Bishop-Fox researcher finds webkit bug in iMessage
- JavaScript in iMessage, sure, why not
- Same-Origin-Policy (SOP) not enforced since it's a desktop app
- http://www.bishopfox.com/blog/2016/04/if-you-cant-break-crypto-break-the-client-recovery-of-plaintext-imessage-data/
Executives - "We're not responsible for cyber security"
- Raf: This is squarely the fault of security professionals failing to make the security discussion a part of the enterprise vernacular
- Michael & James: What does this mean, and what do we do not? If anything.
- http://www.cnbc.com/2016/04/01/many-executives-say-theyre-not-responsible-for-cybersecurity-survey.html
574 episodes
Archived series ("Inactive feed" status)
When? This feed was archived on April 01, 2023 22:02 (). Last successful fetch was on February 21, 2023 20:16 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 125432532 series 12320
In this episode...
Pros examine mossack-fonseca breach: Wordpress plugin, Drupal likely suspects
- Plug-ins seem to be a universal weakness
- Many companies have this type of 3rd party security issue
- The broader enterprise implications - how do you find these sites?
- http://www.scmagazine.com/pros-examine-mossack-fonseca-breach-wordpress-plugin-drupal-likely-suspects/article/488697/
WordPress pushes free https encryption for all hosted sites
- What's the problem we're trying to solve?
- 2 separate issues, trust vs. authentication - know which you're solving
- http://www.securityweek.com/wordpresscom-pushes-free-https-all-hosted-sites
If you can't break crypto, break the client
- Bishop-Fox researcher finds webkit bug in iMessage
- JavaScript in iMessage, sure, why not
- Same-Origin-Policy (SOP) not enforced since it's a desktop app
- http://www.bishopfox.com/blog/2016/04/if-you-cant-break-crypto-break-the-client-recovery-of-plaintext-imessage-data/
Executives - "We're not responsible for cyber security"
- Raf: This is squarely the fault of security professionals failing to make the security discussion a part of the enterprise vernacular
- Michael & James: What does this mean, and what do we do not? If anything.
- http://www.cnbc.com/2016/04/01/many-executives-say-theyre-not-responsible-for-cybersecurity-survey.html
574 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.