Squad: Tokenization, Phishing and the Feds

SearchSecurity editors discuss the importance of Microsoft’s record breaking number of October vulnerabilities, the federal government’s plan to hire 1,000 cybersecurity pros, the FBI’s crackdown on a massive phishing ring and the latest payment industry tokenization plans.

 

 Security Squad [23:10m]: Play Now | Play in Popup

Silon Trojan strikes Internet Explorer users

Amit Klein, CTO of Trusteer Inc. on a new two-headed Trojan striking Inernet Explorer users to steal login credentials.

 

 Security Wire Weekly [10:17m]: Play Now | Play in Popup

Heartland CIO on PCI, E3 project

Heartland Payment Systems CIO Steve Elefant talks about the processor’s new E3 security processes, end-to-end encryption, deployment and adoption issues.

 

 Security Wire Weekly: Play Now | Play in Popup

Nuke and pave to eradicate botnets

Security researcher Gunter Ollmann of Damballa discusses the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls “nuke and pave.”

 

 Security Wire Weekly [19:19m]: Play Now | Play in Popup

Exploring encryption, DLP

Richard Jacobs, chief technology officer of Sophos on encryption for compliance, DLP and the case for involving end users in security decisions.

 

 Security Wire Weekly: Play Now | Play in Popup

Threat Monitor: An enterprise strategy for Web application security threats

People Security founder Hugh Thompson reviews the tools and tactics, from routine assessments to Web application firewalls, that are essential to an application security strategy,

 

 Standard Podcast: Play Now | Play in Popup

Digital forensics, breach incident response

Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics, explains best practices around data breach response and digital forensics.

 

 Security Wire Weekly: Play Now | Play in Popup

Privacy gone awry

SearchSecurity editors discuss Internet privacy issues, the Apache disclosure, VMworld and Apple security.

 

 Security Squad: Play Now | Play in Popup

SANS Top Cybersecurity Risks

Experts discuss the findings of the SANS Institute 2009 Top Cyber Risks Report. The SANS report, The Top Cyber Security Risks found that IT security professionals are failing to adequately address client-side application flaws and website vulnerabilities.  Meanwhile, cybercriminals are using spear phishing attacks and automated SQL injection attacks to infect employee machines and ultimately gain access to company networks.

 

 Security Wire Weekly [11:12m]: Play Now | Play in Popup

DNSSEC – Challenges and pitfalls

Security experts and officials involved in DNSSEC implementations share their successes and the challenges they face.

Program notes: DNSSEC deployments gain momentum since Kaminsky DNS bug

Kaminsky interview: DNSSEC addresses cross-organizational trust and security

 

 Security Wire Weekly [36:38m]: Play Now | Play in Popup