Dave Forstrom, director of Microsoft’s Trustworthy Computing on Microsoft’s “responsible disclosure” announcement, bug buyback programs and several Black Hat 2010 announcements. Also, Brad Arkin, senior director of product security and privacy on its decision to partner with Microsoft with its Active Protections Program, to give vulnerability data to security vendors prior to pushing out a patch.
Kevin Mahaffey, John Hering of mobile security vendor Lookout explain their latest project, App Genome Project, a study of 300,000 smartphone applications. The study findings are being released this week at Black Hat 2010. The two researchers said mobile applications pose a major threat and predict it to be the next big attack vector of cybercriminals.
SearchSecurity.com Editors Michael Mimoso and Robert Westervelt discuss this week’s Black Hat conference. Also, Caleb Sima of Armorize Technologies on a sensitive Black Hat talk that has been canceled.
The SearchSecurity editorial team discusses the general enthusiasm posed by security pros over cloud computing at the recent Gartner Security and Risk Management Summit. Also, the team talks about Twitter’s recent settlement with the FCC over its lax security policies and procedures.
Felix “FX” Lindner, lead security researcher at Germany-based Recurity Labs, talks about a new Mozilla Firefox tool he developed that cleans SWF files making it difficult for attackers to target Flash vulnerabilities. Lindner plans to unveil the tool at Black Hat 2010 in Las Vegas. In this interview, he also talks about the difficulty of conducting security research under Germany’s strict cybersecurity laws and his previous research on bar code scanner software vulnerabilities.
Listen to the top security experts and learn about the latest cybersecurity research. Whether it’s the spread of malware, the explosion of spam or hackers exploiting flaws to steal sensitive data, this podcast series aims to find the right ways to defend against ongoing attacks to your systems.