Marc Maiffret of eEye Digital Security talks about his hacking career and the revival of his company’s zero-day tracking service. Also, Jeremiah Grossman of WhiteHat Security on the latest Twitter vulnerability.
SearchSecurity.com editors talk with Pete Lindstrom, a longtime security industry observer and research director at Spire Security about the latest security vendor acquisitions and what they mean for the market. Also, should security pros be silenced by their employers?
Botnet and malware expert Joe Stewart explains why it is difficult for security teams to take down botnets. Stewart, director of malware research at SecureWorks talks about the data that can be gleaned from command and control servers and what ISPs are doing to defend against zombie computers.
In this interview with Editorial Director Michael Mimoso, Jim Reavis, cofounder of the Cloud Security Alliance, discusses the group’s first user certification, the Certificate of Cloud Security Knowledge (CCSK). The CCSK will demonstrate an individual’s understanding of the key concepts of the Cloud Security Alliance’s guidance and best practices, as well as those of the European Network and Information Security Agency (ENISA). Reavis also discusses the state of cloud security awareness among enterprises moving services and processes into the cloud, and how IT organizations should address security and compliance in the context of cloud computing.)
Black Hat 2010: Jim Reavis on first Cloud Security Alliance user certification[ 18:13 ]Play Now | Play in Popup
Core Security’s Tom Kellermann goes in depth on his thoughts about advanced persistent threat, how to deal with foreign adversaries and where and why the U.S. government is coming up short in fending off targeted and persistent attacks from cybercriminals and foreign governments
Black Hat 2010: Tom Kellerman on advanced persistent threat (APT), and cybersecurity and the U.S. government[ 13:26 ]Play Now | Play in Popup
Greg Hoglund, founder of HB Gary Inc., presented his work on malware attribution and fingerprinting today at Black Hat in Las Vegas. In this interview, Hoglund talks about his research into looking at how to best trace malware to its author by looking at toolmarks left by the hacker within code. By studying similarities in coding techniques, different attacks can be linked and better traced to their source. Hoglund talks about how enterprises can take a similary approach and how a new open source tool released today can help.
Dave Forstrom, director of Microsoft’s Trustworthy Computing on Microsoft’s “responsible disclosure” announcement, bug buyback programs and several Black Hat 2010 announcements. Also, Brad Arkin, senior director of product security and privacy on its decision to partner with Microsoft with its Active Protections Program, to give vulnerability data to security vendors prior to pushing out a patch.
Kevin Mahaffey, John Hering of mobile security vendor Lookout explain their latest project, App Genome Project, a study of 300,000 smartphone applications. The study findings are being released this week at Black Hat 2010. The two researchers said mobile applications pose a major threat and predict it to be the next big attack vector of cybercriminals.
Listen to the top security experts and learn about the latest cybersecurity research. Whether it’s the spread of malware, the explosion of spam or hackers exploiting flaws to steal sensitive data, this podcast series aims to find the right ways to defend against ongoing attacks to your systems.