Tom Olzak Commentary, reviews, and tips relevant to anyone responsible for information security. Additional episodes are available at AdventuresinSecurity.com http://adventuresinsecurity.com/ Information Security Tips and Commentary This is a weekly podcast. Each week we present commentary, reviews, and tips relevant to anyone responsible for information security. Additional episodes are available at AdventuresinSecurity.com. Sun, 04 Nov 2007 15:00:00 EST en-us ℗ & © 2006 Erudio Security, LLC No Tom Olzak Tom Olzak podcasts@adventuresinsecurity.com Tom Olzak The vulnerabilities and safeguards associated with Application Denial of Service and Insecure Configuration Management The vulnerabilities and safeguards associated with Application Denial of Service and Insecure Configuration Management The vulnerabilities and safeguards associated with Application Denial of Service and Insecure Configuration Management Sat, 19 Aug 2006 21:15:00 EST 18:12 security,management,business,compliance,sox, hipaa,web security, web application security, OWASP, web application vulnerabilities, owasp top ten, denial of service, configuration management Tom Olzak Tom Olzak The importance of change management, the potential security risks when desperation enters the project lifecycle, how virtual floors can provide secure flexible business-to-business connectivity, and finally, a look at some ways to handle sensitive information once printed copied or faxed. Change management, implementation desperation, Virtual floors, and printer data security The importance of change management, the potential security risks when desperation enters the project lifecycle, how virtual floors can provide secure flexible business-to-business connectivity, and finally, a look at some ways to handle sensitive information once printed, copied, or faxed. Sat, 09 Sep 2006 12:30:00 EST 14:49 security,management,business,compliance,change management, printer, copier, fax, B2B connectivity, virtual floor Tom Olzak Tom Olzak The importance of choosing the right source for audit artifacts, and the growing threat of employee home PCs to the business enterprise Providing audit artifacts and reducing home PC risk. The importance of choosing the right source for audit artifacts, and the growing threat of employee home PCs to the business enterprise. Sun, 24 Sep 2006 18:25:00 EST 14:20 security,management,business,compliance,home pc, audit Tom Olzak Tom Olzak Examination of biometrics in general. Introduction of Keystroke Dynamics as a low impact biometric alternative. Keystroke Dynamics as an alternative biometric solution Examination of biometrics in general. Introduction of Keystroke Dynamics as a low impact biometric alternative. Mon, 02 Oct 2006 18:30:00 EST 17:43 security,management,business,biometrics, keystroke dynamics Tom Olzak Tom Olzak Customer Welfare vs. Vendor Public image, Establishing System Assurance, Cyber-espionage. Customer Welfare vs. Vendor Public image, Establishing System Assurance, Cyber-espionage. Customer Welfare vs. Vendor Public image, Establishing System Assurance, Cyber-espionage. Sun, 15 Oct 2006 08:30:00 EST 18:16 security,management,business,assurance, espionage, cyber-espionage, cyber Tom Olzak Tom Olzak Commentary on iPods in business, security as a process, and how some programming teams are stepping up to meet security challenges. iPods in business, security as a process, meeting programming security challenges Commentary on iPods in business, security as a process, and how some programming teams are stepping up to meet security challenges. Sat, 28 Oct 2006 12:00:00 EST 09:17 security,management,business,assurance, ipod, process, programming Tom Olzak Tom Olzak Commentary on iPods as criminal tools, users are not stupid, AJAX vulnerability monitoring, dangers of pirated software, and Risk Management iPods as criminal tools, users are not stupid, AJAX vulnerability monitoring, dangers of pirated software, and Risk Management iPods as criminal tools, users are not stupid, AJAX vulnerability monitoring, dangers of pirated software, and risk management Sun, 18 Feb 2007 18:00:00 EST 17:04 security,management,business,assurance, ipod, AJAX, risk, piracy Tom Olzak Tom Olzak Key carrying photons, VoIP vulnerabilities, outsourcing security, memory debugging, Exchange DST woes, and hypervisor-based virtual server security Key carrying photons, VoIP vulnerabilities, outsourcing security, memory debugging, Exchange DST woes, and hypervisor-based virtual server security Key carrying photons, VoIP vulnerabilities, outsourcing security, memory debugging, Exchange DST woes, and hypervisor-based virtual server security Sun, 25 Feb 2007 17:00:00 EST 20:07 security,management,business,assurance, hypervisor,vm,virtual,DST,outsourcing Tom Olzak Tom Olzak Vendor bullying, AV software evaluation, Fuzzing, new SPP issue, kernel malware, and data protection Vendor bullying, AV software evaluation, Fuzzing, new SPP issue, kernel malware, and data protection Vendor bullying, AV software evaluation, Fuzzing, new SPP issue, kernel malware, and data protection Sun, 4 Mar 2007 08:55:00 EST 18:46 security,management,business,assurance, fuzzing,privaCY, rootkit, kernel, malware, SPP, onecare Tom Olzak Tom Olzak Bot driven spam, discretionary faxing, quantum leaps, Oracle security, 7 habits of effective security leaders, pros and cons of risk management Bot driven spam, discretionary faxing, quantum leaps, Oracle security, 7 habits of effective security leaders, pros and cons of risk management Bot driven spam, discretionary faxing, quantum leaps, Oracle security, 7 habits of effective security leaders, pros and cons of risk management Sun, 18 Mar 2007 15:10:00 EST 18:33 security,management,business,assurance, encryption, leadership, risk, bot, fax, oracle Tom Olzak Tom Olzak Losing the war with malware, Xbox support team is a hole in the dyke, College campuses are wide open, External pen tests, Software assurance, and Protecting your laptop from ad hoc wireless networks. Losing the war with malware, Xbox support team is a hole in the dyke, College campuses are wide open, External pen tests, Software assurance, and Protecting your laptop from ad hoc wireless networks. Losing the war with malware, Xbox support team is a hole in the dyke, College campuses are wide open, External pen tests, Software assurance, and Protecting your laptop from ad hoc wireless networks. Sun, 25 Mar 2007 11:30:00 EST 18:10 security,management,business,assurance,malware,software,assurance,ad hoc, wireless Tom Olzak Tom Olzak Wireless RFID encryption, CarderIM, Banker Trojans, Cisco NAC vulnerabilities, data encryption, and NetBIOS challenges. Wireless RFID encryption, CarderIM, Banker Trojans, Cisco NAC vulnerabilities, data encryption, and NetBIOS challenges. Wireless RFID encryption, CarderIM, Banker Trojans, Cisco NAC vulnerabilities, data encryption, and NetBIOS challenges. Sun, 01 Apr 2007 11:30:00 EST 15:52 security,management,business,assurance,malware,cisco,NAC,RFID,trojans,NetBIOS,encryption,carderim Tom Olzak Tom Olzak Cisco NAC defaults create vulnerability, Vista may be no more secure than XP, Securing and initial processing of a crime scene. Cisco NAC defaults create vulnerability, Vista may be no more secure than XP, Securing and initial processing of a crime scene. Cisco NAC defaults create vulnerability, Vista may be no more secure than XP, Securing and initial processing of a crime scene. Sun, 29 Apr 2007 15:20:00 EST 26:17 security,management,business,cisco,NAC,forensics Tom Olzak Tom Olzak MOICE Office 2003 security plug-in, source routing infests IPv6, the continuing risk of removable storage, preparing for electronic evidence acquisition, preventing data leakage through swap and hibernation files. MOICE Office 2003 security plug-in, source routing infests IPv6, the continuing risk of removable storage, preparing for electronic evidence acquisition, preventing data leakage through swap and hibernation files. MOICE Office 2003 security plug-in, source routing infests IPv6, the continuing risk of removable storage, preparing for electronic evidence acquisition, preventing data leakage through swap and hibernation files. Sun, 13 May 2007 20:30:00 EST 14:38 security,management,business,forensics,swap,hibernation,moice,ipv6 Tom Olzak Tom Olzak Another government security foul-up, BlueFur Anti-phishing solution, Interpol security checklist, cracking a protected BIOS, and finding "hidden" data. Another government security foul-up, BlueFur Anti-phishing solution, Interpol security checklist, cracking a protected BIOS, and finding "hidden" data. Another government security foul-up, BlueFur Anti-phishing solution, Interpol security checklist, cracking a protected BIOS, and finding "hidden" data. Sun, 27 May 2007 18:30:00 EST 16:03 security,management,business,forensics,swap,hibernation,phishing,interpol,bios Tom Olzak Tom Olzak Inexpensive lockable USB memory stick, risk management, large Web sites expose authentication tokens, phishing undercover, and attaining network-wide visibility. Inexpensive lockable USB memory stick, risk management, large Web sites expose authentication tokens, phishing undercover, and attaining network-wide visibility. Inexpensive lockable USB memory stick, risk management, large Web sites expose authentication tokens, phishing undercover, and attaining network-wide visibility. Sat, 29 Sep 2007 15:25:00 EST 19:20 security,management,business,phishing,interpol,usb,memory,risk,tokens,ids,ips Tom Olzak Tom Olzak Information Security is about protecting the data,desktop application virtualization and application streaming Information Security is about protecting the data,desktop application virtualization and application streaming Information Security is about protecting the data,desktop application virtualization and application streaming Sun, 07 Oct 2007 20:10:00 EST 19:20 security,management,business,phishing,interpol,usb,memory,risk,tokens,ids,ips Tom Olzak Tom Olzak Security enhancements in XP SP3, review of native data encryption, properly classifying security tests, Swiss move quantum cryptography into production, and DHS releases IT Security Essential Body of Knowledge. Security enhancements in XP SP3, review of native data encryption, properly classifying security tests, Swiss move quantum cryptography into production, and DHS releases IT Security Essential Body of Knowledge. Security enhancements in XP SP3, review of native data encryption, properly classifying security tests, Swiss move quantum cryptography into production, and DHS releases IT Security Essential Body of Knowledge. Sun, 14 Oct 2007 19:45:00 EST 18:41 security,management,business,encryption,quantum,ebk,xp Tom Olzak Tom Olzak SOX Television, an inexpensive file encryption utility, and using TPM, Bitlocker, and Active Directory to secure laptop data. SOX Television, an inexpensive file encryption utility, and using TPM, Bitlocker, and Active Directory to secure laptop data. SOX Television, an inexpensive file encryption utility, and using TPM, Bitlocker, and Active Directory to secure laptop data. Sun, 28 Oct 2007 17:00:00 EST 23:50 security,management,business,encryption,quantum,ebk,xp Tom Olzak Tom Olzak Finding and dealing with rogue employees, crack WEP in less than 60 seconds, rainbow table LM password cracking, a really naive 419 scam victim, and tips on interviewing insider suspects. Finding and dealing with rogue employees, crack WEP in less than 60 seconds, rainbow table LM password cracking, a really naive 419 scam victim, and tips on interviewing insider suspects. Finding and dealing with rogue employees, crack WEP in less than 60 seconds, rainbow table LM password cracking, a really naive 419 scam victim, and tips on interviewing insider suspects. Sun, 04 Nov 2007 15:00:00 EST 17:21 security,management,business,encryption,interviewing,wep,419,scam,rainbow Tom Olzak