New Microsoft 0day

Jack Walsh, network IPS program manager for ICSA Labs discusses the latest Microsoft zero-day and his firm’s research into the attack methods. Read the full story.

 

 Security Wire Weekly [8:32m]: Play Now | Play in Popup

How to defend against rogue DHCP server malware

Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven’t bothered to deploy them.

 

 How to defend against rogue DHCP server malware: Play Now | Play in Popup

Twitter bugs, DNSSEC and broswer security

Like it or not Web-based social networking services are here to stay. Amit Klein, founder and chief technology officer of Trusteer talks about the latest Twitter threats, how browser makers are responding to phishing and other attacks and the adoption of DNSSEC.

 

 Security Wire Weekly [15:32m]: Play Now | Play in Popup

Veiled darknet unveiled; TJX settles dispute

Security researcher Matt Wood of HP talks about a new browser-based darknet he co-developed called Veiled. Also, Pete Lindstrom of Spire Security on TJX’s latest data breach news.

 

 Security Wire Weekly [19:10m]: Play Now | Play in Popup

When BIOS updates become malware attacks

Most security pros don’t give the system BIOS a second thought, or even a first one, but today’s BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS malware and how security pros can thwart such attacks.

 

 When BIOS updates become malware attacks: Play Now | Play in Popup

Special Report: How to find jobs in information security

Is the recession holding back your career plans? In this free 30-minute podcast, experts Lee Kushner and Mike Murray offer infosec job advice that will help you survive and thrive in tough times.

 

 Standard Podcast: Play Now | Play in Popup

Click fraud threatens Web advertising

Click fraud is threatening online advertising, according to experts. This week, Anchor Intelligence lead scientist Daniel Walling and Richard Sim, vice president of product management talk about how fraudsters are getting more sophisticated. Also Jeremiah Grossman of WhiteHat Security explains why it’s so easy for people to carry out click fraud.

 

 Security Wire Weekly: Play Now | Play in Popup

Squad: Obama, ISP shutdowns and Web security threats

SearchSecurity.com editors discuss the Obama administration’s cybersecurity plans, the FTC shutdown of Triple Fiber Network and what IT security pros can do to address the growing threat posed by the use of social networks and other Web-based services.

 

 Security Squad [33:40m]: Play Now | Play in Popup

Social networking threats

Security consultant Lenny Zeltser of Savvis Security Consulting Services explains the threats posed by employee use of social networking websites and what security pros can do to address them. Zeltser is a faculty member at the SANS Institute. Also, a brief overview of Microsoft Patch Tuesday.

 

 Security Wire Weekly [20:10m]: Play Now | Play in Popup

Newsmaker: Sophos CEO Steve Munford

Steve Munford took over Sophos’ leadership as the U.K.-based AV company mounted an aggressive effort to expand its market share, particularly in North America, against industry giants Symantec and McAfee. Munford was president of ActiveState when it was acquired by Sophos in 2003 and served as president for North America from 2003-2005.

In this interview, Information Security magazine’s Neil Roiter talks with Munford about the company’s acquisition and integration of encryption vendor Utimaco and Sophos strategy for leveraging the acquisition to boost sales in North America and Europe. Munford describes how Sophos engineering culture helps it integrate acquisitions and develop technology in-house.

 

 Security Newsmakers [16:35m]: Play Now | Play in Popup