June was a busy month, so Chris Brook and Brian Donohue will discuss hacks and data breaches affecting a number of prominent brands, some interesting privacy and cryptography news from the tech giants, and, of course, we’ll check in on the mobile security scene as well. However we begin with Heartbleed:
THE SUPPLEMENTARY READING LIST
If you’d like to more deeply examine the topics of this month’s podcast, we’ll be posting recommended reads along with our podcasts moving forward.
The process to rid the Web of vulnerable versions of OpenSSL started off with a bang, but new research from Robert Graham at Errata Security suggests enthusiasm may be waning. Graham says he plans to continue enumerating the number of vulnerable systems in the months and years to come. You can stay up to date with that and other security commentary on Errata Security’s blog.
Two new pieces of research were shared from the Global Research and Analysis Team at Kaspersky Lab as well. The first examined the mobile spying tools used by the controversial, Italy-based Hacking Team, which specialises in the sale of Surveillance equipment to governments and law enforcement agencies. You can find the research paper itself on Securelist and news reports on Threatpost, Wired, and elsewhere.
The other piece of research examined a fraud campaign called Luuuk, which managed to steal more than €500,000 from one European bank in one week earlier this week.
Follow the links to read more about incidents involving Feedly, Evernote, Domino’s France, AT&T, and TweetDeck. Of particular interest is Threatpost editor Mike Mimoso’s interview with the Austrian teen who somewhat accidentally found himself at the center of the TweetDeck incident
You can read Chris Brook’s take on Facebook’s new advertising features and Brian Donohue’s write-up of Microsoft’s announcement at Threatpost.com
Google maintains a running account of its encryption gains here, if you’re interested, but you can also find a news report on Google’s finding here. WordPress is contributing to encrypting the web as well.
Chris Brook & Brian Donohue discuss June’s #hacks, data breaches, #privacy, #crypto, mobile #security news, and more:
Tweet
More on Google’s new Android permission policies, the removal of placebo security applications, Windows Mobile and Android kill switches, MAC address randomization, and the Oleg Pliss affair.
Finally, make sure you read up on the security vulnerability recently made public in PayPal’s two-factor authentication mechanism.