Tenable Network Security Podcast - Episode 90
- Paul Asadoorian, Product Evangelist
- Ron Gula, CEO/CTO
- Carlos Perez, Lead Vulnerability Researcher
- Jack Daniel, Product Manager
- Could hackers set fire to your Apple battery with a virus? - Hiding in battery firmware is a really neat way to plant a backdoor.
- US-CERT Director Leaves Abruptly - Could it be that the latest string of attacks against government agencies was too much for the director of US-CERT?
- Bypassing Software Restriction Polices.. With one Wicked Clown - Breaking out of software restrictions gives you access to more Windows commands to compromise the domain.
- Massive botnet 'indestructible,' say researchers - Using encryption and P2P technologies is not new, neither is hiding in the boot sector, what makes "TDL-4" indestructible?
- Is your IT support making you vulnerable to hackers? - Allowing easy remote access doesn't always equate to security. This also reminds me of how easy it is to socially engineer the help desk.
- Pfizer’s Facebook hacked in AntiSec hit - This is truly a measure of how important social media has become: when a major company's Facebook page getting hacked is major news.
- wifuzz: A Access Point 802.11 Stack Fuzzer! - Compromising the access point is far more evil that most people believe, and this tool allows you to fuzz the 802.11 stack to do just that: take over the access point. What would be even better is to compromise an entire string of access points...
- Weekend Project: Use HoneyD on Linux to Fool Attackers - I want to see more people using honeypots and honeynets to put context around security events. We need to break the stereotype of "Honeypots are systems that we let attackers break into", and move it towards "Honeypots are systems that we use to collect information about the bad guys".
- Apple Releases iOS 5 Beta 4 With Over-the-Air Updates - Finally! While iOS may look far better security-wise than Android, largely due to the closed application market, few non-techies apply software updates to their phones. Hopefully doing it "over-the-air" will help make it easier for people to apply updates and security fixes.