Preview Mode Links will not work in preview mode

DevelopSec: Developing Security Awareness

Apr 9, 2018

In this episode we talk about the MyFitnessPal breach and some of the key points that we as developers, security, and users can take away from it.

 

Tweet with Graph of Largest Breaches mentioned: https://twitter.com/EricTopol/status/979556839015661568

 

Link to article about the breach:


Jul 24, 2017

James talks about a recent vulnerability report regarding MySpace's Account Recovery system (https://www.wired.com/story/myspace-security-account-takeover/).  He talks about considerations around account recovery and the need to revisit this type of functionality on a regular basis.

For more info go to


May 24, 2017

It was recently reported that an audio driver on HP systems was logging key strokes to a local file.  Accidental?  Malicious?  Instead, we talk about how to try and avoid this from happening in the future.  

Original Article: https://www.cnet.com/news/keylogger-discovered-on-some-hp-laptops-conexant/

For more info go to...


Jan 10, 2017

Do you use MongoDB?  If so, is it exposed to the internet?  Recent news (listed below) had shown that a large number of MongoDB instances are being infected with ransomware.  James talks about the issue and ways to help ensure you are not the next victim.

Link to original article:


Dec 15, 2016

Yahoo has announced yet another breach from back in 2013 affecting a very large number of user accounts. https://investor.yahoo.net/ReleaseDetail.cfm?&ReleaseID=1004285   This creates an opportunity to discuss password storage and the storage of security answers.  Find out what we can takeaway from this incident.

For...