An Information Security Place » 2009 » September

Archive

Archive for September, 2009

An Information Security Place Podcast – Episode 25

September 15th, 2009 Michael Farnum

Episode 25 is here. Today’s podcast is different than our usual. Instead of having Jim, Dan, and me spout off and pontificate, I am interviewing Wesley McGrew from McGrew Security. Wesley is a security researcher at Mississippi State University’s Critical Infrastructure Protection Center, where he works to find vulnerabilities in SCADA software. He also operates mcgrewsecurity.com , where he blogs about information security topics.

Wesley caught a script-kiddie back in June trying to do some pretty weak SCADA hacking at a Dallas-area hospital. He and I talked about the incident and also discussed some of Wesley’s future plan (not much since he couldn’t divulge a lot – oooo, mysterious!). So enjoy the show. Links to the blog posts from Wesley’s script kiddie adventure are below.

http://www.mcgrewsecurity.com/2009/06/30/ghostexodus-the-eta-and-a-control-systems-incident-at-carrell-clinic-part-1/

http://www.mcgrewsecurity.com/2009/07/02/ghostexodus-part2/

http://www.mcgrewsecurity.com/2009/07/06/ghostexodus-the-eta-and-a-control-systems-incident-at-carrell-clinic-part-3/

http://www.mcgrewsecurity.com/2009/07/07/ghostexodus-part4/

Vet

Categories: Podcasts, Security

An Information Security Place Podcast – Episode 24

September 3rd, 2009 Michael Farnum

Hello all you happy people! Episode 24 is here. I was out sick, so Jim and Dan put it together. Jim is adamant about sticking to a schedule. Dang slave driver!

Show Notes:

InfoSec News Update –

Credit Unions Under Attack – Link 1 / Link 2
Massive SQL Injection Attacks – Link 1 / Link2
Cisco Wireless LANS get “Skyjacked” – Link 1 / Link 2
Flaw in Sear’s Website Left Database Open To Attack – Link Here
WPA/TKIP Can be Broken in 1 Minute – Link 1 / Link 2
100 Dirtiest Web Sites of Summer 2009 – Link Here
No Thumbprint, No Check-Cashing, Bank Told Armless Man – Link Here
PCI Council Releases recommendation for Preventing Card Skimming – Link 1 / Link 2
Federal Certification Program for “Cyber Professionals” / Bill would give President emergency control of the Internet – Link Here

Discussion Topic - Web App Scanners And Web App Firewalls According to Gartner

- Link 1 / Link 2

Consultant’s Corner – Updating Tools and Techniques

Music Notes:

Intro/Outro – Digital Breaks – “Therapy”
Segway 1 – Dave Stanley Band – “Lights Out”
Segway 2 – No Mans Hero -”Now That Its Over”
Segway 3 – ByTheWayside- “DoYouEverNotice”

Categories: Podcasts, Security