The SC Magazine Podcast

May 5, 2008: Kraken bot analysis

scmagazine.com — Mon, 05 May 2008 00:00:00 Z

Cody Pierce, security researcher for TippingPoint, recounts his analysis of the newly discovered Kraken botnet and explains how reverse engineering could lead to its defeat.

April 28, 2008: SQL injection attacks

scmagazine.com — Tue, 29 Apr 2008 00:00:00 Z

Ryan Sherstobitoff, chief corporate evangelist at Panda Security, discusses the recent SQL injection attack, which now affects hundreds of thousands of web sites worldwide.

April 21, 2008: CEO subpoena spam

scmagazine.com — Mon, 21 Apr 2008 00:00:00 Z

John Bambenek, information security researcher at the University of Illinois and an incident handler at the SANS Internet Storm Center, discusses last week's wave of spear phishing attacks targeting C-level executives.

Kevin Haley, director, Symantec Security Response

scmagazine.com — Thu, 10 Apr 2008 00:00:00 Z

Kevin Haley, director of product management, Symantec Security Response, speaks with SC Magazine senior reporter Dan Kaplan, about the latest Symantec Internet Security Threat Report, to which Symantec CEO John Thompson referred many times during his Tuesday keynote address at the RSA Conference.

Dan Lohrmann, CISO, State of Michigan

scmagazine.com — Wed, 09 Apr 2008 00:00:00 Z

Illena Armstrong, SC Magazine's editor-in-chief, interviews Dan Lohrmann, CISO of the State of Michigan, a day prior to his receiving SC Magazine's CSO of the Year Award during SC's presentation dinner, April 8, in San Francisco, part of the RSA Conference.

Tim Mather, chief security strategist, RSA Conference

scmagazine.com — Tue, 08 Apr 2008 00:00:00 Z

Interview with Tim Mather, chief security strategist for RSA Conference, discussing what to expect from this year's event.

Sandra Toms La Pedis, RSA Conference

scmagazine.com — Mon, 07 Apr 2008 00:00:00 Z

Interview with Sandra Toms La Pedis, area VP & GM, RSA Conference

Mar. 24, 2008: Hannaford data breach

scmagazine.com — Mon, 24 Mar 2008 00:00:00 Z

Gretchen Hellman, vice president of security solutions at Vormetric, discusses how the recent data breach at the Hannaford Bros. supermarket chain might have happened and explains how it might have been avoided.

Mar. 17, 2008: Cyber Storm II

scmagazine.com — Mon, 17 Mar 2008 00:00:00 Z

Last week's Cyber Storm II exercise conducted by the Department of Homeland Security is discussed by the person who organized it, Cheri McGuire, acting director, DHS National Cybersecurity Division.

Mar. 10, 2008: Measuring identity fraud

scmagazine.com — Mon, 10 Mar 2008 00:00:00 Z

Chris Hoofnagle, a senior fellow at the Berkeley Center for Law and Technology, discusses a new report that offers statistics on the number of consumer fraud complaints made to the Federal Trade Commission against banks and other corporations.

Mar. 3, 2008: Virtualization security

scmagazine.com — Mon, 03 Mar 2008 00:00:00 Z

Burton Group analyst Chris Wolf discusses the release of VMSafe, a set of APIs that allow third-party security vendors to create products to protect the hypervisor, software that powers virtual machines.

Feb. 25, 2008: Cold boot data theft

scmagazine.com — Mon, 25 Feb 2008 00:00:00 Z

Princeton professor Ed Felten explains how his research team discovered a surprisingly simple method of reading encrypted data from a DRAM chip that had been removed from a PC after its power was shut off and chilled.

Feb. 15, 2008: A city CISO's security wish list

scmagazine.com — Fri, 15 Feb 2008 00:00:00 Z

Michael Hamilton, CISO for the city of Seattle, shares his priorities for addressing IT security needs throughout municipal information systems in a talk with Content Editor Jack Rogers

Feb. 11, 2008: Rogue trader costs SocGen $7 billion

scmagazine.com — Mon, 11 Feb 2008 00:00:00 Z

Online Editor Frank Washkuch talks with consultant Rich Mogull about Jerome Kerviel, the former Societe Generale trader who managed to lose $7 billion during the past year, all while using his knowledge of the bank’s security system to conceal the financial damage.

Jan. 28, 2008: Super cybercrime

scmagazine.com — Mon, 28 Jan 2008 00:00:00 Z

Everyone is talking about the Super Bowl, and cybercriminals are no exception. SC Magazine reporter Dan Kaplan talks with Dan Hubbard, vice president of security research at Websense, about how the bad guys are taking advantage of the year’s most anticipated football game with online attacks.

Jan. 22, 2008: Data tape lost with JC Penney customer info

scmagazine.com — Tue, 22 Jan 2008 00:00:00 Z

SC Magazine Online Editor Frank Washkuch talks with Phil Neray, vice president of marketing at Guardium, about the latest retail data breach, this one affecting JC Penney customers.

Jan. 14, 2008: E-voting explored

scmagazine.com — Mon, 14 Jan 2008 00:00:00 Z

The primary season has kicked off, complete with allegations of voter fraud. SC Magazine reporter Dan Kaplan talks with Michael Shamos, computer science professor at Carnegie Mellon University about the major concerns with widely distributed e-voting machines.

Jan. 7, 2008: What to expect this year

scmagazine.com — Mon, 07 Jan 2008 00:00:00 Z

SC Magazine Online Editor Frank Washkuch talks with Kevin Haley, group product manager at Symantec Security Response about the top cybersecurity events of 2007, and what IT professionals and end-users can expect in 2008.

Dec. 17, 2007: Oak Ridge National Laboratory targeted by cyberattackers

scmagazine.com — Mon, 17 Dec 2007 00:00:00 Z

SC Magazine reporter Dan Kaplan talks with Ken Dunham, director of global response at iSIGHT Partners, about the cyberattack on this sensitive lab, and the year’s other top cybersecurity incidents.

Dec. 10, 2007: Hacks on social networking sites

scmagazine.com — Tue, 11 Dec 2007 00:00:00 Z

Security risks continue to plague social networking sites, including a recent spate of MySpace attacks in which the profiles of several celebrities were compromised to, in some cases, spread malware. SC Magazine reporter Dan Kaplan, in a chat with FaceTime Security Labs' researcher Chris Boyd, finds out whether organizations should be worried.

Dec. 3, 2007: IT-ISAC officials look back on 2007

scmagazine.com — Mon, 03 Dec 2007 00:00:00 Z

Storm Worm. Botnets. The cyberattack on Estonia. SC Magazine Online Editor Frank Washkuch talks with Scott Algeier, IT-ISAC executive director, and Dave Mackey, IT-ISAC director of operations, about these and other prominent security events from 2007.

Nov. 26, 2007: It's ‘Cyber Monday’

scmagazine.com — Mon, 26 Nov 2007 00:00:00 Z

It’s the busiest at-work online shopping day of the year – “Cyber Monday.” SC Magazine reporter Dan Kaplan talks with Mary Landesman, senior security researcher at ScanSafe, about this red-letter day for IT professionals.

Nov. 19, 2007: A glimpse at the Russian Business Network

scmagazine.com — Mon, 19 Nov 2007 00:00:00 Z

SC Magazine Online Editor Frank Washkuch talks with Matt Richard, director of the Rapid Response Team at VeriSign iDefense, about the Russian Business Network, the shadowy internet service provider that disappeared from the web this month.

Nov. 12, 2007: What's next for the data loss prevention market?

scmagazine.com — Wed, 14 Nov 2007 00:00:00 Z

Dan Kaplan, SC Magazine reporter, talks with Nick Selby, senior analyst at The 451 Group, about Symantec's acquisition of Vontu, and what could be next for the DLP market.

Nov. 5, 2007: Botnets evolve

scmagazine.com — Wed, 14 Nov 2007 00:00:00 Z

Mike Johnson, researcher at the Shadowserver Foundation, talks with SC Magazine Online Editor and Reporter Frank Washkuch about how botnets evolved in 2007, and what might be ahead.

Oct. 29, 2007: Was one World Series team the victim of a DDoS attack?

scmagazine.com — Mon, 29 Oct 2007 00:00:00 Z

SC Magazine Online Editor/Reporter Frank Washkuch talks with Joe Basirico, security analyst at Security Innovation, about DDoS attacks, and whether the Colorado Rockies’ online ticket sales system was the victim of one.

Oct. 22, 2007: MP3 spam arrives

scmagazine.com — Mon, 22 Oct 2007 00:00:00 Z

SC Magazine reporter Dan Kaplan speaks with Matt Sergeant, senior anti-spam technologist at MessageLabs, about spammers’ latest tactic to inflate the price of stock, then profit from it.

Oct. 15, 2007: The year in phishing

scmagazine.com — Mon, 15 Oct 2007 00:00:00 Z

SC Magazine reporter Dan Kaplan talks with David Ulevitch, OpenDNS CEO, about phishing trends that his company’s PhishTank organization has seen during 2007.

Oct. 8, 2007: What are your plans for Cyber Security Awareness Month?

scmagazine.com — Mon, 08 Oct 2007 00:00:00 Z

Online Editor Frank Washkuch talks with Tim Bennett, president of the Cyber Security Industry Alliance about what his group – and the federal government – has planned for Cyber Security Awareness Month.

Oct. 1, 2007: IT-ISAC officials speak out on cybercrime trends

scmagazine.com — Mon, 01 Oct 2007 00:00:00 Z

Online Editor Frank Washkuch talks with Scott Algeier, executive director of IT-ISAC, and Rob Clyde, IT-ISAC treasurer, about malware trends and how their organization brings together some of the best minds in information security for a common purpose.

Sept. 24, 2007: TD Ameritrade suffers a breach

scmagazine.com — Mon, 24 Sep 2007 00:00:00 Z

Online Editor Frank Washkuch talks with Rich Sutton, director of 8e6 Labs at 8e6 Technologies, about the recent data breach at TD Ameritrade, and what IT administrators can do to ensure an insider breach doesn’t take place at their companies.

Sept. 17, 2007: Businesses face a new threat from employee Skype use

scmagazine.com — Tue, 18 Sep 2007 00:00:00 Z

Reporter Dan Kaplan talks with Irwin Lazar, principal analyst and program director for collaboration and convergence at Nemertes Research, about the recent Skype worm and whether malware-writers will seek to exploit companies whose employees use the instant messaging/VoIP application.

Sept. 10, 2007: What does the Bank of India attack mean for financial institutions?

scmagazine.com — Mon, 10 Sep 2007 00:00:00 Z

West Coast Bureau Chief Jim Carr talks with Sunbelt Software CEO Alex Eckelberry about how corporations can protect themselves – and their customers – from attacks similar to the one that used the Bank of India website to spread malware.

Sept. 4, 2007: How an all-volunteer security organization helps to keep the bad guys in check

scmagazine.com — Tue, 04 Sep 2007 00:00:00 Z

Frank Washkuch, online editor and reporter, sits down with Andre DiMino, co-founder and director of the Shadowserver Foundation. Andre talks about fresh intelligence his all-volunteer group has gathered on botnets and other recent attack trends.

Aug. 27, 2007: A monster (.com) of a data theft

scmagazine.com — Mon, 27 Aug 2007 00:00:00 Z

Monster.com, America's most popular job recruitment website, was compromised by hackers who stole a reported 1.6 million records to be used in spear phishing campaigns. Joshua Block, Cyberoam's vice president of North American operations, discusses how the elaborate heist could signal the advent of similar multi-stage attacks whose end result is identity theft and, in Monster's case, employment opportunities.

Aug. 20, 2007: The legacy of the TJX data breach

scmagazine.com — Mon, 20 Aug 2007 00:00:00 Z

The infamous data breach at TJX – the one that affected more than 46 million people – may finally be coming back to haunt the retailer, according to its latest SEC filings. Online Editor Frank Washkuch talks with Mary Monahan, partner at Javelin Strategy and Research, about this and other major data breaches.

Aug. 13, 2007: Spam – why won’t it just go away?

scmagazine.com — Mon, 13 Aug 2007 00:00:00 Z

SC Magazine Online Editor Frank Washkuch talks with Doug Bowers, senior director of anti-abuse engineering at Symantec, about the most prominent email security threat.

Aug. 6, 2007: Interview with Jeff Moss, Black Hat founder and director

scmagazine.com — Mon, 06 Aug 2007 00:00:00 Z

Whether you call him Jeff or Dark Tangent, former hacker Jeff Moss is an infosecurity superstar. The founder of the Black Hat conference recaps his big week with SC Magazine reporter Dan Kaplan, and tells us how Black Hat has changed over the years.

July 30, 2007: Is the iPhone an IT security threat?

scmagazine.com — Mon, 30 Jul 2007 00:00:00 Z

Consumers love the iPhone – so much so that thousands stood in line for hours to get one just after its release.

But what does the Gadget of the Year mean for IT security?

Dan Kaplan, SC Magazine reporter, discusses iPhone security issues with Dave Marcus, security research and communications manager with McAfee Avert Labs, in this SC Magazine podcast.