Another week, another story about a company getting hacked, or information stolen, or pretty much anything that didn’t go as planned. No interview this week, don’t fret I have a couple of great ones lined up for the next couple weeks. On with the (shorter) show:
Podcast: Play in new window | Download (Duration: 22:41 — 10.4MB) | Embed
The big news of the week (and I wrote about it earlier on the eCrypt blog) was the hack at email marketing company Epsilon. While people weren’t directly put at risk from the loss of thousands of email addresses to hackers, what is more likely is that we’re more vulnerable to targeted spam and phishing attacks. For more info on this attack see my post above and these other articles:
- What the Epsilson hack really means–email addresses are worth money | eCrypt Technologies Blog
- Errata Security: How to protect yourself from future “Epsilon” breach
- Compromised email? Avoid the scams | E-Mail & Internet | Mac 911 | Macworld
- Epsilon Internet security breach affects Canadian consumers – Digital Life
- Epsilon Breach Raises Specter of Spear Phishing — Krebs on Security
- Epsilon email address megaleak hands customers’ customers to spammers | Naked Security
The EFF is keeping up the pressure and discussion about flaws in how secure certificates are issued with their research on “unqualified domain” certificates. A wee technical, but really important to understand:
- Unqualified Names in the SSL Observatory | Electronic Frontier Foundation
- EFF uncovers further evidence of SSL CA bad behavior | Naked Security
On the hacking front, it looks like smartphones are the new hot target. Hackers got their hands on the code for the Stuxnet worm and have released it to the world (like folks probably didn’t have it already. And 2011 has started off with a surge of malware. Oh goody.
- Hackers release Stuxnet’s decompiled code online | Homeland Security News Wire
- Stuxnet heralds age of cyber weapons, virtual arms race | Homeland Security News Wire
- Cell phones are hackers’ target of choice | Homeland Security News Wire
- Surge in malware marks start of year | Security – CNET News
On the side of the good guys, Google is extending download protection to Chrome users like users of IE9 have. An excellent article on CNET reminds us to be watchful of scams and how to avoid them. And WordPress was updated to version 3.1.1 with stability improvements, but also some crucial security fixes:
- Google extends Safe Browsing to Chrome downloads | Naked Security
- How I nearly got scammed on Facebook | Digital Media – CNET News
- WordPress › WordPress 3.1.1
Finally the Conservative Party of Canada is catching some (well deserved) heat for allegedly not allowing someone into a rally because the person has a picture with the Liberal leader on her Facebook page. And there is a new Hacker sitcom on the air. I haven’t seen it yet, but believe me I will. Just as soon as I finish watching Firefly.
- Conservative Party kicks out student over Facebook photo: Social Media Fail – Digital Life
- Is Hacker TV sitcom a true reflection of computer security industry? | Naked Security
There is no interview this week, but my tip of the week is to make an emergency boot drive to bail yourself out in a jam. I suggest using Ubuntu or Jolicloud and Lifehacker has great instructions on how (and more whys) to do it. PCWorld even has more tips on how and why as well.
Don’t forget, you can subscribe to PNR through iTunes!
Music is by Derek K. Miller and, yes, he really did write it for me.
[...] 4 of PrivacyNowRadio available now April 8, 2011 By Tris Hussey Leave a Comment TweetA new episode of PrivacyNowRadio is up and ready for your listening pleasure. You can listen to the podcast here, subscribe through iTunes, and read the show notes on the full [...]