Preview Mode Links will not work in preview mode

May 10, 2016

In this episode..


ImageTragick - major flaw in open source image processing toolkit

  • ImageTragick is CVE-2016-3714
  • Logo & Website:
  • Has a logo, so it must be yuge
  • Is this really that big of a deal? How many are impacted potentially?

Apr 26, 2016

In this episode...

Only about a third of companies know how many vendors access their systems

  • nearly every company is at risk for a third party breach
  • it's almost impossible to vet every third party
  • developing a strategy and being consistent, scaling is key

Apr 12, 2016

In this episode...


Pros examine mossack-fonseca breach: Wordpress plugin, Drupal likely suspects

  • Plug-ins seem to be a universal weakness
  • Many companies have this type of 3rd party security issue
  • The broader enterprise implications - how do you find these sites?

Mar 29, 2016

In this episode...

  • BadLock bug (which now has a website, a graphic, and more hype than Bieber) is out there
    • Is the bug really worth all this hype?
    • Is this anything more than a PR stunt, and a big marketing opportunity?
    • Everyone has an opinion, but one thing is for certain, this bug is making big waves

Mar 21, 2016

In this episode...


The FTC is getting into providing guidance on password changes


Dwolla hit by...