DtSR Episode 133 - NewsCast for March 9th, 2015

Send the hosts a message - try it now!

In this episode--

• Law firm hit and crippled by ransomware, decides it's not paying the ransom.
  • They aren't quite sure what got encrypted
  • But they have backups...
  • ..and data was likely not exfiltrated
  • http://news.softpedia.com/news/Ransomware-Hits-Law-Firm-Encrypts-Workstation-and-Server-474788.shtml
• Major law firms for ISAC to fight off adversaries, share intelligence
  • Catching up to the threat they're facing
  • Law firms are major targets, given the data they have ("secrets!")
  • Downside: exclusive to a handful of major firms
  • http://thehill.com/policy/cybersecurity/234722-law-firms-to-share-info-about-cyber-threats
• Big kerfuffle about Anthem's refusal of a 3rd party audie
  • They were under no legal obligation...
  • Who out there would submit to a 3rd party audit/test?
  • Sounds like publish shaming, big headline, little story
  • http://www.healthcareinfosecurity.com/anthem-refuses-full-security-audit-a-7980
• Apple Pay being attacked, sort of
  • When technology becomes 'good enough' attackers attack processes, people
  • Lesson -- nothing is "unhackable" even if the tech is great
  • http://www.theguardian.com/technology/2015/mar/02/apple-pay-mobile-payment-system-scammers
• [Slightly-old-but-relevant] Victor Valley College suspends entire IT staff to investigate a vague breach in protocol
  • Very little actually said in disclosure
  • "We don't have any reason to believe we've been hacked by outside hackers"
  • Entire computer system was taken down for nearly 3 hours
  • Emphasizing "no private student or employee information has been compromised"
  • Stay tuned...weird
  • http://www.vvdailypress.com/article/20150130/NEWS/150139991

Support the show

>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast