Here is a list of things to do:
* subscribe with the RSS 2.0 feed(s) to your right (or below for yahoo and iTunes)
* Call the listener feedback line: 206-339-9361
* If you liked the show, tell a friend; if you didn’t, tell me!
Subscribe in iTunes using this link (Click Here Now)
Subscribe or RATE THE SHOW in Yahoo Here. Please take the time to rate the show for the series as well as the specific episode.
==>Download or listen to Security Catalyst #11 here (27 minutes long) < ==
On This Episode
The Windows WMF “Zero-Day Exploit” gets patched
Well, the patch is out – several of them. We talk about the MS patch, as well as briefly touch on the discussion around third party patches, patch management and then focus on the larger issue of defense in depth. Are you practicing good defense in depth?
Microsoft Announcement and Information
H&R Block Blunder
In reality, this isn’t probably going to be a big deal – but I was amazed as we ended the year to find yet another company has been required to notify customers that they may have had a compromise of personally identifiable information. In this case, the social security number (SSN) of the recipient of TaxCut software was included in the tracking number. We discuss corporate accountability and how to help protect your company from these mistakes.
DHS takes a risk assessment approach
Not enough attention has been positively applied to the common sense approach DHS is applying with homeland security money. Rather than dole out the money in a political fashion, they have decided to take a “risk-based” approach. While the specific details are only coming to light now, this is an excellent step that sets the example – and may give you the opportunity to take the same approach with your business or home network.
DHS Press Release
The following track from the podsafe music collection of podshow was used during the introduction of SC11.
Please remember to rate this podcast on iTunes and Yahoo! Thanks!!