Risky Business #316 -- Data breach suits could have legs

Special guest, former assistant NY District Attorney Dave Stampley...
04 Apr 2014 » Risky Business

On this week's show we're taking a look at the Target/Trustwave suit. A couple of banks were suing Target and its alleged security auditor Trustwave over the massive credit card data breach last year. That suit has been withdrawn, possibly temporarily, and another has been filed on behalf of some other banks. We speak with former New York assistant DA and infosec law specialist Dave Stampley about these types of suits. Do they have legs?

This week we welcome a new sponsor -- Rapid7.

Rapid7 is launching an interesting campaign right now to try to fix the Computer Fraud and Abuse Act (CFAA) in America. They say it's stifling research. Rapid7's global security strategist Trey Ford joins the show to fill us in on that.

As news regulars Adam Boileau and The Grugq are both in Singapore for Syscan and probably nursing cripping hangovers, this week we're joined by a special guest in the news chair, Christopher Hoff. Hoff is the Vice President of Strategy for Juniper Networks' security business unit, but you may know him as Beaker on Twitter.

Show notes

Microsoft to Fix Word Zero Day with Final XP Patch | Threatpost | The first stop for security news
http://threatpost.com/microsoft-to-fix-word-zero-day-with-final-xp-patch...

Barrett Brown Signs Plea Deal in Case Involving Stratfor Hack | Threat Level | WIRED
http://www.wired.com/2014/04/barrett-brown-plea-agreement/

Alleged Silk Road Founder's Lawyer Moves to Dismiss Charges Against His Client | Threat Level | WIRED
http://www.wired.com/2014/04/threatlevel_0401_silkroad_motion/

Will Target's Lawsuit Finally Expose the Failings of Security Audits? | Threat Level | WIRED
http://www.wired.com/2014/03/trustwave-target-audit/

Information Security | Compliance | Trustwave
https://www.trustwave.com/Trustwave-Announcement/

http://www.smh.com.au/it-pro/security-it/default-password-leaves-tens-of... is not available
http://www.smh.com.au/it-pro/security-it/default-password-leaves-tens-of...

Cyber Tool Estimates Incident Response Cost for Businesses | Threatpost | The first stop for security news
http://threatpost.com/tool-estimates-incident-response-cost-for-business...

FTC Settles With Fandango, Credit Karma Over SSL Issues in Mobile Apps | Threatpost | The first stop for security news
http://threatpost.com/ftc-settles-with-fandango-credit-karma-over-ssl-is...

Amazon Web Services Combing Third Parties for Credentials | Threatpost | The first stop for security news
http://threatpost.com/amazon-web-services-combing-third-parties-for-expo...

Yahoo Encrypts Data Center Communication Links | Threatpost | The first stop for security news
http://threatpost.com/yahoo-encrypts-data-center-links-boosts-other-serv...

April Fools' Day prank: parents sent SMS saying school closed
http://www.smh.com.au/technology/technology-news/april-fools-day-prank-p...

DVR Infected with Bitcoin Mining Malware | Threatpost | The first stop for security news
http://threatpost.com/dvr-infected-with-bitcoin-mining-malware/105167

Extended Random: The PHANTOM NSA-RSA backdoor that never was \u2022 The Register
http://www.theregister.co.uk/2014/04/02/extended_random_nsa_rsa_bsafe/

Researcher Identifies Potential Security Issues in Tesla S | Threatpost | The first stop for security news
http://threatpost.com/researcher-identifies-potential-security-issues-wi...

Google DNS Intercepted in Turkey | Threatpost | The first stop for security news
http://threatpost.com/google-dns-intercepted-in-turkey/105136

DOJ Pushes to Expand Hacking Abilities Against Cyber-Criminals - Law Blog - WSJ
http://blogs.wsj.com/law/2014/03/27/doj-pushes-to-expand-hacking-abiliti...

Watch out, journalists: Hackers are after you - CNET
http://www.cnet.com/news/watch-out-journalists-hackers-are-after-you-goo...

Facebook Bug Bounty Submissions Dramatically Increase | Threatpost | The first stop for security news
http://threatpost.com/facebook-bug-bounty-submissions-dramatically-incre...

Android Botnet Targets Middle East Banks - Krebs on Security
http://krebsonsecurity.com/2014/04/android-botnet-targets-middle-east-ba...

Home Routers at Core of DNS-Based DDoS Amplification Attacks | Threatpost | The first stop for security news
http://threatpost.com/dns-based-amplification-attacks-key-on-home-router...

Patch Available for Schneider Electric Serial Modbus Driver | Threatpost | The first stop for security news
http://threatpost.com/critical-vulnerabilities-patched-in-schneider-elec...

Cisco Patches Denial-of-Service Vulnerabilities in IOS | Threatpost | The first stop for security news
http://threatpost.com/cisco-patches-denial-of-service-vulnerabilities-in...

Researchers Divulge 30 Oracle Java Cloud Service Bugs | Threatpost | The first stop for security news
http://threatpost.com/researchers-divulge-30-oracle-java-cloud-service-b...

Apple Fixes More Than 25 Flaws in Safari | Threatpost | The first stop for security news
http://threatpost.com/apple-fixes-more-than-25-flaws-in-safari/105197

GOLDEN THREAD - Passenger featuring Matt Corby - YouTube
https://www.youtube.com/watch?v=Ms0A7pXPySc&feature=kp

KamberLaw | New York & California | Defending your legal rights in a digital world
http://www.kamberlaw.com/

IT Security Data & Analytics, Risk Management, Compliance | Rapid7
http://www.rapid7.com/