Risky Business #316 -- Data breach suits could have legs

Special guest, former assistant NY District Attorney Dave Stampley...
04 Apr 2014 » Risky Business

On this week's show we're taking a look at the Target/Trustwave suit. A couple of banks were suing Target and its alleged security auditor Trustwave over the massive credit card data breach last year. That suit has been withdrawn, possibly temporarily, and another has been filed on behalf of some other banks. We speak with former New York assistant DA and infosec law specialist Dave Stampley about these types of suits. Do they have legs?

This week we welcome a new sponsor -- Rapid7.

Rapid7 is launching an interesting campaign right now to try to fix the Computer Fraud and Abuse Act (CFAA) in America. They say it's stifling research. Rapid7's global security strategist Trey Ford joins the show to fill us in on that.

As news regulars Adam Boileau and The Grugq are both in Singapore for Syscan and probably nursing cripping hangovers, this week we're joined by a special guest in the news chair, Christopher Hoff. Hoff is the Vice President of Strategy for Juniper Networks' security business unit, but you may know him as Beaker on Twitter.

Show notes

Microsoft to Fix Word Zero Day with Final XP Patch | Threatpost | The first stop for security news

Barrett Brown Signs Plea Deal in Case Involving Stratfor Hack | Threat Level | WIRED

Alleged Silk Road Founder's Lawyer Moves to Dismiss Charges Against His Client | Threat Level | WIRED

Will Target's Lawsuit Finally Expose the Failings of Security Audits? | Threat Level | WIRED

Information Security | Compliance | Trustwave

http://www.smh.com.au/it-pro/security-it/default-password-leaves-tens-of... is not available

Cyber Tool Estimates Incident Response Cost for Businesses | Threatpost | The first stop for security news

FTC Settles With Fandango, Credit Karma Over SSL Issues in Mobile Apps | Threatpost | The first stop for security news

Amazon Web Services Combing Third Parties for Credentials | Threatpost | The first stop for security news

Yahoo Encrypts Data Center Communication Links | Threatpost | The first stop for security news

April Fools' Day prank: parents sent SMS saying school closed

DVR Infected with Bitcoin Mining Malware | Threatpost | The first stop for security news

Extended Random: The PHANTOM NSA-RSA backdoor that never was \u2022 The Register

Researcher Identifies Potential Security Issues in Tesla S | Threatpost | The first stop for security news

Google DNS Intercepted in Turkey | Threatpost | The first stop for security news

DOJ Pushes to Expand Hacking Abilities Against Cyber-Criminals - Law Blog - WSJ

Watch out, journalists: Hackers are after you - CNET

Facebook Bug Bounty Submissions Dramatically Increase | Threatpost | The first stop for security news

Android Botnet Targets Middle East Banks - Krebs on Security

Home Routers at Core of DNS-Based DDoS Amplification Attacks | Threatpost | The first stop for security news

Patch Available for Schneider Electric Serial Modbus Driver | Threatpost | The first stop for security news

Cisco Patches Denial-of-Service Vulnerabilities in IOS | Threatpost | The first stop for security news

Researchers Divulge 30 Oracle Java Cloud Service Bugs | Threatpost | The first stop for security news

Apple Fixes More Than 25 Flaws in Safari | Threatpost | The first stop for security news

GOLDEN THREAD - Passenger featuring Matt Corby - YouTube

KamberLaw | New York & California | Defending your legal rights in a digital world

IT Security Data & Analytics, Risk Management, Compliance | Rapid7