On this week’s show we’re chatting with a PR pro who specialises in information security. Melanie Ensign currently works at Uber, but she also served as a security PR for Facebook and before that, AT&T. She drops in this week to talk about how you can work with the PR professionals in your organisation to help tell your security story to the wider world. She also has some great tips for infosec professionals who might be a bit nervous about dealing with journalists.
In this week’s sponsor interview we’re joined by Julian Fay, the CTO of Senetas.
Senetas has a long history of making layer 2 network encryptors, but they are branching out in all sorts of ways these days. One thing they’re doing now is working on approaches to network encryption that play nicely with software-defined WAN. The days of hauling all your network traffic back to a single choke point are numbered – Julian thinks in the near future you’ll have some sort of CPE device that actually implements different types of encryption on different types of traffic crossing your border. So, Senetas has actually built that gear and we’ll be hearing about why.
Adam Boileau joins the show to talk about the week’s security news:
- Some very cool LTE research
- Equifax manager charged with insider trading
- Ticketmaster’s bad week
- The US DoD’s very own app store
- Weird, maybe, possibly-but-probably-not OPM-related fraud
- MOAR Rowhammer stuff affecting ‘droid handsets
Links to everything are below, and you can follow Adam or Patrick on Twitter if that’s your thing.
Show notes
- LTE wireless connections used by billions aren’t as secure as we thought | Ars Technica
- SEC.gov | Former Equifax Manager Charged With Insider Trading
- Trump calls out NSA for deleting data: Here are the facts - CBS News
- Startup bank Monzo: We warned Ticketmaster months ago of site fraud • The Register
- Ticketmaster UK trades blame with chat app provider over payment data breach
- Bill would call on White House to develop its own list of APT groups
- Private sector isn’t sharing data with DHS’s threat portal
- U.S. poised to deny China Mobile access to American market due to spying fears
- How the Pentagon Keeps Its App Store Secure | WIRED
- Lawmakers demand answers in wake of strange OPM identity fraud lawsuit
- DNC pushes employees, campaigns to embrace email security habits ahead of midterms
- Feds Pose as Cryptocurrency Money Launderer to Bust Alleged Dark Web Dealers - Motherboard
- Cryptocurrency Transactions May Uncover Sales of Shadow Broker Hacking Tools - Motherboard
- DNS Poisoning or BGP Hijacking Suspected Behind Trezor Wallet Phishing Incident
- Brave browser adds private tabs with Tor for 'enhanced privacy protection'
- Rash of Fortnite cheaters infected by malware that breaks HTTPS encryption | Ars Technica
- New RAMpage exploit revives Rowhammer attack to root Android devices | Ars Technica
- adidas - adidas alerts certain consumers of potential data security incident
- Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records | WIRED
- Sadly, Ross Ulbricht's Case Will Not Be Heard by the Supreme Court - Hit & Run : Reason.com
- Two Zero-Day Exploits Found After Someone Uploaded 'Unarmed' PoC to VirusTotal
- Gentoo GitHub organization hacked - partially resolved - Gentoo infrastructure status
- Samsung Investigates Claims of Spontaneous Texting of Images to Contacts | The first stop for security news | Threatpost
- Senetas - a leading provider of high-assurance encryption
- Risky Biz Annual Black Hat Party w/ Signal Sciences, Remediant and Bugcrowd Tickets, Tue, Aug 7, 2018 at 7:00 PM | Eventbrite