SSCC 54 - Firefox, MySQL hacked, Comodo and Facebook

Filed Under: Data loss, Facebook, Firefox, Podcast, Privacy, Social networks, Vulnerability

Sophos Security Chet Chat logoMichael Argast joined me in our Vancouver studio for this week's Chet Chat.

Because we were late recording the Chet Chat this week, it is a bit longer than usual. We had a good chat about some of the new security features in Firefox 4, like Do Not Track (DNT) and HTTP strict transport security (HSTS).

We also discussed the recent SQL injection attacks against MySQL and Sun/Oracle. While on the topic of compromise we reviewed the recent compromise of SSL certificate resellers associated with Comodo.

On the topic of social media we talked a bit about the new functions Facebook has been working on to reduce likejacking fraud and improve their SSL support.

If you prefer a news summary for the week in text format, visit the Sophos Security Hub for the latest selected hot topics or subscribe to our weekly newsletter, Sophos enews.

(31 March 2011, duration 21:13 minutes, size 10.2MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 54.

All of our past podcasts are available from http://podcasts.sophos.com and on iTunes.

, , , , , ,

You might like

One Response to SSCC 54 - Firefox, MySQL hacked, Comodo and Facebook

  1. Richard · 1246 days ago

    "Firefox, MySQL hacked, ..."

    Your headline makes it sound like Firefox has been hacked, which isn't what you meant (I hope!).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.