SSCC 102 – Probably the best 15 minute security podcast you’ll hear today

chet-chat-102-170Have you joined thousands of others, and become a loyal listener to the “Chet Chat” yet?

Sophos has been recording security-related podcasts since 2006.

One of our most popular shows is the regular “Chet Chat” series where Senior Security Advisor Chester Wisniewski discusses the latest security news with a series of experts, and offers actionable advice on what you and your company should do about it.

The “Chet Chat” can be one of the best way you can catch up with the latest developments in the world of computer security, with a mixture of insight, expertise, scepticism, and advice.

And it’s a quick listen too! Typically episodes come in at under 15 minutes – perfect for your lunchtime security fix, or as part of your commute.

The latest “Chet Chat”, episode 102, features Chet and Naked Security’s own Paul “Duck” Ducklin in a timely conversation that will certainly get you thinking about how better to secure your computers at home and in the office.

Listen now:

(12 February 2013, duration 14:32 minutes, size 8.8 MBytes)

Download now:
Sophos Security Chet Chat #102 (MP3)

Chet Chat episode 102 shownotes:

Network. Image from ShutterstockBamital botnet takedown

Microsoft and Symantec show that the private sector has an important role to play in helping law enforcement take on organised cybercriminal gangs.

In this case, the Bamital botnet gang was reportedly netting $1 million a year through its attacks.

After control of some of the servers used by the botnet was seized by the authorities, warning messages could be displayed to victims, providing information and tools necessary for victims to disinfect their computers from the Bamital malware.

However, as the podcast discusses, there’s a problem. The cybercrime authorities cannot always get sufficient budget to tackle challenges like the Bamital botnet. The reason? Not enough people are either willing or know how to report malware infections – and if the scale of the problem cannot be measured, it’s hard for the authorities to procure the funds to fight it properly.

Router. Image from ShutterstockUPnP and your router

Millions of routers wrongly seem to let outsiders snoop around inside your network, thanks to Universal Plug and Play.

UPnP is actually presented as a feature by many vendors – but is truly “one of the worst ideas ever” from the security point of view.

Vulnerable products include webcams, printers, security cameras, media servers, smart TVs and routers.

The last one is what is scariest. Nearly ever vendor you have ever heard of in the home/SOHO business has routers on the list of vulnerable products.

Many routers do not have an option to disable UPnP and even worse others have an option, but it doesn’t do anything.

What can you do about it? Read our article and listen to our podcast to learn more.

FlashFlash patched for Windows and Apple users

Adobe Flash is patched (again) for Windows and Mac users. And in case anyone still thinks Macs are immune to malware or of no interest to the crooks, here’s some evidence to the contrary.

Yes, it’s not just Windows users in the firing line.

Adobe said that it is aware of active attacks against Mac users exploiting the latest vulnerability – independent of Windows-based attacks.

Lucky 13Lucky Thirteen

A pair of UK cryptographers take on web security and have discovered theoretical vulnerability that could be turned into a practical attack.

As the podcast describes, a fix to the problem has been available since 2008 (in TLS 1.2) but it just hasn’t been properly adopted yet as only approximately 10% of servers actually support TLS 1.2 properly.

Catch up with the Chet Chat and other Sophos podcasts

(12 February 2013, duration 14:32 minutes, size 8.8 MBytes)

You can download the Sophos Security Chet Chat podcast episode 102 directly in MP3 format.

And why not take a look at the back-catalogue of Sophos Podcasts in our archive? We have loads of interesting stuff for your listening pleasure.