Down The Security Rabbithole

Note: The hashtag for the show on Twitter has changed, please connect with us using #DtSR going forward. Thanks!   Topics covered Update: Home Depot breach (Hint: apparently it was a 3rd party entry point) Story: http://www.computerworld.com/article/2844491/home-depot-attackers-broke-in-using-a-vendors-stolen-credentials.html Apparently as a reaction, all execs are being switched to iDevices (blame Windows? and why only execs?) - http://www.imore.com/home-depot-switches-execs-iphones-macbooks-it-blames-windows-massive-breach Also, they lost ~53 Million email addresses too - http://online.wsj.com/articles/home-depot-hackers-used-password-stolen-from-vendor-1415309282 American Express is pushing tokenization to their payment ecosystem, this is big news but leaves a lot more questions and concerns than answers (for example- what about chip & pin (sign)? )- Story: http://threatpost.com/american-express-brings-tokenization-to-payment-cards/109137 Check out the standard itself: http://www.emvco.com/downloa