Lock and Code

Identity and access management, or IAM, is the name we use for the set of technologies and policies that control who accesses what resources inside a system—from company files being locked away for only some employees, to even your online banking account being accessible only to you. With more individuals using more accounts to access more resources than ever before, threats have similarly emerged. To better understand identity and access management, its impacts on the digital and physical world today, and who holds the responsibility to manage it, we’re talking today to Chuck Brooks, cybersecurity evangelist and adjunct professor for Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs.

Last month, cybersecurity experts warned the public about the data collection embedded in the Donald Trump 2020 re-election campaign’s mobile app. Once downloaded, the app requests broad access to user information, including device contacts, rough location, device storage, ID, call information, Bluetooth pairing, and more. On today’s episode, we’re looking at just one of the apps’ requested permissions—Bluetooth. To help us better understand Bluetooth and beacon technology, how they are applied to online advertising, and whether apps that request access to Bluetooth functionality are a big concern, we’re talking today with Chris Boyd, lead malware intelligence analyst for Malwarebytes.

For years, Internet capabilities have crept into modern consumer products, providing sometimes convenient, sometimes extraneous Internet connectivity. This increase in IoT devices has an obvious outcome—a broader attack surface for threat actors. Not only that, but with more devices connecting to the Internet, there are also more devices collecting your data and analyzing it to send you more ads, more frequently, for more products. To help us better understand the Internet of Things—including the cybersecurity and data privacy concerns of IoT devices, and what you can do to stay safe—we’re talking today to JP Taggart, senior security researcher with Malwarebytes.

We may know it’s important to have a strong, non-guessable, lengthy password, and yet we still probably all know someone who writes their password on a post-it, which is then affixed literally onto their machine. To help us better understand the future of passwords, and any potential pitfalls for the burgeoning alternatives, we’re talking today to Matt Davey, Chief Operations Optimist at 1Password, and Kyle Swank, a member of 1Password's security team.

With shelter-in-place orders now in full effect to prevent the spread of coronavirus, countless businesses find themselves this year in mandatory work-from-home situations. To break down today’s enterprise threats—and our own responses at Malwarebytes—we’re talking today to John Donovan, head of security for Malwarebytes, and Adam Kujawa, director for Malwarebytes Labs.

This week, we speak with Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy. The often neglected subcategory of data privacy deserves a closer look. Without theproper restrictions, browsers can allow web trackers to follow you around the Internet, resulting in that curious ad seeming to find you from website to website. But, there are ways to fight back.

Increasingly popular for both consumer products and law enforcement agencies, facial recognition technology is facing severe pushback, with at least 40 groups demanding a moratorium in the United States. To better understand the privacy and security concerns with these tools—along with the problems of actual accuracy—we're talking today with Chris Boyd, lead malware intelligence analyst with Malwarebytes.

VPNs surged in popularity in recent years, with at least 300 free mobile VPN apps available to the average user as of 2019. For many consumers, though, the rush of options can be confusing. To help us understand the how VPNs work—debunking their myths, explaining their actual capabilities, and providing some advice on what makes a strong VPN—we’re talking today to JP Taggart, senior security researcher with Malwarebytes.

Coronavirus has changed the face of the world. But what we've learned from how governments and medical experts respond to the spread of the virus bears similarities to how we in the cybersecurity industry respond to computer viruses. We talk to Malwarebytes Chief Product Officer Akshay Bhargava about computer virus prevention, detection, and response, along with the simple steps that consumers and businesses can take today to better protect themselves from a spreading cyber attack.

Today, our data can leave our hands and end up in the databases of countless companies, many of which we've never heard of, packaging and selling our data for reasons we could never imagine. To better understand how to protect ourselves online, we're talking to Adam Kujawa, a director of Malwarebytes Labs.

We talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect whose last names we are protecting to avoid a sudden influx of threats to their business—about the daily challenges of managing thousands of nodes and about the future of the industry.

To help us understand RSA Conference’s theme “The Human Element,” and to dive deeper into how the conference itself takes shape, we’re talking today to our guest Britta Glade, Director of Content and Curation for RSA Conference.

Lock and Code is the flagship podcast from the cybersecurity experts at Malwarebytes. Hosted by online privacy advocate and senior threat content writer David Ruiz, Lock and Code not only offers listeners an update on recent cybersecurity news, but it also features in-depth conversations about technology, privacy, cybersecurity, and hacking. Listen every other week as we talk to a variety of internal and external guests. We've featured Director of Malwarebytes Labs Adam Kujawa, 1Password Chief Operations Optimist Matt Davey, Mozilla Chief Security Officer Marshall Erwin, Open Path co-founder Samy Kamkar, cybersecurity journalists Alfred Ng and Seth Rosenblatt, and far more. Stay tuned, and stay safe.