Shared Security Podcast

In this episode, we explore an incident where Anthropic’s AI, Claude, didn’t just resist shutdown but allegedly blackmailed its engineers. Is this a glitch or the beginning of an AI uprising? Along with co-host Kevin Johnson, we reminisce about past episodes, discuss AI safety and ethics, and examine the implications of AI mimicking human behaviors like blackmail. Join us for an in-depth conversation on the future of AI and its potential risks. ** Links mentioned on the show ** Anthropic’s new AI model turns to blackmail when engineers try to take it offline https://techcrunch.com/2025/05/22/anthropics-new-ai-model-turns-to-blackmail-when-engineers-try-to-take-it-offline/ ** Watch this episode on YouTube ** https://youtu.be/Khk6kJi1_9k ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post When AI Fights Back: Threats, Ethics, and Safety Concerns appeared first on Shared Security Podcast.

In this episode, we explore Mark Zuckerberg’s bold claim that AI friends will replace human friendships, and discuss the potential implications of a world where technology mediates our connections. We also update listeners on the recent developments in the 23andMe bankruptcy case and what it means for former customers. Joining the conversation is co-host Scott Wright, who shares his insights on AI, social media, privacy, and a thought-provoking book on the potential for a future US civil war. We touch on the eerie predictions of AI companionship and what this might entail for societal norms. Tune in for a stimulating discussion on technology, privacy, and the shifting landscape of human interaction. ** Links mentioned on the show ** The Next Civil War: Dispatches from the American Future https://www.amazon.com/Next-Civil-War-Dispatches-American/dp/1982123214 Zuckerberg’s Grand Vision: Most of Your Friends Will Be AI https://www.msn.com/en-us/technology/artificial-intelligence/zuckerberg-s-grand-vision-most-of-your-friends-will-be-ai/ar-AA1EjI6Q https://tech.yahoo.com/social-media/articles/zuckerberg-says-response-loneliness-epidemic-161345202.html 23andMe customers notified of bankruptcy and potential claims — deadline to file is July 14 https://techcrunch.com/2025/05/11/23andme-customers-notified-of-bankruptcy-and-potential-claims-deadline-to-file-is-july-14/ ** Watch this episode on YouTube ** https://youtu.be/bpMXQL7WXEg ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Mark Zuckerberg’s Vision: AI Companions and the Loneliness Epidemic appeared first on Shared Security Podcast.

Join hosts Tom Eston, Scott Wright, and Kevin Johnson in a special best-of episode of the Shared Security Podcast. Travel back to 2009 with the second-ever episode featuring discussions on early Facebook bugs, cross-site scripting vulnerabilities, and a pivotal Canadian privacy ruling involving Facebook. Gain insights into social media security from the past and see how much has (or hasn’t) changed. Don’t miss out on this informative episode on web application security, user privacy, and the efforts to keep social media safe. ** Links mentioned on the show ** Original show notes from episode 2 of the “Social Media Security Podcast” https://sharedsecurity.net/2009/09/27/social-media-security-podcast-2-month-of-facebook-bugs-what-is-xss-canadian-privacy-ruling/ ** Watch this episode on YouTube ** https://youtu.be/kRyhQmTVYiA ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Facebook Flaws and Privacy Laws: A Journey into Early Social Media Security from 2009 appeared first on Shared Security Podcast.

Join us as we explore the transformative changes in software development and cybersecurity due to AI. We discuss new terminology like ‘vibe coding’ — a novel, behavior-focused development approach, and ‘MCP’ (Model Context Protocol) — an open standard for AI interfaces. We also address the concept of ‘slopsquatting,’ a new type of threat involving AI-generated package names. Our co-hosts Scott Wright and Kevin Johnson discuss these topics, share personal insights, and ponder the future of coding in the AI era. Additionally, we draw some intriguing parallels between AI advancements and past practices, highlighting the need for oversight and security in this evolving landscape. ** Links mentioned on the show ** What is “vibe coding”? https://www.geeksforgeeks.org/what-is-vibe-coding/ https://www.forbes.com/sites/nishatalagala/2025/03/30/what-is-vibe-coding-and-why-should-you-care/ What is Model Context Protocol (MCP)? https://modelcontextprotocol.io/introduction https://www.anthropic.com/news/model-context-protocol https://en.wikipedia.org/wiki/Model_Context_Protocol AI hallucinations lead to a new cyber threat: Slopsquatting https://www.csoonline.com/article/3961304/ai-hallucinations-lead-to-new-cyber-threat-slopsquatting.html ** Watch this episode on YouTube ** https://youtu.be/vi7a9ciHPjg ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post What Vibe Coding, MCP, and Slopsquatting Reveal About the Future of AI Development appeared first on Shared Security Podcast.

What would happen if the US government halted funding for the CVE program? In this episode, we explore the controversies surrounding the funding of the CVE program, the role of CVEs in the cybersecurity industry, and the recent launch of the CVE Foundation. We also discuss the Trump Administration’s executive order that revoked the security clearance of former CISA Director Chris Krebs, following his declaration that the 2020 election was the most secure in history. Join us as we unpack the impact of these events on the cybersecurity landscape and what it means for the future. ** Links mentioned on the show ** Uncle Sam kills funding for CVE program. Yes, that CVE program https://www.theregister.com/2025/04/16/homeland_security_funding_for_cve/ CISA extends MITRE-backed CVE contract hours before its lapse https://www.nextgov.com/cybersecurity/2025/04/cisa-extends-mitre-backed-cve-contract-hours-its-lapse/404601/ Trump orders probe of former cybersecurity chief for declaring 2020 election secure https://www.usatoday.com/story/news/politics/2025/04/09/trump-orders-probe-krebs-2020-election/83016002007/ Where to buy Tom’s “Enjoy CyberCrime” t-shirt https://dustrial.net/ ** Watch this episode on YouTube ** https://youtu.be/y7RZdLYSXSc ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Impact of Politics on Cybersecurity: CVE’s and the Chris Krebs Executive Order appeared first on Shared Security Podcast.

Welcome to part three of our series with PlexTrac where we address data overload in vulnerability remediation. Join us as we preview the latest PlexTrac capabilities, including new ways to centralize asset and findings data, smarter workflow automation, and enhanced analytics. Guest speakers Dan DeCloss, CTO and founder of PlexTrac, and Sarah Foley, VP of Product at PlexTrac, share insights and demonstrate upcoming features. Learn about PlexTrac’s Continuous Threat Exposure Management (CTEM) framework and their exciting plans for RSA. To find out more information about PlexTrac and to get a demo visit: PlexTrac.com/SharedSecurity ** Links mentioned on the show ** PlexTrac Series Part 1 – Tackling Data Overload: Strategies for Effective Vulnerability Remediation https://sharedsecurity.net/2025/03/17/tackling-data-overload-strategies-for-effective-vulnerability-remediation/ PlexTrac Series Part 2 – From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows https://sharedsecurity.net/2025/03/24/from-spreadsheets-to-solutions-how-plextrac-enhances-security-workflows/ Connect with Dan DeCloss https://www.linkedin.com/in/ddecloss/ Connect with Sara Foley https://www.linkedin.com/in/sara-foley-aa991a3/ Find out more about PlexTrac https://plextrac.com/sharedsecurity ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Centralizing Data and Enhancing Workflows: Inside PlexTrac’s New Capabilities appeared first on Shared Security Podcast.

Planning to travel to the United States? This episode covers recent travel advisories regarding US border agents searching electronic devices, regardless of your citizenship status. Learn essential tips on smartphone security and how to protect your personal information, especially when attending protests. Scott Wright joins the discussion to provide valuable insights on safeguarding your data. Also covered are newer communication technologies like Meshtastic and advice on physical security measures to consider. ** Links mentioned on the show ** So you want to go to the USA? Are you sure? Here’s how to prepare your machines for Trumpistan https://www.theguardian.com/commentisfree/picture/2025/apr/07/so-you-want-to-go-to-the-usa-are-you-sure-heres-how-to-prepare-your-machines-for-trumpistan Canada warns travelers of US border agents’ authority to search electronic devices https://edition.cnn.com/2025/04/05/world/canada-travel-advisory-us-electronic-devices-intl-latam/index.html The Protesters’ Guide to Smartphone Security https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/ EFF’s Surveillance Self-Defense – Attending a Protest https://ssd.eff.org/module/attending-protest Meshtastic – An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices https://meshtastic.org/docs/introduction/ ** Watch this episode on YouTube ** https://youtu.be/N7yMtsW8NBo ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post US Border Searches and Protesting in the Surveillance Age appeared first on Shared Security Podcast.

In this episode, we discuss the urgent need to delete your DNA data from 23andMe amid concerns about the company’s potential collapse and lack of federal protections for your personal information. Kevin joins the show to give his thoughts on the Signal Gate scandal involving top government officials, emphasizing the potential risks and lack of accountability. We also touch on the importance of proper communication and document retention in government operations. Stay tuned for insights and steps you can take to protect your data. ** Links mentioned on the show ** What happens to your data if 23andMe collapses? https://news.harvard.edu/gazette/story/2025/03/what-happens-to-your-genetic-data-if-23andme-collapses/ https://www.linkedin.com/posts/jenniferminella_updated-privacy-psa-23andme-is-filing-activity-7309933153299693568-rNBF John Oliver Responds To Signal Group Chat Leak With His Own Emojis: “Go F— Yourselves, A–holes, Love America” https://deadline.com/2025/03/john-oliver-last-week-tonight-signal-group-chat-emoji-trump-1236354365/ https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/ ** Watch this episode on YouTube ** https://youtu.be/Rv5GVfv4TeQ ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The 23andMe Collapse, Signal Gate Fallout appeared first on Shared Security Podcast.

In this episode, host Tom Eston discusses recent privacy changes on eBay related to AI training and the implications for user data. He highlights the hidden opt-out feature for AI data usage and questions the transparency of such policies, especially in regions without strict privacy laws like the United States. The host also explores how AI is transforming our understanding of privacy and the potential increase in AI-driven surveillance. Tune in for insights on navigating these evolving challenges and the future of data privacy. ** Links mentioned on the show ** If you use eBay (new privacy changes) , toggle “AI training” preference off. https://www.reddit.com/r/privacy/comments/1je9wlk/if_you_use_ebay_new_privacy_changes_toggle_ai/ AI is slowly making privacy for “normal” people obsolete. https://www.reddit.com/r/privacy/comments/1jdmpea/ai_is_slowly_making_privacy_for_normal_people/ ** Watch this episode on YouTube ** https://youtu.be/6wN1v4KnMW0 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Understanding Privacy Changes: eBay’s AI Policy and The Future of Data Privacy appeared first on Shared Security Podcast.

In this special episode of the Shared Security Podcast, join Tom Eston and Dan DeCloss, CTO and founder of PlexTrac, as they discuss the challenges of data overload in vulnerability remediation. Discover how PlexTrac addresses these issues by integrating various data sources, providing customized risk scoring, and enhancing remediation workflows. The episode offers an insightful look into PlexTrac’s powerful features, real-world success stories, and how these tools help teams prioritize and act on critical findings efficiently. Don’t miss out on learning how to turn overwhelming data into actionable insights and maintain better data security. PlexTrac provides practitioners with an automated alternative for the most time-consuming parts of vulnerability management, including consolidating data, surfacing insights, prioritizing findings, and managing hand-offs to and from remediation teams. Find out more by visiting plextrac.com/sharedsecurity! ** Links mentioned on the show ** PlexTrac Series Part 1 – Tackling Data Overload: Strategies for Effective Vulnerability Remediation https://sharedsecurity.net/2025/03/17/tackling-data-overload-strategies-for-effective-vulnerability-remediation/ Connect with Dan DeCloss https://www.linkedin.com/in/ddecloss/ Find out more about PlexTrac https://plextrac.com/sharedsecurity ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** PlexTrac PlexTrac provides practitioners with an automated alternative for the most time-consuming parts of vulnerability management, including consolidating data, surfacing insights, prioritizing findings, and managing hand-offs to and from remediation teams. Find out more by visiting plextrac.com/sharedsecurity! SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows appeared first on Shared Security Podcast.

In part one of our three part series with PlexTrac, we address the challenges of data overload in vulnerability remediation. Tom hosts Dahvid Schloss, co-founder and course creator at Emulated Criminals, and Dan DeCloss, CTO and founder of PlexTrac. They share their expertise on the key data and workflow hurdles that security teams face today. From managing influxes of scanner data and asset management tools to prioritizing meaningful security actions, this episode offers valuable insights. Learn about the importance of context, the integration of threat intelligence, the future role of automation, and AI, and how these can transform the cybersecurity landscape. Tune in to stay ahead in your security strategies and practices. PlexTrac provides practitioners with an automated alternative for the most time-consuming parts of vulnerability management, including consolidating data, surfacing insights, prioritizing findings, and managing hand-offs to and from remediation teams. Find out more by visiting plextrac.com/sharedsecurity! ** Links mentioned on the show ** Connect with Dahvid Schloss https://www.linkedin.com/in/dahvidschloss/ Connect with Dan DeCloss https://www.linkedin.com/in/ddecloss/ Find out more about PlexTrac https://plextrac.com/sharedsecurity ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** PlexTrac PlexTrac provides practitioners with an automated alternative for the most time-consuming parts of vulnerability management, including consolidating data, surfacing insights, prioritizing findings, and managing hand-offs to and from remediation teams. Find out more by visiting plextrac.com/sharedsecurity! SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how gamification of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Tackling Data Overload: Strategies for Effective Vulnerability Remediation appeared first on Shared Security Podcast.

In this episode, we discuss whether the Trump administration ordered the U.S. Cyber Command and CISA to stand down on the Russian cyber threat. We also touch on the Canadian tariff situation with insights from Scott Wright. Additionally, we discuss the recent changes to Firefox’s privacy policy and what it means for user data. ** Links mentioned on the show ** We Are Canadian Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? https://www.zetter-zeroday.com/did-trump-admin-order-u-s-cyber-command-and-cisa-to-stand-down-on-russia/ https://www.zetter-zeroday.com/email/23342106-9d66-493e-807b-3eb3efd21b13/ The Firefox I loved is gone – how to protect your privacy on it now https://www.zdnet.com/article/the-firefox-i-loved-is-gone-how-to-protect-your-privacy-on-it-now/ uBlock Origin – Free, open-source ad content blocker https://ublockorigin.com/ ** Watch this episode on YouTube ** https://youtu.be/Luly0R6XHXA ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes appeared first on Shared Security Podcast.

In this episode, Kevin and Tom discuss current events including the latest developments with DOGE and the significant changes happening at the Cybersecurity and Infrastructure Security Agency (CISA). They also touch on Apple’s decision to refuse creating backdoors for encryption, setting a new precedent in digital security. Tune in for an insightful discussion on the implications for both government and corporate security. ** Links mentioned on the show ** Trump 2.0 Brings Cuts to Cyber, Consumer Protections https://krebsonsecurity.com/2025/02/trump-2-0-brings-cuts-to-cyber-consumer-protections/ “We will never build a backdoor” – Apple kills its iCloud’s end-to-end encryption feature in the UK https://www.techradar.com/computing/cyber-security/we-will-never-build-a-backdoor-apple-kills-its-iclouds-end-to-end-encryption-feature-in-the-uk ** Watch this episode on YouTube ** https://youtu.be/efAjZrM_xnw ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Cybersecurity Impact of DOGE, Apple’s Stand Against Encryption Backdoors appeared first on Shared Security Podcast.

In this episode, we welcome cybersecurity researcher and YouTube legend John Hammond. John shares insights from his career at Huntress and his popular YouTube channel, where he creates educational content on cybersecurity. He introduces his new platform, Just Hacking Training, aimed at providing affordable, high-quality training. John also discusses current trends in cybercrime, the role of AI in attacks, and provides tips on avoiding social engineering. The episode highlights an upcoming Capture the Flag event hosted by Snyk, and how Just Hacking Training offers access to archived CTF challenges for continuous learning. Tune in for an engaging conversation on the state of cybersecurity and practical advice for staying secure. ** Links mentioned on the show ** John’s “Just Hacking Training” https://www.justhacking.com/ Snyk Fetch the Flag CTF Event – February 27, 2025 9am-1pm ET https://snyk.io/events/ctf/ Connect with John Hammond https://johnhammond.org/links ** Watch this episode on YouTube ** https://youtu.be/-ohhJiIgrWM ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Cybersecurity Insights with John Hammond: YouTube Legend and Security Researcher appeared first on Shared Security Podcast.

In this episode, we discuss the UK government’s demand for Apple to create a secret backdoor for accessing encrypted iCloud backups under the Investigatory Powers Act and its potential global implications on privacy. We also discuss the first known case where AI chatbots were used in a stalking indictment, highlighting the dangers of technology misuse and the challenges it poses for legal systems. Join hosts Tom and Scott as they explore these pressing issues and introduce a new sub segment ‘AI Spy’ to focus on AI risks. Stay safe, stay secure, and stay informed! ** Links mentioned on the show ** UK’s secret Apple iCloud backdoor order is a global emergency, say critics https://techcrunch.com/2025/02/10/uks-secret-apple-icloud-backdoor-order-is-a-global-emergency-say-critics/ A man stalked a professor for six years. Then he used AI chatbots to lure strangers to her home https://www.theguardian.com/technology/2025/feb/01/stalking-ai-chatbot-impersonator ** Watch this episode on YouTube ** https://youtu.be/xTzd7kFXCMQ ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post UK’s Secret Apple Backdoor Request, AI Chatbots Used For Stalking appeared first on Shared Security Podcast.

In this episode we welcome Kathleen Smith, CMO of ClearedJobs.net, to discuss the current state of the cybersecurity job market. Kathleen shares her extensive experience in the field, recounting her tenure in various cybersecurity events and her contributions to job market research and recruiting. She discusses challenges such as distinguishing between genuine workforce shortages and hype, the importance of precise job descriptions, and the impacts of using AI in resume generation. Kathleen emphasizes that thorough job searches and well-crafted resumes are crucial for job seekers. Additionally, she highlights the need for clarity in cybersecurity job titles and roles to help bridge the gap between job seekers and employers. The episode ends with practical advice for job seekers on how to make their resumes stand out. ** Links mentioned on the show ** Connect with Kathleen on LinkedIn https://www.linkedin.com/in/kathleenesmith/ ClearedJobs.net https://clearedjobs.net/ Security Cleared Jobs Podcast https://clearedjobs.net/podcast ** Watch this episode on YouTube ** https://youtu.be/_6G88ydXEPc ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Careers in Cybersecurity: Myths and Realities with Kathleen Smith appeared first on Shared Security Podcast.

In this episode, we explore the rollout of digital driver’s licenses in states like Illinois and the potential privacy issues that come with them. Can digital IDs truly enhance convenience without compromising your privacy? We also discuss the new Chinese AI model, DeepSeek, which is affecting U.S. tech companies’ stock prices. Join us as we provide insights on these emerging trends and their implications. ** Links mentioned on the show ** Illinois residents may soon be able to own digital driver’s licenses and state IDs https://www.sj-r.com/story/news/state/2025/01/15/digital-state-ids-licenses-could-be-available-soon-in-illinois/77697952007/ DeepSeek’s popularity exploited by malware peddlers, scammers https://www.helpnetsecurity.com/2025/01/29/deepseek-popularity-exploited-malware-scams/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Privacy Concerns with Digital Driver’s Licenses, The Rise of DeepSeek AI appeared first on Shared Security Podcast.

In this episode, we discuss the latest issues with data brokers, focusing on a breach at Gravy Analytics that leaked 30 million location data points online. We also explore a vulnerability in Subaru’s Starlink system that allows unrestricted access to vehicle controls and customer data using just a last name and license plate number. Co-host Kevin Johnson joins the discussion to share insights and emphasize the need for stronger privacy regulations. ** Links mentioned on the show ** Data broker Gravy Analytics confirms a data breach after a hacker leaked millions of location records https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/ Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel https://samcurry.net/hacking-subaru ** Watch this episode on YouTube ** https://youtu.be/RNSdVChT-i8 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Shared Security Podcast.

In this episode, we explore Meta’s recent decision to replace traditional fact-checking with community notes and its potential impact on misinformation. We also discuss the implications of a TikTok ban in the U.S., with users migrating to similar apps like RedNote. The conversation covers the challenges of maintaining reliable information in social media and the shifting landscape of news consumption. Additionally, we delve into issues regarding AI-generated content, privacy concerns with Chinese-owned apps, and the importance of personal responsibility in fact-checking. ** Links mentioned on the show ** Meta ditches fact-checking for community notes ahead of second Trump term https://mashable.com/article/meta-ditches-fact-checking-for-community-notes As Americans flock to RedNote, privacy advocates warn about surveillance Over 700,000 users have downloaded the app in the lead-up to the TikTok ban https://www.theverge.com/2025/1/16/24345245/rednote-xiaohongshu-tiktok-ban-privacy I don't know how many of y'all are watching the migration of American TikTokers to RedNote, but it's the most fascinating thing I've EVER SEEN HAPPEN ONLINE. — Erica Wilkinson (@everywhereerica.bsky.social) 2025-01-14T14:50:09.972Z ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Meta Ditches Fact-Checking for Community Notes, RedNote and the TikTok Ban appeared first on Shared Security Podcast.

Do you ever read the privacy policy of your favorite AI tools like ChatGPT, Gemini, or Claude? In this episode, Scott Wright and Tom Eston discuss the critical aspects of these policies, comparing how each AI engine handles your personal data. They explore the implications of data usage, security, and privacy in AI, with insights from industry giants like Anthropic’s CEO, Dario Amodai. Are these AI tools safe to use? Find out as we break down the complexities and share our thoughts on the future of AI – and its impact on your data privacy. ** Links mentioned on the show ** Dario Amodei: Anthropic CEO on Claude, AGI & the Future of AI & Humanity https://lexfridman.com/dario-amodei/ Every Choice Matters: Data Security And Privacy On AI-Enabled Apps https://www.forbes.com/councils/forbestechcouncil/2024/12/16/every-choice-matters-data-security-and-privacy-on-ai-enabled-apps/ ** Watch this episode on YouTube ** https://youtu.be/vbXVNXG0yDI ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post AI Privacy Policies: Unveiling the Secrets Behind ChatGPT, Gemini, and Claude appeared first on Shared Security Podcast.

Join us as we reminisce about Y2K, the panic, the preparations, and the lessons learned 25 years later. We also discuss the implications for future technology like AI and potential cybersecurity crises. Plus, in our ‘Aware Much’ segment, Scott shares tips on protecting your data if your phone is stolen. Happy New Year and welcome to our first episode of 2025! ** Links mentioned on the show ** Y2K at 25: Panic, preparation and payoff https://mashable.com/article/y2k-25-years-later Protecting your data when your phone is stolen – literally right out of your hands https://www.linkedin.com/posts/paulgurney_theft-security-phone-ugcPost-7270798464425332736-PyEi ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Reflecting on Y2K: Lessons for the Next Tech Crisis and AI Safety appeared first on Shared Security Podcast.

In the final episode of the Shared Security Podcast for 2024, join us as we recap our predictions for the year, discuss what we got right and wrong, and highlight our top episodes on YouTube. We also extend a heartfelt thank you to our Patreon supporters and special guests. Plus, stay tuned for our predictions for 2025 and some fun discussions on AI’s impact, phishing attacks, and more. Happy New Year and thank you for your support! ** Links mentioned on the show ** Our 2024 Prediction Episode https://sharedsecurity.net/2023/12/25/the-year-in-review-and-2024-predictions/ Become a supporter in 2025 and help support the show! https://patreon.com/SharedSecurity ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post 2024 Year in Review: What We Got Right and Looking to 2025 appeared first on Shared Security Podcast.

In this episode Tom, Scott, and Kevin discuss the vulnerabilities of digital license plates and the potential for hackers to exploit them. They explain what digital license plates are and how they work. The ‘Aware Much?’ segment covers the topic of suspicious text messages and why you should avoid responding to unknown senders. The team also shares personal project frustrations and emphasizes the importance of cybersecurity measures in IoT devices. Stay tuned for insightful discussions and practical advice on staying secure. ** Links mentioned on the show ** Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets https://www.wired.com/story/digital-license-plate-jailbreak-hack/ What’s the deal with these scam texts with no obvious motive? Turns out it could be number warming. https://www.linkedin.com/posts/vulnerable-u_cybersecurity-infosec-activity-7273087449319268352-iFmn Why it’s not rude to ignore “hi, how are you?” text messages from strangers https://consumer.ftc.gov/consumer-alerts/2024/05/why-its-not-rude-ignore-hi-how-are-you-text-messages-strangers ** Watch this episode on YouTube ** https://youtu.be/MUzUf1U0An0 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Digital License Plate Vulnerabilities, How to Avoid New Text Message Scams appeared first on Shared Security Podcast.

In Episode 359 of the Shared Security Podcast, the team examines a shocking hack-for-hire operation alleged to target over 500 climate activists and journalists, potentially involving corporate sponsorship by ExxonMobil. They explore the intricate layers of this multifaceted campaign and the broader implications on security risk assessments. Additionally, Scott discusses the massive Salt Typhoon hacking campaign attributed to China, which has compromised major U.S. telecommunications companies, and the surprising shift in U.S. government stance on end-to-end encryption. Join Tom, Kevin, and Scott for their in-depth analysis and a touch of humor throughout this episode. ** Links mentioned on the show ** Inside ExxonMobil’s Alleged Hack-for-Hire Campaign Targeting Climate Activists https://www.vulnu.com/p/inside-exxonmobils-alleged-hack-for-hire-campaign-targeting-climate-activists https://www.reuters.com/business/energy/exxon-lobbyist-investigated-over-hack-and-leak-environmentalist-emails-sources-2024-11-27/ U.S. officials urge Americans to use encrypted apps amid cyberattack that exposed live phone calls https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694 ** Watch this episode on YouTube ** https://youtu.be/z009bcalLhE ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Hack-for-Hire Campaign Targeting Climate Activists, Government Hypocrisy on Encryption appeared first on Shared Security Podcast.

Join us for an insightful episode of the Shared Security Podcast as Tanya Janca returns for her fifth appearance. Discover the latest on her new book about secure coding, exciting updates in Application Security, and the use of AI in security. Learn how her new book goes deeper into secure coding practices, backed by her practical experiences and detailed research, aimed at empowering developers with actionable advice. Don’t miss Tanya’s take on privacy, better security practices, and much more! ** Links mentioned on the show ** Pre-order Tanya’s new book “Alice and Bob Learn Secure Coding” https://a.co/d/32FCrwt Tanya’s first book “Alice and Bob Learn Application Security” https://a.co/d/873MEWt Tanya’s previous guest appearances on the podcast https://sharedsecurity.net/2018/11/30/special-guest-tanya-janca-devops-and-appsec-women-in-cybersecurity-82/ https://sharedsecurity.net/2021/01/28/tanya-janca-ceo-and-founder-we-hack-purple/ https://sharedsecurity.net/2022/05/30/the-state-of-application-security-with-tanya-janca/ https://sharedsecurity.net/2023/12/04/application-security-trends-challenges-with-tanya-janca/ Connect with Tanya https://shehackspurple.ca/ https://www.linkedin.com/in/tanya-janca/ https://bsky.app/profile/shehackspurple.bsky.social ** Watch this episode on YouTube ** https://youtu.be/M3H1YCy6FjU ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Tanya Janca on Secure Coding, AI in Cybersecurity, and Her New Book appeared first on Shared Security Podcast.

In this episode, we discuss Australia’s new legislation banning social media for users under 16 and its potential impact. Our hosts also explore the issue of vishing (voicemail phishing), why it’s escalating, particularly during the holiday season, and how to protect yourself against these scams. Plus, we celebrate a milestone on our YouTube channel and share some fun community feedback! ** Links mentioned on the show ** Australia launches bill banning social media for under 16s https://www.dw.com/en/australia-launches-bill-banning-social-media-for-under-16s/a-70838309 Voice Phishing Attacks: How to Prevent and Respond to Them https://securityboulevard.com/2024/11/voice-phishing-attacks-how-to-prevent-and-respond-to-them/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Australia Bans Social Media for Kids, Holiday Vishing Scams appeared first on Shared Security Podcast.

In Episode 356, Tom and Kevin discuss the increasing role of deepfake technology in bypassing biometric checks, accounting for 24 percent of fraud attempts. The show covers identity fraud issues and explores the controversial practices of data brokers selling location data, including tracking US military personnel. The conversation shifts to social media platforms Twitter, Blue Sky, and Mastodon, discussing user experiences and migrations. The episode wraps up with a humorous and radical suggestion for dealing with data brokers. Tune in for an engaging discussion on security, privacy, and the impact of emerging fraud technologies. ** Links mentioned on the show ** One Deepfake Digital Identity Attack Strikes Every Five Minutes https://www.infosecurity-magazine.com/news/deepfake-identity-attack-every/ Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany https://www.wired.com/story/phone-data-us-soldiers-spies-nuclear-germany/ ** Watch this episode on YouTube ** https://youtu.be/VyttgAKIadI ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Deepfake Fraud, Data Brokers Tracking Military Personnel appeared first on Shared Security Podcast.

In episode 355, Tom discusses his decision to deactivate his Twitter accounts due to privacy concerns with Twitter’s new AI policy and changes in the blocking features. He outlines the steps for leaving Twitter, including how to archive and delete tweets, and evaluates alternative platforms such as Bluesky, Mastodon, and Threads for cybersecurity professionals seeking new social media spaces. ** Links mentioned on the show ** X updates block feature, letting blocked users see your public posts https://techcrunch.com/2024/11/03/x-updates-block-feature-letting-blocked-users-see-your-public-posts/ Changes in X’s Privacy Policy Promote AI https://etownian.com/main/news/changes-in-xs-privacy-policy-promote-ai/ Dropping X for Bluesky? These tips will make the migration easier https://www.fastcompany.com/91228063/dropping-x-for-bluesky-these-tips-will-make-the-migration-easier Script to delete your tweets (tweetXer) https://github.com/lucahammer/tweetXer?tab=readme-ov-file ** Watch this episode on YouTube ** https://youtu.be/NBr5jmnIzkA ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Why It’s Time to Leave Twitter appeared first on Shared Security Podcast.

In episode 354, we discuss the emergence of the term ‘Advanced Persistent Teenagers’ (APT) as a “new” cybersecurity threat. Recorded just before the election, the hosts humorously predict election outcomes while exploring the rise of teenage hackers responsible for major breaches. The episode also covers a notable Okta vulnerability that allowed someone to login without the correct password and its implications. Tune in for an engaging conversation on the evolving landscape of cyber threats. ** Links mentioned on the show ** The biggest underestimated security threat of today? Advanced persistent teenagers https://techcrunch.com/2024/11/01/the-biggest-underestimated-security-threat-of-today-advanced-persistent-teenagers/ Okta Bug Allowed Log-Ins Without a Correct Password https://www.yahoo.com/tech/okta-bug-allowed-log-ins-150248386.html ** Watch this episode on YouTube ** https://youtu.be/d1Od61NkbvU ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Advanced Persistent Teenagers, Okta Bug Allowed Logins Without a Correct Password appeared first on Shared Security Podcast.

In episode 353, we discuss the February 2024 ransomware attack on Change Healthcare, resulting in the largest data breach of protected health information in history. Notifications have been sent to 100 million Americans, including hosts Tom and Kevin. We explore the implications of this significant breach and whether paying ransoms is a viable solution. In the ‘Aware Much’ segment, Scott explains how mortgage wire fraud works and provides essential tips for real estate transactions to avoid such scams. Plus, a quick recap on our popular AI-powered toilet cameras episode. ** Links mentioned on the show ** Change Healthcare Breach Hits 100M Americans https://krebsonsecurity.com/2024/10/change-healthcare-breach-hits-100m-americans/ Buyer Beware of Mortgage Wire Fraud: Here’s How To Not Get Scammed https://www.realtor.com/advice/finance/mortgage-wire-fraud-how-to-not-get-scammed/ Additional Mortgage Wire Fraud Examples from the News https://www.nj.com/news/2024/06/they-wanted-to-buy-a-home-but-they-lost-32k-in-an-increasingly-common-real-estate-scam.html https://www.trisearch.com.au/a-conveyancing-transaction-gone-so-wrong/ https://fox4kc.com/news/problem-solvers/retired-teacher-and-daughter-scammed-out-of-200k-while-trying-to-buy-townhome/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Fallout from the Change Healthcare Breach, Mortgage Wire Fraud What You Need To Know appeared first on Shared Security Podcast.

In this episode, we discuss the significant data breach at the Internet Archive, affecting 33 million users. We also examine the introduction of an AI-integrated toilet camera by Throne, designed for health monitoring by analyzing bodily waste, and the ensuing privacy concerns. We explore these technological advancements alongside other unusual tech innovations, touching upon security issues with home cameras, personal data in health apps, and broader implications for privacy and technology. ** Links mentioned on the show ** Internet Archive hacked, data breach impacts 31 million users https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/ Internet Archive breached again through stolen access tokens https://www.bleepingcomputer.com/news/security/internet-archive-breached-again-through-stolen-access-tokens/ Throne’s toilet camera takes pictures of your poop https://techcrunch.com/2024/10/20/thrones-toilet-camera-takes-pictures-of-your-poop/ ** Watch this episode on YouTube ** https://youtu.be/HVPcSGPYD1k ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Shared Security Podcast.

In episode 351, hosts Tom and Scott explore an unusual incident where robot vacuums were hacked to shout obscenities, exposing significant IoT security issues. The discussion includes the mechanics of the Bluetooth hack and its broader cybersecurity implications. Additionally, the ‘Aware Much?’ segment reveals the world of hidden printer tracking dots, used for tracing document origins and their historical use by governments for tracking. This episode also highlights the technology’s role in preventing currency counterfeiting and capturing high-profile leaks, underscoring the intersection of privacy and security in modern times. ** Links mentioned on the show ** Hacked Robot Vacuums Across the U.S. Started Yelling Slurs https://gizmodo.com/hacked-robot-vacuums-across-the-us-started-yelling-slurs-2000511013 Why Printers Add Secret Tracking Dots https://getpocket.com/explore/item/why-printers-add-secret-tracking-dots https://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots ** Watch this episode on YouTube ** https://youtu.be/16t7Pll53fU ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Hacked Robot Vacuums, Secret Printer Tracking Dots appeared first on Shared Security Podcast.

In the milestone 350th episode of the Shared Security Podcast, the hosts reflect on 15 years of podcasting, and the podcast’s evolution from its beginnings in 2009. They discuss the impact of a current hurricane on Florida, offering advice on using iPhone and Android satellite communication features during emergencies. The ‘Aware Much’ segment focuses on the lack of change in user behavior towards cybersecurity, highlighting persistent issues like inadequate password manager usage and infrequent software updates. The episode covers historical insights into social media’s evolution, including privacy guides and LinkedIn’s fake profile problem, emphasizing the importance of a well-rounded approach to cybersecurity awareness and education. ** Links mentioned on the show ** How to use your iPhone’s emergency satellite features if you lose cell coverage https://www.zdnet.com/article/how-to-use-your-iphones-emergency-satellite-features-if-you-lose-cell-coverage/ For Android: https://www.zdnet.com/article/how-to-use-androids-emergency-satellite-texting-if-you-lose-cell-signal/ Our episode on ham radio https://sharedsecurity.net/2022/06/13/hacking-ham-radio/ Despite Online Threats, Users Aren’t Changing Behavior https://www.darkreading.com/endpoint-security/despite-online-threats-users-are-not-changing-behavior ** Watch this episode on YouTube ** https://youtu.be/unJGsnEdFGc ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits appeared first on Shared Security Podcast.

In this episode, the hosts discuss a significant vulnerability found in Kia’s web portal that allows remote control of various car features via their app, potentially enabling unauthorized unlocking and tracking. The conversation highlights the broader issue of web vulnerabilities in the automotive industry. Also covered are NIST’s updated password guidelines, eliminating complexity rules and periodic resets, emphasizing the importance of MFA. The episode features insights from co-host Kevin Johnson, covering both technical flaws and the security community’s perspectives on these evolving issues. ** Links mentioned on the show ** Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/ https://samcurry.net/hacking-kia NIST: No More Regular Password Resets and Arbitrary Complexity Rules https://www.vulnu.com/p/nist-no-more-regular-password-resets-and-arbitrary-complexity-rules ** Watch this episode on YouTube ** https://youtu.be/b5xvgfxIEb0 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Kia Security Flaw Exposed, NIST’s New Password Guidelines appeared first on Shared Security Podcast.

In episode 348, Tom and Scott discuss Discord’s new end-to-end encryption for audio and video calls, involving the DAVE Protocol, third-party vetting by Trail of Bits, and its impact on users. They also address LinkedIn’s controversial move to automatically opt users into using their data to train AI models without initial consent, suggestions for opting out, and the broader implications for user privacy. ** Links mentioned on the show ** Meet DAVE: Discord’s New End-to-End Encryption for Audio and Video https://discord.com/blog/meet-dave-e2ee-for-audio-video LinkedIn is using your data to train generative AI models. Here’s how to opt out. https://www.msn.com/en-us/money/technology/linkedin-is-using-your-data-to-train-generative-ai-models-heres-how-to-opt-out/ar-AA1qRqvW https://www.darkreading.com/cyber-risk/linkedin-user-data-collection-ai-training ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Discord’s New End-to-End Encryption, LinkedIn Using Your Data for AI Training appeared first on Shared Security Podcast.

In Episode 347, we discuss the recent alarming incidents involving exploding pagers targeting Hezbollah operatives in Lebanon, which resulted in multiple casualties. We clarify why this is not a cyber attack and should not cause widespread panic about personal device safety. Additionally, we cover Instagram’s new policies to default teen accounts to private and the implications for parental control and teen safety on social media. ** Links mentioned on the show ** Exploding pagers belonging to Hezbollah kill 8 and injure more than 2,700 in Lebanon https://www.nbcnews.com/news/world/hezbollah-pagers-expolsion-lebanon-handheld-devices-rcna171457 https://www.reuters.com/world/middle-east/israel-planted-explosives-hezbollahs-taiwan-made-pagers-sources-say-2024-09-18/ Introducing Instagram Teen Accounts: Built-In Protections for Teens, Peace of Mind for Parents https://about.fb.com/news/2024/09/instagram-teen-accounts/ https://www.msn.com/en-us/news/technology/instagram-makes-teen-accounts-private-as-pressure-mounts-on-the-app-to-protect-children/ar-AA1qHVsi ** Watch this episode on YouTube ** https://youtu.be/QAP9tdy6mGA ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Supply Chain Sabotage: The Exploding Pager Incident, Instagram’s New Teen Privacy Measures appeared first on Shared Security Podcast.

In episode 346, we discuss new AI-driven voicemail scams that sound convincingly real and how to identify them. We also explore recent research on the privacy concerns surrounding donations to political parties through their websites. Additionally, we celebrate the 15th anniversary of the podcast and share some reflections and fun facts about the journey. Join us for this insightful and informative episode! ** Links mentioned on the show ** Security Justice Podcast (2008-2011) https://archive.org/details/securityjustice Your personal data is political: W&M computer scientists find gaps in the privacy practices of campaign websites https://news.wm.edu/2024/02/07/your-personal-data-is-political-wm-computer-scientists-find-gaps-in-the-privacy-practices-of-campaign-websites/ ** Watch this episode on YouTube ** https://youtu.be/GOXUK4Wd2YM ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Rise of AI Voicemail Scams, Political Donation Privacy Concerns appeared first on Shared Security Podcast.

This week, we discuss a critical SQL injection vulnerability discovered in an app used by the TSA, raising ethical questions about responsible disclosure. Plus, we shed light on the alarming rise of Bitcoin ATM scams exploiting older adults, providing essential tips to protect your loved ones from these devious schemes. Tune in for unique insights and vital cybersecurity advice! ** Links mentioned on the show ** Bypassing airport security via SQL injection https://ian.sh/tsa https://x.com/mattjay/status/1831004620950278397?s=46&t=S0l2WLszljUYE1vbjB4M9A FTC: Over $110 million lost to Bitcoin ATM scams in 2023 https://www.bleepingcomputer.com/news/security/ftc-americans-lost-over-110-million-to-bitcoin-atm-scams-in-2023/ ** Watch this episode on YouTube ** https://youtu.be/sL1sfY3ATXM ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Shocking SQL Injection in TSA App, Bitcoin ATM Scams Targeting Seniors appeared first on Shared Security Podcast.

In this episode, we explore the recent arrest of Telegram founder Pavel Durov in France and discuss the app’s encryption claims. Is Telegram truly an encrypted messaging app? Joining the conversation is co-host Kevin Johnson, bringing his trademark opinions. We also talk about some intriguing documentaries, including ‘LulaRich’ about the LuLaRoe leggings company and ‘Class Action Park’ about a dangerous theme park in New Jersey. Tune in to hear our thoughts on these topics and more! ** Links mentioned on the show ** The Arrest of Pavel Durov Is a Reminder That Telegram Is Not Encrypted https://gizmodo.com/the-arrest-of-pavel-durov-is-a-reminder-that-telegram-is-not-encrypted-2000490960 https://www.404media.co/how-telegrams-founder-pavel-durov-became-a-culture-war-martyr/ The girl Pavel Durov wanted to show around Paris. She was literally posting every step of Durov online with photos and geolocations. https://x.com/runews/status/1827732141670572313 1834: The First Cyberattack https://www.schneier.com/blog/archives/2018/05/1834_the_first_.html LuLaRich Documentary (Amazon Prime) https://www.imdb.com/title/tt15213278/ Class Action Park Documentary (HBO Max) https://www.imdb.com/title/tt11015214/ ** Watch this episode on YouTube ** https://youtu.be/7kJYkd4Js20 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Telegram is NOT an Encrypted Messaging App, Must-See Documentaries appeared first on Shared Security Podcast.

This week, we discuss Google’s recent accusation by the U.S. Justice Department for being a monopoly and its implications for privacy and cybersecurity. We also cover essential privacy settings for Alexa smart speakers and their importance. Join the hosts, Tom, Kevin, and Scott, for an engaging conversation on these topics, along with a segment from ClickArmor on cybersecurity training. Plus, a recap of the Black Hat and BSides Las Vegas conferences. ** Links mentioned on the show ** Google illegally maintains monopoly over internet search, judge rules https://apnews.com/article/google-antitrust-search-engine-verdict-apple-319a61f20fb11510097845a30abaefd8 5 Amazon Alexa privacy settings you should change right away https://www.zdnet.com/home-and-office/smart-home/5-amazon-alexa-privacy-settings-you-should-change-right-away/ ** Watch this episode on YouTube ** https://youtu.be/0CJx-S-zTp8 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Google’s Monopoly: The Debate Heats Up, Amazon Alexa Privacy Tips appeared first on Shared Security Podcast.

In episode 342, we discuss the effectiveness of people-search removal tools like DeleteMe and Reputation Defender, based on a study by Consumer Reports. We also cover how almost every American’s social security number has potentially been stolen by hackers and shared on the dark web. Scott and Tom talk about the importance of protecting your personal information and methods to do so, including manually removing data and placing credit freezes. Plus, we touch on Canada’s privacy laws and wrap up with our Aware Much segment. Stay safe, stay secure, and stay private! ** Links mentioned on the show ** People-Search Site Removal Services Largely Ineffective https://www.schneier.com/blog/archives/2024/08/people-search-site-removal-services-largely-ineffective.html https://innovation.consumerreports.org/wp-content/uploads/2024/08/Data-Defense_-Evaluating-People-Search-Site-Removal-Services-.pdf Michael Bazzell’s Data Request Guide https://inteltechniques.com/requests.html Hackers may have stolen the Social Security numbers of every American. Here’s how to protect yourself https://www.latimes.com/business/story/2024-08-13/hacker-claims-theft-of-every-american-social-security-number ** Watch this episode on YouTube ** https://youtu.be/fODmnhqugSg ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Inefficiency of People-Search Removal Tools, Massive Data Breach Impacting U.S. Citizens appeared first on Shared Security Podcast.

Join us for this special live edition of the Shared Security Podcast, recorded in scorching Las Vegas at Black Hat 2024. Host Tom Eston is joined by Shourya Pratap Singh, Principal Software Engineer at SquareX. They discuss highlights from Black Hat 2024, emerging themes in cybersecurity such as AI-based threats, compliance, and cloud security. The conversation also covers the DEF CON talk given by Vivek and Shourya on Last Mile Reassembly Attacks, which exposes a critical flaw in Secure Web Gateways (SWGs) and introduces an open-source toolkit for Red Teams. Thank you to SquareX for sponsoring this episode! Find out more about SquareX at https://sqrx.com/ ** Links mentioned on the show ** SquareX Discovers New Cybersecurity Attacks that Completely Bypass Secure Web Gateways (SWG), Leaving Most Enterprises Vulnerable. https://www.prnewswire.com/news-releases/squarex-discovers-new-cybersecurity-attacks-that-completely-bypass-secure-web-gateways-swg-leaving-most-enterprises-vulnerable-302214112.html Evading Secure Web Gateways with Last Mile Reassembly Attacks https://browser.security/ Connect with Shourya on LinkedIn https://www.linkedin.com/in/shouryaps ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Exploring Cybersecurity Trends at Black Hat 2024 with Shourya Pratap Singh from SquareX appeared first on Shared Security Podcast.

In episode 341, we cover the unprecedented global IT outage caused by a CrowdStrike update crash, affecting 8.5 million Windows machines. We discuss whether it’s the largest outage in history and discuss the intricacies of internet accessibility and responses from key stakeholders like Microsoft. Also, in our Aware Much segment, we explore Japan’s AI system, Mr. Smile, designed to standardize employee smiles, and its implications on employee monitoring. Plus, we welcome back Kevin and give a special shout-out to our latest Patreon supporter. ** Links mentioned on the show ** CrowdStrike update crashes Windows systems, causes outages worldwide https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/ https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-repair-tool-to-remove-crowdstrike-driver Japan supermarket chain uses AI to gauge staff smiles, speech tones in quality service push https://www.scmp.com/news/people-culture/article/3271333/japan-supermarket-chain-uses-ai-gauge-staff-smiles-speech-tones-quality-service-push ** Watch this episode on YouTube ** https://youtu.be/S0Nni4l_WWE ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Great CrowdStrike Crash, AI’s Role in Employee Smiles appeared first on Shared Security Podcast.

In this episode, Tom Eston hosts Jeswin Mathai, Chief Architect at SquareX. This episode is part two of a series featuring SquareX, and Jeswin takes a deeper look into their cybersecurity solutions. Jeswin shares his extensive experience in the field and details how SquareX offers innovative protections at the browser level to guard against phishing attacks and other online threats. Learn about their unique approach by monitoring user activity in a privacy-safe manner and leveraging the power of modern browsers and device capabilities. Jeswin also discusses the limitations of traditional antivirus and secure web gateway solutions compared to SquareX’s comprehensive visibility and action capabilities. Don’t miss the live demonstration and insights on handling ransomware scenarios and deployment strategies for businesses of all sizes. The episode concludes with a sneak peek of what Jeswin and Vivek will be presenting at the upcoming DEF CON hacking conference. Thank you to SquareX for sponsoring this episode! Find out more about SquareX at https://sqrx.com/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post How SquareX is Redefining Web Security: An In-Depth Discussion with Chief Architect Jeswin Mathai appeared first on Shared Security Podcast.

In this episode, host Tom Eston welcomes Dan DeCloss, founder and CTO of PlexTrac. They exchange insights about their history at Veracode and explore Dan’s journey in cybersecurity. Dan shares his experience in penetration testing, the origins of PlexTrac, and the need to streamline reporting processes. The conversation also covers the state of the cybersecurity industry, the impact of generative AI, and future challenges such as deepfake technology. Dan touches upon the evolution of attackers and the role of both AI and human elements. The episode wraps up with thoughts on the younger generation’s approach to discerning information in a tech-driven world. ** Links mentioned on the show ** Connect with Dan https://www.linkedin.com/in/ddecloss/ Find out more about PlexTrac https://plextrac.com/ ** Watch this episode on YouTube ** https://youtu.be/3MRnGvZd7U0 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Deepfakes, AI, and the Future of Cybersecurity: Insights from Dan DeCloss of PlexTrac appeared first on Shared Security Podcast.

In episode 339, hosts Tom Eston and Scott Wright discuss the massive AT&T data breach affecting 110 million customers, which is larger than a previous breach from March affecting 73 million customers. They also talk about the importance of reading privacy policies on sites like Facebook and Instagram, as these platforms may use user data to train AI models. Additionally, they explore the implications of third-party cloud platform breaches, specifically mentioning the Snowflake incident. The ‘Aware Much?’ segment highlights evolving privacy policies, with Meta’s revised policy allowing user data for AI development being under scrutiny. The episode concludes with a mention of the importance of GDPR and other data protection regulations and a nod to their Patreon supporters. ** Links mentioned on the show ** Crooks Steal Phone, SMS Records for Nearly All AT&T Customers https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/ Privacy warriors gripe to UK watchdog about Meta harvesting user data to train AI https://www.theregister.com/2024/07/16/campaign_group_complains_to_uk/ Terms of Services Didn’t Read https://tosdr.org/en/frontpage Privacy Decrypted #6: How to read a privacy policy https://proton.me/blog/how-to-read-privacy-policy ** Watch this episode on YouTube ** https://youtu.be/YWV6OiNzR_A ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Massive AT&T Data Breach Impact, Meta’s Privacy Policy Updates appeared first on Shared Security Podcast.

In episode 338, we discuss the recent breach of the two-factor authentication provider Authy and its implications for users. We also explore a massive password list leak titled ‘Rock You 2024’ that has surfaced online. Find out why this file may not be as significant as it seems and the importance of avoiding password reuse. Stay tuned for our ‘Aware Much?’ segment with Scott Wright, featuring insights on credential stuffing and practical password management tips. ** Links mentioned on the show ** Using Authy? Beware of impending phishing attempts https://www.helpnetsecurity.com/2024/07/11/using-authy-beware-of-impending-phishing-attempts/ Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time https://www.techrepublic.com/article/worlds-largest-password-leak/ Rockyou2024 analysis: Mega password list or just noise? https://specopssoft.com/blog/rockyou2024-analysis-password-leak/ ** Watch this episode on YouTube ** https://youtu.be/28A0buGYycQ ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Authy Breach: What It Means for You, RockYou 2024 Password Leak appeared first on Shared Security Podcast.

In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police Department’s new guidelines on facial recognition technology following a lawsuit over a wrongful arrest due to misidentification, shedding light on the broader issues with such technologies, especially their impact on minorities. Lastly, in the ‘Aware Much’ segment, Scott shares essential tips on securely wiping personal data from old PCs, laptops, smartphones, and other electronic devices before selling or disposing of them. Join us as we welcome back co-hosts Kevin Johnson from Portugal and Scott recording from his car! ** Links mentioned on the show ** New regreSSHion OpenSSH RCE bug gives root on Linux servers https://www.bleepingcomputer.com/news/security/new-regresshion-openssh-rce-bug-gives-root-on-linux-servers/ Detroit Police Department agrees to new rules around facial recognition tech https://techcrunch.com/2024/06/29/detroit-police-department-agrees-to-new-rules-around-facial-recognition-tech/ How to Wipe a Computer Clean of Personal Data https://www.consumerreports.org/electronics-computers/computers/how-to-wipe-a-computer-clean-of-personal-data-a5849951358/ https://x.com/cradvocacy/status/1807827599890006166?s=46&t=S0l2WLszljUYE1vbjB4M9A ** Watch this episode on YouTube ** https://youtu.be/ISsQpDJNOnc ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices appeared first on Shared Security Podcast.

In episode 336 of the Shared Security Podcast, we discuss the Biden administration’s recent ban on Kaspersky antivirus software in the U.S. due to security concerns linked to its Russian origins. We also highlight the importance of keeping all software updated, using recent examples of supply chain attacks that have compromised several popular WordPress plugins. Join hosts Tom Eston and Scott Wright as they examine these key cybersecurity issues and emphasize proactive security measures. Plus, find out why co-host Kevin Johnson is missing this week and get the latest updates from Aware Much, sponsored by ClickArmor. ** Links mentioned on the show ** Biden bans Kaspersky antivirus software in US over security concerns https://www.bleepingcomputer.com/news/security/biden-bans-kaspersky-antivirus-software-in-us-over-security-concerns/ Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack https://arstechnica.com/security/2024/06/supply-chain-attack-on-wordpress-plugins-affects-as-many-as-36000-sites/ ** Watch this episode on YouTube ** https://youtu.be/svkH_8dou5Y ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The U.S. Bans Kaspersky Antivirus, WordPress Plugin Supply Chain Attacks appeared first on Shared Security Podcast.

In this special episode of the Shared Security Podcast, host Tom Eston interviews Vivek Ramachandran, the founder of SquareX. Vivek shares his journey in WiFi security, recounting his introduction of the Cafe Latte man-in-the-middle attack and founding of Pentest Academy. He discusses his latest venture, SquareX, a company focused on browser security to protect employees from client-side attacks. Vivek explains SquareX’s workings, industry challenges, and insights into Secure Web Gateways (SWGs). He also previews his upcoming DEF CON talk on bypassing SWGs and shares thoughts on AI in cyber-attacks. Learn about the future of browser-based security solutions and how enterprises can better protect themselves against sophisticated attacks. Thank you to SquareX for sponsoring this episode! Find out more about SquareX at https://sqrx.com/ ** Links mentioned on the show ** Follow and connect with Vivek on LinkedIn https://www.linkedin.com/in/vivekramachandran/ Follow Vivek and SquareX on Twitter https://twitter.com/vivekramac https://twitter.com/getsquarex Find out more about SquareX and try it out for free! https://sqrx.com/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity Get our new Shared Security Podcast glitter stickers! https://sharedsecurity.net/stickers ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Exploring Cutting-Edge Browser Security with Vivek Ramachandran – Founder of SquareX appeared first on Shared Security Podcast.