Shared Security Podcast

In this episode, we explore the rise of Threads, a new social media app developed by Meta, which has already attracted 10 million users in just seven hours. However, there’s a catch – the app collects extensive personal data, sparking concerns about privacy. Next, we dive into the world of airline reservation scams, exposing how fraudsters exploit a loophole to deceive unsuspecting travelers. Learn how to protect yourself and avoid being swindled by these ticket scams. Finally, we discuss the security vulnerability discovered in Eaton’s smart security alarm systems, highlighting the significant risks of IDOR (Insecure Direct Object Reference) vulnerabilities and the potential for unauthorized access. ** Links mentioned on the show * Threads, Meta’s Twitter rival, is tracking you in all sorts of ways https://mashable.com/article/threads-tracking-data https://thehackernews.com/2023/07/instagrams-twitter-alternative-threads.html https://about.fb.com/news/2023/07/introducing-threads-new-app-text-sharing/ How Your Real Flight Reservation Can Be Used to Scam You https://www.wired.com/story/plane-ticket-booking-hold-scam/ A simple bug exposed access to thousands of smart security alarm systems https://techcrunch.com/2023/06/16/eaton-secureconnect-security-alarm-vulnerability/ ** Watch this episode on YouTube ** https://youtu.be/nZCZk9myDcA ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Meta’s Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back appeared first on Shared Security Podcast.

Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, potentially holding companies and individuals for ransom. Is it better to change passwords regularly or focus on creating complex ones? We discuss the pitfalls of frequent password changes, such as predictable patterns and delayed responses to security breaches. The Department of the Army’s Criminal Investigation Division issues a military-wide alert about a program offering free smartwatches to US service members. We discuss the concerns surrounding these devices, from malicious actors targeting personal data to engaging in “brushing” activities. ** Links mentioned on the show * Moveit hack: attack on BBC and BA offers glimpse into the future of cybercrime https://theconversation.com/moveit-hack-attack-on-bbc-and-ba-offers-glimpse-into-the-future-of-cybercrime-207670 https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft Thoughts on scheduled password changes (don’t call them rotations!) https://nakedsecurity.sophos.com/2023/06/09/thoughts-on-scheduled-password-changes-dont-call-them-rotations/ Warning Issued to Troops Receiving Strange Smartwatches in the Mail https://www.military.com/daily-news/2023/06/22/warning-issued-troops-receiving-strange-smartwatches-mail.html ** Watch this episode on YouTube ** https://youtu.be/_vGTVzYmMBk ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches appeared first on Shared Security Podcast.

Paul Asadoorian, OG security podcaster and host of the popular Paul’s Security Weekly podcast, joins us in this episode to talk about his career as one of the original security podcasters. Paul’s been podcasting for more than 17 years! Paul also shares with us some of his greatest hacking stories and don’t miss our lively discussion about the state of firmware security. ** Links mentioned on the show * Paul Asadoorian’s Hacker Musings, Security Podcasts, and Nerd Stuff. https://securitypodcaster.com/ Paul’s YouTube Channel https://www.youtube.com/@securitypodcaster Paul’s Security Weekly Podcast https://www.youtube.com/@SecurityWeekly https://podcasts.apple.com/us/podcast/pauls-security-weekly/id91472687 Connect with Paul https://www.linkedin.com/in/paulasadoorian/ https://infosec.exchange/@paulasadoorian https://twitter.com/securityweekly ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

The FTC charged Ring, the Amazon-owned home security camera company, for compromising customer privacy and having inadequate security measures. Employees accessed private videos, while hackers exploited vulnerabilities and now Ring needs to reimburse customers $5.8 million dollars. The FTC complaint emphasizes that Ring’s actions disregarded privacy and security, putting consumers at risk. Google has removed the iRecorder – Screen Recorder app from the Play Store after it was discovered that it was infected with malware capable of stealing personal information. We discuss several ways to spot malicious apps on your smartphone helping you protect and safeguard your personal information. Finally, we discuss Forbes’ collaboration with SecurityScorecard to identify America’s Most Cybersecure Companies, and the ethical dilemma that this presents to companies that may not have given their permission to be listed. We also discuss why these lists may make companies a target by hackers (anyone remember the “Hacker Safe” badges?). ** Links mentioned on the show * Become an official supporter of the podcast! For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Sign up and become a supporter today! https://sharedsecurity.net/patron FTC Says Ring Employees Illegally Surveilled Customers, Failed to Stop Hackers from Taking Control of Users’ Cameras Under proposed FTC order, Ring will be prohibited from profiting from unlawfully accessing consumers videos, pay $5.8 million in consumer refunds https://www.ftc.gov/news-events/news/press-releases/2023/05/ftc-says-ring-employees-illegally-surveilled-customers-failed-stop-hackers-taking-control-users https://www.ftc.gov/business-guidance/blog/2023/05/not-home-alone-ftc-says-rings-lax-practices-led-disturbing-violations-users-privacy-security 3 ways to spot a malware-infected app on your smartphone https://www.zdnet.com/article/3-ways-to-spot-a-malware-infected-app-on-your-smartphone/ America’s Most Cybersecure Companies https://www.forbes.com/lists/most-cybersecure-companies/?sh=2285fb4d1764 ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The FTC’s Complaint Against Ring, Detecting Malware Infected Apps, America’s Most Cybersecure Companies appeared first on Shared Security Podcast.

In this exciting episode of our podcast we have the pleasure of speaking with Phillip Wylie, a remarkable professional with a captivating career in cybersecurity. Join us as we discuss Phillip’s unique journey and uncover valuable insights on breaking into the cybersecurity field. From his origins as a professional wrestler who once bravely faced off against a bear, to his evolution into a respected penetration tester, author, trainer, mentor, and public speaker, Phillip’s experiences are nothing short of extraordinary. Join us as Phillip shares his inspiring origin story and sheds light on the following topics: Unveiling the Transformation: From Pro Wrestler to Penetration Tester Bridging the Gap: Phillip’s Evolution from Pentester to Author and Trainer Navigating the Cybersecurity Landscape: Phillip’s Advice for Aspiring Professionals Are Cybersecurity Certifications Still Valuable? How to Engage and Connect with Phillip Join us for this episode as we discuss the remarkable career journey of Phillip Wylie! ** Links mentioned on the show * Phillip Wylie – The Hacker Maker https://www.thehackermaker.com/ The Hacker Factory Podcast https://www.itspmagazine.com/the-hacker-factory-podcast The Phillip Wylie Show https://podcasters.spotify.com/pod/show/phillip-wylie0?ref=thehackermaker.com https://www.youtube.com/playlist?list=PLrentPLOUQnI9dhXMpMughKpQp4z0hFfl&ref=thehackermaker.com Follow Phillip Wylie https://www.linkedin.com/in/phillipwylie/ https://twitter.com/PhillipWylie ** Watch this episode on YouTube ** https://youtu.be/V7e08Ubuq2o ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post How to Break Into a Cybersecurity Career – Phillip Wylie appeared first on Shared Security Podcast.

Netflix plans to crack down on the widespread practice of password sharing among households. We discuss their new verification feature and its impact on user experience and security. A lawyer finds himself in hot water after relying on ChatGPT for legal research. We investigate the consequences of referencing non-existent legal cases, the lawyer’s claim of unawareness about the AI’s potential for false information, and the broader concerns surrounding the risks of AI, including misinformation and bias. Threat intelligence firms are using fake online personas to gather data on Discord, Reddit, WhatsApp, and other apps. Watchdog groups have raised concerns about the potential violation of civil liberties and lack of oversight of this activity. ** Links mentioned on the show * Netflix Is Cracking Down on Password Sharing in the U.S. Here’s What to Know https://time.com/6282750/netflix-password-sharing-household-rules/ ChatGPT: US lawyer admits using AI for case research https://www.bbc.com/news/world-us-canada-65735769 Private Spies Hired by the FBI and Corporate Firms Infiltrate Discord, Reddit, WhatsApp https://www.leefang.com/p/private-spies-hired-by-the-fbi-and ** Watch this episode on YouTube ** https://youtu.be/iZPG1wunluE ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Sign up today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms appeared first on Shared Security Podcast.

In this episode, we discuss Meta’s record-breaking $1.3 billion fine by the EU for unlawfully transferring user data, shedding light on the increasing risks faced by tech companies in violating privacy rules. Highly realistic images of a Pentagon explosion went viral on Twitter, causing a stock market dip. We discuss the risks associated with Twitter’s verification system and the issue of AI and deepfaked images. Montana makes headlines as the first US state to ban TikTok. We discuss the ban’s motives, the challenges of implementation, and the broader concerns about personal data protection and online freedom. ** Links mentioned on the show * Meta Fined $1.3 Billion Over Data Transfers to U.S. https://www.wsj.com/articles/meta-fined-1-3-billion-over-data-transfers-to-u-s-b53dbb04 https://twitter.com/wbm312/status/1660812083372654593 Pentagon explosion hoax goes viral after verified Twitter accounts push https://www.bleepingcomputer.com/news/security/pentagon-explosion-hoax-goes-viral-after-verified-twitter-accounts-push/ Montana’s TikTok ban: why has it happened and will it work? https://www.theguardian.com/technology/2023/may/18/montana-tiktok-ban-why-has-it-happened-will-it-work ** Watch this episode on YouTube ** https://youtu.be/7_w7r84TqFg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Meta’s $1.3 Billion Fine, AI Hoax Hysteria, Montana’s TikTok Ban appeared first on Shared Security Podcast.

In this episode, we explore the arrival of passwordless Google accounts that use “passkeys,” which offer enhanced usability and security. We discuss the benefits of passkeys over traditional passwords, but also why passkeys are not quite ready for prime time use. Next, we discuss Google Domains’ introduction of new top-level domains (TLDs) like .zip and .mov, raising concerns about the potential use for malicious activities. We separate fact from fiction, and discuss the real risks involved. Lastly, we examine Twitter’s long-awaited encrypted direct messaging feature. We explore the limitations and criticisms surrounding its implementation, highlighting the importance of true end-to-end encryption solutions like Signal. ** Links mentioned on the show * Kevin Johnson on Security Weekly: Artificial Ignorance & Pen Testing https://www.youtube.com/watch?v=_2Yq5VrEHf0 Google passkeys are a no-brainer. You’ve turned them on, right? https://arstechnica.com/information-technology/2023/05/passwordless-google-accounts-are-easier-and-more-secure-than-passwords-heres-why/ Don’t panic. Google offering scary .zip and .mov domains is not the end of the world https://www.theregister.com/2023/05/17/google_zip_mov_domains/ https://noperator.dev/posts/zip-snip/ Twitter’s Encrypted DMs Are Deeply Inferior to Signal and WhatsApp https://www.wired.com/story/twitter-encrypted-dm-signal-whatsapp/ ** Watch this episode on YouTube ** https://youtu.be/wLCzD6j13ys ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Google Now Supports Passkeys, Risky New Top Level Domains, Twitter’s Encryption Dilemma appeared first on Shared Security Podcast.

In this episode we discuss a recent Twitter security incident that caused private tweets sent to Twitter Circles to become visible to unintended recipients. Next, we discuss the collaboration between Apple and Google to develop a specification for detecting and alerting users of unauthorized tracking using devices like AirTags. Finally, we explore the US government’s engagement with major technology companies and AI experts to address the risks associated with generative artificial intelligence (AI). We analyze the White House initiatives and the call for increased regulatory measures in the AI field. ** Links mentioned on the show * Twitter says ‘security incident’ exposed private Circle tweets https://www.bleepingcomputer.com/news/security/twitter-says-security-incident-exposed-private-circle-tweets/ Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices https://thehackernews.com/2023/05/apple-and-google-join-forces-to-stop.html White House unveils AI rules to address safety and privacy https://www.computerworld.com/article/3695731/white-house-unveils-ai-rules-to-address-safety-and-privacy.html ** Watch this episode on YouTube ** https://youtu.be/WmBHVCJo6rg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Private Tweets Exposed, Unauthorized Tracking Collaboration, AI Risks and Regulation appeared first on Shared Security Podcast.

In this episode we debunk the fearmongering surrounding “juice jacking,” a cyber attack where attackers steal data from devices that are charging via USB ports. Next, we dive into a case where a photographer tried to get his photos removed from an AI dataset, only to receive an invoice instead of having his photos taken down. Finally, we examine the security risks of using Google Authenticator’s cloud sync feature for two-factor authentication. We explain why this feature may not provide adequate protection and offer recommendations for more secure alternatives. ** Links mentioned on the show * Why is ‘Juice Jacking’ Suddenly Back in the News? https://krebsonsecurity.com/2023/04/why-is-juice-jacking-suddenly-back-in-the-news/ https://arstechnica.com/information-technology/2023/05/fearmongering-over-public-charging-stations-needs-to-stop-heres-why/ A Photographer Tried to Get His Photos Removed from an AI Dataset. He Got an Invoice Instead. https://www.vice.com/en/article/pkapb7/a-photographer-tried-to-get-his-photos-removed-from-an-ai-dataset-he-got-an-invoice-instead Google Authenticator’s Cloud Sync Security Not Up to the Task https://restoreprivacy.com/google-authenticators-cloud-sync-security-not-up-to-the-task/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Juice Jacking Debunked, Photographer vs. AI Dataset, Google Authenticator Risks appeared first on Shared Security Podcast.

In this episode we speak with Kai Roer, a renowned author, security culture coach, and CEO of Praxis Security Labs. Kai shares his career journey in cybersecurity and emphasizes the importance of building a strong security culture within organizations. He identifies the biggest impediments to a good security culture and offers actionable steps that organizations can take to improve their culture. Kai also discusses some of the biggest surprises he’s encountered in his work and provides insights for security awareness professionals and executives to learn about the most critical aspects of security culture. Finally, Kai shares his vision for the future of cybersecurity and his current projects. ** Links mentioned on the show * The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer https://www.amazon.com/Security-Culture-Playbook-Executive-Developing/dp/1119875234/ Connect with Kai https://kairoer.com/ https://praxissecuritylabs.com/ https://twitter.com/kairoer https://www.linkedin.com/in/kairoer/ ** Watch this episode on YouTube ** https://youtu.be/iTc4FDNvMLk ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Building a Healthy Security Culture: Insights from Kai Roer appeared first on Shared Security Podcast.

Is Arkansas taking the right step to protect children online? A new law passed in the state makes it illegal for minors to use social media without their parent or guardian’s consent. Over 60 Android apps on the Google Play Store with more than 100 million downloads have been infiltrated by the new “Tekya” malware. The malware can commit ad fraud and steal Facebook credentials. Criminals are stealing keyless cars in under two minutes with a previously unknown method involving intercepting the signal between the car key and the car. ** Links mentioned on the show * Arkansas Makes It Illegal For Minors to Be on Social Media Without Parental Consent https://www.vice.com/en/article/y3wdpv/arkansas-makes-it-illegal-for-minors-to-be-on-social-media-without-parental-consent Android malware infiltrates 60 Google Play apps with 100M installs https://www.bleepingcomputer.com/news/security/android-malware-infiltrates-60-google-play-apps-with-100m-installs/ There’s a new form of keyless car theft that works in under 2 minutes https://arstechnica.com/information-technology/2023/04/crooks-are-stealing-cars-using-previously-unknown-keyless-can-injection-attacks/ ** Watch this episode on YouTube ** https://youtu.be/GUsCHEY67O4 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Arkansas Social Media Consent Law, Android Malware Invasion, New Method of Keyless Car Theft appeared first on Shared Security Podcast.

Law enforcement agencies across 17 countries have cracked down on Genesis Market, one of the largest criminal marketplaces, resulting in the arrests of 120 people globally. Popular family safety app, Life360, has been used by sex traffickers to monitor and control their victims, highlighting the increasing use of GPS technology by criminals. A recent news report reveals that groups of Tesla employees shared highly invasive videos and images recorded by customers’ car cameras, including embarrassing and vulnerable situations. The leaked footage was shared via an internal messaging system, potentially compromising customer privacy. ** Links mentioned on the show * Genesis Market: Popular cybercrime website shut down by police https://www.bbc.com/news/uk-65180488 Sex Traffickers Used America’s Favorite Family Safety App To Control Victims https://www.forbes.com/sites/thomasbrewster/2023/04/06/sex-traffickers-use-parenting-apps-like-life360-to-spy-on-victims/?sh=3d2e55a864c3 Special Report: Tesla workers shared sensitive images recorded by customer cars https://www.reuters.com/technology/tesla-workers-shared-sensitive-images-recorded-by-customer-cars-2023-04-06/ ** Watch this episode on YouTube ** https://youtu.be/YvZx5OU93NI ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Genesis Market Crackdown, Life360 App Misuse, Tesla Customer Privacy Concerns appeared first on Shared Security Podcast.

Clearview AI provided police with 30 billion scraped images from Facebook, raising concerns over privacy and the potential misuse of facial recognition technology. A victim of a phone hack shares their story of how their credit card was stolen, highlighting the vulnerability of personal information and the chain of events that happen when someone’s identity is stolen. Our discussion about an open letter calling for the regulation of AI development due to potential dangers and misuse has become a source of controversy within the tech community. We also discuss an extreme proposal of using the threat of nuclear war to prevent the rise of artificial intelligence. ** Links mentioned on the show * Clearview AI scraped 30 billion images from Facebook and gave them to cops: it puts everyone into a ‘perpetual police line-up’ https://www.msn.com/en-us/news/technology/clearview-ai-scraped-30-billion-images-from-facebook-and-gave-them-to-cops-it-puts-everyone-into-a-perpetual-police-line-up/ar-AA19ocLq A hacker ripped me off for $10,000. The scam turned out to be brilliant — and terrifying. https://www.yahoo.com/news/someone-hacked-phone-stole-credit-100000528.html The Open Letter to Stop ‘Dangerous’ AI Race Is a Huge Mess https://www.vice.com/en/article/qjvppm/the-open-letter-to-stop-dangerous-ai-race-is-a-huge-mess AI Theorist Says Nuclear War Preferable to Developing Advanced AI https://www.vice.com/en/article/ak3dkj/ai-theorist-says-nuclear-war-preferable-to-developing-advanced-ai ** Watch this episode on YouTube ** https://youtu.be/OxBRws_99kg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Clearview AI Facial Recognition Fallout, Hacked and Helpless, Is AI Armageddon Upon Us? appeared first on Shared Security Podcast.

The CEO of TikTok was criticized by Congress for his “worthless” assurances regarding the app’s privacy and security. But what is the real motivation for Congress attempting to ban TikTok? Should we be concerned that AI language models like ChatGPT are a privacy nightmare? Not just for businesses but for anyone using it? Researchers have found a way to use inaudible ultrasonic waves to attack smartphones, smart speakers, and other devices by taking control of their voice assistants, opening browser windows, and performing other malicious actions. Is this the next generation of attacks we need to be worried about? ** Links mentioned on the show * TikTok CEO fails to convince Congress that the app is not a “weapon” for China https://arstechnica.com/tech-policy/2023/03/congress-calls-tiktok-ceos-security-and-privacy-assurances-worthless/ Senators Introduce Bipartisan Bill (RESTRICT Act) to Tackle National Security Threats from Foreign Tech https://www.warner.senate.gov/public/index.cfm/2023/3/senators-introduce-bipartisan-bill-to-tackle-national-security-threats-from-foreign-tech ChatGPT is a data privacy nightmare. If you’ve ever posted online, you ought to be concerned https://theconversation.com/chatgpt-is-a-data-privacy-nightmare-if-youve-ever-posted-online-you-ought-to-be-concerned-199283 Inaudible ultrasound attack can stealthily control your phone, smart speaker https://www.bleepingcomputer.com/news/security/inaudible-ultrasound-attack-can-stealthily-control-your-phone-smart-speaker/ ** Watch this episode on YouTube ** https://youtu.be/HbaZgE90k-4 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The TikTok CEO Testimony, ChatGPT’s Privacy Risks, Inaudible Ultrasound Attacks appeared first on Shared Security Podcast.

In this episode we discuss Google’s discovery of 18 zero-day vulnerabilities in Samsung’s Exynos chipsets. We examine an AI-assisted social engineering campaign that combines emerging technologies with classic techniques. Finally, we look at a new method of ATM fraud where thieves use glue to disable card readers and trick customers into using the tap function on their debit cards. ** Links mentioned on the show * Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets https://www.bleepingcomputer.com/news/security/google-finds-18-zero-day-vulnerabilities-in-samsung-exynos-chipsets/ Adversary Simulation with Voice Cloning in Real Time https://tevora-threat.ghost.io/adversary-simulation-with-voice-cloning-in-real-time-part-1/amp/ ATM thieves use glue and ‘tap’ function to drain accounts at Chase Bank https://abc7chicago.com/chase-bank-atm-scam-tap-to-pay/12913307/ Scott’s Security Awareness Forum discussion on artificial intelligence and security awareness ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Samsung Chipset Zero-Day Vulnerabilities, AI-Assisted Social Engineering, ATM Fraud with a Twist appeared first on Shared Security Podcast.

On this episode, Tom Eston discusses empathy in cybersecurity with Andra Zaharia, host of the Cyber Empathy Podcast. We talk about finding her passion for contributing to the industry and the importance of empathy in cybersecurity. We cover how empathy relates to cybersecurity in the industry, the importance of being empathetic in our roles as cybersecurity professionals, and why the phrase “users are the weakest link in security” is nothing more than victim blaming. We also discuss the long term implications of new technology and how we can help educate people on how to build and use technology with kindness and how even impacting one person can make a difference. ** Links mentioned on the show * Andra’s Cyber Empathy Podcast https://andrazaharia.com/cyber-empathy/ Andra’s How Do You Know Podcast https://podcasts.apple.com/us/podcast/how-do-you-know-by-andra-zaharia/id1375405676 Andra’s blog https://medium.com/@andra.zaharia Connect with Andra https://infosec.exchange/@andrazaharia https://twitter.com/andrazaharia https://www.linkedin.com/in/andrazaharia/ ** Watch this episode on YouTube ** https://youtu.be/7O7E0rQnWEk ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Exploring the Role of Empathy in Cybersecurity with Andra Zaharia appeared first on Shared Security Podcast.

What you need to know about Biden’s new National Cybersecurity Strategy, which aims to provide a framework of what the current administration wants the US federal government, critical infrastructure organizations, and private companies to do to work together to improve national cybersecurity. BetterHelp, a direct-to-consumer mental health app, has been asked to pay $7.8m by the Federal Trade Commission (FTC) for allegedly passing on users’ mental health information to Facebook, Snapchat and others. Fast food chain Chick-fil-A has confirmed a credential stuffing attack that allowed cybercriminals (who apparently really love chicken sandwiches) to access 71,473 customer accounts and sell access to them online. ** Links mentioned on the show * Biden’s Cybersecurity Strategy Assigns Responsibility to Tech Firms https://www.nytimes.com/2023/03/02/us/politics/biden-cybersecurity-strategy.html https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/ FTC: BetterHelp pushed users to share mental health info then gave it to Facebook https://iapp.org/news/a/ftc-fines-online-counselor-7-8m-halts-sensitive-data-sharing/ Chick-fil-A confirms accounts hacked in months-long “automated” attack https://www.bleepingcomputer.com/news/security/chick-fil-a-confirms-accounts-hacked-in-months-long-automated-attack/ ** Watch this episode on YouTube ** https://youtu.be/8u0Ht_K_gVU ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Biden’s National Cybersecurity Strategy, BetterHelp’s FTC Fine, Chick-fil-A Data Breach appeared first on Shared Security Podcast.

Popular password manager LastPass suffered a second attack that lasted for over two months. Now new and disturbing information is being released about the attack. Scott discusses the benefits and challenges of using gamification in security awareness training, emphasizing the importance of individual learning before employing it at the business process level. Signal, a very popular encrypted messaging app, warns it may leave the UK if new online safety legislation weakens its end-to-end encryption, sparking controversy and debate over privacy concerns. ** Links mentioned on the show * LastPass: DevOps engineer hacked to steal password vault data in 2022 breach https://www.bleepingcomputer.com/news/security/lastpass-devops-engineer-hacked-to-steal-password-vault-data-in-2022-breach/ What is “Gamification” and why is it misunderstood in the industry? https://www.linkedin.com/posts/scottwright_home-click-armor-activity-7033783390243848192-TOHu/ Signal app warns it will quit UK if law weakens end-to-end encryption https://www.theguardian.com/technology/2023/feb/24/signal-app-warns-it-will-quit-uk-if-law-weakens-end-to-end-encryption ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The LastPass Attack Gets Worse, What is Gamification, Signal’s Encryption Standoff appeared first on Shared Security Podcast.

Twitter is phasing out its free text message two-factor authentication (2FA) and putting the feature behind a paywall, prompting security experts to advise Twitter users to switch to other authentication methods. How data brokers are selling sensitive mental health data for a few hundred dollars with little attempt to hide identifying information such as names and addresses. A new report highlights how some firms are offering the data for as low as $275 for information on 5,000 people, and Congress has yet to pass significant legislation on data brokers. Meta (formerly Facebook) has launched a new program called Meta Verified which aims to unify verification across all of the company’s platforms. Users can pay a monthly fee to verify their presence on Facebook and Instagram by submitting their government ID. ** Links mentioned on the show * Could Twitter shutting off SMS 2FA be a great opportunity for the security industry or is this just the start of more ‘security tax’​ on the horizon? https://www.linkedin.com/pulse/could-twitter-shutting-off-sms-2fa-great-opportunity-security-potter https://infosec.exchange/@maxeddy/109883795151142780 https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter A researcher tried to buy mental health data. It was surprisingly easy. https://www.nbcnews.com/news/amp/rcna70071 Meta Verified will offer ID protection on Facebook, Instagram, WhatsApp for $12 (or more) per month https://www.androidpolice.com/meta-verified-announcement/ Scott’s blog about Gamification https://www.linkedin.com/posts/scottwright_home-click-armor-activity-7033783390243848192-TOHu/ ** Watch this episode on YouTube ** https://youtu.be/RGhg1yZE81Y ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Twitter’s Paywall 2FA, Mental Health Data for Sale, Meta’s Verified Program appeared first on Shared Security Podcast.

Reddit announced that it was the victim of a phishing attack aimed at its employees, resulting in unauthorized access to internal documents, code, and some unspecified business systems. Advice on managing device location-tracking settings to ensure you’re not sharing your location inadvertently. The case of former Ubiquiti employee, Nickolas Sharp, who pled guilty to multiple felony charges after orchestrating a security breach, stealing data, and extorting almost $2m worth of cryptocurrency from his company. Plus, our thoughts about UFO’s and Chinese spy balloons! ** Links mentioned on the show * Reddit Suffers Security Breach Exposing Internal Documents and Source Code https://thehackernews.com/2023/02/reddit-suffers-security-breach-exposing.html https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/ How to Make Sure You’re Not Accidentally Sharing Your Location https://www.wired.com/story/how-to-not-accidentally-share-your-location/ Tom’s Video! How to Stop Online Tracking: 3 New Ways Tom’s blog that he hasn’t updated in forever https://spylogic.net Developer pleads guilty to hacking his own company after pretending to investigate himself https://www.theverge.com/2023/2/3/23584414/ubiquiti-developer-guilty-extortion-hack-security-breach-bitcoin-ransom ** Watch this episode on YouTube ** https://youtu.be/AuCB1Wv9kdA ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Reddit Hacked, Preventing Accidental Location Sharing, Developer Hacks His Own Company appeared first on Shared Security Podcast.

In this episode host Tom Eston sits down with Kathleen Smith, Chief Outreach Officer at ClearedJobs.net, to discuss the current state of the job market in the cybersecurity industry. With a recent surge in layoffs, Kathleen provides advice for those who were recently let go and discusses how the economic situation has affected recruiters. She also shares her predictions for changes in the recruitment process and offers advice for job seekers. Finally, Kathleen shares more about her role at Cleared Jobs and how listeners can get in touch. ** Links mentioned on the show * Connect with Kathleen Smith https://www.linkedin.com/in/kathleenesmith/ https://twitter.com/YesItsKathleen ClearedJobs.net https://clearedjobs.net/ Security Cleared Jobs: Who’s Hiring & How Podcast https://clearedjobs.net/podcast Previous episodes with Kathleen https://sharedsecurity.net/2020/05/29/episode-100-with-rachel-tobac-and-kathleen-smith/ https://sharedsecurity.net/2019/01/09/cybersecurity-careers-recruiting-and-volunteering-with-kathleen-smith-84/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Layoffs, Recruiting, and The Year Ahead for Cybersecurity Job Seekers appeared first on Shared Security Podcast.

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors. Not only that, a new vulnerability in the popular open-source password management software KeePass has also been reported. Three health tracking apps available on Google Play (Lucky Step, WalkingJoy, Lucky Habit: health tracker) have been downloaded on over 20 million devices, but a recent report shows that the rewards for using the apps are impossible or only partially available after watching tons of ads. A bug in Meta’s Accounts Center feature allowed hackers to bypass two-factor authentication (2FA) by brute force guessing a six-digit authentication code. ** Links mentioned on the show * Convincing, Malicious Google Ads Look to Lift Password Manager Logins https://www.darkreading.com/threat-intelligence/convincing-malicious-google-ads-password-managers KeePass disputes vulnerability allowing stealthy password theft https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/ Shady reward apps on Google Play amass 20 million downloads https://www.bleepingcomputer.com/news/security/shady-reward-apps-on-google-play-amass-20-million-downloads/ Meta’s Account Center came with a 2FA-defeating bug https://www.theverge.com/2023/1/30/23578033/meta-account-center-bug-2-factor-authentication-sms-email ** Watch this episode on YouTube ** https://youtu.be/g_7UNWmCYgg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass appeared first on Shared Security Podcast.

A hacker discovered a copy of the US No Fly List, which contains the names of people banned from traveling in or out of the US on commercial flights, on an unsecured Jenkins server connected to a commercial airline. Will AI-powered phishing become a threat for organizations? Scientists from Carnegie Mellon University have developed a way to sense humans through walls using a deep neural network called DensePose that maps Wi-Fi signals to UV coordinates. ** Links mentioned on the show * U.S. ‘No Fly List’ Leaks After Being Left in an Unsecured Airline Server https://www.vice.com/en/article/93a4p5/us-no-fly-list-leaks-after-being-left-in-an-unsecured-airline-server Why AI-Powered Phishing Will Become a Serious Security Issue for Your Organization https://www.xorlab.com/en/blog/why-ai-powered-phishing-will-become-a-serious-security-issue-for-your-organization Scientists use Wi-Fi routers to see humans through walls https://www.zdnet.com/article/scientists-use-wi-fi-routers-to-see-humans-through-walls/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post U.S. ‘No Fly List’ Leaks, AI-Powered Phishing, Wi-Fi Used to See Humans Through Walls appeared first on Shared Security Podcast.

On this week’s episode, We’re excited to bring you a classic conference talk that Tom Eston gave with co-host Kevin Johnson back in 2009 at DEF CON 17 in Las Vegas. The talk is called “Social Zombies: Your Friends Want to Eat Your Brains” and it explores the various risks and concerns related to malware delivery through social networking sites. We discuss how social networks make money and the privacy and security issues that arise due to the trust built on these platforms. We also delve into typical botnets and bot programs, and examine the delivery of malware through social networks and the use of these networks as command and control channels. Interestingly, not a lot has changed in terms of the privacy and security of social networks since we gave this presentation, so it’s still highly relevant today. We hope you enjoy revisiting this classic talk with us this week on the Shared Security Show! ** Links mentioned on the show * Here’s the full talk if you want to watch the entire presentation! ** Watch this episode on YouTube ** https://youtu.be/caXPTbNWX64 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Social Zombies Revisited: Your Friends Want to Eat Your Brains appeared first on Shared Security Podcast.

Facebook has been ordered to pay a fine of $414m by EU regulators who ruled that the company had broken EU law by forcing users to accept personalized ads. The ruling could have a major impact on Facebook’s advertising business in the EU, which is one of the company’s largest markets, if it is required to make changes to its advertising practices. A hacker has claimed to have the personal data of 400 million Twitter users for sale on the dark web. Attackers have also released the account details and email addresses of 235 million users for free. The information was exposed due to a Twitter API vulnerability shipped in June 2021 and later patched. Security researchers have identified security vulnerabilities in the connected vehicle APIs of 16 major car manufacturers, including Acura, BMW, Ferrari, Ford, Genesis, Honda, Hyundai, Infiniti, Jaguar, Kia, Land Rover, Mercedes-Benz, Nissan, Porsche, Rolls Royce, and Toyota. ** Links mentioned on the show * Meta’s Ad Practices Ruled Illegal Under E.U. Law https://www.nytimes.com/2023/01/04/technology/meta-facebook-eu-gdpr.html Twitter data breach shows APIs are a goldmine for PII and social engineering https://venturebeat.com/security/twitter-social-engineering/ https://arstechnica.com/information-technology/2023/01/what-twitters-200-million-email-leak-really-means/ Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands https://thehackernews.com/2023/01/millions-of-vehicles-at-risk-api.html ** Watch this episode on YouTube ** https://youtu.be/O0B0d-ljO74 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Meta’s EU Ad Practices Ruled Illegal, Twitter API Data Breach, Vulnerabilities in Major Car Brands appeared first on Shared Security Podcast.

Things get worse for LastPass as a security breach in November resulted in the theft of customer data, including encrypted password vaults and unencrypted web addresses. Pig butchering scams, a variation of business email compromise and romance scams, are on the rise. How do they work and what do you need to know to protect yourself? Okta, a major identity and authentication company, has suffered another security breach following the “suspicious access” to its code repositories on Github. ** Links mentioned on the show * Encrypted LastPass Password Vaults, Customer Information Stolen in November Breach https://www.cpomagazine.com/cyber-security/encrypted-lastpass-password-vaults-customer-information-stolen-in-november-breach/ https://grahamcluley.com/lostpass-after-the-lastpass-hack-heres-what-you-need-to-know/ Hacker Lexicon: What Is a Pig Butchering Scam? https://www.wired.com/story/what-is-pig-butchering-scam/ Okta confirms another breach after hackers steal source code https://www.msn.com/en-us/news/technology/okta-confirms-another-breach-after-hackers-steal-source-code/ar-AA15yDk4 ** Watch this episode on YouTube ** https://youtu.be/RPpGf6slqWI ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post LastPass Password Vaults Stolen, Pig Butchering Scams, Okta Source Code Theft appeared first on Shared Security Podcast.

In this episode host Tom Eston discusses one of the biggest privacy concerns people have today, online tracking by companies and advertisers. Tom will cover the following topics, tips, and new techniques to help you stop being tracked: Why should we be concerned about online tracking? How to enable and configure the privacy settings in your web browser How your smartphone has privacy settings to block online tracking Using a privacy focused search engine ** Links mentioned on the show * Apple’s Stunning iOS 14 Privacy Move: A Game-Changer For All iPhone Users https://www.forbes.com/sites/kateoflahertyuk/2021/01/31/apples-stunning-ios-14-privacy-move-a-game-changer-for-all-iphone-users/?sh=5fd623b47e8d How to Disable Ad ID Tracking on iOS and Android, and Why You Should Do It Now https://www.eff.org/deeplinks/2022/05/how-disable-ad-id-tracking-ios-and-android-and-why-you-should-do-it-now What is App Tracking Transparency and how do you block app tracking? https://www.macworld.com/article/344420/app-tracking-transparency-privacy-ad-tracking-iphone-ipad-how-to-change-settings.html My Google Activity Settings https://myactivity.google.com/ StartPage Private Search https://www.startpage.com/ ** Watch this episode on YouTube ** https://youtu.be/EoITB1oZ114 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post How to Stop Online Tracking: 3 New Ways appeared first on Shared Security Podcast.

In our last episode of the year, we discuss the year that was 2022. What did we get right? What did we get wrong? And what are our cybersecurity and privacy predictions for 2023? Thank you to all of our listeners for a great year! We’re looking forward to bringing you more content, news, tips, and advice in 2023! Happy New Year! ** Links mentioned on the show * Our previous year in review episodes (have fun with these!) https://sharedsecurity.net/2021/12/27/the-year-in-review-and-2022-predictions/ https://sharedsecurity.net/2020/12/23/the-year-in-review-and-2021-predictions/ https://sharedsecurity.net/2019/12/23/the-year-in-review-and-2020-predictions-with-kevin-johnson/ https://sharedsecurity.net/2018/12/26/the-year-in-review-and-2019-predictions-with-special-guest-kevin-johnson-83/ ** Watch this episode on YouTube ** https://youtu.be/mSNrn_RM5mM ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Year in Review and 2023 Predictions appeared first on Shared Security Podcast.

Apple is considering giving third-party app stores access to its iPhones and iPads in the European Union (EU) to comply with new competition law. Will the “sideloading” of apps change Apple’s walled garden of security? Lensa the AI app that creates artistic profile pictures has gone viral. What are the privacy risks and what does their privacy policy and terms of service really say? A group of four graduate students from Wuhan University in China have developed a coat that they claim is invisible to AI-powered security cameras. How does the coat work and will this technology be used by the Chinese government to improve mass surveillance? Thanks to NordLayer for sponsoring this episode! As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity ** Links mentioned on the show * Apple Reportedly to Allow Rival App Stores on iPhones, iPads in EU https://www.cnet.com/tech/mobile/apple-reportedly-to-allow-rival-app-stores-on-iphones-ipads-in-eu/ What You Should Know Before Using the Lensa AI App https://www.wired.com/story/lensa-ai-magic-avatars-security-tips/ Chinese Students Invent Coat That Makes People Invisible to AI Security Cameras https://www.vice.com/amp/en/article/88q3gk/chinese-students-invent-invisibility-cloak ** Watch this episode on YouTube ** https://youtu.be/XayoUk8jemI ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Apple to Allow Third-Party App Stores, Lensa AI App Privacy Risks, Real-Life Invisibility Cloak appeared first on Shared Security Podcast.

A chatbot developed by OpenAI, called ChatGPT, has gone viral and is able to mimic human language and speech styles and can interact with users in a conversational way. It can be used for a range of purposes, including writing code, talking like a “Valley girl”, and even podcast introduction scripts. Attackers broke into a cloud storage service used by password manager LastPass to gain access to “certain elements” of customers’ information. Details on Apple’s three new advanced security features to protect user data in iCloud. Thanks to NordLayer for sponsoring this episode! As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity ** Links mentioned on the show * An AI chatbot went viral. Some say it’s better than Google, others worry it’s problematic. https://www.nbcnews.com/tech/tech-news/chatgpt-ai-chatbot-viral-rcna59628 Napkin Ideas Around What Changes to Expect Post-ChatGPT https://danielmiessler.com/blog/ideas-changes-expect-post-chatgpt/ ChatGPT: Optimizing Language Models for Dialogue https://openai.com/blog/chatgpt/ https://gpt3demo.com/apps/chatgpt Intruders gain access to user data in LastPass incident https://www.theregister.com/2022/12/01/lastpass/ Apple advances user security with powerful new data protections https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/ ** Watch this episode on YouTube ** https://youtu.be/JOdVW6Vo93I ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post ChatGPT Goes Viral, More Trouble for LastPass, Apple’s New Data Protections appeared first on Shared Security Podcast.

In this sponsored episode co-host Tom Eston discusses SASE (Secure Access Service Edge) and if its more than just the latest cybersecurity buzzword with Carlos Salas from NordLayer. Topics include: – What is SASE (Secure Access Service Edge)? – What’s the difference between SASE and SSE (Security Service Edge)? – What challenges/problems do companies encounter while trying to secure cloud networks? – Why would companies need a SASE solution? – Some crucial features of SASE and SSE (Zero Trust Network Access, Cloud Access Security Broker, Secure Web gateway, Firewalls-as-a-Service, Data Loss Protection (DLP), SD-WAN) – What has been and will be the intersection between remote or hybrid work and an organization’s cybersecurity needs? Thanks to NordLayer for sponsoring this episode! As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity. ** Links mentioned on the show ** NordLayer’s Global Remote Index https://nordlayer.com/global-remote-work-index/ ** Watch this episode on YouTube ** https://youtu.be/Ur5k5zC44MM ** Thank you to our sponsors! ** NordLayer Secure your business network with NordLayer. As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity. SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post SASE: Is it Just Another Cybersecurity Buzzword? appeared first on Shared Security Podcast.

A recent data breach of 5.4 million Twitter users and Meta being fined $265 million dollars from a 2021 data leak, and people are fleeing Twitter because of Elon Musk. Are we finally seeing a tipping point in social media? What is the TikTok “Invisible Challenge” and how links to fake “unfilter” software is being used to spread malware. Police in San Francisco will be allowed to deploy killer, remote-controlled robots in emergency situations. What could possibly go wrong? ** Links mentioned on the show ** Twitter Reportedly Unveils Lucrative Plan To Win Back Fleeing Advertisers As Musk Begs People To Tweet More https://www.forbes.com/sites/dereksaul/2022/12/01/twitter-reportedly-unveils-lucrative-plan-to-win-back-fleeing-advertisers-as-musk-begs-people-to-tweet-more/ 5.4 million Twitter users’ stolen data leaked online — more shared privately https://www.bleepingcomputer.com/news/security/54-million-twitter-users-stolen-data-leaked-online-more-shared-privately/ Meta Fined For 2021 Data Breach As Millions Of Twitter Users’ Data Also Leaked https://www.forbes.com/sites/petersuciu/2022/11/28/meta-fined-for-2021-data-breach-as-millions-of-twitter-users-data-leaked/ Attacker Uses a Popular TikTok Challenge to Lure Users Into Installing Malicious Package https://medium.com/checkmarx-security/attacker-uses-a-popular-tiktok-challenge-to-lure-users-into-installing-malicious-package-fe6248dfe0ae San Francisco approves police proposal to use potentially deadly robots https://www.theguardian.com/us-news/2022/nov/29/san-francisco-police-robots-deadly-force ** Watch this episode on YouTube ** https://youtu.be/piRf2tvSisY ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Is Social Media at a Tipping Point, The TikTok Invisible Challenge, San Francisco Police Can Use Killer Robots appeared first on Shared Security Podcast.

This week we continue our series on how to break into a cybersecurity career with long time industry veteran, Rob Fuller (Mubix). Rob speaks with us about how he started his career in the Marine Corps, his time on Hak5, and more recently earning his Masters degree. Rob also talks about how these experiences has shaped his career, his best career advice to someone just starting out, and the importance of getting yourself out there and doing the things you enjoy! Thanks to NordLayer for sponsoring this episode! Secure your business network with NordLayer. As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity. ** Links mentioned on the show ** Rob’s blog https://malicious.link/ Practical Exploitation with Mubix (video playlist) https://youtube.com/playlist?list=PLW5y1tjAOzI3n4KRN_ic8N8Qv_ss_dh_F Check out Rob on Hak5 (he’s been on a ton of previous episodes) https://www.youtube.com/@hak5 Follow Rob on Social Media https://twitter.com/mubix https://infosec.exchange/@mubix ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post How to Break Into a Cybersecurity Career – Rob Fuller (Mubix) appeared first on Shared Security Podcast.

Former Twitter users are migrating en masse to Mastodon so what is Mastodon and what do you need to know about Mastodon from a security and privacy perspective? Twitter was flooded by a wave of imposter accounts after the $8 “verification” label fiasco, and details about the largest multi-state privacy settlement in the US where Google has agreed to pay $391 million to resolve an investigation into how the company tracked users’ locations. Plus you don’t want to miss Tom’s Canadian dad jokes! ** Links mentioned on the show ** Mastodon: What you need to know for your security and privacy https://grahamcluley.com/mastodon-what-you-need-to-know-for-your-security-and-privacy/ Twitter Blue signups unavailable after raft of fake accounts https://abcnews.go.com/Technology/wireStory/twitter-blue-signups-unavailable-raft-fake-accounts-93124759 https://www.reuters.com/legal/transactional/would-twitter-get-online-publisher-immunity-fake-blue-check-suits-2022-11-14/ Google will pay $392m to 40 states in largest ever US privacy settlement https://www.theguardian.com/technology/2022/nov/14/google-settlement-40-states-user-location-tracking Apple faces new lawsuit over its data collection practices in first-party apps, like the App Store https://techcrunch.com/2022/11/14/apple-faces-new-lawsuit-over-its-data-collection-practices-in-first-party-apps-like-the-app-store/ Follow us on Mastodon! https://infosec.exchange/@sharedsecurity https://infosec.exchange/@agent0x0 https://infosec.exchange/@scottwright https://infosec.exchange/@secureideas ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Rise of Mastodon, Twitter in Trouble, Largest Privacy Settlement in US History appeared first on Shared Security Podcast.

Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how he got started, his advice to anyone that wants to pursue a career in DFIR, and what the future may hold for the DFIR industry. Thanks to NordLayer for sponsoring this episode! Secure your business network with NordLayer. As a listener of this podcast, get your first month free by going to https://nordlayer.com/sharedsecurity. ** Links mentioned on the show ** Follow DFIR Matt on Twitter https://twitter.com/c3rkah Follow Matt on LinkedIn https://www.linkedin.com/in/mattscheurer/ https://twitter.com/c3rkah Subscribe to the ThreatReel Podcast https://threatreel.com/ https://www.youtube.com/channel/UCq18YQ9jZdcWX2Er6d1fOCw Matt’s Slides and Workshops https://github.com/cerkah/ ** Watch this episode on YouTube ** https://youtu.be/EuDfT2TFZ-E ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR) appeared first on Shared Security Podcast.

Katie Teitler, Senior Cybersecurity Strategist at Axonius and co-host on the popular Enterprise Security Weekly podcast, joins us to discuss the role of cybersecurity in combating midterm election disinformation. We discuss the difference is between misinformation and disinformation, how we can combat disinformation and what are some things about disinformation, private platforms, and free speech we all need to think about during the midterm election. Plus, you don’t want to miss the story about how co-host Kevin Johnson was knocked out unconscious on an airplane! ** Links mentioned on the show ** Cybersecurity’s Role in Combating Midterm Election Disinformation – Article by Katie Teitler https://thereformedanalyst.substack.com/p/disinformation-and-election-security https://www.darkreading.com/vulnerabilities-threats/cybersecurity-s-role-in-combating-midterm-election-disinformation- Connect with Katie https://www.linkedin.com/in/katherineteitler/ ** Watch this episode on YouTube ** https://youtu.be/X8HOxW5gqLU ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Cybersecurity’s Role in Combating Midterm Election Disinformation appeared first on Shared Security Podcast.

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. Plus, details on the recent (ISC)2 bylaw vote (why you should vote no) and a discussion about the value of cybersecurity certifications. ** Links mentioned on the show ** After the Sullivan Verdict: A CISO’s Guide to Avoiding Jail https://www.bankinfosecurity.com/after-sullivan-verdict-cisos-guide-to-avoiding-jail-a-20285 What the Uber Breach Verdict Means for CISOs in the US https://www.darkreading.com/attacks-breaches/what-the-uber-breach-verdict-means-for-cisos-in-the-us ISC2 bylaw drama So here's a summary of what ISC2 is changing in its Bylaws and why you should vote NO in the upcoming Bylaws vote. Hold on to your wigs: — Wim Remes (@wimremes) October 14, 2022 Down the Security Rabbithole Podcast with host Rafal Los https://podcast.wh1t3rabbit.net/ ** Watch this episode on YouTube ** https://youtu.be/HAfjHZaA4AA ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications appeared first on Shared Security Podcast.

Two modified wi-fi enabled drones were found on the top of a financial firm’s building and used to intercept a employee’s credentials, a fun discussion about the best way to physically destroy data on electronics that no longer work, and details about Signal removing SMS support for Android users. ** Links mentioned on the show ** How Wi-Fi spy drones snooped on financial firm https://www.theregister.com/2022/10/12/drone-roof-attack/ How to wipe out data from things that don’t turn on? https://www.reddit.com/r/privacy/comments/y6535n/how_to_wipe_out_data_from_things_that_doesnt_turn/ Signal will remove support for SMS text messages on Android https://www.bleepingcomputer.com/news/technology/signal-will-remove-support-for-sms-text-messages-on-android/ ** Watch this episode on YouTube ** https://youtu.be/KJ9kfMGXebg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Attack of the Wi-Fi Spy Drones, How to Destroy Your Old Electronics, Signal Removes SMS Support appeared first on Shared Security Podcast.

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for LinkedIn. ** Links mentioned on the show ** Guilty verdict in the Uber breach case makes personal liability real for CISOs https://www.csoonline.com/article/3676148/guilty-verdict-in-the-uber-breach-case-makes-personal-liability-real-for-cisos.html https://www.linkedin.com/posts/stuart-w-techsecscot_uberbreach-uberciso-uberhack-activity-6984057144438325248-gg1s/ Is mandatory password expiration helping or hurting your password security? https://www.helpnetsecurity.com/2022/10/04/mandatory-password-expiration-helping-or-hurting-password-security/ Glut of Fake LinkedIn Profiles Pits HR Against the Bots https://krebsonsecurity.com/2022/10/glut-of-fake-linkedin-profiles-pits-hr-against-the-bots/ This person does not exist. AI generated profile pictures. https://thispersondoesnotexist.com/ The Capture on BBC https://www.bbc.co.uk/programmes/m00085sx/episodes/player ** Watch this episode on YouTube ** https://youtu.be/IdQ0xW4yNHU ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn appeared first on Shared Security Podcast.

A recent survey of ethical hackers by Bishop Fox and SANS shows that once a vulnerability or weakness is found about 58% of ethical hackers can break into an environment in less than five hours, SMS phishing and text message scams appear to be changing tactics taking a more “urgent” tone, and a discussion about strange ways employees can accidentally expose data. ** Links mentioned on the show ** More Than 60% Of Hackers Can Exfiltrate Data In Less Than Five Hours https://bishopfox.com/news/sans-hacking-survey-report-pr https://www.darkreading.com/attacks-breaches/attackers-less-than-ten-hours-find-weaknesses Scam nation: Why living with grifters is our new normal https://mashable.com/article/constant-texting-scams YSK: you shouldn’t reply “stop” to spam text messages https://www.reddit.com/r/YouShouldKnow/comments/x2q37p/ysk_you_shouldnt_reply_stop_to_spam_text_messages 8 strange ways employees can (accidentally) expose data https://www.csoonline.com/article/3675542/8-strange-ways-employees-can-accidently-expose-data.html ** Watch this episode on YouTube ** https://youtu.be/oqIo5yeHMIA ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Hackers Need 5 Hours or Less to Break In, SMS Phishing Tactics, Strange Ways Employees Expose Data appeared first on Shared Security Podcast.

Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in Microsoft PowerPoint to deploy malware, and details on how the 2K Games help desk support platform was compromised to push malware through fake support tickets. ** Links mentioned on the show ** Passkeys coming to iOS 16. What are Passkeys? https://developer.apple.com/passkeys/ https://www.cnet.com/tech/mobile/passkeys-more-secure-than-passwords-arrive-on-ios-16-iphone-14/ https://developer.apple.com/videos/play/wwdc2022/10092/ Hackers Using PowerPoint Mouseover Trick to Infect System with Malware https://thehackernews.com/2022/09/hackers-using-powerpoint-mouseover.html 2K Games says hacked help desk targeted players with malware https://www.bleepingcomputer.com/news/security/2k-games-says-hacked-help-desk-targeted-players-with-malware/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked appeared first on Shared Security Podcast.

Uber got hacked by an 18 year old using social engineering and a multi-factor authentication fatigue attack, Morgan Stanley has been auctioning off hard drives holding sensitive client data since 2015, and why is it so hard for social networks to remove personal data when deleting your user account. ** Links mentioned on the show ** Uber was breached to its core, purportedly by an 18-year-old. Here’s what’s known https://arstechnica.com/information-technology/2022/09/uber-was-hacked-to-its-core-purportedly-by-an-18-year-old-here-are-the-basics/ MITRE ATT&CK Mapping of the Uber breach https://twitter.com/MichalKoczwara/status/1571432800787759104/photo/1 Same hacker also claims he hacked Rockstar Games https://www.esquire.com/entertainment/a41292914/gta-6-leak-videos-rockstar-hacker/ Multi-factor Authentication Fatigue Attack – How to prevent being a victim https://sharedsecurity.net/2022/08/22/multi-factor-authentication-fatigue-attack-signal-account-twilio-hack-facebook-and-instagram-in-app-browser/ https://attack.mitre.org/techniques/T1621/ ‘Astonishing.’ Morgan Stanley hard drives holding sensitive client data got auctioned off online https://www.cnn.com/2022/09/20/business/morgan-stanley-fine-customer-data/index.html 35 Best Free Data Destruction Software Programs https://www.lifewire.com/free-data-destruction-software-programs-2626174 Why deleting something from the internet is ‘almost impossible’ https://www.cnn.com/2022/09/18/tech/deleting-data/index.html ** Watch this episode on YouTube ** https://youtu.be/hKateSJO3s0 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Uber Hacked by 18 Year Old, Morgan Stanley Hard Drives Got Auctioned, Deleting Your Data is Hard appeared first on Shared Security Podcast.

In recent court testimony two Facebook engineers were asked what information, precisely, does Facebook store about us, and where is it? Surprisingly they said, they don’t know. Details on how brand new employees of companies are being “spearmished” (hat tip to @ErinInfosec and @RachelTobac via Twitter), and how thousands of Colorado residents found themselves locked out of their smart thermostats to help prevent the power grid from failing. ** Links mentioned on the show ** Facebook Engineers: We Have No Idea Where We Keep All Your Personal Data https://theintercept.com/2022/09/07/facebook-personal-data-no-accountability/ New Hire SMS Phish Attack Method – Spearmishing? https://twitter.com/RachelTobac/status/1568656397637947392 A utility company locked thousands of customers out of their smart thermostats in Colorado https://www.theverge.com/2022/9/5/23337864/xcel-locked-out-customers-smart-thermostats-colorado-heatwave https://www.reddit.com/r/privacy/comments/xbj024/a_utility_company_locked_thousands_of_customers/ Click Armor’s Cyber Security Awareness Forum https://clickarmor.ca/live-cyber-security-awareness-forum/ ** Watch this episode on YouTube ** https://youtu.be/plNV4pvZZ3o ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Facebook Doesn’t Know Where Your Data Is, New Hire Spearmishing Attack, Smart Thermostat Lock Out appeared first on Shared Security Podcast.

TikTok has denied reports that it was breached by a hacking group, after it claimed they have gained access to over 2 billion user records, the Los Angeles school district, the second-largest in the US, suffered a ransomware attack, and details on how one high school in Sydney Australia installed fingerprint scanners at the entrance to bathrooms to track student movements and prevent vandalism. ** Links mentioned on the show ** TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users’ Information https://thehackernews.com/2022/09/tiktok-denies-data-breach-reportedly.html The second-biggest school district in the US was hit with ransomware https://www.zdnet.com/article/the-second-biggest-school-district-in-the-us-was-hit-with-ransomware/ https://www.msn.com/en-us/news/us/feds-anticipate-ransomware-attacks-against-schools/ar-AA11yV3r Sydney school’s use of fingerprint scanners in toilets an invasion of privacy, expert says https://www.theguardian.com/australia-news/2022/sep/06/sydney-schools-use-of-fingerprint-scanners-in-toilets-an-invasion-of-privacy-expert-says ** Watch this episode on YouTube ** https://youtu.be/BrtFT2u_fdA ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post TikTok Denies Data Breach, Los Angeles School District Ransomware Attack, Fingerprint Scanners in School Bathrooms appeared first on Shared Security Podcast.

Popular password manager LastPass announced that some of their source code was stolen, but that no customer passwords were compromised in a recent data breach disclosure, an Israeli researcher has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards, and details about the Twitter whistleblower Peiter “Mudge” Zatko and his claims about how Twitter had poor security practices, misled federal regulators about safety, and failed to properly estimate the number of bots on Twitter. ** Links mentioned on the show ** LastPass Says No Passwords Stolen in Data Breach https://www.cnet.com/tech/services-and-software/lastpass-says-no-passwords-stolen-in-data-breach/ https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/ ETHERLED: Air-gapped systems leak data via network card LEDs https://www.bleepingcomputer.com/news/security/etherled-air-gapped-systems-leak-data-via-network-card-leds/ Twitter’s former security chief says company lied about bots and safety https://www.theverge.com/2022/8/23/23317857/twitter-whistleblower-zatko-security-spam-safety https://en.wikipedia.org/wiki/L0pht https://en.wikipedia.org/wiki/Peiter_Zatko ** Watch this episode on YouTube ** https://youtu.be/EGJP7i3NUeE ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post LastPass Data Breach, ETHERLED: Air-Gapped Systems Attack, Twitter Whistleblower Complaint appeared first on Shared Security Podcast.

Janet Jackson’s “Rhythm Nation” has been recognized as an exploit for a vulnerability after Microsoft reported it can crash the hard drives of certain old laptop computers, phishing attacks that compromise credentials using brand impersonation are on the rise, and details about a new privacy focused phone carrier that doesn’t track your location or web browsing activity. ** Links mentioned on the show ** Microsoft: Bug in Janet Jackson’s “Rhythm Nation” could crash a laptop https://therecord.media/microsoft-bug-in-janet-jacksons-rhythm-nation-could-crash-a-laptop/ https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/ Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022 https://www.helpnetsecurity.com/2022/08/15/landscape-email-threat/ A Phone Carrier That Doesn’t Track Your Browsing or Location https://www.wired.com/story/pretty-good-phone-privacy-android/ https://invisv.com/articles/pretty-good-phone-privacy.html ** Watch this episode on YouTube ** https://youtu.be/orZV_upMYcQ ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You appeared first on Shared Security Podcast.

A Cisco employee was compromised by a ransomware gang using a technique called multi-factor authentication fatigue, an attack on the Signal messenger app’s SMS service Twilio potentially disclosed the phone numbers of 1,900 users, and details on how Facebook and Instagram track what you click on including your web browsing history by using their in-app browser. ** Links mentioned on the show ** Kevin’s interview on the Bishop Fox Livestream from DEF CON 30 Cisco Hacked by Ransomware Gang, Data Stolen https://www.securityweek.com/cybercriminals-breached-cisco-systems-and-stole-data Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack https://thehackernews.com/2022/08/nearly-1900-signal-messenger-accounts.html Facebook and Instagram rewrite websites via in-app browser that can track ‘every single interaction’ https://www.msn.com/en-gb/money/technology/facebook-and-instagram-rewrite-websites-via-in-app-browser-that-can-track-e2-80-98every-single-interaction-e2-80-99/ar-AA10Bqpj ** Watch this episode on YouTube ** https://youtu.be/SBnzn16xt1E ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Shared Security Podcast.

Aaron Zar, SLNT founder and director of disconnection joins co-host Tom Eston to discuss the importance of Faraday technology, what’s changed with privacy over the last several years, some of the really cool SLNT Faraday products now available, and how Aaron tested product durability by running over a SLNT Faraday Backpack (containing a MacBook Pro) with a truck! Don’t forget, listeners of the podcast get 10% off at slnt.com using discount code “sharedsecurity” during checkout! ** Links mentioned on the show ** Founder of SLNT® Demonstrates the strength of the Berry and TAA Compliant Faraday Dry Bag Check out SLNT’s line of Faraday products https://slnt.com Visit SLNT on Twitter and YouTube https://twitter.com/goslnt https://www.youtube.com/c/Silent-pocket Aaron’s previous appearance on the podcast https://sharedsecurity.net/2019/09/27/aaron-zar-co-founder-and-ceo-of-silent-pocket/ ** Watch this episode on YouTube ** https://youtu.be/6qn8XM8Tyls ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Importance of Faraday Technology with Aaron Zar from SLNT appeared first on Shared Security Podcast.

Why your phone number is becoming a popular way to identify you, our advice on how to best protect your privacy at hacker summer camp in Las Vegas (BSides, BlackHat, DEF CON), and details on Samsung’s new repair mode which will protect your private data on your smartphone when you take it in for repairs. ** Links mentioned on the show ** When did our phone numbers become the new identifier de jour? https://iapp.org/news/a/when-did-our-phone-numbers-become-the-new-identifier-de-jour/ Letter from a librarian to Google about 2fA hurting poor and low income people https://docs.google.com/document/d/1f6HPQbUjslcbjVHkJkAgYmQmBV3PRRHEcx4WL5rxuE8/preview Going to Hacker Summer Camp (Black Hat / DEF CON)? How to secure you and your data while at the world’s largest hacker convention (plus good advice for attending any large event) https://www.reddit.com/r/Defcon/comments/6ddvao/going_to_defcon_leave_your_cell_phone_at_home/ https://forallsecure.com/blog/your-guide-to-hacker-summer-camp-2021 Samsung’s smartphone ‘Repair Mode’ will stop nosy technicians looking at your photos https://www.zdnet.com/article/samsungs-smartphone-repair-mode-will-keep-nosy-technicians-from-looking-at-your-photos ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Phone Numbers Used for Identification, Hacker Summer Camp Advice, Samsung Repair Mode appeared first on Shared Security Podcast.