Lock and Code

This week on Lock and Code, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN.   You've likely heard the benefits of using a VPN: You can watch TV shows restricted to certain countries, you can encrypt your web traffic on public WiFi networks, and, importantly, you can obscure your Internet activity from your Internet Service Provider, which may use that activity for advertising.   But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. It just means that the VPN itself gets to see that information instead.   Tune in to hear about what your VPN can see, why it is important for that information to be secured, and how you can safely transfer your trust to a VPN, on the latest episode of Lock and Code, with host David Ruiz.   

This week on Lock and Code, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the global pandemic. If you just pay attention to the numbers from last year, you might get the wrong idea. After all, malware detections for both consumers and businesses decreased in 2020 compared to 2019. That sounds like good news, but it wasn't. Behind those lowered numbers were more skillful, more precise attacks that derailed major corporations, hospitals, and schools with record-setting ransom demands. You can read the full 2021 State of Malware report here, and you can follow along with everyday cybersecurity coverage from Malwarebytes Labs here. 

Every few years, after the public learns about an ugly, online harassment campaign, a familiar response shoots forth: Change the way we talk to one another online, either by changing the law, or changing the rules for how we identify ourselves online. But these "solutions" could actually bring more problems, particularly for vulnerable communities. Today, we speak to Electronic Frontier Foundation's Director of Cybersecurity Eva Galperin about how removing online anonymity could harm the safety of domestic abuse survivors, and why one decades-old law protects everyone online, and not just Big Tech.

On today's show, we discuss cybersecurity's public enemy number one: Emotet. This piece of malware started in 2014 as a simple banking Trojan, but it later evolved into a fully functional malware business, as its operators sold access to other threat actors and helped load separate malware for a price. The danger was real, but on January 27, Europol announced they'd taken Emotet down. Today, we talk to Malwarebytes security evangelist Adam Kujawa about Emotet's past, its takedown, and the power vacuum it leaves behind.

For Data Privacy Day this year, Lock and Code returns with a special episode featuring guests from Mozilla, DuckDuckGo, and EFF in a discussion on how to protect your online privacy.

Education faced a crisis in the US this year, as the coronavirus forced schools across the country to develop new strategies for teaching. At Malwarebytes, we wanted to discover how these shifts impacted education cybersecurity. Today on Lock and Code, we discuss the latest findings from our report, "Lessons in cybersecurity: How education coped in the shift to distance learning," and we speak with Doug Levin, founder of K12 cybersecurity resource center and advisor to K12 Security Information Exchange, about how schools can plan for a cybersecure 2021.

Today we look at two topics that, maybe surprisingly, intersect: charity organizations and online ad tracking. Ad tracking isn't new—luxury brands used to place their advertisements specifically in newspapers that delivered to high-income zip codes. But today's ad tracking supercharges that match-making game with a complex, opaque machinery that can track what you do online, what websites you visit, what browser you use, and even your gender, religion, and political bias. To help us better understand how charity organizations utilize ad tracking tools—and why that could concern some users—we’re speaking with Chris Boyd, lead malware intelligence analyst for Malwarebytes.

Today, we’re offering Lock and Code listeners something different. We’re giving you a backstage pass to a training we held for employees during Cybersecurity Awareness Month. The topic? The future of cybersecurity for the Internet of Things. Will we ever run antivirus software on IoT devices? What predictions can we make for how the cybersecurity industry will respond to the next, possible big IoT attack? And what can we do today to stay safe? This episode was recorded live in front of our fellow Malwarebytes employees. It also includes a Q&A with our employees at the end.

Cybersecurity Awareness Month is upon us, and while the value of the once-a-year awareness campaign may be obvious to the countless employees now enrolled in cybersecurity trainings, phishing quizzes, and multi-factor authentication webinars—likely mandated by their employers—the value of this awareness campaign may be a little less obvious to the everyday consumer. To help us better understand the value of Cybersecurity Awareness Month for the consumer, we’re talking today with Jamie Court, president of the non-profit advocacy group Consumer Watchdog.

We often learn about cybersecurity issues because of reporting. And as the years have progressed, the stories have only become more intertwined into our everyday lives. Tune in to hear about the role of journalism in cybersecurity—like what makes a vulnerability newsworthy and what coverage helps readers most—on the latest episode of Lock and Code, with guests Seth Rosenblatt of The Parallax and Alfred Ng of CNET.