Shared Security Podcast

In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The iPhone exploit, known as Operation Triangulation, has complex chains of events that lead to compromised iPhone security. Meanwhile, the lawsuit against Google claims that the company’s technology was still tracking users’ site visits even in ‘incognito’ mode. The newly added Journal app on iOS has raised questions and discussions on its security and privacy features as it encourages users to put their life updates on the app. ** Links mentioned on the show * iPhone Spyware Exploits Obscure Chip Feature, Targets Researchers https://www.hackread.com/iphone-spyware-exploits-obscure-chip-feature/ https://usa.kaspersky.com/blog/triangulation-attack-on-ios/28444/ Google settles $5 billion privacy lawsuit over tracking people using ‘incognito mode’ https://www.npr.org/2023/12/30/1222268415/google-settles-5-billion-privacy-lawsuit Apple launches Journal, a new app to reflect on everyday moments and life’s special events https://www.apple.com/newsroom/2023/12/apple-launches-journal-app-a-new-app-for-reflecting-on-everyday-moments/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App appeared first on Shared Security Podcast.

In this episode, host Tom Eston shares the three key lessons he’s learned over his 18-year career in cybersecurity: effective communication, continuous learning, and empathy. He talks about the importance of understanding and reaching both technical and non-technical audiences, the necessity of continuous learning despite your role, and the power of empathy in contributing to success. ** Links mentioned on the show * Cyber Empathy Podcast by Andra Zaharia https://cyberempathy.org/ Follow Tib3rius and Jason Haddix https://twitter.com/0xTib3rius https://twitter.com/Jhaddix ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Three Keys to Success in Cybersecurity appeared first on Shared Security Podcast.

In our last episode of the year, we replay our predictions for 2023 reviewing what we got right and what we didn’t. We cover various topics, such as Twitter’s influence, the future of Mastodon, the ban of TikTok in certain states, and the rising issue of ransomware. In addition, we give credit to Scott for accurately predicting multiple cybersecurity events during the year! We also share our expectations for 2024 — predicting increased AI adoption, many more cybersecurity layoffs, more consolidation in InfoSec, and implementation of flawed legislation targeting symptoms instead of causes. ** Links mentioned on the show * The Year in Review and 2023 Predictions https://sharedsecurity.net/2022/12/26/the-year-in-review-and-2023-predictions/ Federal judge blocks Montana’s TikTok ban before it takes effect https://www.npr.org/2023/11/30/1205735647/montana-tiktok-ban-blocked-state ** Watch this episode on YouTube ** https://youtu.be/JQeES1cz12w ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Year in Review and 2024 Predictions appeared first on Shared Security Podcast.

In episode 308, we discuss the often overlooked topic of password management for the elderly. Addressing the commonly held belief that writing down passwords is a bad idea, we discuss the nuances and context of this practice. Elderly individuals who may struggle with technology can benefit from recording passwords, but we discuss the importance of putting suitable controls around this. We also touch on usability issues associated with technology changes and the consequences of not planning for what happens to a person’s digital presence after they pass away. Do you have your own tips or stories of your experiences with passwords and the elderly? We would love to hear your comments on our YouTube video, on X, or on the episode post on sharedsecurity.net! ** Links mentioned on the show * Cybersecurity for Seniors https://www.digicert.com/blog/cybersecurity-for-seniors-in-7-steps Apple iOS – Request access to a deceased friend or family member’s account https://digital-legacy.apple.com/ ** Watch this episode on YouTube ** https://youtu.be/8bW9gTCgz68 ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Password Security for the Elderly: Tips and Best Practices appeared first on Shared Security Podcast.

In episode 307, Tom and Scott debunk misinformation circulating about the iOS 17 NameDrop feature by law enforcement and others on social media. Next, they discuss the potential risks of QR code scams, detailing a real-life incident where a woman lost a significant amount of money due to a QR code scam. Finally, the episode concludes with a discussion on a ransomware attack on a large US healthcare provider, examining potential repercussions and stressing the need for increased security for critical infrastructure. Co-host Scott Wright also presents an overview of the Click Armor platform, an innovative gamified security awareness training platform. ** Links mentioned on the show * The Truth About The iPhone iOS 17 NameDrop Feature https://www.forbes.com/sites/daveywinder/2023/11/27/law-enforcement-issues-ios-17-security-warning-over-namedrop-feature/?sh=69b860ca4182 https://support.apple.com/guide/iphone/namedrop-iphone-share-contact-info-iph1b6c664b7/ios?ftag=MSFd61514f Thornaby: Woman targeted in £13k railway station QR code scam https://www.bbc.com/news/uk-england-tees-67335952 Ransomware attack prompts multistate hospital chain to divert some emergency room patients elsewhere https://www.msn.com/en-us/health/other/ransomware-attack-prompts-multistate-hospital-chain-to-divert-some-emergency-room-patients-elsewhere/ar-AA1kFQVx ** Watch this episode on YouTube ** https://youtu.be/ggs0KMn–zE ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post iOS 17 NameDrop Debunking, Real World QR Code Attacks, Impact of Ransomware on Hospitals appeared first on Shared Security Podcast.

In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since her career at Microsoft, before discussing her new role at Semgrep that recently acquired WeHackPurple. Tanya sheds light on her decision to partner with Semgrep, a company that aligns with her vision of providing free resources in the Application Security community. Despite facing a failed acquisition process the previous year, WeHackPurple received multiple acquisition offers, leading to a bidding war. In addition, Tanya shares her optimism about the maturity of AppSec programs, presents her concerns about consolidation in the industry, and highlights the importance of role-based, tailored training. She also reveals her ongoing work on the sequel to her book titled ‘Alice and Bob Learn Secure Coding’ and hints at the launch of the Semgrep Academy. For our Patreon supporters, don’t miss our bonus episode where Tanya shares her biggest career accomplishment and failure, offering invaluable lessons for all! ** Links mentioned on the show * Tanya’s previous guest appearances on the podcast https://sharedsecurity.net/2018/11/30/special-guest-tanya-janca-devops-and-appsec-women-in-cybersecurity-82/ https://sharedsecurity.net/2021/01/28/tanya-janca-ceo-and-founder-we-hack-purple/ https://sharedsecurity.net/2022/05/30/the-state-of-application-security-with-tanya-janca/ Connect with Tanya https://shehackspurple.ca/ https://www.linkedin.com/in/tanya-janca/ https://twitter.com/shehackspurple ** Watch this episode on YouTube ** https://youtu.be/wUrcs1-p8XQ ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Application Security Trends & Challenges with Tanya Janca appeared first on Shared Security Podcast.

In this episode, Tom shows off AI generated images of a “Lonely and Sad Security Awareness Manager in a Dog Pound” and the humorous outcomes. The conversation shifts to Apple’s upcoming support for Rich Communication Services (RCS) and the potential security implications. Lastly, Tom and Kevin reflect on reports of AI-powered voice cloning scams targeting elderly Americans, and argue that the true issue lies with social engineering rather than the involvement of AI. ** Links mentioned on the show * Apple to Adopt RCS Messaging Standard for Better Interoperability With Android Devices (yet, the green “bubble” is not going away) https://www.macrumors.com/2023/11/16/apple-to-adopt-rcs-messaging-standard/ Elderly Americans Lose $1.1 Billion to AI-Powered Scams in 2022 https://www.msn.com/en-us/money/markets/elderly-americans-lose-11-billion-to-ai-powered-scams-in-2022/ar-AA1kbqDb https://www.msn.com/en-us/money/other/that-may-not-be-your-daughter-crying-on-the-phone-here-s-what-to-know-about-ai-powered-scams/ar-AA1kia4s ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly appeared first on Shared Security Podcast.

In this week’s episode of the Shared Security Podcast, hosts Tom Eston, Scott Wright and Kevin Johnson tackle a number of topics related to AI, privacy and security. They begin with an amusing discussion about their respective roles on the podcast, before shifting to big tech’s use of user data and whether subscribers should pay to not have their data used. The focus then turns to a recent move by Meta to charge European users who wish to use Instagram and Facebook without ads. Next, they touch on new research from NordVPN about the burdensome length and complexity of privacy policies on popular websites, and offer alternatives for consumers to navigate them. Lastly, the hosts discuss a new executive order by the Biden administration directed towards AI companies, calling for a watermark system to alert consumers when they interact with an AI-enabled product. They express concerns about businesses benefiting from the new AI rules while potentially stifling competition and highlight the need for stronger, enforceable laws to truly protect users’ data and privacy. ** Links mentioned on the show * Should we pay big tech NOT to use our data? (aka: Pay-or-Ads or Pay for Privacy) https://www.wired.com/story/how-to-get-ad-free-facebook-instagram-meta-privacy/ https://www.bitdefender.com/blog/hotforsecurity/meta-wants-you-to-pay-to-stop-seeing-ads-on-facebook-and-instagram-what-the-pay-or-ok-model-means-for-your-digital-privacy/ https://www.reddit.com/r/privacy/comments/17ttkrn/eli5_on_why_pay_or_surveillance_ads_should_not_be/ NordVPN study shows: Nine hours to read the privacy policies of the 20 most visited websites in the US https://nordvpn.com/blog/privacy-policy-study-us/ Biden executive order imposes new rules for AI. Here’s what they are. https://abcnews.go.com/Business/biden-executive-order-imposes-new-rules-ai/story?id=104472977 ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Paying Big Tech for Privacy, New Privacy Policy Study, Biden’s Executive Order on AI appeared first on Shared Security Podcast.

In this episode, we discuss the SEC’s charges against SolarWinds’ CISO for misleading investors about a major cyberattack. Plus don’t miss our discussion about the shady world of “Classiscam Scam-as-a-Service,” a very popular cyber criminal service that creates fake user accounts, posts fraudulent reviews, and boosts the reputation of dishonest sellers while defrauding e-commerce platforms. ** Links mentioned on the show * Tom’s LinkedIn thread about “Quishing” https://www.linkedin.com/posts/tomeston_lets-talk-about-quishing-do-you-think-activity-7127625977085509632-CjHc?utm_source=share SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack https://therecord.media/solarwinds-ciso-sec-charged What is Classiscam Scam-as-a-Service? https://www.tripwire.com/state-of-security/what-classiscam-scam-service ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post SEC vs. SolarWinds CISO, Classiscam Scam-as-a-Service appeared first on Shared Security Podcast.

In this episode, we explore the recent Okta breach where hackers obtained sensitive customer data via unauthorized access to the Okta support system. Next, we discuss the emerging threat of “quishing,” a combination of voice calls and phishing that preys on unsuspecting victims. Finally, we discuss Google Play Protect’s new feature, “Real-time App Analysis,” which enhances Android device security by helping prevent malware from being installed. ** Links mentioned on the show * Okta says hackers breached its support system and viewed customer files https://arstechnica.com/security/2023/10/okta-says-hackers-breached-its-support-system-and-viewed-customer-files/ https://x.com/mattjay/status/1716870499458822418?s=46&t=S0l2WLszljUYE1vbjB4M9A https://sec.okta.com/harfiles Quishing is the new phishing: What you need to know https://www.zdnet.com/article/quishing-is-the-new-phishing-what-you-need-to-know/ Google Play Protect Introduces Real-Time Code-Level Scanning for Android Malware https://thehackernews.com/2023/10/google-play-protect-introduces-real.html https://developers.google.com/android/play-protect/client-protections ** Watch this episode on YouTube ** https://youtu.be/NBP8XA5lwCY ** Become a Shared Security Supporter ** For only $5 per month get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, get access to our private Discord server, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Watch and Subscribe on Odysee (YouTube alternative) https://odysee.com/@SharedSecurity:c Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Follow us on X: https://twitter.com/sharedsec Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning appeared first on Shared Security Podcast.