Shared Security Podcast

Award-winning security transformation manager and digital anthropologist Lianne Potter joins us to discuss the fascinating topic of digital anthropology and how we can rehumanize cybersecurity. In this episode Lianne discusses how she became a digital anthropologist, how this field applies to cybersecurity, and the one thing organizations need to do to bring the human back into their cybersecurity programs. ** Links mentioned on the show ** Why The Cyber Security Industry Needs to Hire More Anthropologists https://response-ability.tech/lianne-potter/ Follow Lianne on Social Media https://twitter.com/Tech_Soapbox https://www.linkedin.com/in/liannep/ ** Watch this episode on YouTube ** https://youtu.be/cDydoWCIIdI ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Contact us: https://sharedsecurity.net/contact The post Rehumanizing Cybersecurity with Lianne Potter appeared first on Shared Security Podcast.

More young people seem to be choosing dumbphones over smartphones, but is it because of privacy concerns or because its trendy? John Oliver, host of the ‘Last Week Tonight’ show, used data brokers to obtain lawmakers’ digital footprints and promised to not release the data as long as Congress passes privacy legislation. Plus details about the Cicada state sponsored Chinese hacking group which hid inside their victims’ networks for nine months. ** Links mentioned on the show ** Dumbphone Sales Are Soaring As People Revolt Against “Overwhelming” Smartphones https://www.activistpost.com/2022/03/dumbphone-sales-are-soaring-as-people-revolt-against-overwhelming-smartphones.html https://www.bbc.com/news/business-60763168?_hsenc=p2ANqtz–brM50u-TKJL3hsmOF1uEkSYZ-ZiWY2RuV7Gv_R46XTl5e4CMk7yQ7kf2bup635k-x1JHo https://www.reddit.com/r/privacy/comments/u106ob/why_have_we_decided_carrying_around/ John Oliver Blackmails Congress With Their Own Digital Data https://www.rollingstone.com/tv/tv-news/last-week-tonight-john-oliver-recap-season-9-episode-7-congress-data-1335598/ https://www.vice.com/amp/en/article/ne9b3z/how-to-get-off-data-broker-and-people-search-sites-pipl-spokeo https://en.wikipedia.org/wiki/Video_Privacy_Protection_Act Here’s a Long List of Data Broker Sites and How to Opt-Out of Them https://www.vice.com/amp/en/article/ne9b3z/how-to-get-off-data-broker-and-people-search-sites-pipl-spokeo Big Ass Data Broker Opt-Out List https://github.com/yaelwrites/Big-Ass-Data-Broker-Opt-Out-List Full Video – Data Brokers: Last Week Tonight with John Oliver (HBO) https://youtu.be/wqn3gR1WTcA?t=1300 These sneaky hackers hid inside their victims’ networks for nine months https://www.zdnet.com/article/these-sneaky-hackers-hid-inside-their-victims-networks-for-nine-months/ Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Contact us: https://sharedsecurity.net/contact The post Dumbphone Sales are Soaring, John Oliver Blackmails Congress, Cicada Chinese APT Group appeared first on Shared Security Podcast.

Scott and Tom explain why privacy isn’t dead, why everyone should care about their privacy, and how you should respond to someone that says “I don’t care about privacy, I have nothing to hide!”. Plus, details on a new attack using fake shopping apps and how a new malware toolkit called “Borat RAT” is no laughing matter. ** Links mentioned on the show ** The truths and myths of privacy (Scott’s blog post) https://clickarmor.ca/2022/04/the-truths-and-myths-of-privacy/ https://www.reddit.com/r/privacy/comments/tctcxy/how_to_explain_importance_of_privacy_to_common/ https://www.reddit.com/r/privacy/wiki/index/ Three types of online attack (Mikko Hypponen’s TED talk) https://www.ted.com/talks/mikko_hypponen_three_types_of_online_attack Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users https://thehackernews.com/2022/04/hackers-distributing-fake-shopping-apps.html Borat RAT malware: A ‘unique’ triple threat that is far from funny https://www.zdnet.com/google-amp/article/borat-rat-malware-a-unique-triple-threat-that-is-far-from-funny/ ** Watch this episode on YouTube ** https://youtu.be/MPk1yBiQq7c ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Twitter: https://twitter.com/sharedsec Website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Contact us: https://sharedsecurity.net/contact The post Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware appeared first on Shared Security Podcast.

This week we battle it out between the two mobile tech giants, Google Android vs Apple iOS, and discuss which one is better for your privacy and cybersecurity. Topics include: app stores and OS updates, ad tracking, and native text messaging. All this plus how Apple and Facebook fell for a massive email scam. ** Links mentioned on the show ** Apple and Facebook reportedly provided personal user data to hackers posing as law enforcement https://9to5mac.com/2022/03/30/apple-and-facebook-reportedly-provided-personal-user-data-to-hackers-posing-as-law-enforcement/ https://nypost.com/2022/03/30/apple-facebook-fell-for-scam-and-gave-user-data-away-report/ Android vs iOS: Which Platform is More Secure in 2021 https://appinventiv.com/blog/android-vs-ios-which-platform-is-more-secure-in-2021/ Open Source and Privacy Focused Android Operating Systems: GrapheneOS https://grapheneos.org/ CalyxOS https://calyxos.org/ LineageOS https://lineageos.org/ Signal – Secure End-to-End Encrypted Messenger App https://signal.org/#signal ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity? appeared first on Shared Security Podcast.

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents. ** Links mentioned on the show ** LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/ https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/ New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html https://mrd0x.com/browser-in-the-browser-phishing-attack/ Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems appeared first on Shared Security Podcast.

This week we discuss the top 3 location tracking apps in the Apple App Store and Google Play and which ones sell your data. Plus, details about recent fake Chick-fil-A and Olive Garden vouchers on Facebook. ** Links mentioned on the show ** #1 Phone Tracker by Number https://play.google.com/store/apps/details?id=mg.locations.track5 https://onelocator.com/ – Android https://www.locatorprivacy.com/ – iOS #2 Life360 https://play.google.com/store/apps/details?id=com.life360.android.safetymapd https://support.life360.com/hc/en-us/articles/360043228154 #3 Glympse – Android https://glympse.com/privacy/ https://play.google.com/store/apps/details?id=com.glympse.android.glympse #3 My Family: Find Friends Phone – iOS https://friendzy.tech/myfamilyprivacypolicy/ Scam Alert: Chick-fil-A and Olive Garden Facebook Vouchers https://www.snopes.com/fact-check/olive-garden-chickfila-voucher/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Keeper Security Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/sharedsecurity SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Top 3 Location Tracking Apps: Do They Sell Your Data? appeared first on Shared Security Podcast.

A new attack uses Alexa’s functionality to force Amazon Echo devices to make self-issued commands, payment app Zelle has become popular with fraudsters and banks don’t seem to care, and details about hackers who have stolen source code for Samsung Galaxy devices. ** Links mentioned on the show ** Preorder Your Professionally Evil Aloha Shirt for Charity! (proceeds go to St. Jude’s Children’s Hospital) https://www.secureideas.com/proevil-hawaiian-shirt Help Support Ukraine with ClearVPN https://macpaw.com/help-ukraine https://macpaw.com/news/macpaw-amidst-aggression Attackers can force Amazon Echos to hack themselves with self-issued commands https://arstechnica.com/information-technology/2022/03/attackers-can-force-amazon-echos-to-hack-themselves-with-self-issued-commands/ https://www.ava-attack.org/ Fraud Is Flourishing on Zelle. The Banks Say It’s Not Their Problem https://www.nytimes.com/2022/03/06/business/payments-fraud-zelle-banks.html https://sharedsecurity.net/2019/11/18/googles-health-record-storage-controversy-us-border-search-ruling-zelle-scams/ Samsung confirms hackers stole Galaxy source code https://www.theverge.com/2022/3/7/22965220/samsung-hack-lapsus-galaxy-source-code-confirmed-nvidia ** Watch this episode on YouTube ** https://youtu.be/MlYw7BBAhhM ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Amazon Echos Hack Themselves, Fraud Is Flourishing on Zelle, Samsung Galaxy Source Code Stolen appeared first on Shared Security Podcast.

This week we discuss some of the more interesting hacks of Russian assets, technology, and more. Scott discusses recent credential stuffing attacks on Microsoft 365 accounts, and a fascinating story about ice cream machine “hackers” that are suing McDonald’s for $900 million dollars in damages. ** Links mentioned on the show ** Round up of interesting Russian hacking incidents https://www.vice.com/en/article/akvya5/russian-electric-vehicle-chargers-hacked-tell-users-putin-is-a-dickhead https://www.mirror.co.uk/news/world-news/hackers-rename-putins-73million-superyacht-26355609 https://www.thesun.co.uk/tech/17818843/anonymous-russia-space-agency-roscosmos/ Attackers use Microsoft Teams as launchpad for malware https://www.helpnetsecurity.com/2022/02/17/microsoft-teams-malware/ Ice Cream Machine Hackers Sue McDonald’s for $900 Million https://www.wired.com/story/kytch-ice-cream-machine-hackers-sue-mcdonalds-900-million/ The REAL Reason McDonalds Ice Cream Machines Are Always Broken https://www.youtube.com/watch?v=SrDEtSlqJC41 Realtime map of all broken McDonalds Ice Cream Machines https://mcbroken.com/ ** Watch this episode on YouTube ** https://youtu.be/8xFZ9WZoz8k ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Russia Gets Hacked, Microsoft 365 Credential Stuffing, McDonald’s Ice Cream Machine Hackers appeared first on Shared Security Podcast.

How TikTok can circumvent privacy protections and performs device tracking that gives TikTok full access to user data, the US government warns about ransomware attacks after Biden’s new sanctions against Russia, and details about the latest beta for iOS 15.4 which includes new features designed to prevent Apple AirTags from being used to stalk people. ** Links mentioned on the show ** TikTok Can Circumvent Apple and Google Privacy Protections and Access Full User Data, 2 Studies Say (Exclusive) https://www.yahoo.com/entertainment/tiktok-circumvent-apple-google-privacy-140000271.html US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions https://www.msn.com/en-us/news/world/us-officials-tell-businesses-to-watch-for-potential-ransomware-attacks-after-biden-announces-russia-sanctions/ar-AAUbrCn New AirTags anti-stalking measures appear in iOS 15.4 beta https://www.theverge.com/2022/2/23/22947063/airtags-anti-stalking-ios-15-4-beta-4-privacy-notice ** Watch this episode on YouTube ** https://youtu.be/t3-lTYQwPoc ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post TikTok Circumvents Privacy Protections, Russian Sanction Attacks, Apple AirTag Anti-Stalking Measures appeared first on Shared Security Podcast.

MoviePass will use facial recognition and eye tracking to make sure you’re watching ads, new types of shipment-delivery scams are being used to spread malware, and details on the arrests of a SIM swapping gang and how you can protect yourself against a SIM swapping attack. ** Links mentioned on the show ** 4-week SLNT Cybersecurity and Privacy Challenge – Created by Co-Host Tom Eston https://slnt.com/pages/cybersecurity-and-privacy-guide MoviePass 2.0 Wants to Track Your Eyeballs to Make Sure You Watch Ads https://www.vice.com/en/article/akvnba/moviepass-20-wants-to-track-your-eyeballs-to-make-sure-you-watch-ads Facebook asking me to send them a full video of my entire face https://www.reddit.com/r/SharedSecurityShow/comments/sqhgd1/facebook_asking_me_to_send_them_a_full_video_of/ Shipment-Delivery Scams Become the Favored Way to Spread Malware https://threatpost.com/shipment-delivery-scams-a-fav-way-to-spread-malware/178050/ Ready for more brand impersonations, missed deliveries and document macros? https://clickarmor.ca/2022/02/ready-brand-impersonation-shipping-macros-phishing/ Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts https://thehackernews.com/2022/02/spanish-police-arrest-sim-swappers-who.html ** Watch this episode on YouTube ** https://youtu.be/guu_TXMr_Sc ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post MoviePass Tracking Your Eyeballs, Shipment Delivery Scams, SIM Swappers Arrested appeared first on Shared Security Podcast.