Shared Security Podcast

Was there another LinkedIn “data leak” or is this just the same data anyone with a LinkedIn account can access? Western Digital Network-Attached Storage (NAS) devices under attack, and details on the STIR/SHAKEN deadline which is supposed to help stop robocalls. ** Links mentioned on the show ** New LinkedIn Data Leak Leaves 700 Million Users Exposed https://restoreprivacy.com/linkedin-data-leak-700-million-users/ Attacks Erase Western Digital Network-Attached Storage Drives https://www.darkreading.com/attacks-breaches/attacks-erase-western-digital-network-attached-storage-drives/d/d-id/1341419 https://www.darkreading.com/attacks-breaches/mybook-investigation-reveals-attackers-exploited-legacy-zero-day-vulnerabilities/d/d-id/1341440 Robocallers Beware: The STIR/SHAKEN Deadline Has Officially Arrived https://www.tmcnet.com/voip/news/articles/449342-robocallers-bewarethe-stirshaken-deadline-has-officially-arrived.htm https://www.fcc.gov/call-authentication Check out Scott’s new security awareness campaign for Utilities! https://clickarmor.ca/2021/07/how-can-small-utilities-strengthen-their-critical-gap-in-cyber-security-awareness/ ** Watch this episode on YouTube ** https://youtu.be/jt0K7R7d97Y ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank account information by generating virtual card numbers. So if your virtual card number gets compromised, your real card number wont! New Privacy customers will get $5 to spend on your first purchase! Visit privacy.com/sharedsecurity to sign up and take back control of your online payments. Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post LinkedIn Data Leak, Western Digital NAS Attacks, STIR/SHAKEN Deadline appeared first on Shared Security Podcast.

Chris Kirsch co-founder and chief revenue officer at Rumble joins us in our June monthly show to talk about how Rumble is solving the problem of asset discovery. You also get to see a demo of Rumble in action and learn about the many talents that Chris has like pickpocketing! ** Links mentioned on the show ** Learn more about Rumble and try it out on your home network https://www.rumble.run/ Chris Kirsch – Pickpocketing Competition: Wait, where is my access badge? https://www.youtube.com/watch?v=OvET4r4uARQ Wait, Where’s My Access Badge: A Pickpocketing Training for Red Teamers https://medium.com/@chris.kirsch/wait-wheres-my-access-badge-a-pickpocketing-training-for-red-teamers-6eb4fdf9b64a Chris Kirsch on Medium https://medium.com/@chris.kirsch Connect with Chris https://www.linkedin.com/in/ckirsch/ https://twitter.com/chris_kirsch ** Watch this episode on YouTube ** https://youtu.be/H4vLYQfwSN4 ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Asset Discovery with Chris Kirsch Co-Founder at Rumble appeared first on Shared Security Podcast.

What does it really mean when Biden tells Putin critical US infrastructure is “off limits”, details on a recent survey which shows ransomware payments create repeat attacks, and how cyber safe is your drinking water? ** Links mentioned on the show ** Biden Tells Putin Critical Infrastructure Sectors ‘Off Limits’ to Russian Hacking https://beta.darkreading.com/threat-intelligence/biden-tells-putin-critical-infrastructure-sectors-off-limits-to-russian-hacking Ransomware Payments Trigger Repeat Cyberattacks, Cybereason Research Finds https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/ransomware-payment-repeat-attacks/ How Cyber Safe is Your Drinking Water Supply? https://krebsonsecurity.com/2021/06/how-cyber-safe-is-your-drinking-water-supply/ John McAfee Found Dead https://www.reuters.com/legal/government/john-mcafee-found-dead-prison-after-spanish-court-allows-extradition-2021-06-23/ ** Watch this episode on YouTube ** https://youtu.be/LfvCmtdfv44 ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Off Limits Critical Infrastructure, Ransomware on Repeat, Cyber Safe Drinking Water appeared first on Shared Security Podcast.

TikTok can now collect biometric data from user content, researchers find a vulnerability in Peloton bikes, and why some people think that Nextdoor might be the next big social network. ** Links mentioned on the show ** TikTok Can Now Collect Biometric Data https://www.schneier.com/blog/archives/2021/06/tiktok-can-now-collect-biometric-data.html McAfee discovers vulnerability in Peloton Bike+ https://www.zdnet.com/article/mcafee-discovers-vulnerability-in-peloton-bike Nextdoor: The next big social network? https://www.linkedin.com/news/story/the-next-big-social-network-5474402/ ** Watch this episode on YouTube ** https://youtu.be/I14_dJ5xeqQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post TikTok Collecting Biometric Data, Peloton Bike+ Vulnerability, Nextdoor App Concerns appeared first on Shared Security Podcast.

Details about the “ANOM” global crime sting where the FBI created a fake encrypted mobile phone for criminals that promised secure communications, new details about how the Colonial Pipeline ransomware attack started, and some really bad security research about stolen user credentials. ** Links mentioned on the show ** Only the following devices have Amazon Sidewalk enabled (for now): Ring Floodlight Cam (2019) Ring Spotlight Cam Wired (2019) Ring Spotlight Cam Mount (2019) Echo (3rd gen and newer) Echo Dot (3rd gen and newer) Echo Dot for Kids (3rd gen and newer) Echo Dot with Clock (3rd gen and newer) Echo Plus (all generations) Echo Show (all models and generations) Echo Spot Echo Studio Echo Input Echo Flex To opt-out of Amazon Sidewalk if you have one of the above devices: For the Echo family of speakers, open the Alexa mobile app and go to More, Settings, Account Settings, Amazon Sidewalk and choose Disable. In the Ring app, go to the Control Center, Amazon Sidewalk, Disable, Confirm. ANOM: Hundreds arrested in massive global crime sting using messaging app https://www.bbc.com/news/world-57394831 https://techxplore.com/news/2021-06-anom-global.html One password allowed hackers to disrupt Colonial Pipeline, CEO tells senators https://www.msn.com/en-ca/money/topstories/one-password-allowed-hackers-to-disrupt-colonial-pipeline-ceo-tells-senators/ar-AAKPAOl The FBI likely exploited sloppy password storage to seize Colonial Pipeline bitcoin ransom https://www.cnbc.com/2021/06/08/fbi-likely-exploited-sloppy-password-storage-to-seize-colonial-ransom.html This is how fast a password leaked on the web will be tested out by hackers https://www.zdnet.com/article/this-is-how-fast-a-password-leaked-on-the-web-will-be-tested-out-by-hackers/ ** Watch this episode on YouTube ** https://youtu.be/h2EMghjjjgM ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post ANOM FBI Global Crime Sting, Colonial Pipeline Updates, Password Leak Research appeared first on Shared Security Podcast.

Is Amazon Sidewalk the latest threat to our privacy? Also, what’s the big deal about NFTs, and why mining cryptocurrency through your anti-virus software is a horrible idea. ** Links mentioned on the show ** What Does Amazon Sidewalk Mean for Your Privacy? https://www.makeuseof.com/what-does-amazon-sidewalk-mean-for-your-privacy/ https://thehackernews.com/2021/05/your-amazon-devices-to-automatically.html Note! Only the following devices have Amazon Sidewalk enabled (for now): Ring Floodlight Cam (2019) Ring Spotlight Cam Wired (2019) Ring Spotlight Cam Mount (2019) Echo (3rd gen and newer) Echo Dot (3rd gen and newer) Echo Dot for Kids (3rd gen and newer) Echo Dot with Clock (3rd gen and newer) Echo Plus (all generations) Echo Show (all models and generations) Echo Spot Echo Studio Echo Input Echo Flex To opt-out: For the Echo family of speakers, open the Alexa mobile app and go to More, Settings, Account Settings, Amazon Sidewalk and choose Disable. In the Ring app, go to the Control Center, Amazon Sidewalk, Disable, Confirm. Token Resistance: Tackling the New NFT Threat Landscape https://securityintelligence.com/articles/new-threat-landscape-nfts/ A new surprise feature for Norton 360 antivirus users: You can mine for cryptocurrency https://www.zdnet.com/article/a-new-surprise-feature-for-norton-360-antivirus-users-you-can-mine-for-cryptocurrency/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Amazon Sidewalk, NFTs and Cybersecurity, Norton 360 Cryptocurrency Mining appeared first on Shared Security Podcast.

Details about Biden’s cybersecurity executive order, privacy and stalking concerns with Apple’s new AirTag technology, and why some cyber insurance companies may not pay out for ransomware in the future. ** Links mentioned on the show ** New Cybersecurity Executive Order: What You Need to Know https://www.veracode.com/blog/security-news/new-cybersecurity-executive-order-what-you-need-know How Apple’s AirTag turns us into unwitting spies in a vast surveillance network https://www.theguardian.com/technology/2021/may/17/how-apples-airtag-turns-us-into-unwitting-spies-in-a-vast-surveillance-network Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise https://www.darkreading.com/risk/cyber-insurance-firms-start-tapping-out-as-ransomware-continues-to-rise/d/d-id/1341109 ** Watch this episode on YouTube ** https://youtu.be/nptmo3mTbFk ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Biden’s Cybersecurity Executive Order, Apple’s AirTag, Cyber Insurance appeared first on Shared Security Podcast.

Gamification is changing cybersecurity and the way we learn! Scott Wright, Co-host and CEO of Click Armor, joins us this month to discuss why gamification is a “game” changer in our industry. ** Links mentioned on the show ** What is Gamified Learning? https://clickarmor.ca/guide-to-gamified-learning/ ** Watch this episode on YouTube ** https://youtu.be/C37MnOUWsv0 ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post How Gamification is Changing Cybersecurity appeared first on Shared Security Podcast.

More news and updates about the Colonial Pipeline ransomware attack, the DarkSide ransomware as a service (RaaS) goes dark on the dark web, and why we still need cybersecurity best practices (regardless of an opinion piece that says otherwise). ** Links mentioned on the show ** Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals https://thehackernews.com/2021/05/colonial-pipeline-paid-nearly-5-million.html U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized https://thehackernews.com/2021/05/us-pipeline-ransomware-attackers-go.html Our cybersecurity ‘industry best practices’ keep allowing breaches (opinion piece) https://thehill.com/opinion/technology/553891-our-cybersecurity-industry-best-practices-keep-allowing-breaches?rl=1 ** Watch this episode on YouTube ** https://youtu.be/hHCrwxDdvMU ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Colonial Pipeline Updates, DarkSide Goes Dark, Cybersecurity Best Practices appeared first on Shared Security Podcast.

This week Tom and Kevin discuss the Colonial Pipeline ransomware attack, RaaS (Ransomware as a Service), and why ransomware attacks are not going away anytime soon. ** Links mentioned on the show ** Colonial Pipeline Hackers, DarkSide, Apologize, Say Goal ‘Is to Make Money’ https://www.msn.com/en-us/news/world/colonial-pipeline-hackers-darkside-apologize-say-goal-is-to-make-money/ar-BB1gBzhB Colonial Pipeline attack: Everything you need to know https://www.zdnet.com/article/everything-you-need-to-know-about-the-colonial-pipeline-ransomware-attack/ Ransomware Infection on Colonial Pipeline Shows Potential for Worse Gas Disruption https://zetter.substack.com/p/ransomware-infection-on-colonial What is Ransomware as a Service (RaaS)? https://www.crowdstrike.com/cybersecurity-101/ransomware/ransomware-as-a-service-raas/ Kevin’s “Pay what you can” CISSP Mentorship Program https://training.secureideas.com/course/cisspmentor/ ** Watch this episode on YouTube ** https://youtu.be/OA1TeMV4QNQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post The Colonial Pipeline Ransomware Attack appeared first on Shared Security Podcast.