Shared Security Podcast

In episode 148 for November 23rd 2020: This week Kevin Johnson joins me to discuss the Twitter firing of Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency, and our thoughts about a common sense approach to social media and Section 230 of the Communications Decency Act. ** Links mentioned on the show ** Trump fires top cybersecurity official Christopher Krebs https://www.cbsnews.com/news/trump-fires-cybersecurity-chief-christopher-krebs/ Don’t Blame Section 230 for Big Tech’s Failures. Blame Big Tech. https://www.eff.org/deeplinks/2020/11/dont-blame-section-230-big-techs-failures-blame-big-tech Computer Security Experts Urge White House to Keep Politics Out of Election Security https://www.eff.org/press/releases/computer-security-experts-urge-white-house-keep-politics-out-election-security ** Watch this episode on YouTube ** https://youtu.be/YfMQQHYBfQI ** Thank you to our sponsors! ** Silent Pocket Looking to give the gift of privacy this holiday season? Our sponsor Silent Pocket has a huge sale going on right now until November 30th where you can get a free Silent Pocket hat, free domestic shipping, and 15% off everything on silentpocket.com. Not only that, right now some of their most popular faraday products are 40% off! To take advantage of this exclusive holiday offer visit silentpocket.com and use discount code “sharedsecurity” at checkout. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post CISA Director Chris Krebs Fired, Common Sense and Section 230 appeared first on Shared Security Podcast.

In episode 147 for November 16th 2020: The latest about source code stolen from US government agencies and private companies, three actively exploited iOS zero-days in the wild and new App Store privacy labels, and what a Biden administration could mean for privacy and cybersecurity. ** Links mentioned on the show ** Our 3 part series on Targeted Attacks – Watch on YouTube! https://www.youtube.com/playlist?list=PLOh_LIYqw5qV22VV9pT-SNpItiKDxOJaO Our interviews with StartPage.com All about StartPage, the Worlds Most Private Search Engine, with Alex Kubiak https://sharedsecurity.net/2020/09/21/startpage-com-the-worlds-most-private-search-engine/ Privacy Mindset between Europe and United Stated with Kelly Finnerty https://sharedsecurity.net/2020/11/09/privacy-mindset-europe-vs-united-states/ FBI: Hackers stole source code from US government agencies and private companies https://www.ic3.gov/Media/News/2020/201103-3.pdf Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html Apple will require apps to add privacy ‘nutrition labels’ starting December 8th https://www.theverge.com/2020/11/5/21551926/apple-privacy-developers-nutrition-labels-app-store-ios-14 What could a Biden administration mean for privacy, cybersecurity? https://iapp.org/news/a/what-could-a-biden-administration-mean-for-privacy-cybersecurity/ https://www.axios.com/tech-industry-policy-biden-era-reset-41c27988-fab2-4e3b-baf2-62d1282de96a.html ** Watch this episode on YouTube ** https://youtu.be/8v1QTAZ6gqM ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Stolen Source Code, Apple Zero-Days, Biden’s Privacy and Cybersecurity Policies appeared first on Shared Security Podcast.

In episode 146 for November 9th 2020: My conversation with Kelly Finnerty, Director of Brand and Content for Startpage.com on the differences in privacy mindset between Europe and the United States. ** Links mentioned on the show ** Future of Privacy Forum https://fpf.org/ Startpage.com https://www.startpage.com StartPage Privacy Please Blog https://www.startpage.com/privacy-please/ Follow Kelly on Twitter https://twitter.com/Kelly_Startpage Connect with Kelly on LinkedIn https://www.linkedin.com/in/kelly-finnerty-5267648/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Privacy Mindset: Europe vs. United States appeared first on Shared Security Podcast.

In episode 145 for November 2nd 2020: Kevin Johnson joins me to discuss the US government’s attempt to prevent disinformation and rumors about the election, a new ransomware threat targeting US hospitals, and details about six Russian hackers that were charged for some of the biggest cyber-attacks in the last decade. ** Links mentioned on the show ** #Protect2020 Rumor vs. Reality https://www.cisa.gov/rumorcontrol The Security Justice Podcast (2008-2011) https://archive.org/details/securityjustice FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals https://krebsonsecurity.com/2020/10/fbi-dhs-hhs-warn-of-imminent-credible-ransomware-threat-against-u-s-hospitals/ US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks https://www.zdnet.com/article/us-charges-russian-hackers-behind-notpetya-killdisk-olympicdestroyer-attacks/ ** Watch this episode on YouTube ** https://youtu.be/XTeb3aq3y_8 ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Government Rumor Control, US Hospital Ransomware Threat, Russian Hackers Charged appeared first on Shared Security Podcast.

In our October monthly episode we finish our three part series on targeted attacks. In this episode we discuss the exploit and malware analysis with special guest Tyler Hudak, Incident Response Practice Lead at TrustedSec. Make sure you watch the YouTube edition of this episode to see a demo of several tools and techniques used in professional malware analysis. ** Links mentioned on the show ** Episode 110 with Tyler “You’ve Been Hacked! Now What?” https://sharedsecurity.net/2020/03/02/youve-been-hacked-now-what/ Connect with Tyler https://twitter.com/secshoggoth https://www.linkedin.com/in/tylerhudak https://secshoggoth.blogspot.com/ Find out more about TrustedSec https://www.trustedsec.com/ ** Watch this episode on YouTube ** https://youtu.be/NzFCIbnYM7I ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Targeted Attacks Part 3 – The Exploit appeared first on Shared Security Podcast.

In episode 144 for October 26th 2020: Voter privacy and what you need to know about protecting your private information during the upcoming US election. ** Links mentioned on the show ** Closing in on the US election with voter privacy and election security https://iapp.org/news/a/closing-in-on-the-u-s-election-with-voter-privacy-and-election-security/ Access To and Use Of Voter Registration Lists https://www.ncsl.org/research/elections-and-campaigns/access-to-and-use-of-voter-registration-lists.aspx Understanding public funding of presidential elections https://www.fec.gov/help-candidates-and-committees/understanding-public-funding-presidential-elections/ Your phone and TV are tracking you, and political campaigns are listening in https://www.latimes.com/politics/la-na-pol-campaign-tech-privacy-20190220-story.html How this company tracked 16,000 Iowa caucus-goers via their phones https://splinternews.com/how-this-company-tracked-16-000-iowa-caucus-goers-via-t-1793854687 EFF’s Privacy Badger Web Browser Plugin https://privacybadger.org/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Voter Privacy and the US Election appeared first on Shared Security Podcast.

In episode 143 for October 19th 2020: Microsoft gets creative to help take down the TrickBot botnet, details on how attackers have been using VPN flaws to attack election support systems, and Zoom’s rollout of end-to-end encryption. ** Links mentioned on the show ** “The Social Dilemma” A Conversation about the Pros and Cons of Social Media https://sharedsecurity.net/2020/10/12/the-social-dilemma/ Microsoft and others orchestrate takedown of TrickBot botnet https://blogs.microsoft.com/on-the-issues/2020/10/12/trickbot-ransomware-cyberthreat-us-elections/ Hackers used VPN flaws to access US govt elections support systems https://us-cert.cisa.gov/ncas/alerts/aa20-283a Zoom to roll out end-to-end encrypted (E2EE) calls https://blog.zoom.us/zoom-rolling-out-end-to-end-encryption-offering/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post TrickBot Takedown, VPN Flaws, Zoom End-to-End Encryption appeared first on Shared Security Podcast.

In episode 142 for October 12th 2020: My conversation about the pros and cons of the Netflix documentary “The Social Dilemma” with frequent guest, Kevin Johnson. The Social Dilemma is a popular documentary (dramamentary?) on Netflix about how social media is causing unintended harm to people and society. Several engineers and leaders that worked at Facebook, Instagram, Twitter, Google, and others are interviewed and give their take on the dangers and current state of social media in modern civilization. It’s an interesting and also controversial film that is worth watching so you can form your own opinion. Even if you disagree about the approach this film takes, there are several good things I got out of it including turning of social app notifications on your phone to help limit your usage of social media. ** Links mentioned on the show ** ‘The Social Dilemma’ review: A call to digital arms demands change https://www.chicagotribune.com/entertainment/sc-mov-the-social-dilemma-review-0910-20200910-xkdjqpm6bvcrjmzacpa7xwgdvi-story.html ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post The Social Dilemma appeared first on Shared Security Podcast.

In episode 141 for October 5th 2020: Universal Health Services is the latest victim of a massive hospital ransomware attack, the FBI issues new warnings about false claims of hacked voter information, and the top Android 11 privacy and security features. ** Links mentioned on the show ** Large US hospital chain hobbled by Ryuk ransomware https://www.nbcnews.com/tech/security/cyberattack-hits-major-u-s-hospital-system-n1241254 https://www.reddit.com/r/hacking/comments/j17aj1/cyberattack_on_uhs_hospitals_nationwide_last_night/ https://www.uhsinc.com/statement-from-universal-health-services/ FBI warns of disinformation campaigns about hacked voter systems https://www.cisa.gov/sites/default/files/publications/PSA_voter_registration_data_508pobs.pdf Android 11 — 5 New Security and Privacy Features You Need to Know https://thehackernews.com/2020/09/android-11-security-privacy.html ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post More Hospital Ransomware Attacks, FBI’s Disinformation Warning, Android 11 Privacy Features appeared first on Shared Security Podcast.

In our September monthly episode we continue our three part series on targeted attacks. In this episode we discuss the pretext and how attackers develop and launch their attacks with special guests Nathan Sweaney, Senior Security Consultant at Secure Ideas and Kevin Johnson, CEO of Secure Ideas. ** Links mentioned on the show ** GoPhish – Open Source Phishing Framework https://getgophish.com/ Follow Nathan on Twitter https://twitter.com/sweaney Follow and connect with Secure Ideas https://secureideas.com/ ** Watch this episode on YouTube ** https://youtu.be/9zPZnA9gt34 ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Targeted Attacks Part 2 – Pretexting and Attack Development appeared first on Shared Security Podcast.