Shared Security Podcast

In episode 140 for September 28th 2020: Details on the first human death related to a ransomware attack, popular fitness app Strava is caught giving away your location data to strangers, and the top privacy improvements in Apple iOS 14. ** Links mentioned on the show ** A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems https://www.bbc.com/news/technology-54204356 Strava app shows your info to nearby users unless this setting is disabled https://www.bleepingcomputer.com/news/security/strava-app-shows-your-info-to-nearby-users-unless-this-setting-is-disabled/ Five iOS 14 and iPadOS 14 security and privacy features you need to know about https://www.zdnet.com/article/five-ios-14-and-ipados-14-security-and-privacy-features-you-need-to-know-about/ ** Watch this episode on YouTube ** https://youtu.be/tKqM0vu85Pw ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Death by Ransomware, Strava Flyby, iOS 14 Privacy Improvements appeared first on Shared Security Podcast.

In episode 139 for September 21st 2020: This week we take a break from the news to bring you our interview with Alex Kubiak, Senior Product Manager at StartPage.com. StartPage is a privacy focused search engine which uses Google’s search results but removes all trackers and logs. This makes StartPage very different than other privacy focused search engines like DuckDuckGo. In this interview we talk about these differences, how Startpage.com makes money, privacy features and benefits of using StartPage, and the one thing you should do to better protect your online privacy. ** Links mentioned on the show ** Use StartPage as your default search engine https://www.startpage.com/ StartPage’s Privacy Please Blog https://www.startpage.com/privacy-please/ Follow StartPage Search on Social Media https://twitter.com/startpage https://www.facebook.com/startpagesearch https://www.instagram.com/startpagesearch ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post StartPage.com – The World’s Most Private Search Engine appeared first on Shared Security Podcast.

In episode 138 for September 14th 2020: School districts under cyber-attack, Google Chrome’s new ad blocking feature, and Microsoft’s latest alert about foreign interference in the 2020 US election. ** Links mentioned on the show ** City of Hartford postpones first day of school after ransomware attack https://www.zdnet.com/article/city-of-hartford-postpones-first-day-of-school-after-ransomware-attack/ Hackers shutdown first day of Toledo Public Schools’ online classes https://www.13abc.com/2020/09/08/hackers-shutdown-first-day-of-toledo-public-schools-online-classes/ Miami-Dade Schools: Students log on successfully after days of cyber slowdowns https://www.local10.com/news/local/2020/09/03/superintendent-miami-schools-platform-also-targeted-by-foreign-interference/ Google Chrome starts blocking ads that slow down the browser https://www.bleepingcomputer.com/news/google/google-chrome-starts-blocking-ads-that-slow-down-the-browser/ New cyberattacks targeting U.S. elections https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Schools Under Cyberattack, Chrome Ad Blocking Update, US Election Interference appeared first on Shared Security Podcast.

In episode 137 for September 7th 2020: A federal appeals court finds the NSA’s bulk collection of phone data was unlawful, new research shows that browsing histories are unique enough to reliably identify users, and my personal story about a car accident and the privacy of your public records. ** Links mentioned on the show ** Appeals court finds NSA’s bulk phone data collection was unlawful https://www.cnet.com/news/appeals-court-finds-nsas-bulk-phone-data-collection-was-unlawful/ Mozilla research: Browsing histories are unique enough to reliably identify users https://www.zdnet.com/article/mozilla-research-browsing-histories-are-unique-enough-to-reliably-identify-users/ Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories https://www.usenix.org/system/files/soups2020-bird.pdf Aggressive solicitation comes after auto accidents in Detroit https://www.freep.com/story/news/local/michigan/detroit/2017/05/07/detroit-car-insurance-lawyers-accidents-solicitation/100301782/ The 2019 Florida Statutes http://www.leg.state.fl.us/Statutes/index.cfm?App_mode=Display_Statute&URL=0300-0399/0316/Sections/0316.066.html ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post NSA Data Collection Ruling, Browsing History Identification, Ambulance Chasing appeared first on Shared Security Podcast.

In our August monthly episode we start our three part series on targeted attacks. In this episode we focus on OSINT (Open Source Intelligence) and reconnaissance techniques used by attackers in phishing and BEC (Business Email Compromise) attacks. Kyle Lovett, Principal Penetration Tester at Veracode, joins us to demonstrate some of the tools and techniques used by attackers and professional penetration testers when conducting these targeted attacks. ** Links mentioned on the show ** Kyle Lovett on Darknet Diaries Episode 5 (#ASUSGATE) https://darknetdiaries.com/episode/5/ Cisco Employee Earns Security Bug Bounty – 1 Million United Miles! https://blogs.cisco.com/wearecisco/cisco-employee-earns-security-bug-bounty-1-million-united-miles A Search Engine for Threats https://www.threatcrowd.org/ Hacker Target – DNS Tools https://hackertarget.com/ip-tools/ DNS Recon & Research, Find & Lookup DNS Records https://dnsdumpster.com/ WMAP Mass Web Screenshot Tool for Mapping Web Networks (Chrome Extension) https://chrome.google.com/webstore/detail/wmap/pflahkdjlekaeehbenhpkpipgkbbdbbo Find email addresses with Hunter https://hunter.io/ Shodan – Internet-connected device search engine https://www.shodan.io/ Connect with Kyle on Twitter https://twitter.com/SquirrelBuddha ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Targeted Attacks Part 1 – OSINT and Reconnaissance appeared first on Shared Security Podcast.

In episode 136 for August 31st 2020: Uber’s former security chief is charged over covering up a 2016 data breach, Facebook pushes for data portability legislation, and how a malicious iOS SDK breached the privacy of millions of mobile users. ** Links mentioned on the show ** Former Uber Security Chief Charged Over Covering Up 2016 Data Breach https://thehackernews.com/2020/08/uber-data-breach-cover-ups.html Facebook pushes for data portability legislation ahead of FTC hearing https://www.reuters.com/article/us-facebook-antitrust/facebook-pushes-for-data-portability-legislation-ahead-of-ftc-hearing-idUSKBN25H0BG Malicious iOS SDK breaches user privacy for millions https://www.helpnetsecurity.com/2020/08/24/malicious-ios-sdk/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Uber CISO Charged, Facebook Data Portability, Malicious iOS SDK appeared first on Shared Security Podcast.

In episode 135 for August 24th 2020: Details on how researchers can use audio recordings of keys being used in locks to create copies, Carnival cruise lines becomes the victim of a ransomware attack, and a data broker exposes nearly 235 million profiles scraped from social media sites. ** Links mentioned on the show ** Picking Locks with Audio Technology https://cacm.acm.org/news/246744-picking-locks-with-audio-technology/fulltext World’s largest cruise line operator discloses ransomware attack https://www.zdnet.com/article/worlds-largest-cruise-line-operator-discloses-ransomware-attack/ https://www.sec.gov/ix?doc=/Archives/edgar/data/815097/000095014220002039/eh2001078_8k.htm Social media data broker exposes nearly 235 million profiles scraped from Instagram, TikTok, and Youtube https://www.comparitech.com/blog/information-security/social-data-leak/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Audio Recordings Used to Copy Keys, Carnival Ransomware Attack, Social Media Profile Data Exposed appeared first on Shared Security Podcast.

In episode 134 for August 17th 2020: Details on new critical vulnerabilities found in Amazon Echo devices, what the end of the Privacy Shield framework means EU citizens personal data, and new data breach fines issued to Capital One and Twitter by the OCC and FTC. ** Links mentioned on the show ** Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon’s Alexa https://research.checkpoint.com/2020/amazons-alexa-hacked/ Privacy Shield Is Dead, And Data Marketplaces Are Just Getting Going https://www.forbes.com/sites/forbestechcouncil/2020/08/10/privacy-shield-is-dead-and-data-marketplaces-are-just-getting-going/ https://iapp.org/news/a/is-privacy-shield-really-gone/ Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users https://thehackernews.com/2020/08/capital-one-data-breach.html https://www.occ.treas.gov/news-issuances/news-releases/2020/nr-occ-2020-101.html Twitter expecting FTC fine of up to $250M for alleged privacy violations https://www.digitaltrends.com/news/twitter-expects-hefty-ftc-fine-for-alleged-privacy-violations/ ** Watch this episode on YouTube ** https://youtu.be/srHOFDnXB-g ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Amazon Echo Exploit, Privacy Shield, Capital One Data Breach Update appeared first on Shared Security Podcast.

In episode 133 for August 10th 2020: What we can learn from the big Twitter hack, why everyone is trying to ban TikTok, and pharmacy chain Rite Aid’s use of facial recognition cameras. ** Links mentioned on the show ** How the FBI tracked down the Twitter hackers https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html https://www.zdnet.com/article/how-the-fbi-tracked-down-the-twitter-hackers/ Call for TikTok security check before HQ decision https://www.bbc.com/news/technology-53640909 Rite Aid deployed facial recognition systems in hundreds of U.S. stores https://www.reuters.com/investigates/special-report/usa-riteaid-software/ ** Watch this episode on YouTube ** https://youtu.be/bb28WGS1Jlk ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Twitter Hack Lessons Learned, TikTok Ban, Rite Aid Facial Recognition Cameras appeared first on Shared Security Podcast.

In episode 132 for August 3rd 2020: How the big tech companies like Google, Apple, Facebook, and Twitter collect your private data and how you can delete it with Kira Rakova from Undatify. ** Links mentioned on the show ** Find out more about Undatify https://undatify.me/ https://www.instagram.com/undatifyme/ The Step-by-Step Guide to Erasing Your Entire Google History https://pixelprivacy.com/resources/erasing-google-history How to Download And Delete Your Data From Facebook https://www.online-tech-tips.com/computer-tips/how-to-download-and-delete-your-data-from-facebook/ How to Delete Your Private Data from Apple’s Servers https://www.macobserver.com/tips/quick-tip/delete-private-data-apple-servers/ How to delete your Twitter history https://www.theverge.com/2018/2/8/16991396/how-to-delete-twitter-history-tweetdelete ** Watch this episode on YouTube ** Check out the live demo of deleting private data in Google: https://youtu.be/9k3JHr0gG5s ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post How Big Tech Collects Your Private Data and How to Delete It appeared first on Shared Security Podcast.