Shared Security Podcast

In episode 115 for April 6th 2020: The latest on yet another Marriott data breach, what you need to know about Zoom-Bombing and other Zoom privacy concerns, and new warnings about US economic stimulus payment scams. ** Show notes and links mentioned on the show ** Marriott discloses another security breach that may impact over 5 million guests https://www.theverge.com/2020/4/1/21203313/marriott-database-security-breach-5-million-guest Marriott International: Incident Notification https://mysupport.marriott.com/ Zoom to iPhone users: We’re no longer sending your data to Facebook https://www.zdnet.com/article/zoom-to-iphone-users-were-no-longer-sending-your-data-to-facebook/ Zoom to iPhone users: We’re no longer sending your data to Facebook https://www.yahoo.com/news/trolls-started-invading-public-zoom-211626623.html Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links https://www.bleepingcomputer.com/news/security/zoom-client-leaks-windows-login-credentials-to-attackers/ Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing https://theintercept.com/2020/03/31/zoom-meeting-encryption/ Zoom: We’re freezing all new features to sort out security and privacy https://www.zdnet.com/article/zoom-were-freezing-all-new-features-to-sort-out-security-and-privacy/ IRS Warns of Surge in Economic Stimulus Payment Scams https://www.bleepingcomputer.com/news/security/irs-warns-of-surge-in-economic-stimulus-payment-scams/ Official IRS Coronavirus Relief Webpage https://www.irs.gov/coronavirus ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Another Marriott Data Breach, Zoom-Bombing, Economic Stimulus Scams appeared first on Shared Security Podcast.

In episode 114 for March 30th 2020: Co-host Tom Eston is joined with frequent guest Kevin Johnson to discuss how to stay more secure when working from home. If you find yourself working from home because of COVID-19 this is one episode you don’t want to miss! ** Show notes and links mentioned on the show ** Social isolation is a risk factor for scam loss https://www.helpnetsecurity.com/2020/03/24/risk-scams/ The State of Cybersecurity Training and Certifications with Kevin Johnson https://sharedsecurity.net/2019/04/25/the-state-of-cybersecurity-training-and-certifications-with-kevin-johnson/ How I Became a Security Consultant: AbsoluteAppsec Interview https://blog.secureideas.com/2020/03/how-i-became-a-security-consultant-absoluteappsec-interview.html Secure Ideas Affordable Cybersecurity Training Offerings https://secureideas.com/training ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Staying Secure When Working From Home appeared first on Shared Security Podcast.

In episode 98 of our monthly show co-host Scott Wright shows us a demo of Click Armor which is a gamified cybersecurity awareness platform, Tom presents the results of our listener survey, and we have a discussion about the privacy concerns with geofence warrants. ** Show notes and links mentioned on the show ** Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished Google tracked his bike ride past a burglarized home. That made him a suspect. https://www.nbcnews.com/news/us-news/google-tracked-his-bike-ride-past-burglarized-home-made-him-n1151761 ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Click Armor Demo, Podcast Survey Results, Google Geofence Warrants appeared first on Shared Security Podcast.

In episode 113 for March 23rd 2020: Israel passes an emergency law to use mobile data to track people infected with COVID-19, the latest coronavirus cyber-attacks to be aware of, and how governments world-wide could be putting backdoors into secure messaging apps. ** Show notes and links mentioned on the show ** Israel passes emergency law to use mobile data for COVID-19 contact tracing https://www.bbc.com/news/technology-51930681 To Track Virus, Governments Weigh Surveillance Tools That Push Privacy Limits https://www.wsj.com/articles/to-track-virus-governments-weigh-surveillance-tools-that-push-privacy-limits-11584479841 WhatsApp And Signal Replaced By New Mystery Messaging App for EU Diplomats https://www.forbes.com/sites/zakdoffman/2020/02/27/whatsapp-and-signal-replaced-by-new-mystery-messaging-app-this-eu-change-matters-heres-why/#4cea89017ba9 The EARN IT Bill Is the Government’s Plan to Scan Every Message Online https://www.eff.org/deeplinks/2020/03/earn-it-bill-governments-not-so-secret-plan-scan-every-message-online Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait https://thehackernews.com/2020/03/covid-19-coronavirus-hacker-malware.html CovidLock: Android Ransomware Walkthrough and Unlocking Routine https://www.zscaler.com/blogs/research/covidlock-android-ransomware-walkthrough-and-unlocking-routine ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post COVID-19 Mass Surveillance, New Coronavirus Cyber-Attacks, Encryption Backdoors appeared first on Shared Security Podcast.

In episode 112 for March 16th 2020: The cybersecurity impact of COVID-19, who’s hacking the hackers, and details on a data leak of the secret sharing app Whisper. ** Show notes and links mentioned on the show ** Resilient in Times of Disruption https://www.rsa.com/en-us/blog/2020-03/resilient-in-times-of-disruption COVID-19 coronavirus outbreak and a security conference tries to play it down https://www.zdnet.com/article/covid-19-outbreak-and-a-security-conference-tries-to-play-it-down/ Cybercriminals leveraging coronavirus outbreak to execute ransomware attacks https://www.helpnetsecurity.com/2020/03/11/coronavirus-ransomware-attacks Employees Are Working From Home — Do You Know Where Your Remote Work Policy Is? https://securityintelligence.com/employees-are-working-from-home-do-you-know-where-your-remote-work-policy-is/ Hackers are targeting other hackers by infecting their tools with malware https://techcrunch.com/2020/03/09/hacking-the-hackers https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves Whisper, an anonymous secret-sharing app, failed to keep messages or profiles private https://www.zdnet.com/article/whisper-an-anonymous-secret-sharing-app-failed-to-keep-messages-profiles-private/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post COVID-19 Cybersecurity Impact, Hacking the Hackers, Whisper App Data Leak appeared first on Shared Security Podcast.

In episode 111 for March 9th 2020: A new report shows that attacks on Internet of Things devices are on the rise, the FCC fines major mobile carriers for selling users’ location data, and details on what happens when 3 million HTTPS certificates need to be revoked because of coding error. ** Show notes and links mentioned on the show ** Take our podcast listener survey and be entered to win a $25 Amazon gift card! https://sharedsecurity.net/survey Attacks are targeting default passwords on IoT devices https://www.zdnet.com/article/these-are-the-top-passwords-hackers-will-try-when-attacking-your-device/ https://blog.f-secure.com/attack-landscape-h2-2019-an-unprecedented-year-cyber-attacks/ Basic rules for securing IoT devices at home https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-stuff/ The FCC fines wireless companies for selling users’ location data https://www.wired.com/story/fcc-fines-wireless-companies-selling-users-location-data/ T-Mobile data breach notification https://www.t-mobile.com/responsibility/consumer-info/cpni-notice Let’s Encrypt discovers CAA bug, must revoke customer certificates https://www.theregister.co.uk/2020/03/03/lets_encrypt_cert_revocation/ https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 https://arstechnica.com/information-technology/2020/03/lets-encrypt-holds-off-on-revocation-of-certificates/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post IoT Device Attacks, FCC Fines Mobile Carriers, Let’s Encrypt Certificate Bug appeared first on Shared Security Podcast.

In episode 110: Tyler Hudak, Incident Response Practice Lead at TrustedSec, joins us to talk about what you should do (and more importantly what you shouldn’t do) if you find out you’ve been hacked! ** Show notes and links mentioned on the show ** Take our podcast listener survey and be entered to win a $25 Amazon gift card! https://sharedsecurity.net/survey Connect with Tyler https://twitter.com/secshoggoth https://www.linkedin.com/in/tylerhudak https://secshoggoth.blogspot.com/ Find out more about TrustedSec https://www.trustedsec.com/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post You’ve Been Hacked! Now What? appeared first on Shared Security Podcast.

In episode 109 for February 24th 2020: Kevin Johnson joins us to discuss how Ring made two-factor authentication mandatory following recent hacking incidents, California police have been caught illegally sharing license plate reader data, and details on IBM and other companies pulling out of the RSA conference due to coronavirus fears. ** Show notes and links mentioned on the show ** Take our podcast listener survey and be entered to win a $25 Amazon gift card! https://sharedsecurity.net/survey Ring Makes 2-Factor Authentication Mandatory Following Recent Hacks https://thehackernews.com/2020/02/ring-cameras-cybersecurity.html https://www.eff.org/deeplinks/2020/02/ring-updates-device-security-and-privacy-ignores-larger-concerns California Police Have Been Illegally Sharing License Plate Reader Data https://www.vice.com/en_us/article/y3mb8b/california-police-have-been-illegally-sharing-license-plate-reader-data IBM pulls out of the RSA conference due to coronavirus fears https://www.rsaconference.com/novel-coronavirus-update ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post Ring Mandates Two-Factor Authentication, License Plate Reader Data Sharing, RSA Conference Coronavirus Fears appeared first on Shared Security Podcast.

In episode 97 of our monthly show we discuss how Chinese hackers caused the Equifax data breach, new coronavirus phishing attacks to be aware of, and how to stay (almost) anonymous online. ** Show notes and links mentioned on the show ** U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack https://krebsonsecurity.com/2020/02/u-s-charges-4-chinese-military-officers-in-2017-equifax-hack/ Phishers impersonate WHO, exploit coronavirus-related anxiety https://www.helpnetsecurity.com/2020/02/07/coronavirus-fake-emails/ 8 steps to being (almost) completely anonymous online https://www.csoonline.com/article/2975193/9-steps-completely-anonymous-online.html ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post Chinese Hackers, Coronavirus Phishing Attacks, How to Stay (Almost) Anonymous Online appeared first on Shared Security Podcast.

In episode 108 for February 17th 2020: The US charges four Chinese military hackers in the Equifax data breach, how Israel’s entire voter registry was exposed, and details on the encryption provider that was secretly owned by the CIA for the last fifty years. ** Show notes and links mentioned on the show ** U.S. charges four Chinese military hackers in 2017 Equifax breach https://www.reuters.com/article/us-usa-justice-cyber-idUSKBN2041RT https://krebsonsecurity.com/2020/02/u-s-charges-4-chinese-military-officers-in-2017-equifax-hack/ Netanyahu’s party left Israel’s entire voter registry exposed https://www.engadget.com/2020/02/09/likud-left-israel-voter-database-exposed/ https://www.nytimes.com/2020/02/10/world/middleeast/israeli-voters-leak.html CIA Secretly Owned Global Encryption Provider, Built Backdoors, Spied On 100+ Foreign Governments https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/ The post Equifax Hacked by China, Israeli Voter Registry Exposed, How the CIA Owned Encryption appeared first on Shared Security Podcast.