Shared Security Podcast

This is the 26th episode of the Social Media Security Podcast recorded September 8, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: Google + Security and Privacy New Facebook Privacy Controls, what’s changed? New Tool: FBPwn– A cross-platform Java based Facebook profile dumper Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 26 – Google +, New Facebook Privacy Controls, FBPwn Tool appeared first on Shared Security Podcast.

This is the 25th episode of the Social Media Security Podcast recorded July 1, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast:   LinkedIn SSL Leaves Accounts Vulnerable to Hijacking Facebook adds two-factor authentication, other new security features Facebook facial recognition. How it looks, fact and myth, and how we would fix the problems. Firesheep for Android Phones (FaceNiff) LinkedIn, Foursquare and Netflix on Android Store Your Passwords in Unencryped Text Files Social Media Background Checks Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 25 – Facebook Security Updates, FaceNiff, Social Media Background Checks appeared first on Shared Security Podcast.

This is the 24th episode of the Social Media Security Podcast recorded April 6, 2011.  This episode was hosted by Tom Eston and Scott Wright with special guest James Ruffer. Below are the show notes, links to articles and news mentioned in the podcast: Why Should the CSO Care About an Employee’s Personal Social Media Account? Virally spreading scam spreads over Twitter (ProfileSpy) Spammers Using Facebook Events to Trick Users ‘Cree.py’ Social Engineering Tool Pinpoints A Person’s Physical Location US Military plan would create many fake Social Media Identities for use in fighting terrorism What the app privacy investigation means to you Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 24 – Personal Social Media Accounts, Cree.py, ProfileSpy, App Privacy appeared first on Shared Security Podcast.

This is the 23rd episode of the Social Media Security Podcast recorded February 25th, 2011.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: New changes to Facebook and security implications Facebook now supports full SSL browsing (optional), social authentication improvements Facebook rolls out new messaging system Facebook now allows iframes within tab applications.  Possible security issue with applications! API bug responsible for Zuckerberg page hack Facebook ‘tag spam’ targets indiscriminate friend collectors Dispelling the Myths of Facebook Privacy and Security Government Calls for Privacy Protections for Device Location Scott’s little initiative to identify and discuss “internal” or “private” social networking tools for enterprises Question from a listener: What’s the business model around people search engines like Spokeo.com?  How about digital insurance? Check out Scott’s new Canadian security podcast: Security, Eh? Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 23 – Recent Changes to Facebook, Enterprise Social Media Tools, Spokeo appeared first on Shared Security Podcast.

This is the 22nd episode of the Social Media Security Podcast recorded January 21, 2011.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: Skype credit email as an apology – a new trend we can expect in 2011 from good guys and bad guys.  Screen shot mentioned in the podcast. Scott’s note: I searched for posts about this email before clicking on it, and it was actually legitimate. However, this would be a very compelling phishing attack for any organization that recently suffered a PR setback. Any time you get an unexpected email, even if it looks like the circumstances make sense, you need to check on its authenticity. And any organization issuing such an Email should also post an announcement of the campaign on their home page, and issue a press release to make it easy for people to verify the legitimacy of the email. Bruce Schneier’s taxonomy of social network personal data Facebook now tells you about people you know who have found friends using their Friend Finder Scott’s note: I always tell people never to enter their email address and password on sites that aren’t their email service. You don’t know what they will do with your password, or if it might be captured. It also exposes your friends to potentially unwanted email messages – e.g. spam. Facebook Lets Developers Ask a User for Their Address, Phone Number in the Graph API Twitter Worm Pushing Rogue Antivirus Scam Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 22 – Skype Email, Taxonomy of Socnet Data, Facebook Graph API appeared first on Shared Security Podcast.

This is the 20th episode of the Social Media Security Podcast recorded December 17th 2010.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: Trolls who deface Facebook RIP pages of teens who have died Canadian Mounties LIKE Cookie Monster Audition for SNL Facebook becomes divorce lawyers’ new best friend Vulnerabilities in Facebook Apps (nothing new but still a problem) Gawker breach and implications.  Ryan Naraine had a good set of tips at Threatpost.com. Facebook Profile Changes: What You Should Know Zuckerburg man of the year? Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 21 – Facebook Trolls, Cookie Monster, Gawker Breach appeared first on Shared Security Podcast.

This is the 20th episode of the Social Media Security Podcast recorded November 5th 2010.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: FireSheep – “Firefox plugin to pull active cookies from popular websites while using open wifi”. Facebook Responds to FireSheep Idiocy tool sends tweets on your behalf as a “Warning”. Get the tool here. How to defend against FireSheep? Manually use HTTPS for social media sites or use a VPN while connected to open wifi..don’t forget about mobile apps! Try the HTTPS Everywhere Plugin from the EFF or Force-TLS Plugin. Learn more about securing your Wifi at home. FireShepherd Aims to Protect Users. BlackSheep is another one… White House Forms Privacy and Internet Policy Subcommittee Ottawa man busted through Facebook after stealing rare Wayne Gretzky jersey What NOT To Post On Facebook: 13 Things You Shouldn’t Tell Your Facebook Friends Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 20 – FireSheep, Privacy in the US, What NOT To Post On Facebook appeared first on Shared Security Podcast.

This is the 19th episode of the Social Media Security Podcast recorded October 8, 2010.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: Social Media Security Awareness Month – at SecureState! Two new white paper’s released: Security Gaps in Social Media Websites for Children Open Door to Attackers Aiming To Prey On Children by Scott White. Profiling User Passwords on Social Networks by Tom Eston SocialScan service and social media consulting available. Panda Security Publishes Findings from First Annual Social Media Risk Index for SMBs Survey: Fear of data loss, security risks via social media sites on the upswing Facebook Competitor Diaspora Hit With Security Criticisms New changes to Facebook.  What you need to know: New groups (tag people just like places).  Ability to download all of your data to a zip file. Dashboard for more granular control of applications. New one time password feature and session controls Facebook Groups: Privacy Blunder or Twitter Replacement? Don’t Get Duped by LinkedIn Spam Scam Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 19 – New Changes to Facebook, Social Media Risk Survey, LinkedIn Scams appeared first on Shared Security Podcast.

This is the 18th episode of the Social Media Security Podcast recorded September 3, 2010.  This episode was hosted by Tom Eston and Scott Wright and is our 1 year anniversary episode!  Thanks to everyone that has supported the podcast over the last year…we really appreciate it!  Below are the show notes, links to articles and news mentioned in the podcast: Scary new way to use Facebook with RFID.  Is the physical world starting to merge with social media? MySpace updates its privacy settings Hacking your location with Facebook Places Privacy Settings for Facebook Places How to get hacked on Facebook (Koobface chat messages) Facebook spam infinitely more effective than email spam Facebook’s remote log-out security feature: Should you care? Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 18 – RFID and Facebook, Hacking Facebook Places, MySpace Privacy appeared first on Shared Security Podcast.

This is the 17th episode of the Social Media Security Podcast recorded August 13th, 2010.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: Researchers Show How Twitter, Twitpic Make Stalking Simple.  Check out ICanStalkU.com! Robin Sage revealed at BlackHat USA. Why QR Codes Are Poised to Hit the Mainstream.  Check out our QR Code.  This one is safe! Download 171 million Facebook names via Torrent.  Here is an update from Ron. Acunetix releases video and technical article about an exploitable XSS on facebook.com Facebook name extraction Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 17 – ICanStalkU, QR Codes, Facebook directory via Torrent, LinkedIn CAPTCHA’s appeared first on Shared Security Podcast.