Shared Security Podcast
Tom Eston, Scott Wright, Kevin Johnson
Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Johnson break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.
Episodes
Mentioned books
Nov 21, 2022 • 22min
The Rise of Mastodon, Twitter in Trouble, Largest Privacy Settlement in US History
Former Twitter users are migrating en masse to Mastodon so what is Mastodon and what do you need to know about Mastodon from a security and privacy perspective? Twitter was flooded by a wave of imposter accounts after the $8 “verification” label fiasco, and details about the largest multi-state privacy settlement in the US where […]
The post The Rise of Mastodon, Twitter in Trouble, Largest Privacy Settlement in US History appeared first on Shared Security Podcast.
Nov 14, 2022 • 29min
How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR)
Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how he got started, his advice to anyone that wants to pursue a career in DFIR, and […]
The post How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR) appeared first on Shared Security Podcast.
Nov 7, 2022 • 31min
Cybersecurity’s Role in Combating Midterm Election Disinformation
Katie Teitler, Senior Cybersecurity Strategist at Axonius and co-host on the popular Enterprise Security Weekly podcast, joins us to discuss the role of cybersecurity in combating midterm election disinformation. We discuss the difference is between misinformation and disinformation, how we can combat disinformation and what are some things about disinformation, private platforms, and free speech […]
The post Cybersecurity’s Role in Combating Midterm Election Disinformation appeared first on Shared Security Podcast.
Oct 31, 2022 • 41min
CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications
Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. Plus, details on the recent (ISC)2 bylaw vote (why you should vote no) and a discussion about the value of cybersecurity certifications. ** Links […]
The post CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications appeared first on Shared Security Podcast.
Oct 24, 2022 • 19min
Attack of the Wi-Fi Spy Drones, How to Destroy Your Old Electronics, Signal Removes SMS Support
Two modified wi-fi enabled drones were found on the top of a financial firm’s building and used to intercept a employee’s credentials, a fun discussion about the best way to physically destroy data on electronics that no longer work, and details about Signal removing SMS support for Android users. ** Links mentioned on the show […]
The post Attack of the Wi-Fi Spy Drones, How to Destroy Your Old Electronics, Signal Removes SMS Support appeared first on Shared Security Podcast.
Oct 17, 2022 • 21min
Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn
Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […]
The post Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn appeared first on Shared Security Podcast.
Oct 10, 2022 • 24min
Hackers Need 5 Hours or Less to Break In, SMS Phishing Tactics, Strange Ways Employees Expose Data
A recent survey of ethical hackers by Bishop Fox and SANS shows that once a vulnerability or weakness is found about 58% of ethical hackers can break into an environment in less than five hours, SMS phishing and text message scams appear to be changing tactics taking a more “urgent” tone, and a discussion about […]
The post Hackers Need 5 Hours or Less to Break In, SMS Phishing Tactics, Strange Ways Employees Expose Data appeared first on Shared Security Podcast.
Oct 3, 2022 • 21min
What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked
Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in Microsoft PowerPoint to deploy malware, and details on how the 2K Games help desk support platform was compromised to push malware through fake […]
The post What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked appeared first on Shared Security Podcast.
Sep 26, 2022 • 20min
Uber Hacked by 18 Year Old, Morgan Stanley Hard Drives Got Auctioned, Deleting Your Data is Hard
Uber got hacked by an 18 year old using social engineering and a multi-factor authentication fatigue attack, Morgan Stanley has been auctioning off hard drives holding sensitive client data since 2015, and why is it so hard for social networks to remove personal data when deleting your user account. ** Links mentioned on the show […]
The post Uber Hacked by 18 Year Old, Morgan Stanley Hard Drives Got Auctioned, Deleting Your Data is Hard appeared first on Shared Security Podcast.
Sep 19, 2022 • 20min
Facebook Doesn’t Know Where Your Data Is, New Hire Spearmishing Attack, Smart Thermostat Lock Out
In recent court testimony two Facebook engineers were asked what information, precisely, does Facebook store about us, and where is it? Surprisingly they said, they don’t know. Details on how brand new employees of companies are being “spearmished” (hat tip to @ErinInfosec and @RachelTobac via Twitter), and how thousands of Colorado residents found themselves locked […]
The post Facebook Doesn’t Know Where Your Data Is, New Hire Spearmishing Attack, Smart Thermostat Lock Out appeared first on Shared Security Podcast.
