Shared Security Podcast

Canada’s federal government admitted to surveilling its population’s movements during the COVID-19 lock-down by tracking 33 million phones, the FBI warned that a hacker group has been sending malware-laden USB sticks to companies, and details on a new law in the United States which will install kill switches in new cars. ** Links mentioned on the show ** Canada secretly tracked 33 million phones during COVID-19 lockdown (misleading title) https://nypost.com/2021/12/25/canada-secretly-tracked-33-million-phones-during-lockdown/ https://www.reddit.com/r/privacy/comments/s7mb6l/canada_secretly_tracked_33_million_phones_during/ Hackers Have Been Sending Malware-Filled USB Sticks to U.S. Companies Disguised as Present https://gizmodo.com/hackers-have-been-sending-malware-filled-usb-sticks-to-1848323578 New Law Will Install Kill Switches In All New Cars https://www.motorious.com/articles/features-3/kill-switches-new-cars/ Join the Shared Security Community on Reddit https://www.reddit.com/r/SharedSecurityShow/ ** Watch this episode on YouTube ** https://youtu.be/0ONxRgWQvw4 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Shared Security Merch: https://store.sharedsecurity.net The post Pandemic Surveillance in Canada, Malware-Filled USB Sticks are Back, Kill Switches in New Cars appeared first on Shared Security Podcast.

Kelly Finnerty, Director of Brand at Startpage, joins co-host Tom Eston to discuss the very important topic of digital wellbeing. In this episode you’ll learn about the mental, financial, and societal impacts of constant tracking. Plus, what are some holistic approaches and tactics that we can use to help our own digital wellbeing. Kelly also shares details about Startpage’s new web browser extension “Startpage Privacy Protection”. ** Links mentioned on the show ** Startpage Privacy Protection Browser Extension https://add.startpage.com/protection/ ThinkPrivacy https://thinkprivacy.ch/ Privacy Mindset: Europe vs. United States (with Kelly Finnerty) https://sharedsecurity.net/2020/11/09/privacy-mindset-europe-vs-united-states/ StartPage.com – The World’s Most Private Search Engine https://sharedsecurity.net/2020/09/21/startpage-com-the-worlds-most-private-search-engine/ Use StartPage as your default search engine https://www.startpage.com/ StartPage’s Privacy Please Blog https://www.startpage.com/privacy-please/ Follow StartPage Search on Social Media https://twitter.com/startpage Follow Kelly on Twitter https://twitter.com/Kelly_Startpage Connect with Kelly on LinkedIn https://www.linkedin.com/in/kelly-finnerty-5267648/ ** Watch this episode on YouTube ** https://youtu.be/jXgatSeWWIk ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Shared Security Merch: https://store.sharedsecurity.net The post Digital Wellbeing with Kelly Finnerty from Startpage appeared first on Shared Security Podcast.

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers’ computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate your Facebook account. All this plus the launch of the Shared Security Community on Reddit! (https://www.reddit.com/r/SharedSecurityShow/) ** Links mentioned on the show ** Join the Shared Security Community on Reddit! https://www.reddit.com/r/SharedSecurityShow/ Norton 360 Now Comes With a Cryptominer https://krebsonsecurity.com/2022/01/norton-360-now-comes-with-a-cryptominer/ https://krebsonsecurity.com/2022/01/500m-avira-antivirus-users-introduced-to-cryptomining/ https://www.theverge.com/2022/1/7/22869528/norton-crypto-miner-security-software-reaction Texas parking meters with bogus QR codes for payments https://gcn.com/cybersecurity/2022/01/cities-texas-hit-qr-code-phishing-scam/360554/ Why Facebook keeps collecting people’s data and building their profiles even when their accounts are deactivated https://digiday.com/media/why-facebook-keeps-collecting-peoples-data-and-building-their-profiles-even-when-their-accounts-are-deactivated/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Join the Shared Security Community: https://www.reddit.com/r/SharedSecurityShow/ Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Shared Security Merch: https://store.sharedsecurity.net The post Norton 360 Cryptominer, Fake QR Codes on Parking Meters, Facebook Account Deactivation appeared first on Shared Security Podcast.

A phone scam targeting psychologists reveals that even professionals can become victims, stolen multi-million-dollar NFT’s results in a “all my apes gone” plea for help, and details on a skimmer supply chain attack on more than 100 real estate websites. ** Links mentioned on the show ** The Phone Scam That Targets Psychologists https://www.psychologytoday.com/ca/blog/the-fraud-crisis/202110/the-phone-scam-targets-psychologists Thieves Steal Gallery Owner’s Multimillion-Dollar NFT Collection: ‘All My Apes Gone’ https://www.artnews.com/art-news/news/todd-kramer-nft-theft-1234614874/ What is a Crypto Wallet? https://www.ledger.com/academy/what-is-a-crypto-wallet 3 Ways to Keep Your Cryptocurrency Safe https://sharedsecurity.net/2021/05/01/3-ways-to-keep-your-cryptocurrency-safe/ Hackers Target Real Estate Websites with Skimmer in Latest Supply Chain Attack https://thehackernews.com/2022/01/hackers-target-real-estate-websites.html ** Watch this episode on YouTube ** https://youtu.be/pTnAuEtUgIU ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Shared Security Merch: https://store.sharedsecurity.net The post Phone Scam Targets Psychologists, All My Apes Gone, Supply Chain Skimmer Attack appeared first on Shared Security Podcast.

LastPass users received emails about their master passwords being compromised, details about the privacy policies of new cars, and a story about an Amazon Echo that proposed a lethal challenge to a ten-year-old girl. ** Links mentioned on the show ** Log4j 2.17.1 out now, fixes new remote code execution bug https://www.bleepingcomputer.com/news/security/log4j-2171-out-now-fixes-new-remote-code-execution-bug/ If any person or organization is suggesting you get spun up about CVE-2021-44832, you should really take a good look at what their motivations may be. pic.twitter.com/RgkvCu3sv2 — Will Dormann (@wdormann) December 28, 2021 From Reddit: We all knew that newer cars are terrible for privacy, but to what extent? Being the owner of a 2018 Honda, I decided to look further into their privacy practices We all knew that newer cars are terrible for privacy, but to what extent? Being the owner of a 2018 Honda, I decided to look further into their privacy practices from privacy LastPass users warned their master passwords are compromised https://www.bleepingcomputer.com/news/security/lastpass-users-warned-their-master-passwords-are-compromised/ Amazon Alexa slammed for giving lethal challenge to 10-year-old girl https://www.bleepingcomputer.com/news/technology/amazon-alexa-slammed-for-giving-lethal-challenge-to-10-year-old-girl/ ** Watch this episode on YouTube ** https://youtu.be/C23QQF3VMnw ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post LastPass Master Passwords, New Cars and Your Privacy, Amazon Alexa Lethal Challenge appeared first on Shared Security Podcast.

In our last monthly show of the year we discuss Web3. What is it and what will it mean to have a decentralized Internet. If you’ve wanted to know what Web3, DeFI, NFTs, and cryptocurrency means for cybersecurity and privacy this is one episode you don’t want to miss! ** Links mentioned on the show ** What is Web3? https://www.freecodecamp.org/news/what-is-web3/ ** Watch this episode on YouTube ** https://youtu.be/FInulAah450 ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Web3 and the Decentralized Internet appeared first on Shared Security Podcast.

In our last weekly episode of the year, we discuss the top cybersecurity and privacy news from 2021, a recap of our previous “predictions”, and what we think we’ll see next year. Happy New Year! ** Links mentioned on the show ** Sign up for the Shared Security Show Newsletter http://eepurl.com/dwcc8D ** Watch this episode on YouTube ** https://youtu.be/nl7JYqGV-5o ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post The Year in Review and 2022 Predictions appeared first on Shared Security Podcast.

This week we discuss the Apache Log4j vulnerability and the impact it will have on organizations now and into the future, details on how Apple AirTags are being used by thieves to steal cars, and a FBI training document describes what data can be obtained by encrypted messaging apps. ** Links mentioned on the show ** Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack https://thehackernews.com/2021/12/apache-log4j-vulnerability-log4shell.html https://www.linkedin.com/pulse/understanding-recent-java-security-bug-thats-causing-stir-wilson/ https://bishopfox.com/blog/log4j-zero-day-cve-2021-44228 https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html Apple AirTags Are Being Used by Car Thieves to Track High-End Vehicles https://www.newsweek.com/apple-airtags-are-being-used-car-thieves-track-high-end-vehicles-1656848 FBI document shows what data can be obtained from encrypted messaging apps https://therecord.media/fbi-document-shows-what-data-can-be-obtained-from-encrypted-messaging-apps/ Shared Security Show Interview: End-to-End Encryption with Max Krohn from Keybase.io https://sharedsecurity.net/2019/09/16/end-to-end-encryption-with-max-krohn-from-keybase-io/ ** Watch this episode on YouTube ** https://youtu.be/J9xOUkDf9-A ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Log4j Vulnerability, Apple AirTags Used by Thieves, FBI’s Encrypted Messaging App Document appeared first on Shared Security Podcast.

Life360, a popular family safety app used by 33 million people worldwide, is selling location data to a dozen data brokers, phones of 11 U.S. State Department employees were hacked with spyware from the infamous NSO Group, and details on a bizarre story about a mother and daughter that face 16 years in prison for hacking into a school computer system to rig a homecoming queen election. ** Links mentioned on the show ** Life360 selling location data https://themarkup.org/privacy/2021/12/06/the-popular-family-safety-app-life360-is-selling-precise-location-data-on-its-tens-of-millions-of-user AP Source: NSO Group spyware used to hack State employees https://apnews.com/article/technology-business-middle-east-israel-hacking-290f990cc1b6aa8fd870ecd540e12664 Florida teen and her mother accused of hacking homecoming queen election refuse plea deal, claiming they have been framed https://www.databreaches.net/florida-teen-and-her-mother-accused-of-hacking-homecoming-queen-election-refuse-plea-deal-claiming-they-have-been-framed/ https://www.thedailybeast.com/florida-teen-emily-grover-was-accused-of-hacking-a-homecoming-queen-contest-and-faces-16-years-in-prison ** Watch this episode on YouTube ** https://youtu.be/xq_cb-7EXXU ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked appeared first on Shared Security Podcast.

This month we discuss Business Email Compromise (BEC) scams. What are they, how to identify them, and why BEC scams have created over $1.8 billion worth of losses to businesses last year alone. ** Links mentioned on the show ** What is Business Email Compromise? https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/business-email-compromise 64 times worse than ransomware? FBI statistics underline the horrific cost of business email compromise https://www.tripwire.com/state-of-security/featured/fbi-statistics-underline-orrific-cost-of-business-email-compromise/ ** Watch this episode on YouTube ** https://youtu.be/Sc4tFdfYEqg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Business Email Compromise Scams appeared first on Shared Security Podcast.