Shared Security Podcast

Is the TikTok app listening to you and playing videos based on your conversations? Apple takes the unique step of warning certain activists that their phones may be targeted by attackers, and details on how a UK government website was serving porn to its visitors. ** Links mentioned on the show ** Is TikTok listening to me? https://www.reddit.com/r/privacy/comments/r38jrn/tik_tok_listening_to_me/ https://tosdr.org/en/service/1448 https://www.tiktok.com/legal/privacy-policy-eea?lang=en Terms of Service Didn’t Read https://tosdr.org/en/frontpage Apple Warns Activists They Are Being Watched by Spyware https://www.vice.com/en/article/4awvk3/apple-activists-pegasus-spyware UK government transport website caught showing porn https://www.bleepingcomputer.com/news/security/uk-government-transport-website-caught-showing-porn/ ** Watch this episode on YouTube ** https://youtu.be/9Z63tFnkeMk ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Is TikTok Listening to You, Apple Warns Activists, UK Government Website Shows Porn appeared first on Shared Security Podcast.

Co-host Scott Wright joins Tom Eston for part three in our series on how to break into a cybersecurity career. Scott shares his career journey and gives us some insight into his career path going from consulting into starting his own company. If you’re a college student or thinking about getting into cybersecurity, this is one episode you don’t want to miss! ** Links mentioned on the show ** Connect with Scott Wright https://www.linkedin.com/in/scottwright/ https://twitter.com/streetsec So, you want to work in security? https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23 Entering the InfoSec Biz https://defensivesecurity.org/entering-information-security-industry/ How to Build a Cybersecurity Career https://danielmiessler.com/blog/build-successful-infosec-career/ Start in Infosec (Really great list of career/just starting out advice) https://malicious.link/start/ ** Watch this episode on YouTube ** https://youtu.be/n1ZlByXUNaI ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post How to Break Into a Cybersecurity Career – Part 3 with Scott Wright appeared first on Shared Security Podcast.

In milestone episode 200: The Federal Bureau of Investigation’s external email system was compromised sending spam emails with a fake warning of a cyber-attack, new research released about ransomware negotiation and some helpful negotiation tips, and details on Mozilla’s naughty list of privacy-crushing gifts. ** Links mentioned on the show ** FBI email system compromised by hackers who sent fake cyberattack alert https://www.msn.com/en-us/news/us/fbi-email-system-compromised-by-hackers-who-sent-fake-cyberattack-alert/ar-AAQGp3Z How to Negotiate With Ransomware Attackers https://www.darkreading.com/attacks-breaches/how-to-negotiate-with-ransomware-attackers Bad Santa: Amazon, Facebook top Mozilla’s naughty list of privacy-crushing gifts https://www.zdnet.com/article/bad-santa-amazon-facebook-top-mozillas-naughty-list-of-privacy-crushing-gifts ** Watch this episode on YouTube ** https://youtu.be/BzgqqxPqFEg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post FBI Email System Compromised, Ransomware Negotiation, Privacy Crushing Gifts appeared first on Shared Security Podcast.

Details on the Robinhood data breach (apparently caused by a social engineering attack) affecting approximately 7 million customers, and a discussion about surveillance and privacy concerns from a 600-hour leak of Dallas Police Department helicopter footage. ** Links mentioned on the show ** Robinhood Trading App Suffers Data Breach Exposing 7 Million Users’ Information https://thehackernews.com/2021/11/robinhood-trading-app-suffers-data.html https://blog.robinhood.com/news/2021/11/8/data-security-incident Activists leak 600 hours of mostly Dallas police helicopter footage after city’s 22 terabyte loss of criminal case data https://www.courthousenews.com/activists-leak-600-hours-of-mostly-dallas-police-helicopter-footage-after-citys-22-terabyte-loss-of-criminal-case-data/ https://ddosecrets.com/wiki/Aerial_Surveillance_Footage Shared Security Show Merch https://store.sharedsecurity.net ** Watch this episode on YouTube ** https://youtu.be/J3gHVb5qYYg ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity Shared Security Merch: https://store.sharedsecurity.net The post Robinhood Data Breach, 600 Hours of Dallas Police Helicopter Footage Leaked appeared first on Shared Security Podcast.

Facebook shuts down their face recognition system and deletes more than a billion facial recognition templates, how phone bots are being used to trick victims into giving up their multi-factor authentication codes, and the US blacklists the NSO Group and 3 other companies for malicious cyber activities. ** Links mentioned on the show ** Face Recognition Is So Toxic, Facebook Is Dumping It https://www.eff.org/deeplinks/2021/11/face-recognition-so-toxic-facebook-dumping-it https://about.fb.com/news/2021/11/update-on-use-of-face-recognition/ Hackers Are Outsourcing Social Engineering to Bots https://podcasts.apple.com/us/podcast/hackers-are-outsourcing-social-engineering-to-bots/id1441708044?i=1000540546679 https://www.vice.com/en/article/y3vz5k/booming-underground-market-bots-2fa-otp-paypal-amazon-bank-apple-venmo US Sanctions Pegasus-maker NSO Group and 3 Others For Selling Spyware https://thehackernews.com/2021/11/us-sanctions-pegasus-maker-nso-group.html https://www.schneier.com/blog/archives/2021/11/us-blacklists-nso-group.html Webinar with Tom Eston on November 10: What Bad Could Happen? Managing Application Risk with Threat Modeling https://bishopfox.com/resources/manage-application-risk-with-threat-modeling-webcast Getting the most value from phishing assessments with the Phishing Assessment Optimizer http://clickarmor.ca/opimizer ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Facebook Dumps Face Recognition, Social Engineering Bots, US Sanctions NSO Group appeared first on Shared Security Podcast.

Dana Mantilia joins us this month to talk about cybersecurity awareness, her incredible YouTube channel, and the ever changing role of the CISO (Chief Information Security Officer). ** Links mentioned on the show ** Connect with Dana and subscribe to her YouTube Channel https://www.linkedin.com/in/dana-mantilia/ https://www.youtube.com/c/IdentityProtectionPlanningwithDana/videos ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Interview with Dana Mantilia and the Role of the CISO appeared first on Shared Security Podcast.

Do we really need a federal data agency to regulate social media companies? Watch out for Squirrelwaffle and Qakbot malspam attacks, and ransomware hits a major candymaker ahead of Halloween (is nothing sacred anymore?!) ** Links mentioned on the show ** Facebook and social media endanger Americans. We need a federal data agency. https://www.nbcnews.com/think/politics-policy/facebook-rcna3704 Hackers Using Squirrelwaffle Loader to Deploy Qakbot and Cobalt Strike https://thehackernews.com/2021/10/hackers-using-squirrelwaffle-loader-to.html Sticky business: Ransomware hits U.S. candymaker ahead of Halloween https://www.nbcnews.com/tech/security/ransomware-hits-us-candymaker-ahead-halloween-rcna3391 ** Watch this episode on YouTube ** https://youtu.be/IrnrRSMU4SI ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Federal Data Agency for Social Media, Squirrelwaffle Malspam, Ransomware Hits U.S. Candymaker appeared first on Shared Security Podcast.

Details on the F12 “hacking” incident of the Missouri state education website and the foolish response from the Missouri governor, Over 30 countries (except China and Russia) meet to fight ransomware globally, and the FBI’s warning about fake unemployment benefit websites. ** Links mentioned on the show ** Gov. Parson promises ‘swift justice’ to person he says hacked Mo. Dept. of Education website https://krebsonsecurity.com/2021/10/missouri-governor-vows-to-prosecute-st-louis-post-dispatch-for-reporting-security-vulnerability/ https://twitter.com/GovParsonMO/status/1448697768311132160?s=20 Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting https://thehackernews.com/2021/10/over-30-countries-pledge-to-fight.html FBI warns of fake govt sites used to steal financial, personal data https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-govt-sites-used-to-steal-financial-personal-data/ ** Watch this episode on YouTube ** https://youtu.be/S8ykceaLJes ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Missouri Governor and F12 Hacking, Global Ransomware Meeting, Fake Government Websites appeared first on Shared Security Podcast.

Clickbait news about the rise of “killware”, Details on 1Password’s new feature to securely share passwords with others, and a new study by university researchers in the UK shows how Android phones snoop on their users. ** Links mentioned on the show ** The next big cyberthreat isn’t ransomware. It’s killware. And it’s just as bad as it sounds. https://news.yahoo.com/next-big-cyberthreat-isnt-ransomware-090022232.html 1Password’s new feature lets you safely share passwords using just a link https://techcrunch.com/2021/10/12/1passwords-new-feature-lets-you-safely-share-passwords-using-just-a-link Study reveals Android phones constantly snoop on their users https://www.bleepingcomputer.com/news/security/study-reveals-android-phones-constantly-snoop-on-their-users/ Where Kevin ordered his “googly eyes” https://www.digikey.com/en/products/detail/adafruit-industries-llc/4343/10419155 ** Watch this episode on YouTube ** https://youtu.be/bp226DNKiAk ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Killware Clickbait, 1Password Password Sharing Feature, Android Phone Snooping appeared first on Shared Security Podcast.

Co-host Scott Wright presents a new framework to help people to become “security champions” in their organization, a discussion about the great Facebook outage of 2021, and details on the Twitch data breach exposing source code and creator payouts. ** Links mentioned on the show ** Scott’s Security Champions Webinar https://youtu.be/WH65jch9DKI What Happened to Facebook, Instagram, & WhatsApp? https://krebsonsecurity.com/2021/10/what-happened-to-facebook-instagram-whatsapp/ Twitch source code, business data, gamer payouts leaked in massive hack https://www.zdnet.com/article/twitch-source-code-business-data-gamer-payouts-leaked-in-massive-hack/ https://thehackernews.com/2021/10/twitch-suffers-massive-125gb-data-and.html ** Watch this episode on YouTube ** https://youtu.be/hotJHONu8jE ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Security Champions Framework, The Great Facebook Outage, Twitch Data Breach appeared first on Shared Security Podcast.