Shared Security Podcast

Will Apple AirTag’s replace malicious payload USB drops? Details on Private Relay and Hide My Email features included with iCloud+, and a fun discussion about Amazon’s Astro robot and the Ring camera drone! ** Links mentioned on the show ** Apple AirTag Bug Enables ‘Good Samaritan’ Attack https://krebsonsecurity.com/2021/09/apple-airtag-bug-enables-good-samaritan-attack/ What Is Apple iCloud+? https://www.howtogeek.com/732978/what-is-apple-icloud/ Apple’s New iCloud Private Relay Service Leaks Users’ Real IP Addresses https://thehackernews.com/2021/09/apples-new-icloud-private-relay-service.html Amazon is now accepting your applications for its home surveillance drone https://www.theverge.com/2021/9/28/22692048/ring-always-home-cam-drone-amazon-price-release-date-specs ** Watch this episode on YouTube ** https://youtu.be/BMLngk17onQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Apple AirTag Good Samaritan Attack, iCloud+, Amazon Astro Dog and Ring Camera Drone appeared first on Shared Security Podcast.

October is Cybersecurity Awareness Month so in this episode we discuss multi-factor authentication and the use of authenticator apps. Multi-factor authentication is one of the most important things that you can enable to secure your online accounts but its unfortunately overlooked by most people. Listen to this episode to learn what multi-factor authentication is, all about authenticator apps, and how we can get more people to start using multi-factor authentication. ** Links mentioned on the show ** Professionally Evil CISSP Mentorship Program – Pay What You Can https://www.secureideas.com/cissp Why People Won’t Do the One Simple Thing that Protects Them Online https://podcasts.apple.com/us/podcast/why-people-wont-do-the-one-simple-thing-that-protects/id1441708044?i=1000534799217 What Is Two-Factor Authentication (2FA)? https://authy.com/what-is-2fa/ The Best Authenticator Apps for Protecting Your Accounts https://gizmodo.com/the-best-authenticator-apps-for-protecting-your-account-1840711013 ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Multi-Factor Authentication and Authenticator Apps appeared first on Shared Security Podcast.

Microsoft will now allow you to login to your accounts without a password, Facebook releases its Ray-Ban Stories smart glasses, and a conversation about the security.txt “Internet standard” and if this will help or hinder a organization’s vulnerability disclosure process. ** Links mentioned on the show ** You Can Now Sign-in to Your Microsoft Accounts Without a Password https://thehackernews.com/2021/09/you-can-now-sign-in-to-you-microsoft.html Facebook already has your memories, smart glasses will get it more https://www.msn.com/en-us/news/technology/facebook-already-has-your-memories-smart-glasses-will-get-it-more/ar-AAOkt6u Does Your Organization Have a Security.txt File? https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/ RFC 5965 – An Extensible Format for Email Feedback Reports https://datatracker.ietf.org/doc/html/rfc5965 ** Watch this episode on YouTube ** https://youtu.be/GGIv2NS3Hkc ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard appeared first on Shared Security Podcast.

The latest on the iMessage Zero-Click exploit that affects Apple iOS, MacOS and WatchOS devices (update your Apple devices now!), the names and home addresses of 111,000 British firearm owners have been dumped online, and details on over 60 million fitness tracking records exposed via an unsecured database. ** Links mentioned on the show ** NSO Group iMessage Zero-Click Exploit Captured in the Wild https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners’ home addresses in Google Earth https://www.theregister.com/2021/08/31/guntrader_breach_csv_danger/ https://www.theregister.com/2021/09/07/guntrader_hack_perp_interview/ Cyber stories for executives: Using the Guntrader data breach to help get executive buy-in for cyber security investment https://clickarmor.ca/2021/09/cyber-stories-for-executives-using-the-guntrader-data-breach-to-help-get-executive-buy-in-for-cyber-security-investment/ Over 60 million wearable, fitness tracking records exposed via unsecured database https://www.zdnet.com/article/over-60-million-records-exposed-in-wearable-fitness-tracking-data-breach-via-unsecured-database/ Scott’s book recommendation: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059/ref=sr_1_1?crid=18TUQRLOIHUHV&dchild=1&keywords=this+is+how+they+tell+me+the+world+ends&qid=1631815175&sr=8-1 ** Watch this episode on YouTube ** https://youtu.be/tt02L3vD1Kc ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post iMessage Zero-Click Exploit, Leaked Guntrader Firearms Data, 60 Million Fitness Tracking Records Exposed appeared first on Shared Security Podcast.

Details on the controversy over encrypted email service ProtonMail handing over a user’s IP address to the Swiss police, how a fake bot disinformation campaign went viral on Twitter, and are we ready to welcome our correctional facility robot overlords? ** Links mentioned on the show ** ProtonMail deletes ‘we don’t log your IP’ boast from website after French climate activist reportedly arrested https://www.theregister.com/2021/09/07/protonmail_hands_user_ip_address_police/ https://protonmail.com/blog/climate-activist-arrest/ ER doctor’s original tweet on delta variant is legitimate – a story about disinformation https://apnews.com/article/fact-checking-528961447371 https://twitter.com/NJOverclocked/status/1420160869607018498 The Catalog of Carceral Surveillance – Mobile Correctional Facility Robots https://www.eff.org/deeplinks/2021/09/catalog-carceral-surveillance-mobile-correctional-facility-robots ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post ProtonMail IP Address Logging Controversy, Fake Bot Disinformation, Correctional Facility Robot Overlords appeared first on Shared Security Podcast.

This week Rafal Los, host of the Down the Security Rabbithole Podcast, joins us to talk about election fraud claims vs facts, the recent packet capture controversy, tribalism, and the challenges with election security. Note: this is not a political discussion but we believe that election security is important to discuss, no matter what your political views are. ** Links mentioned on the show ** Raf’s interview with Rob Graham: DtSR Episode 461 – TPA Peacocking Without PCAPS http://podcast.wh1t3rabbit.net/dtsr-episode-461-tpa-peacocking-without-pcaps Details about what really went on at Mike Lindell’s cyber symposium 1/nIf you are wondering if there will be anybody at Mike Lindell's cybersymposium who can confirm or refute his "packet captures", well, there's going to be me. I'm a well-known expert on packet captures, and somewhat knowledgeable about election systems.https://t.co/PGioDBZ47B — Robᵉʳᵗ Graham #PcapsOrItDidntHappen (@ErrataRob) August 9, 2021 Raf has also published over 462 episodes of his podcast “Down the Security Rabbithole” (DtSR)! Give it a listen and subscribe! http://podcast.wh1t3rabbit.net/ Follow Raf on Twitter https://twitter.com/wh1t3rabbit ** Watch this episode on YouTube ** https://youtu.be/Wfm8vu-44vA ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Election Security and the Packet Capture Controversy with Special Guest Rafal Los appeared first on Shared Security Podcast.

In our August monthly show co-hosts Kevin Johnson and Scott Wright join Tom Eston to discuss what happens to your social media accounts…after you die! This is a topic we don’t hear a lot of discussion about but is very important to understand for your legacy as well as how your friends and family members want to be remembered. ** Links mentioned on the show ** Social Media Algorithms Are Controlling How I Grieve https://www.wired.com/story/social-media-algorithms-are-controlling-how-i-grieve/ What to Do with Social Media Accounts after Someone Dies https://www.myfarewelling.com/article/what-to-do-with-social-media-accounts-after-someone-dies ** Watch this episode on YouTube ** https://youtu.be/MkoTbDKFM58 ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank account information by generating virtual card numbers. So if your virtual card number gets compromised, your real card number wont! New Privacy customers will get $5 to spend on your first purchase! Visit privacy.com/sharedsecurity to sign up and take back control of your online payments. Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post What Happens to Your Social Media Accounts After You Die? appeared first on Shared Security Podcast.

A 21-year-old Virginia native living in Turkey is allegedly behind the massive T-Mobile hack, China adopts a new national privacy law, and is Elon Musk’s Tesla Bot just creepy or is it the beginning of “useful AI” that people love and is “unequivocally good”. ** Links mentioned on the show ** 21-year-old tells WSJ he was behind massive T-Mobile hack https://www.zdnet.com/article/21-year-old-tells-wsj-he-was-behind-massive-t-mobile-hack China adopts national privacy law https://iapp.org/news/a/china-adopts-national-privacy-law/ Elon Musk unveils Tesla Bot, a humanoid robot that uses vehicle AI https://www.cnet.com/news/elon-musk-unveils-tesla-bot-a-humanoid-robot-utilizing-vehicle-ai/ ** Watch this episode on YouTube **   ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank account information by generating virtual card numbers. So if your virtual card number gets compromised, your real card number wont! New Privacy customers will get $5 to spend on your first purchase! Visit privacy.com/sharedsecurity to sign up and take back control of your online payments. Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post T-Mobile Hacker Identified, China’s New Privacy Law, Tesla Bot Announcement appeared first on Shared Security Podcast.

T-Mobile suffers another data breach this time impacting 8 million customers, Tinder will start letting users verify their identity to help prevent “catfishing”, and Mastercard is finally phasing out magnetic stripes on their cards starting in 2024. ** Links mentioned on the show ** T-Mobile says information of more than 8 million customers leaked in breach https://www.bleepingcomputer.com/news/security/t-mobile-says-hackers-stole-records-belonging-to-486-million-individuals/ https://krebsonsecurity.com/2021/08/t-mobile-investigating-claims-of-massive-data-breach/ Tinder letting users verify their identity as platforms struggle with ways to limit abuse https://finance.yahoo.com/news/tinder-letting-users-verify-identity-102344644.html 8 Signs You Are Being Catfished https://whatismyipaddress.com/catfish Mastercard is phasing out magnetic stripes on its cards starting in 2024 https://www.theverge.com/2021/8/17/22628455/mastercard-magnetic-stripe-phase-out-2024-2033 Checkout Skimmers Powered by Chip Cards https://krebsonsecurity.com/2021/02/checkout-skimmers-powered-by-chip-cards/ All About Skimmers https://krebsonsecurity.com/all-about-skimmers/ ** Watch this episode on YouTube ** https://youtu.be/aG2-5EklzYk ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank account information by generating virtual card numbers. So if your virtual card number gets compromised, your real card number wont! New Privacy customers will get $5 to spend on your first purchase! Visit privacy.com/sharedsecurity to sign up and take back control of your online payments. Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post T-Mobile Data Breach, Tinder Identity Verification, Magnetic Stripe Phase Out appeared first on Shared Security Podcast.

Over $600 million stolen in the largest DeFi cryptocurrency hack in history, attackers are getting around $10k for stolen network access credentials, and why your identity is trapped inside a social network and what this means for the next potential evolution of the Internet…the metaverse! ** Links mentioned on the show ** Apple to refuse government demands of expanding scanning beyond child abuse https://www.zdnet.com/article/apple-to-refuse-government-demands-of-expanding-scanning-beyond-child-abuse/ Ransomware gang uses PrintNightmare to breach Windows servers https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-printnightmare-to-breach-windows-servers/ Over $600 million reportedly stolen in cryptocurrency hack https://www.bleepingcomputer.com/news/security/over-600-million-reportedly-stolen-in-cryptocurrency-hack/ https://research.kudelskisecurity.com/2021/08/12/the-poly-network-hack-explained/amp/ Hackers netting average of nearly $10,000 for stolen network access https://www.zdnet.com/article/hackers-netting-average-of-nearly-10000-for-stolen-network-access/ Why is your identity trapped inside a social network? https://www.zdnet.com/article/why-is-your-identity-trapped-inside-a-social-network/ https://www.forbes.com/sites/charliefink/2021/08/12/this-week-in-xr-is-there-a-cure-for-metaverse-mania/ ** Watch this episode on YouTube ** https://youtu.be/PjGK9LeDW3k ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank account information by generating virtual card numbers. So if your virtual card number gets compromised, your real card number wont! New Privacy customers will get $5 to spend on your first purchase! Visit privacy.com/sharedsecurity to sign up and take back control of your online payments. Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Largest Cryptocurrency Hack in History, $10k For Stolen Network Access, Your Identity and the Metaverse appeared first on Shared Security Podcast.