Shared Security Podcast

TikTok can now collect biometric data from user content, researchers find a vulnerability in Peloton bikes, and why some people think that Nextdoor might be the next big social network. ** Links mentioned on the show ** TikTok Can Now Collect Biometric Data https://www.schneier.com/blog/archives/2021/06/tiktok-can-now-collect-biometric-data.html McAfee discovers vulnerability in Peloton Bike+ https://www.zdnet.com/article/mcafee-discovers-vulnerability-in-peloton-bike Nextdoor: The next big social network? https://www.linkedin.com/news/story/the-next-big-social-network-5474402/ ** Watch this episode on YouTube ** https://youtu.be/I14_dJ5xeqQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post TikTok Collecting Biometric Data, Peloton Bike+ Vulnerability, Nextdoor App Concerns appeared first on Shared Security Podcast.

Details about the “ANOM” global crime sting where the FBI created a fake encrypted mobile phone for criminals that promised secure communications, new details about how the Colonial Pipeline ransomware attack started, and some really bad security research about stolen user credentials. ** Links mentioned on the show ** Only the following devices have Amazon Sidewalk enabled (for now): Ring Floodlight Cam (2019) Ring Spotlight Cam Wired (2019) Ring Spotlight Cam Mount (2019) Echo (3rd gen and newer) Echo Dot (3rd gen and newer) Echo Dot for Kids (3rd gen and newer) Echo Dot with Clock (3rd gen and newer) Echo Plus (all generations) Echo Show (all models and generations) Echo Spot Echo Studio Echo Input Echo Flex To opt-out of Amazon Sidewalk if you have one of the above devices: For the Echo family of speakers, open the Alexa mobile app and go to More, Settings, Account Settings, Amazon Sidewalk and choose Disable. In the Ring app, go to the Control Center, Amazon Sidewalk, Disable, Confirm. ANOM: Hundreds arrested in massive global crime sting using messaging app https://www.bbc.com/news/world-57394831 https://techxplore.com/news/2021-06-anom-global.html One password allowed hackers to disrupt Colonial Pipeline, CEO tells senators https://www.msn.com/en-ca/money/topstories/one-password-allowed-hackers-to-disrupt-colonial-pipeline-ceo-tells-senators/ar-AAKPAOl The FBI likely exploited sloppy password storage to seize Colonial Pipeline bitcoin ransom https://www.cnbc.com/2021/06/08/fbi-likely-exploited-sloppy-password-storage-to-seize-colonial-ransom.html This is how fast a password leaked on the web will be tested out by hackers https://www.zdnet.com/article/this-is-how-fast-a-password-leaked-on-the-web-will-be-tested-out-by-hackers/ ** Watch this episode on YouTube ** https://youtu.be/h2EMghjjjgM ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post ANOM FBI Global Crime Sting, Colonial Pipeline Updates, Password Leak Research appeared first on Shared Security Podcast.

Is Amazon Sidewalk the latest threat to our privacy? Also, what’s the big deal about NFTs, and why mining cryptocurrency through your anti-virus software is a horrible idea. ** Links mentioned on the show ** What Does Amazon Sidewalk Mean for Your Privacy? https://www.makeuseof.com/what-does-amazon-sidewalk-mean-for-your-privacy/ https://thehackernews.com/2021/05/your-amazon-devices-to-automatically.html Note! Only the following devices have Amazon Sidewalk enabled (for now): Ring Floodlight Cam (2019) Ring Spotlight Cam Wired (2019) Ring Spotlight Cam Mount (2019) Echo (3rd gen and newer) Echo Dot (3rd gen and newer) Echo Dot for Kids (3rd gen and newer) Echo Dot with Clock (3rd gen and newer) Echo Plus (all generations) Echo Show (all models and generations) Echo Spot Echo Studio Echo Input Echo Flex To opt-out: For the Echo family of speakers, open the Alexa mobile app and go to More, Settings, Account Settings, Amazon Sidewalk and choose Disable. In the Ring app, go to the Control Center, Amazon Sidewalk, Disable, Confirm. Token Resistance: Tackling the New NFT Threat Landscape https://securityintelligence.com/articles/new-threat-landscape-nfts/ A new surprise feature for Norton 360 antivirus users: You can mine for cryptocurrency https://www.zdnet.com/article/a-new-surprise-feature-for-norton-360-antivirus-users-you-can-mine-for-cryptocurrency/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Amazon Sidewalk, NFTs and Cybersecurity, Norton 360 Cryptocurrency Mining appeared first on Shared Security Podcast.

Details about Biden’s cybersecurity executive order, privacy and stalking concerns with Apple’s new AirTag technology, and why some cyber insurance companies may not pay out for ransomware in the future. ** Links mentioned on the show ** New Cybersecurity Executive Order: What You Need to Know https://www.veracode.com/blog/security-news/new-cybersecurity-executive-order-what-you-need-know How Apple’s AirTag turns us into unwitting spies in a vast surveillance network https://www.theguardian.com/technology/2021/may/17/how-apples-airtag-turns-us-into-unwitting-spies-in-a-vast-surveillance-network Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise https://www.darkreading.com/risk/cyber-insurance-firms-start-tapping-out-as-ransomware-continues-to-rise/d/d-id/1341109 ** Watch this episode on YouTube ** https://youtu.be/nptmo3mTbFk ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Biden’s Cybersecurity Executive Order, Apple’s AirTag, Cyber Insurance appeared first on Shared Security Podcast.

Gamification is changing cybersecurity and the way we learn! Scott Wright, Co-host and CEO of Click Armor, joins us this month to discuss why gamification is a “game” changer in our industry. ** Links mentioned on the show ** What is Gamified Learning? https://clickarmor.ca/guide-to-gamified-learning/ ** Watch this episode on YouTube ** https://youtu.be/C37MnOUWsv0 ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post How Gamification is Changing Cybersecurity appeared first on Shared Security Podcast.

More news and updates about the Colonial Pipeline ransomware attack, the DarkSide ransomware as a service (RaaS) goes dark on the dark web, and why we still need cybersecurity best practices (regardless of an opinion piece that says otherwise). ** Links mentioned on the show ** Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals https://thehackernews.com/2021/05/colonial-pipeline-paid-nearly-5-million.html U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized https://thehackernews.com/2021/05/us-pipeline-ransomware-attackers-go.html Our cybersecurity ‘industry best practices’ keep allowing breaches (opinion piece) https://thehill.com/opinion/technology/553891-our-cybersecurity-industry-best-practices-keep-allowing-breaches?rl=1 ** Watch this episode on YouTube ** https://youtu.be/hHCrwxDdvMU ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Colonial Pipeline Updates, DarkSide Goes Dark, Cybersecurity Best Practices appeared first on Shared Security Podcast.

This week Tom and Kevin discuss the Colonial Pipeline ransomware attack, RaaS (Ransomware as a Service), and why ransomware attacks are not going away anytime soon. ** Links mentioned on the show ** Colonial Pipeline Hackers, DarkSide, Apologize, Say Goal ‘Is to Make Money’ https://www.msn.com/en-us/news/world/colonial-pipeline-hackers-darkside-apologize-say-goal-is-to-make-money/ar-BB1gBzhB Colonial Pipeline attack: Everything you need to know https://www.zdnet.com/article/everything-you-need-to-know-about-the-colonial-pipeline-ransomware-attack/ Ransomware Infection on Colonial Pipeline Shows Potential for Worse Gas Disruption https://zetter.substack.com/p/ransomware-infection-on-colonial What is Ransomware as a Service (RaaS)? https://www.crowdstrike.com/cybersecurity-101/ransomware/ransomware-as-a-service-raas/ Kevin’s “Pay what you can” CISSP Mentorship Program https://training.secureideas.com/course/cisspmentor/ ** Watch this episode on YouTube ** https://youtu.be/OA1TeMV4QNQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post The Colonial Pipeline Ransomware Attack appeared first on Shared Security Podcast.

Do we still need World Password Day? Hacking a Tesla via a drone, and a privacy warning about the Ipsos Screenwise panel. ** Links mentioned on the show ** World password day – May 6th https://www.darkreading.com/vulnerabilities—threats/will-2021-mark-the-end-of-world-password-day-/a/d-id/1340911 Tesla Car Hacked Remotely From Drone via Zero-Click Exploit https://www.securityweek.com/tesla-car-hacked-remotely-drone-zero-click-exploit What is this Ipsos/Google Screenwise Panel? (Tom received a letter randomly in the mail with a real dollar bill attached. The panel gives Google access to everything your family does on the Internet through a wifi router that they control in your home. In return, they pay you a few bucks for your app usage and Internet history) https://screenwisepanel.com/ https://lushdollar.com/the-screenwise-meter-panel/ YouTube video where Snowden reveals scammer live ** Watch this episode on YouTube ** https://youtu.be/ptZFEMzPdrY ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post World Password Day, Tesla Hacking via Drone, Ipsos Screenwise Panel appeared first on Shared Security Podcast.

Remembering Dan Kaminsky who was one of the greatest security researchers of our time plus details on a new Apple Airdrop vulnerability. ** Links mentioned on the show ** Remembering Dan Kaminsky https://www.nytimes.com/2021/04/27/technology/daniel-kaminsky-dead.html Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby https://thehackernews.com/2021/04/apple-airdrop-bug-could-leak-your.html https://www.komando.com/security-privacy/apple-airdrop-security-flaw/787628/ ** Watch this episode on YouTube ** https://youtu.be/N6T6qcRfTBA ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Remembering Dan Kaminsky, Apple AirDrop Vulnerability appeared first on Shared Security Podcast.

Are you investing in cryptocurrency or thinking about it? Be sure to listen or watch our April monthly show for our top 3 ways to keep your cryptocurrency safe! ** Links mentioned on the show ** 10 Ways to Keep Your Cryptocurrency Safe https://money.usnews.com/investing/cryptocurrency/slideshows/ways-to-keep-your-cryptocurrency-safe Beware of These Top Bitcoin Scams https://www.investopedia.com/articles/forex/042315/beware-these-five-bitcoin-scams.asp 9 Best Crypto Wallets (Software and Hardware) in 2021 https://cryptotrader.tax/blog/best-crypto-wallet ** Watch this episode on YouTube ** https://youtu.be/plOnfKhePXY ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post 3 Ways to Keep Your Cryptocurrency Safe appeared first on Shared Security Podcast.