Shared Security Podcast

Instagram is rolling out new features to help block spam and abusive messages, Apple releases iOS 14.5 to restrict tracking by advertisers, and a discussion about why people continue to choose terrible passwords. ** Links mentioned on the show ** Instagram debuts new tool to stop abusive message salvos made through new accounts https://www.zdnet.com/article/instagram-debuts-new-means-to-stop-senders-of-abusive-messages-contacting-you-through-new-accounts/ Apple releases long-awaited iOS update to restrict tracking by advertisers https://www.cbsnews.com/news/iphone-ios-privacy-update/?mc_cid=6359ff7e82&mc_eid=ab953fc709 These are the terrible passwords that people are still using. Here’s how to do better https://www.zdnet.com/article/these-are-the-terrible-passwords-that-people-are-still-using-heres-how-to-do-better/ ** Watch this episode on YouTube ** https://youtu.be/Q0QMpb0J4pE ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Instagram Anti-Abuse Tool, Apple Advertiser Restrictions, Terrible Passwords appeared first on Shared Security Podcast.

This week Tom and Kevin are back with an all new episode! Data breaches vs. recent data leaks, and the controversy over the FBI operation conducted to remove web shells from compromised Microsoft Exchange servers. ** Links mentioned on the show ** Facebook Data Breach: Here’s What To Do Now https://www.forbes.com/sites/kateoflahertyuk/2021/04/06/facebook-data-breach-heres-what-to-do-now/?sh=32c7c9235708 LinkedIn says some user data scraped and posted for sale https://www.reuters.com/article/us-linkedin-dataprotection-idUSKBN2BW1D3 Scraped personal data of 1.3 million Clubhouse users has reportedly leaked online https://www.msn.com/en-us/money/other/personal-data-of-13-million-clubhouse-users-has-reportedly-leaked-online-days-after-linkedin-and-facebook-also-suffered-data-breaches/ar-BB1fweCz FBI nuked web shells from hacked Exchange Servers without telling owners https://www.bleepingcomputer.com/news/security/fbi-nuked-web-shells-from-hacked-exchange-servers-without-telling-owners/ ** Watch this episode on YouTube ** https://youtu.be/4QeFEwj64ck ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Data Breaches vs. Data Leaks, FBI Exchange Server Controversy appeared first on Shared Security Podcast.

This week is another best of episode with the man, the myth, the legend, Jayson E. Street! In this episode Jayson shares with us several of his greatest hacking and social engineering adventures. This is one classic episode you don’t want to miss! ** Links mentioned on the show ** Follow Jayson on Twitter https://twitter.com/jaysonstreet Check out Jayson’s books on Amazon https://www.amazon.com/Jayson-E-Street/e/B002KRHDMO?ref=sr_ntt_srch_lnk_2&qid=1618086907&sr=8-2 ** Watch this episode on YouTube ** https://youtu.be/Q3hp0PDxCqw ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Best of Episode: Interview with Jayson E. Street appeared first on Shared Security Podcast.

This week is a best of episode with special guest Rachel Tobac, CEO of Social Proof Security. In this episode we discuss social engineering, how to get more women in cybersecurity, and of course Rachel’s favorite David Lynch movies. This is one previous episode you don’t want to miss! ** Links mentioned on the show ** Connect with Rachel on Twitter https://twitter.com/RachelTobac Find out more about Social Proof Security https://www.socialproofsecurity.com/ ** Watch this episode on YouTube ** https://youtu.be/LNbaxT9cZgU ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Best of Episode: Interview with Rachel Tobac appeared first on Shared Security Podcast.

Is it time to finally move away from SMS text based two-factor authentication? Plus a discussion about a new model that can help consumers with improving their Internet hygiene. ** Links mentioned on the show ** Can We Stop Pretending SMS Is Secure Now? https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/ The Consumer Authentication Strength Maturity Model (CASMM) https://danielmiessler.com/blog/casmm-consumer-authentication-security-maturity-model/ Tom Eston’s interview on the Secure Dad Podcast about Online Privacy https://www.thesecuredad.com/post/how-to-protect-your-privacy-online ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post SMS Two-Factor Authentication, New Internet Hygiene Model appeared first on Shared Security Podcast.

This week, co-host Tom Eston shares his top 3 tips to stay more private when you travel this year on vacation. ** Links mentioned on the show ** Smartphone privacy screens (Amazon) https://www.amazon.com/s?k=smartphone+privacy+screen&ref=nb_sb_noss_1 Laptop privacy screens (Amazon) https://www.amazon.com/s?k=laptop+privacy+screen&ref=nb_sb_noss_2 ** Watch this episode on YouTube ** https://youtu.be/2izHDB80qgA ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Top 3 Privacy Tips for Travel appeared first on Shared Security Podcast.

Scott and Kevin finally get together to debate Facebook and Apple privacy, and why you shouldn’t conduct a phishing test to trick employees into thinking they will get free Covid-19 vaccines. ** Links mentioned on the show ** Apple CEO sounds warning of algorithms pushing society towards catastrophe https://www.zdnet.com/article/apple-ceo-sounds-warning-of-algorithms-pushing-society-towards-catastrophe/ https://clickarmor.ca/2021/02/is-this-the-beginning-of-the-end-for-facebook/ Internal Memo: ICF Next Used Promise of Employee Vaccinations as Phishing Test https://www.adweek.com/agencyspy/internal-memo-icf-next-used-promise-of-employee-vaccinations-as-phishing-test/171253/ ** Watch this episode on YouTube ** https://youtu.be/Lqwtp9W_CNU ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Facebook and Apple Privacy Debate, Employee Phishing Test Gone Wrong appeared first on Shared Security Podcast.

Why is federal law enforcement (still) asking Congress for encryption backdoors? Attacks on Microsoft Exchange servers seem to have gotten worse, details on an airline supplier data breach, and the real reason Kevin hasn’t replaced his Chewbacca mannequin with Darth Vader! ** Links mentioned on the show ** The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones It’s Already Hacking Into https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones Warning the World of a Ticking Time Bomb https://krebsonsecurity.com/2021/03/warning-the-world-of-a-ticking-time-bomb/ https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/ https://securityboulevard.com/2021/03/huge-fallout-from-microsoft-incompetence-lets-exchange-exchange/ Airlines warn passengers of data breach after aviation tech supplier is hit by cyberattack https://www.zdnet.com/article/airlines-warn-passengers-of-data-breach-after-aviation-tech-supplier-is-hit-by-cyberattack/ ** Watch this episode on YouTube ** https://youtu.be/qJt4e1Ej4JI ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Encryption Backdoor Debate, Microsoft Exchange Attacks, Airline Supplier Data Breach appeared first on Shared Security Podcast.

Deepfake video and audio has really advanced in recent years. Will this technology start to erode trust in the media we consume? Microsoft Exchange zero-days in the wild, and why is it that IT security investment on cybersecurity is at an all time high, yet we continue to see more data breaches? ** Links mentioned on the show ** Deepfakes are getting better and better. Should we be concerned? https://twitter.com/RachelTobac/status/1365413178327277575?s=20 https://www.vice.com/en/article/n7vgm8/heres-how-worried-you-should-be-about-those-tom-cruise-deepfakes State hackers rush to exploit unpatched Microsoft Exchange servers https://www.bleepingcomputer.com/news/security/state-hackers-rush-to-exploit-unpatched-microsoft-exchange-servers/ Why do companies fail to stop breaches despite soaring IT security investment? https://thehackernews.com/2021/03/why-do-companies-fail-to-stop-breaches.html Check out our previous episodes with Rachel Tobac https://sharedsecurity.net/2020/05/29/episode-100-with-rachel-tobac-and-kathleen-smith/ https://sharedsecurity.net/2018/03/29/the-shared-security-podcast-episode-74-special-guest-rachel-tobac-racheltobac/ Check out the video Deepfake Queen mentioned by Scott on the show ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post The Deepfake Dilemma, Microsoft Exchange Zero-Days, IT Security Investments appeared first on Shared Security Podcast.

This week co-host Kevin Johnson joins Tom Eston to discuss new card skimmers found in the wild, the Accellion zero-days, and a new type of Mac malware called “Silver Sparrow”. ** Links mentioned on the show ** Checkout Skimmers Powered by Chip Cards https://krebsonsecurity.com/2021/02/checkout-skimmers-powered-by-chip-cards/ Apple says it has already beaten new M1 Mac malware https://www.techradar.com/au/news/apple-says-it-has-already-beaten-new-m1-mac-malware Hackers Exploit Accellion Zero-Days in Recent Data Theft and Extortion Attacks https://thehackernews.com/2021/02/hackers-exploit-accellion-zero-days-in.html https://thehackernews.com/2021/02/data-breach-exposes-16-million-jobless.html https://www.msn.com/en-us/money/companies/kroger-says-some-hr-data-and-pharmacy-records-were-possibly-compromised-in-data-breach/ What We Can Learn from the Accellion Breach https://labs.bishopfox.com/industry-blog/what-we-can-learn-from-the-accellion-breach ** Watch this episode on YouTube ** https://youtu.be/g_eDR9e48CI ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Card Skimmers Powered by Chip Cards, Silver Sparrow Mac Malware, Accellion Zero-Days appeared first on Shared Security Podcast.