Shared Security Podcast

Everyone is talking about the Clubhouse app but what should you be concerned about from a privacy perspective? In our February monthly show, Tom and Scott discuss what all the hype is about and what you need to know if you happen to receive a Clubhouse invite! ** Links mentioned on the show ** Join Clubhouse! Umm, What is Clubhouse? https://www.nytimes.com/2021/02/20/at-home/clubhouse-app-explainer.html Clubhouse vows to fix its platform after tool enabled audio chat leaks https://www.msn.com/en-us/money/other/clubhouse-vows-to-fix-its-platform-after-tool-enabled-audio-chat-leaks/ Clubhouse Chats Are Breached, Raising Concerns Over Security https://www.msn.com/en-us/money/other/clubhouse-chats-are-breached-raising-concerns-over-security/ You’ve been invited to Clubhouse. Your privacy hasn’t. https://www.vox.com/recode/22278601/clubhouse-invite-privacy-contacts-app Register for Tom Eston’s webinar on March 18th! DevSecOps and Application Penetration Testing: Defying the Myth https://us02web.zoom.us/webinar/register/2216131471091/WN_PcfokpHMRj2A89j8jRApgA ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Clubhouse App and Your Privacy appeared first on Shared Security Podcast.

In episode 161: Apple will start to proxy Safe Browsing requests to hide IP addresses from Google, the rise of Business Email Compromise attacks, and changes to the free version of LastPass. ** Links mentioned on the show ** Apple will proxy Safe Browsing requests to hide iOS users’ IP from Google https://thehackernews.com/2021/02/apple-will-proxy-safe-browsing-requests.html This cybersecurity threat costs business millions. And it’s the one they often forget about https://www.zdnet.com/article/this-cybersecurity-threat-costs-business-millions-and-its-the-one-they-often-forget-about/ LastPass making changes free service https://www.zdnet.com/article/lastpass-making-changes-free-service/ ** Watch this episode on YouTube ** https://youtu.be/aW8qQY8XFoo ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Apple’s Safe Browsing Request Proxy, BEC Attacks, LastPass Updates appeared first on Shared Security Podcast.

In episode 160: An attacker tried to poison a Florida city’s water supply, a popular Android app was hacked to display malicious ads, and how smartphone location data was used to track the US Capitol rioters. ** Links mentioned on the show ** A Hacker Tried to Poison a Florida City’s Water Supply, Officials Say https://www.mass.gov/service-details/cybersecurity-advisory-for-public-water-suppliers https://www.wired.com/story/oldsmar-florida-water-utility-hack/ With one update, this malicious Android app hijacked millions of devices https://www.zdnet.com/article/with-one-update-this-malicious-android-app-hijacked-10-million-devices/ They Stormed the Capitol. Their Apps Tracked Them. https://www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html?mc_cid=7a7bd73939&mc_eid=f1ab7621fc ** Watch this episode on YouTube ** https://youtu.be/5uqQTZB5cpc ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Florida Water Supply Hack, Android App Hijack, US Capitol Riot Phone Tracking appeared first on Shared Security Podcast.

In episode 159: Will algorithms be the death of social media and why the US government thinks it has a moral imperative to build AI powered weapons. ** Links mentioned on the show ** US has ‘moral imperative’ to develop AI weapons, says panel https://www.theguardian.com/science/2021/jan/26/us-has-moral-imperative-to-develop-ai-weapons-says-panel Apple CEO sounds warning of algorithms pushing society towards catastrophe https://www.zdnet.com/article/apple-ceo-sounds-warning-of-algorithms-pushing-society-towards-catastrophe/ Is this the beginning of the end for Facebook? https://clickarmor.ca/2021/02/is-this-the-beginning-of-the-end-for-facebook/ Kevin’s “Pay what you can” CISSP Mentor Program https://training.secureideas.com/course/cisspmentor/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Dangerous Social Media Algorithms, A Moral Imperative for AI Powered Weapons? appeared first on Shared Security Podcast.

In episode 158: Cybersecurity researchers targeted by North Korean hackers, Apple patches three iOS zero-day exploits, and details on Google’s Federated Learning of Cohorts (FLoC) which may one day replace third-party cookie tracking. ** Links mentioned on the show ** Check out these recent popular episodes! https://sharedsecurity.net/2021/01/28/tanya-janca-ceo-and-founder-we-hack-purple/ https://sharedsecurity.net/2021/01/18/the-capital-riot-first-amendment-and-deplatforming-cybersecurity-lessons-learned/ New campaign targeting security researchers https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/ Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild https://thehackernews.com/2021/01/apple-warns-of-3-ios-zero-day-security.html Google claims almost no change in ad revenue from targeting proposals in its Privacy Sandbox — but privacy upside less clear https://www.msn.com/en-us/news/technology/google-claims-almost-no-change-in-ad-revenue-from-targeting-proposals-in-its-privacy-sandbox-but-privacy-upside-less-clear/ar-BB1d53AQ https://blog.google/products/ads-commerce/2021-01-privacy-sandbox/ Don’t Play in Google’s Privacy Sandbox https://www.eff.org/deeplinks/2019/08/dont-play-googles-privacy-sandbox-1 ** Watch this episode on YouTube ** https://youtu.be/pIFE3JaP7Go ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Cybersecurity Researchers Targeted, Three iOS Zero-Days, Google FLoC appeared first on Shared Security Podcast.

Tanya Janca, CEO and founder of We Hack Purple joins us to discuss her new book “Alice & Bob Learn Application Security”, what inspired her to write the book, the current and future state of Application Security and much more! If you’re a fan of Tanya’s work, this is one episode you don’t want to miss! ** Links mentioned on the show ** Pick up Tanya’s book: “Alice & Bob Learn Application Security” on Amazon! https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/1119687357 Check out the We Hack Purple Academy and Community https://www.wehackpurple.com Connect with Tanya https://twitter.com/shehackspurple https://www.linkedin.com/in/tanya-janca/ Tanya was last on episode 82 of the podcast! https://sharedsecurity.net/2018/11/30/special-guest-tanya-janca-devops-and-appsec-women-in-cybersecurity-82/ ** Watch this episode on YouTube ** ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Tanya Janca CEO and Founder We Hack Purple appeared first on Shared Security Podcast.

Is the world really ready for COVID-19 vaccination passport apps? Also, the partial return of Parler, details on Nancy Pelosi’s stolen laptop, the Ubiquiti data breach, Ring end-to-end encryption for video, and other important cybersecurity and privacy news from the week. ** Links mentioned on the show ** Parler Partially Reappears With Support From Russian Technology Firm https://www.usnews.com/news/top-news/articles/2021-01-18/parler-partially-reappears-with-support-from-russian-technology-firm Ubiquiti: Change Your Password, Enable 2FA https://krebsonsecurity.com/2021/01/ubiquiti-change-your-password-enable-2fa/ Ring trials customer video end-to-end encryption for smart doorbells https://www.zdnet.com/article/ring-trials-customer-video-end-to-end-encryption/ WhatsApp clarifies it’s not giving all your data to Facebook after surge in Signal and Telegram users https://www.theverge.com/2021/1/12/22226792/whatsapp-privacy-policy-response-signal-telegram-controversy-clarification New AI software can turn regular security cameras into COVID-19 policy enforcement points https://www.techrepublic.com/article/new-ai-software-can-turn-regular-security-cameras-into-covid-19-policy-enforcement-points/ The world is not ready for Covid-19 vaccine passports. At least not yet https://www.cnbc.com/video/2021/01/18/covid-19-vaccine-passports-wont-be-a-reality-anytime-soon.html ** Watch this episode on YouTube ** https://youtu.be/TEgrzi6kYVA ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post Parler, Pelosi’s Stolen Laptop, Vaccination Passport Apps appeared first on Shared Security Podcast.

This week co-host Kevin Johnson joins me to discuss the cybersecurity lessons learned from the US Capital riot, why deplatforming is not violating first amendment rights, and much more. ** Links mentioned on the show ** Check out our series on how to break into a cybersecurity career https://sharedsecurity.net/2021/01/04/how-to-break-into-to-a-cybersecurity-career-part-1/ https://sharedsecurity.net/2021/01/11/how-to-break-into-a-cybersecurity-career-part-2-with-rafal-los/ What the First Amendment actually says https://www.law.cornell.edu/constitution/first_amendment First Amendment and free speech: When it applies and when it doesn’t https://www.msn.com/en-us/news/us/first-amendment-and-free-spech-when-it-applies-and-when-it-doesnt/ar-BB1cH6ak Apple removed Parler from the App Store for inciting violence https://www.bleepingcomputer.com/news/apple/apple-removed-parler-from-the-app-store-for-inciting-violence/ Google bans Parler app from Play Store for threats of violence https://www.bleepingcomputer.com/news/software/google-bans-parler-app-from-play-store-for-threats-of-violence/ ‘This is not normal’: Behind the decisions at Facebook and Twitter to deplatform Trump https://www.msn.com/en-us/news/technology/this-is-not-normal-behind-the-decisions-at-facebook-and-twitter-to-deplatform-trump/ar-BB1cL2lE ** Watch this episode on YouTube ** https://youtu.be/xJIxi4BTxNg ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post The Capital Riot: First Amendment and Deplatforming, Cybersecurity Lessons Learned appeared first on Shared Security Podcast.

Rafal Los, industry veteran and host of the “Down the Security Rabbithole Podcast”, joins Tom Eston for part two in our series on how to break into a cybersecurity career. If you’re a college student or thinking about getting into cybersecurity, this is one episode you don’t want to miss! ** Links mentioned on the show ** Listen and subscribe to the Down the Security Rabbithole Podcast hosted by Rafal Los and James Jardine http://podcast.wh1t3rabbit.net/ Check out Raf’s new podcast “Indistinguishable from Magic” https://www.itspmagazine.com/indistinguishable-from-magic-podcast Connect with Rafal Los https://twitter.com/Wh1t3Rabbit https://www.linkedin.com/in/rmlos/ So, you want to work in security? https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23 Entering the InfoSec Biz https://defensivesecurity.org/entering-information-security-industry/ How to Build a Cybersecurity Career https://danielmiessler.com/blog/build-successful-infosec-career/ Start in Infosec (Really great list of career/just starting out advice) https://malicious.link/start/ Becoming a Penetration Tester https://www.gracefulsecurity.com/becoming-a-penetration-tester/ ** Watch this episode on YouTube ** https://youtu.be/ERkhBSJZcTs ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, new and updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net YouTube: https://www.youtube.com/c/SharedSecurityPodcast Twitter: https://twitter.com/sharedsec Instagram: https://instagram.com/sharedsecurity The post How to Break Into a Cybersecurity Career – Part 2 with Rafal Los appeared first on Shared Security Podcast.

In episode 154 for January 4th 2021: Are you a college student, or someone that has an interest in a cybersecurity career? Check out the first episode in our series on how to break into a cybersecurity career with co-host Kevin Johnson. ** Links mentioned on the show ** So, you want to work in security? https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23 Entering the InfoSec Biz https://defensivesecurity.org/entering-information-security-industry/ How to Build a Cybersecurity Career https://danielmiessler.com/blog/build-successful-infosec-career/ Start in Infosec (Really great list of career/just starting out advice) https://malicious.link/start/ Becoming a Penetration Tester https://www.gracefulsecurity.com/becoming-a-penetration-tester/ ** Watch this episode on YouTube ** https://youtu.be/GE2gfG-_4BQ ** Thank you to our sponsors! ** Silent Pocket Visit silent-pocket.com to check out Silent Pocket’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post How to Break Into a Cybersecurity Career – Part 1 appeared first on Shared Security Podcast.