Shared Security Podcast

In episode 129 for July 13th 2020: Impact of the F5-BIG-IP critical vulnerability, security updates and your WiFi router, and details about new research that shows how billions of compromised credentials are available in the cyber underground. ** Links mentioned on the show ** Mitigating critical F5 BIG-IP RCE flaw not enough, bypass found https://www.bleepingcomputer.com/news/security/mitigating-critical-f5-big-ip-rce-flaw-not-enough-bypass-found/ Home router warning: They’re riddled with known flaws and run ancient, unpatched Linux https://www.zdnet.com/article/home-router-warning-theyre-riddled-with-known-flaws-and-run-ancient-unpatched-linux/ Billions of passwords now available on underground forums, say security researchers https://www.zdnet.com/article/billions-of-passwords-now-available-on-underground-forums-say-security-researchers/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post F5 BIG-IP Exploit, WiFi Router Security Updates, Password Reuse appeared first on Shared Security Podcast.

In episode 128 for July 6th 2020: New TikTok privacy concerns, the rise of macOS ransomware, and details on new research about bad password choices. ** Links mentioned on the show ** Family Safety and Security with Andy Murphy from The Secure Dad Podcast https://sharedsecurity.net/2020/06/29/family-safety-and-security-with-andy-murphy-from-the-secure-dad-podcast EARN IT Act, Facial Recognition Fail, Can I Be Phished? https://sharedsecurity.net/2020/06/30/earn-it-act-facial-recognition-fail-can-i-be-phished TikTok Reverse Engineered: What Was Discovered Will Make You Delete It ASAP https://www.reddit.com/r/privacy/comments/hgkqee/tiktok_reverse_engineered_what_was_discovered TikTok Reverse Engineering Highlights Massive Privacy Problems https://beincrypto.com/tiktok-reverse-engineering-highlights-massive-privacy-problems iOS 14 beta has a banner to confirm when you paste from another device (eg copy on a Mac and paste on iPhone) https://twitter.com/jeremyburge/status/1275832600146391042 India bans TikTok, dozens of other Chinese apps https://techcrunch.com/2020/06/29/india-bans-tiktok-dozens-of-other-chinese-apps A New Ransomware Targeting Apple macOS Users Through Pirated Apps https://thehackernews.com/2020/07/macos-ransomware-attack.html One out of every 142 passwords is ‘123456’ https://www.zdnet.com/article/one-out-of-every-142-passwords-is-123456 PWDB – New generation of Password Mass-Analysis https://github.com/FlameOfIgnis/Pwdb-Public The End of Passwords as We Know It – Interview with Andrew Shikiar from the FIDO Alliance https://sharedsecurity.net/2020/04/27/the-end-of-passwords-as-we-know-it/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow us ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post TikTok Privacy Concerns, macOS Ransomware, Bad Passwords appeared first on Shared Security Podcast.

In episode 101 of our June monthly show: Scott and Tom discuss the privacy concerns with the EARN IT Act, more stories of facial recognition fail, and Scott talks about his new podcast, Can I Be Phished? ** Links mentioned on the show ** PETITION: Nearly 500,000 say Congress shouldn’t ‘kill encryption’ with the EARN IT Act https://www.dailydot.com/debug/earn-it-act-petition/ The EARN IT Bill Is the Government’s Plan to Scan Every Message Online https://www.eff.org/deeplinks/2020/03/earn-it-bill-governments-not-so-secret-plan-scan-every-message-online False facial recognition match leads to a wrongful arrest in Detroit https://www.engadget.com/facial-recognition-wrongful-arrest-michigan-141531393.html Announcing the “Can I Be Phished?” podcast – unboxing the most common attacks! https://clickarmor.ca/2020/06/announcing-the-can-i-be-phished-podcast-unboxing-the-most-common-attacks/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post EARN IT Act, Facial Recognition Fail, Can I Be Phished? appeared first on Shared Security Podcast.

In episode 127 for June 29th 2020: Family safety and security with special guest Andy Murphy host of The Secure Dad podcast. I really enjoyed this interview with Andy! If you’re looking for a podcast about home and family security, self-defense, and more you should definitely subscribe to his show! ** Links mentioned on the show ** The Secure Dad 5 Day Challenge https://www.thesecuredad.com/5daychallenge Our Episode on 5 Tips to Stay Secure and Private During a Protest https://sharedsecurity.net/2020/06/15/5-tips-to-stay-private-and-secure-during-a-protest/ Andy’s Episode on “The Crime We Create” https://podcasts.apple.com/us/podcast/the-crime-we-create/id1438284738?i=1000456654826 Subscribe to The Secure Dad Podcast https://www.thesecuredad.com/podcast Follow Andy and The Secure Dad Podcast https://twitter.com/thesecuredad https://www.instagram.com/thesecuredad/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Family Safety and Security with Andy Murphy from The Secure Dad Podcast appeared first on Shared Security Podcast.

In episode 126 for June 22nd 2020: Details on the largest Distributed Denial of Service attack ever recorded, new security features in Dropbox, and the latest on new North Korean targeted cyber-attacks. ** Show notes and links mentioned on the show ** Zoom will provide end-to-end encryption to all users https://www.bleepingcomputer.com/news/security/zoom-will-provide-end-to-end-encryption-to-all-users/ AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever https://www.zdnet.com/article/aws-said-it-mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/ DDoS explained: How distributed denial of service attacks are evolving https://www.csoonline.com/article/3222095/ddos-explained-how-denial-of-service-attacks-are-evolving.html Dropbox unveils new features: Passwords, document vault, backup https://www.helpnetsecurity.com/2020/06/17/dropbox-new-features North Korea’s state hackers caught engaging in BEC scams https://www.zdnet.com/article/north-koreas-state-hackers-caught-engaging-in-bec-scams/ North Korean state hackers reportedly planning COVID-19 phishing campaign targeting 5M across six nations https://www.zdnet.com/article/north-korean-state-hackers-reportedly-planning-covid-19-phishing-campaign-targeting-5m-across-six-nations/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Largest DDoS Attack Ever, New Dropbox Features, North Korean Cyber-Attacks appeared first on Shared Security Podcast.

In episode 125 for June 15th 2020: Our top 5 tips for staying private and secure during a protest. ** Show notes and links mentioned on the show ** Privacy And Security While Protesting https://silent-pocket.com/blogs/news/privacy-and-security-while-protesting You Have a First Amendment Right to Record the Police https://www.eff.org/deeplinks/2020/06/you-have-first-amendment-right-record-police Protecting Your Privacy if Your Phone is Taken Away https://www.eff.org/deeplinks/2020/06/protecting-your-privacy-if-your-phone-taken-away How to Protest Safely in the Age of Surveillance https://www.wired.com/story/how-to-protest-safely-surveillance-digital-privacy/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post 5 Tips to Stay Private and Secure During a Protest appeared first on Shared Security Podcast.

In episode 124 for June 8th 2020: Details on how the Minneapolis Police website may have been hacked, Zoom’s plan to implement end-to-end encryption, and why eBay and other sites may be port scanning your computer. ** Show notes and links mentioned on the show ** After Anonymous Promises Retribution for George Floyd’s Death, Minneapolis Police Website Shows Signs It Was Hacked https://time.com/5845880/anonymous-minneapolis-police-hack/ Anonymous Hacker Gets Six Years In Prison For DDoS Attacks https://yro.slashdot.org/story/19/11/22/2211205/anonymous-hacker-gets-six-years-in-prison-for-ddos-attacks Zoom to offer end-to-end encryption only to paying customers https://www.helpnetsecurity.com/2020/06/04/zoom-end-to-end-encryption Is the EARN-IT Act a backdoor attempt to get encryption backdoors? https://www.csoonline.com/article/3531393/is-the-earn-it-act-a-backdoor-attempt-to-get-encryption-backdoors.html eBay port scans visitors’ computers for remote access programs https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-computers-for-remote-access-programs/ List of well-known web sites that port scan their visitors https://www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ uBlock Origin – An efficient blocker for Chromium and Firefox. Fast and lean. https://github.com/gorhill/uBlock ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Minneapolis Police Website Hacked, Zoom Encryption, eBay Port Scanning appeared first on Shared Security Podcast.

In episode 123 for June 1st 2020: The controversy continues over fact checking and First Amendment rights on Twitter, and why government mandated encryption backdoors are bad for everyone’s security. ** Show notes and links mentioned on the show ** Trump to sign executive order aimed at cracking down on Facebook and Twitter https://www.cnbc.com/2020/05/28/trump-to-sign-executive-order-aimed-at-cracking-down-on-facebook-twitter.html The law enforcement backdoor debate continues https://www.helpnetsecurity.com/2020/05/26/backdoor-encryption/ OWASP Top 10 2020 Data Analysis Plan https://owasp.org/www-project-top-ten/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post First Amendment Rights and Twitter, Encryption Backdoors appeared first on Shared Security Podcast.

In episode 100 of our May monthly show we discuss the history of the podcast, some of the most interesting cybersecurity and privacy news and events over the years, and speak with former guest Rachel Tobac, CEO and Co-Founder of SocialProof Security, about what she’s been up to and of course the David Lynch daily weather report! We also catch up with Kathleen Smith, CMO of ClearedJobs.net and CyberSecJobs.com to talk about the current cybersecurity job market, recruiting, and the one thing you need to stop doing with your resume. Interviews start at [38:00]. Be sure to watch the full episode on our YouTube channel. Thank you to all of our sponsors, guests, and listeners over the years helping us achieve this milestone episode! ** Links mentioned on the show ** Previous Episodes of the Shared Security Podcast https://sharedsecurity.net/podcast-episodes/ The David Lynch Daily Weather Report https://www.youtube.com/channel/UCDLD_zxiuyh1IMasq9nbjrA Connect with Rachel Tobac https://twitter.com/RachelTobac SocialProof Security https://www.socialproofsecurity.com/ The Shared Security Podcast Episode 74 – Special Guest Rachel Tobac https://sharedsecurity.net/2018/03/29/the-shared-security-podcast-episode-74-special-guest-rachel-tobac-racheltobac/ Connect with Kathleen Smith https://twitter.com/YesItsKathleen ClearedJobs.net https://clearedjobs.net/ CyberSecJobs.com https://cybersecjobs.com/ Weekly Blaze Episode 84 – Cybersecurity Careers, Recruiting, and Volunteering with Kathleen Smith https://sharedsecurity.net/2019/01/09/cybersecurity-careers-recruiting-and-volunteering-with-kathleen-smith-84/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Episode 100 with Rachel Tobac and Kathleen Smith appeared first on Shared Security Podcast.

In episode 122 for May 25th 2020: Apple and the US Government dispute over law enforcement backdoors in Apple products, secure messaging app Signal starts to move away from using phone numbers as user IDs, and details on the EasyJet data breach affecting 9 million customers. ** Show notes and links mentioned on the show ** Apple Calls FBI Comments on Lack of Help Unlocking Florida Shooter’s iPhone an ‘Excuse to Weaken Encryption’ https://www.macrumors.com/2020/05/18/apple-fbi-dispute-weaken-encryption/ Signal to move away from using phone numbers as user IDs https://signal.org/blog/signal-pins/ British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers’ Data https://thehackernews.com/2020/05/easyjet-data-breach-hacking.html EasyJet official data breach statement https://otp.investis.com/clients/uk/easyjet1/rns/regulatory-story.aspx?cid=2&newsid=1391756 ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Apple’s Law Enforcement Backdoor Dispute, Signal PINs, EasyJet Data Breach appeared first on Shared Security Podcast.