Shared Security Podcast

In episode 121 for May 18th 2020: A new Thunderbolt flaw could let hackers steal your data in under five minutes, new vulnerabilities in a popular WordPress plugin, and details on why the US Senate just rejected a plan to require a warrant to obtain Americans’ web browsing history. ** Show notes and links mentioned on the show ** Thunderbolt flaw lets hackers steal your data in ‘five minutes’ https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/ Thunderbolt 3 The USB-C that does it all https://thunderbolttechnology.net/consumer/ Thunderspy tool to test if your PC is vulnerable https://thunderspy.io/ WordPress plugin Page Builder by SiteOrigin patched against code execution attacks https://www.zdnet.com/article/wordpress-plugin-page-builder-by-siteorigin-patched-against-code-execution-attacks/ Page Builder by SiteOrigin Plugin Page https://wordpress.org/plugins/siteorigin-panels/ Senate Votes to Allow FBI to Look at Your Web Browsing History Without a Warrant https://www.vice.com/en_us/article/jgxxvk/senate-votes-to-allow-fbi-to-look-at-your-web-browsing-history-without-a-warrant How to Contact Your Elected Officials https://www.usa.gov/elected-officials/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Thunderbolt Flaws, WordPress Plugin Vulnerabilities, Patriot Act Vote appeared first on Shared Security Podcast.

In episode 120 for May 11th 2020: The latest on the GoDaddy security incident affecting 28,000 customers, fake Microsoft Teams notification emails and Zoom downloaders, and details on new features to the Firefox built in password manager. ** Show notes and links mentioned on the show ** GoDaddy notifies users of breached hosting accounts https://www.bleepingcomputer.com/news/security/godaddy-notifies-users-of-breached-hosting-accounts/ GoDaddy email to affected customers https://oag.ca.gov/system/files/Customer%20Notification.pdf How to combine SSH key authentication and two-factor authentication on Linux https://www.techrepublic.com/article/how-to-combine-ssh-key-authentication-and-two-factor-authentication-on-linux/ Fake Microsoft Teams Notification Emails https://www.helpnetsecurity.com/2020/05/04/fake-microsoft-teams-notification/ Fake Zoom Downloaders https://www.zdnet.com/article/hackers-target-remote-workers-with-fake-zoom-downloader/ The Firefox password manager now tells you when you use leaked passwords https://www.zdnet.com/article/the-firefox-password-manager-now-tells-you-when-you-use-leaked-passwords/ World Password Day https://www.daysoftheyear.com/days/password-day/ Our interview with Andrew Shikiar from the FIDO Alliance https://sharedsecurity.net/2020/04/27/the-end-of-passwords-as-we-know-it/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post GoDaddy Security Incident, Fake Downloaders, Firefox Lockwise appeared first on Shared Security Podcast.

In episode 119 for May 4th 2020: The use of thermal cameras and other technology to monitor the workplace for COVID-19, more details about Apple and Google’s contact tracing framework, and are virtual security conferences the new normal? ** Show notes and links mentioned on the show ** A new era of workplace surveillance due to COVID-19? https://www.washingtonpost.com/technology/2020/04/27/companies-use-thermal-cameras-speed-return-work-sparks-worries-about-civil-liberties/ Apple and Google provide more technical details about the COVID-19 exposure notification API https://www.washingtonpost.com/technology/2020/04/29/most-americans-are-not-willing-or-able-use-an-app-tracking-coronavirus-infections-thats-problem-big-techs-plan-slow-pandemic/ https://www.apple.com/covid19/contacttracing/ Pros and cons of virtual security events https://www.helpnetsecurity.com/2020/04/29/virtual-events Check out all the great online courses offered by Secure Ideas. Use discount code: SIFRIEND for 25% off! https://secureideas.com/catalog/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Workplace Surveillance, Apple and Google Contact Tracing Tech, Virtual Cybersecurity Conferences appeared first on Shared Security Podcast.

In episode 118 for April 27th 2020: A discussion about the end of passwords and what the future may hold with special guest Andrew Shikiar executive director of the FIDO Alliance. ** Show notes and links mentioned on the show ** Find out more about the FIDO Alliance https://fidoalliance.org/ https://twitter.com/fidoalliance How FIDO works and eliminates the need for passwords https://fidoalliance.org/how-fido-works/ Connect with Andrew Shikiar https://www.linkedin.com/in/andrewshikiar/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post The End of Passwords as We Know It appeared first on Shared Security Podcast.

In episode 99 of our April monthly show: Apple and Google’s controversial efforts to create contact tracing technology, fighting COVID-19 criminal activity, and what the new normal means for startup companies. ** Show notes and links mentioned on the show ** Apple and Google to build contact tracing technology https://www.rte.ie/news/business/2020/0410/1129902-apple-and-google-to-build-contact-tracing-technology/ COVID-19 Cyber Threat Coalition https://www.cyberthreatcoalition.org/ Cyber Threat Alliance https://www.cyberthreatalliance.org/ COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic? https://krebsonsecurity.com/2020/04/covid-19-has-united-cybersecurity-experts-but-will-that-unity-survive-the-pandemic/ More cybersecurity and other vendors stepping up with free products for healthcare and other impacted organizations https://www.helpnetsecurity.com/2020/04/15/microsoft-accountguard-healthcare/ https://www.helpnetsecurity.com/2020/04/08/cybersecurity-pandemic-try-solutions/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Contact Tracing Controversy, Fighting COVID-19 Criminal Activity appeared first on Shared Security Podcast.

In episode 117 for April 20th 2020: More problems for Zoom with tens of thousands of compromised credentials and zero-day exploits, the $5 million dollar reward for information on North Korean hackers, and why it might not be the best idea to post your senior year pictures on Facebook. ** Show notes and links mentioned on the show ** Over 500,000 Zoom accounts sold on hacker forums, the dark web https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/ Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000 https://www.vice.com/en_us/article/qjdqgv/hackers-selling-critical-zoom-zero-day-exploit-for-500000 US offers $5 million reward for information on North Korean hackers https://www.zdnet.com/article/us-offers-5-million-reward-for-information-on-north-korean-hackers/ DPRK Cyber Threat Advisory https://www.us-cert.gov/sites/default/files/2020-04/DPRK_Cyber_Threat_Advisory_04152020_S508C.pdf Have you shared your old senior photo on Facebook? Hackers may be using your post against you https://www.cbsnews.com/news/have-you-shared-your-old-senior-photos-on-facebook-hackers-may-be-using-it-against-you/ Download our free Facebook Privacy & Security Guide! https://sharedsecurity.net/facebook ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Zoom Hacked Accounts, North Korean Hackers, Facebook Senior Pictures appeared first on Shared Security Podcast.

In episode 116 for April 13th 2020: Privacy concerns with COVID-19 contact tracing apps, the FBI’s new warnings about business email compromise scams, and how to prevent unwanted and SPAM phone calls. ** Show notes and links mentioned on the show ** Help speed up contact tracing with TraceTogether https://www.gov.sg/article/help-speed-up-contact-tracing-with-tracetogether COVID-19 contact tracing: Canadian company says authorities not interested in app that could help with virus https://www.msn.com/en-ca/news/canada/covid-19-contact-tracing-canadian-company-says-authorities-not-interested-in-app-that-could-help-with-virus/ar-BB12lAyG?li=AAggXBV FBI warns again of BEC scammers exploiting cloud email services https://www.bleepingcomputer.com/news/security/fbi-warns-again-of-bec-scammers-exploiting-cloud-email-services/ CEO Fraud – What is a BEC scam? https://fraudwatchinternational.com/expert-explanations/what-is-a-bec-scam/ Study: State of Robocalls in the U.S. https://www.roboshield.com/blog/dealing-with-unwanted-calls/ The FCC’s Push to Combat Robocalls & Spoofing https://www.fcc.gov/about-fcc/fcc-initiatives/fccs-push-combat-robocalls-spoofing ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Contact Tracing Apps, Business Email Compromise Scams, SPAM Phone Calls appeared first on Shared Security Podcast.

In episode 115 for April 6th 2020: The latest on yet another Marriott data breach, what you need to know about Zoom-Bombing and other Zoom privacy concerns, and new warnings about US economic stimulus payment scams. ** Show notes and links mentioned on the show ** Marriott discloses another security breach that may impact over 5 million guests https://www.theverge.com/2020/4/1/21203313/marriott-database-security-breach-5-million-guest Marriott International: Incident Notification https://mysupport.marriott.com/ Zoom to iPhone users: We’re no longer sending your data to Facebook https://www.zdnet.com/article/zoom-to-iphone-users-were-no-longer-sending-your-data-to-facebook/ Zoom to iPhone users: We’re no longer sending your data to Facebook https://www.yahoo.com/news/trolls-started-invading-public-zoom-211626623.html Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links https://www.bleepingcomputer.com/news/security/zoom-client-leaks-windows-login-credentials-to-attackers/ Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing https://theintercept.com/2020/03/31/zoom-meeting-encryption/ Zoom: We’re freezing all new features to sort out security and privacy https://www.zdnet.com/article/zoom-were-freezing-all-new-features-to-sort-out-security-and-privacy/ IRS Warns of Surge in Economic Stimulus Payment Scams https://www.bleepingcomputer.com/news/security/irs-warns-of-surge-in-economic-stimulus-payment-scams/ Official IRS Coronavirus Relief Webpage https://www.irs.gov/coronavirus ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Another Marriott Data Breach, Zoom-Bombing, Economic Stimulus Scams appeared first on Shared Security Podcast.

In episode 114 for March 30th 2020: Co-host Tom Eston is joined with frequent guest Kevin Johnson to discuss how to stay more secure when working from home. If you find yourself working from home because of COVID-19 this is one episode you don’t want to miss! ** Show notes and links mentioned on the show ** Social isolation is a risk factor for scam loss https://www.helpnetsecurity.com/2020/03/24/risk-scams/ The State of Cybersecurity Training and Certifications with Kevin Johnson https://sharedsecurity.net/2019/04/25/the-state-of-cybersecurity-training-and-certifications-with-kevin-johnson/ How I Became a Security Consultant: AbsoluteAppsec Interview https://blog.secureideas.com/2020/03/how-i-became-a-security-consultant-absoluteappsec-interview.html Secure Ideas Affordable Cybersecurity Training Offerings https://secureideas.com/training ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Staying Secure When Working From Home appeared first on Shared Security Podcast.

In episode 98 of our monthly show co-host Scott Wright shows us a demo of Click Armor which is a gamified cybersecurity awareness platform, Tom presents the results of our listener survey, and we have a discussion about the privacy concerns with geofence warrants. ** Show notes and links mentioned on the show ** Take the Click Armor 3-minute interactive assessment: Can I be Phished? https://www.clickarmor.ca/canibephished Google tracked his bike ride past a burglarized home. That made him a suspect. https://www.nbcnews.com/news/us-news/google-tracked-his-bike-ride-past-burglarized-home-made-him-n1151761 ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”. Edgewise Networks Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo! ** Help support the show ** Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity ** Subscribe and follow the show ** Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Contact us: https://sharedsecurity.net/contact Website: https://sharedsecurity.net Twitter: https://twitter.com/sharedsec Facebook: https://facebook.com/sharedsec Instagram: https://instagram.com/sharedsecurity YouTube: https://www.youtube.com/c/SharedSecurityPodcast The post Click Armor Demo, Podcast Survey Results, Google Geofence Warrants appeared first on Shared Security Podcast.