Shared Security Podcast

This is the first episode of the Shared Security Weekly Blaze podcast. This episode was hosted by Tom Eston. Every Monday we’ll be releasing a short podcast, in 15 minutes or less, covering the top 3 hot news topics happening in the security and privacy world. The idea is to give you fast and consumable security and privacy “news that you can use”. These weekly podcasts are in addition to our traditional monthly podcast which will continue to cover security and privacy topics in more detail. In this week’s episode we talk about a new form of mobile malware called Dark Caracal, recent news about patching for the Meltdown and Spectre vulnerabilities and the launch of Amazon Go in downtown Seattle. Show Transcript This is your Shared Security Weekly Blaze for January 29th 2018 with your host, Tom Eston In this week’s episode we’re going to talk about a new form of mobile malware called Dark Caracal, recent news about patching for the Meltdown and Spectre vulnerabilities and the launch of Amazon Go in downtown Seattle. Hi everyone, I’m Tom Eston, Co-host of the Shared Security podcast. Welcome to the first episode of the Shared Security Weekly Blaze where we update you on the top three security and privacy topics from the week. These weekly podcasts are published every Monday and are 15 minutes or less quickly giving you “news you can use”. Our number three story for the week is about a new form of mobile malware that has been identified called Dark Caracal. The Electronic Frontier Foundation and security firm Lookout Security jointly announced research last week on what they are calling a new “malware espionage campaign” which has been targeting military personnel, activists, journalists and lawyers all across the world. The Dark Caracal malware campaign appears be traced back to the Lebanese government. The malware affects Android mobile devices primarily but other systems like Windows could be affected as well. The Dark Caracal malware has the capability to install trojanized versions of popular secure messaging apps like Signal and WhatsApp as well as gain access to text messages, photos and data from other apps. This doesn’t mean that legitimate apps you may be using (like Signal) are infected with malware, it means that the malware can trick you into installing a fake version of that app. The Dark Caracal malware uses phishing and social engineering techniques through WhatsApp messages and Facebook Group posts to install the malware on the device.  EFF Director of Cybersecurity Eva Galperin said “This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying, because phones are full of so much data about a person’s day-to-day life.” This is not the first case of a large global mobile malware campaign. The Pegasus mobile malware, which targets Apple iOS, has been used by nation states such as the United Arab Emirates and the Mexican government to target individuals since 2016. It’s important to note that anyone could be a target for mobile malware, you don’t necessarily have to be targeted by a nation state! So what can you do to protect yourself? First and foremost be aware that phishing attacks typically start with emails, texts and social media posts and always try to elicit some type of urgent response or emotion from you to get you to click a link or provide sensitive information like passwords. Our advice? Think before you click! Check out previous episodes of the Shared Security Podcast where we talk about phishing and social engineering if you’re interested in learning more. The number two story of the week is the Meltdown and Spectre vulnerability patching debacle. In fact it’s such a debacle that the creator of the Linux operating system,   Linus Torvalds, has said “All of this is pure garbage, The patches are COMPLETE AND UTTER GARBAGE. …They do things that do not make sense.” If you’re not familiar with the Meltdown and Spectre vulnerabilities here’s the deal: Earlier this month security researchers discovered two critical vulnerabilities in modern computer processors (or CPUs). These vulnerabilities allow an attacker to access data on a computer system that would be very difficult to obtain such as passwords stored in your browser, photos, emails and even documents. The reason this problem is so big is that the vulnerability affects many different types of systems including personal computers, mobile devices as well as systems in the “cloud” and it applies to all these different types of devices manufactured within the last 20 years. The guidance from the processor manufactures like Intel has been to install patches that would be released by the different operating systems like Microsoft and Apple while they figure out how to fix these vulnerabilities in future processors. But not so fast! Some of these patches have already been rolling out and have been causing lots of problems like the infamous “blue screen of death” on some Microsoft Windows systems. So now, Intel has come out to say stop installing patches because they are causing many more problems. Now the different computer vendors, such as Dell, HP and Lenovo are recalling their previously issued patches and have notified customers that their existing patches are defective. It’s literally a total mess out there folks. The best course of action is to hold off on installing patches until the computer vendors can come up with a revised plan. Stay tuned, I’m sure it’s going to continue to be a wild ride! Our final news story of the week is last week’s launch of the very first Amazon Go grocery store in downtown Seattle. Amazon go is Amazon’s “grocery store experiment” which allows you to simply scan your Amazon Go app at the entrance, grab what you want off the shelves, put it in your bag and then walk out. No cashiers, no wait. Your receipt is then emailed to you shortly after leaving the store. Sounds pretty cool, huh? Well what you may not realize is that there are potentially hundreds of cameras watching your every move in the store. Obviously, this goes beyond preventing shoplifting but is actually part of the tech that makes a store like this work. For example, how does Amazon know if I take an item off the shelf and return it back to where it was? What if I hand an item to another person I’m shopping with, do they get charged for it or do I? Well, shopping scenarios like these are all addressed with cutting edge surveillance technology that Amazon isn’t so keen to talk about. All that Amazon has said so far is that this technology is very similar to what’s being used in self-driving cars. Amazon states that its using things like sensor fusion and deep learning…basically AI technology. There’s not a lot of info about how all this technology is being used within a Amazon Go store and how data about you like video footage is being processed or stored.  The other day I did a little research on this and noted that the Amazon Go “Terms of use” only says is that they use “in-store technology” and “cloud computing” to determine the items you select. A quick review of the Amazon Privacy notice, on the other hand, has no details about what Amazon Go technology does with your information. All we can say for now is that it’s in the “cloud” along with everything else Amazon has about you.  Hey, Alexa…where does your data live? That’s what I thought. That’s a wrap for this week. Be sure to follow the Shared Security Podcast on all the regular social media channels like Facebook and Twitter and even on Instagram. You can also subscribe and listen to our podcast on iTunes, Google Play, Stitcher and even on your Amazon Echo device via TuneIn. We also love to hear feedback from our listeners! Let us know how you like this new weekly format by either commenting on our social media feeds or sending us an email at feedback [aT] sharedsecurity.net. Thanks for listening and see you next Monday for another episode of the Shared Security Weekly Blaze. The post The Shared Security Weekly Blaze – Dark Caracal, Meltdown and Spectre Debacle, Amazon Go appeared first on Shared Security Podcast.

This is the 71st episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright with special guest Rebecca Herold recorded December 13, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Interview and discussion about privacy with Rebecca Herold Rebecca has over 25 years of IT, info sec, privacy & security experience; is CEO & Founder (2004) of Rebecca Herold & Associates, LLC, aka The Privacy Professor(R); and President & Co-Founder (2014) of SIMBUS360. Rebecca is also an entrepreneur, author and Adjunct Professor for the Norwich University Master of Science in Information Assurance Program. Rebecca has led the NIST Smart Grid privacy group since June 2009 and has been an officer for the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group since June 2015. Rebecca has received numerous awards and recognitions for her work throughout the course of her career. Rebecca has written 19 books to date, chapters in many books and hundreds of articles. In this podcast we discuss Rebecca’s background in privacy, how she got into her area of expertise as well as her thoughts on the evolution of privacy policies (aka: privacy notices that are found on websites and services that you may use). Thanks again to Rebecca for being a guest on the show! Be sure to connect with Rebecca through her website, Twitter, and LinkedIn. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 71 – Special Guest Rebecca Herold “The Privacy Professor” (@PrivacyProf) appeared first on Shared Security Podcast.

This is the 70th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright with special guest Dr Helen Ofosu recorded November 29, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Interview and discussion about insider threat psychology with Dr Helen Ofosu Dr Ofosu has more than 15 years of experience using industrial and organizational psychology in the business and government sectors. Dr Ofosu brings her vast knowledge, sensitivity, and special brand of humor to her career consultations, business, and government clients, and her presentations and speaking engagements. In this podcast Scott and Tom discuss insider threat psychology with Dr Ofosu, how to address insider threats in the workplace as well as what the most common “psychological factors” are that manifest as insider security threats to organizations. We also discuss some recent news stories about insider threats and what they mean to you and your organization. Thanks again to Dr Ofosu for being a guest on our show! Be sure to connect with Dr Ofosu through her website, Twitter, Facebook and LinkedIn. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 70 – Insider Threat Psychology with Special Guest Dr Helen Ofosu appeared first on Shared Security Podcast.

This is the 69th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded October 25, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Amazon Key opens your home for indoor deliveries A new Amazon Prime service now allows your package couriers access to your home to drop off deliveries.  The system uses a Amazon smart lock and connected camera.  Innovation or invasion of privacy/security nightmare? Tom and Scott debate the pros and cons! Severe WiFi security flaw puts millions of devices at risk (KRACK) A new attack (called KRACK – Key Reinstallation Attack) on the current standard for WiFi security (WPA2) allows an attacker to decrypt Internet traffic from devices being used on a WiFi network with WPA2 encryption enabled. While patches for most modern devices and operating systems will be released (i.e. Apple iOS, Windows 10, etc), many devices such as older Android phones and IoT devices may never get patched. Tom also mentioned a tool which can be used to “downgrade” secure HTTPS connections with this attack called SSL Strip. DUHK (Don’t Use Hard-coded Keys) Vulnerability Another recent attack (with a funny name) was announced on a specific type of cryptography implementation being used by certain VPN’s. Specifically, VPNs which use specific versions of FortiOS are vulnerable. If you or your business uses one of these VPNs make sure you patch ASAP. Just a Pair of These $11 Radio Gadgets Can Steal a Car Stealing cars just got easier with a recently updated attack on certain keyless entry systems that cars use. Researchers have now demonstrated how easy it is to steal a car with just a pair of $11 radio gadgets. Best way to prevent this (until car manufactures can patch/address the vulnerability) is to keep your car key in a “Faraday bag” or metal protective sleeve like they have available for wallets to protect RFID enabled credit cards. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 69 – Amazon Key, KRACK and DUHK Attacks, New Devices to Steal a Car appeared first on Shared Security Podcast.

This is the 68th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright with special guest Chris Hadnagy from the Innocent Lives Foundation and Social-Engineer.org recorded September 27, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Interview with Chris Hadnagy from the Innocent Lives Foundation Chris Hadnagy is a professional social engineer, founder of Social-Engineer.org, book author, host of the Social Engineer Podcast and founder of the Innocent Lives Foundation. Chris talks to us about his new organization and  discusses the topic of social engineering. Please help support Chris’ organization which has a mission to unmask child predators in order to bring them to justice. You can find out more about volunteer opportunities as well as providing financial support at the Innocent Lives Foundation website. Chris also talks with us about the art of Social Engineering and what you can do to educate and protect yourself. Lastly, Chris provides a recap from the recent DEF CON Social Engineering CTF event. As mentioned on the show, be sure to check out this video from the Veracode blog about the winner from this year’s event. Thanks again to Chris for being our guest! The post The Shared Security Podcast Episode 68 – Special Guest Chris Hadnagy, Innocent Lives Foundation, Social Engineering appeared first on Shared Security Podcast.

This is the 67th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded September 6, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Over 711 Million Email Addresses Exposed From SpamBot Server Apparently, one of the largest cache of email addresses and SMTP credentials has been discovered. This list was used to distribute SPAM and banking malware. Tom and Scott recommend that you sign up for breach notifications from Troy Hunt’s “Have I been Pwned” service so you can take action to change any account passwords if necessary. 465k patients told to visit doctor to patch critical pacemaker vulnerability What happens when your wireless pacemaker requires a firmware update to patch a serious vulnerability? You’ll need to head into your doctors office for an update.  That’s what happened to nearly 465,000 patients that have this particular brand of pacemaker. A security researcher discovered AccuWeather app tracked, shared your location — even if you ‘opt out’ Mobile apps that share your location, even when you opt out, are very common.  This app in particular still tracks your location via wifi and doesn’t need your GPS. This is yet another reminder to read the app’s privacy policy, but to also be aware that many apps don’t disclose who they share your location data with. In related news, the popular app “Sarahah” will quietly upload your address book. This is more of a problem with older Android devices since there is no prompt to “allow” sharing of your address book with older Android operating systems. Update gone wrong leaves 500 smart locks inoperable Smartlock manufacturer, LockState, pushed the wrong update to approximately 500 devices which made them inoperable. This is a great lesson in regards to how not to update IoT devices and the customer service nightmare that will happen when things like this go wrong. Just remember, you take a risk when using devices like these! Especially when they are used for physical security. Scott’s Amazing Tip of the Month… (they don’t happen very often) Here’s how to make yourself less annoying to your friends on Facebook by turning off “New Friend Reports”. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 67 – SpamBot Exposed, Mobile App Tracking, Smart Lock Fail appeared first on Shared Security Podcast.

This is the 66th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded July 24, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Tom’s review of the Ring doorbell camera Tom discusses his recently purchased a Ring doorbell camera, some of the features, challenges and tips for use. Disclaimer: This review was not sponsored by Ring…although we’re happy to test other Ring products if Ring would like to get in touch with us. When traffic apps hit diminishing returns Using an app like Waze has huge benefits when navigating traffic situations. However, many things can go wrong especially if the app tells you go a route that everyone else is taking to avoid a traffic situation or when others purposely report an “accident” when there is no accident just to route traffic out of their neighborhoods. What a wonderful time to be alive! Verizon Data of at Least Six Million Users Leaked Online Verizon was recently a victim of a data breach that affected six million customers. What makes this breach different was that it was caused by one of Verizon’s third-party partners accidentally misconfigured an Amazon S3 cloud based data repository, which was set to “public”. A great example of why third-party security is so important to businesses. New iOS update fixes a very dangerous bug If you have an Apple iOS device you should update to iOS 10.3.3 ASAP. You should also update your Android device if you so happen to have a vulnerable one of the listed Android devices as well (see this page for more info). This update fixes a very serious vulnerability in the Broadcom wifi chip on the device. The researchers that discovered this vulnerability discussed (at the BlackHat conference in Las Vegas last week) how they were able to take over a vulnerable device all through a wifi connection. Surprise, Echo Owners, You’re Now Part of Amazon’s Random Social Network Did you know that if you have an Amazon Echo device you can use it to make voice calls and send messages to other Echo owners? Sounds great, except that by default Amazon needs access to your entire contact list to see who else is an Amazon Echo owner which allows everyone to be able to call each other. This is fine except, how many of your contacts to you “really” know? Many times we put temporary contacts or have people in our contact list that we really don’t want to talk to again (old bosses?). Unfortunately, Amazon doesn’t allow you to choose who you want to connect with…it’s all or nothing. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 66 – Ring Doorbell Camera Review, Traffic Apps, Amazon Echo appeared first on Shared Security Podcast.

This is the 65th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded July 6, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Smart TV hack embeds attack code into broadcast signal—no access required A new vulnerability has been discovered in the way Smart TV’s use “Digital Video Broadcasting — Terrestrial” (or DVB-T) to receive TV signals. There is low risk on this one as the attack requires a specialized transmitter but it’s interesting to see more research on other ways that new TV technology could be exploited. Before You Hit ‘Submit,’ This Company Has Already Logged Your Personal Data Many sites are now taking advantage of a new technology that will send information that you’re filling out in a web form to a third-party even before you hit the “submit” button. To make matters worse, many of these sites are not informing users through their privacy policy that this activity is taking place. Yet another reason “auto-complete” in your web browser might not be the best feature to keep enabled from a privacy perspective. Facebook is testing a feature that stops profile photo theft Profile photo theft is a real problem on Facebook and is being used for countless scams. It’s good to see Facebook trying to find new ways to prevent others from stealing your profile pictures. However, there are many ways around these controls and this will remain a very hard problem to solve. What’s worse than getting phished? Getting phished *and* sending a selfie of your Photo ID and credit card It’s hard to believe but this real phishing attack seems to be working. Bottom line: never, ever respond to a request for you to take a selfie with your credit card and/or drivers license to prove your identity. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 65 – Smart TV Hacks, New Privacy Concerns, Phishing for Selfies appeared first on Shared Security Podcast.

This is the 64th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston, Scott Wright recorded June 7, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: More Android phones than ever are covertly listening for inaudible sounds in ads Marketers can now use apps to listen for “beacons” that indicate when a person is watching a specific TV commercial or other type of audio. If you have an Android phone there are many apps that are using these functions and violating privacy policies set by Google. Attackers can use video subtitles to hijack your devices Even the movies you watch on your computer or mobile device can be a target for malware distribution. A serious vulnerability was found in several popular media players (VLC, Kodi (XBMC), Popcorn-Time and strem.io) which allowed a malicious subtitle file to be downloaded to the victim’s device. The vulnerability would allow an attacker to take complete control of the device.  Patch your media players! Printer Tracking Dots Back in the News Several years ago there was a lot of news about “printer tracking dots” and how your printer could be used to track who printed a specific document and where.  Recently, this topic has come back in the news with the arrest of Reality Leigh Winner (yes, that’s her real name) who is accused of leaking a document from when she worked as a contractor for the NSA. Guess how she was found? Printer tracking dots! Multiple Home Security Vulnerabilities The security of your home is very important so it’s good to talk about some recent vulnerabilities that were disclosed (now fixed) from several major home security systems including Comcast XFINITY, ADT, and AT&T Digital Life. While the severity of these issues were low, it’s always good to keep an eye issues like these. Side note: Tom now has a Ring Doorbell Camera…he may have done some “testing”…stay tuned for the next episode to learn more. Summary of the ‘WannaCry’ ransomware attack  I’m sure by now you’ve heard about the massive ransomware attack from a few weeks back (thanks to the NSA’s recently released tools).  Scott and Tom provide a short and brief summary to explain what happened and what you should do.  It’s been in the news so much lately…we just wanna cry about it! Lastly, co-host Tom Eston was featured in a blog on Becoming the best Infosec Leader, Even Under Difficult Circumstances. Check it out! Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening!   The post The Shared Security Podcast Episode 64 – Ultrasonic Ads, Home Security Vulnerabilities, Printer Tracking Dots appeared first on Shared Security Podcast.

This is the 63rd episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston, Scott Wright and special guest Jayson E. Street recorded April 12, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast: Interview with Special Guest Jayson E. Street In this episode we were joined by “notorious” hacker Jayson E. Street who is the InfoSec Ranger at Pwnie Express, Senior Partner at Krypton Security, CEO of Stratagem 1 Solutions and author of several books. Here is a short snippet of his bio: “Jayson battled a dragon during the Fire Run in Barcelona Spain. He ‘accidentally’ broke into a shark tank in the Dominican Republic and climbed the pyramid of Giza (until the guards carrying AK-47s expressed their displeasure). He consulted with the Secret Service in 2007 on the WIFI security of the White House, and has had tea with a Lebanese General in Beirut. Jayson never finished High School but does have his GED. His first book is used as course material at four colleges in three countries (that he knows of), and he has spoken at numerous universities in the US and gave an eight-hour lecture at the Beijing Institute of Technology in 2014. Outside of standardized education, Jayson has spoken seven times at DEF CON, at the first five DerbyCons and at many other Cons (Hack in Paris, Nuit Du Hack, IT-Defense, SYSCAN360, PH-Neutral, etc…) around the world. Jayson is only one degree away from Kevin Bacon after awkward hugging Oliver Stone and Jimmy Fallon. He started in security and law enforcement over 30 years ago and has always striven to make things more secure. Jayson has been in the Information Security industry for over 17 years, and once broke into a high scale hotel in the South of France – barefoot – wearing Teenage Mutant Ninja Turtles pajamas. He was also noted as the best janitor of all McDonald’s in the South East Texas region for 2 consecutive years.” Jayson provides us his perspective on the current state of privacy and security in the world, his thoughts on VPNs and hearing stories about his most interesting adventures including breaking into banks and other organizations (with permission of course). We also find out how he became Time Magazine’s “Person of the Year” in 2006 (true story!). Jayson is probably the most interesting hacker and security professional you will ever meet! Jayson is going to be on the National Geographic series “Breakthrough” called “Cyber Terror” which airs Tuesday, May 9th at 10pm Eastern on the National Geographic Channel.  You can see a preview of Jayson and this really cool series at the National Geographic website. Misconceptions about VPNs There is lots of talk about using VPNs given the recent news that ISPs in the US can now sell your data. However, there are many misconceptions going around about VPNs and how they should be used from a privacy perspective.  Jayson, Tom and Scott share our thoughts on this topic and what VPNs should be used for. Someone hacked every tornado siren in Dallas While it may not have been “hacking” (more so “phreaking”) it goes to show you what can happen when critical infrastructure has been compromised or simply malfunctions. Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening! The post The Shared Security Podcast Episode 63 – Special Guest Jayson E. Street, Misconceptions About VPNs appeared first on Shared Security Podcast.