Shared Security Podcast

This is the 32nd episode of the Social Media Security Podcast sponsored by SecureState.  This episode was hosted by Tom Eston and Scott Wright recorded April 25, 2013.  Below are the show notes, links to articles and news mentioned in the podcast: A Little Privacy, Please! Your Rights and Social Media Policies.  Tom and Scott discuss why you should be reading the privacy polices of the social networks you use. AP Twitter account hacked; report of White House bombs false Beware Twitter “password check” sites – there are fakes, and there are fake fakes! Is your Twitter password secure? What is “Facebook Home” and what are the potential privacy ramifications of using it on your Android device? Are you over-sharing? A discussion of the privacy paradox we all face Check out SecureState’s latest whitepaper on the new concerns with privacy! Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes, follow us on Twitter and like us on Facebook.  Thanks for listening! The post Social Media Security Podcast 32 – The Privacy Paradox, Twitter Hacks, Facebook Home appeared first on Shared Security Podcast.

This is the 31st episode of the Social Media Security Podcast sponsored by SecureState.  This episode was hosted by Tom Eston and Scott Wright recorded January 18th, 2013.  Below are the show notes, links to articles and news mentioned in the podcast: Facebook privacy controls have been updated.  Check out this article on all the changes. You can no longer have your profile hidden. All Facebook users are publicly searchable. Facebook Graph Search has been released.  Tom and Scott talk about what you need to know. What’s up with all these fake Internet girlfriends?? (Manti Teo) Tom and Scott talk about the current state of Social Media and your business.  Download SecureState’s free Social Media Guidelines for businesses.  This is a great Social Media Policy template for your business. Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes, follow us on Twitter and like us on Facebook.  Thanks for listening! The post Social Media Security Podcast 31 – New Facebook Graph Search, Fake Internet Girlfriends, Social Media and Your Business appeared first on Shared Security Podcast.

This is the 30th episode of the Social Media Security Podcast sponsored by SecureState.  This episode was hosted by Tom Eston and Scott Wright.  In this episode we talk about the password problem and why we continue to choose easy to guess passwords.  Tom and Scott also talk about ways to select more secure passwords and how technology can help.  Below are the show notes, links to articles and news mentioned in the podcast: The password Episode!  It’s episode 30! Study shows hackers more focused on passwords than those who create them Major password breaches in the last few months: Formspring (420,000) LinkedIn (6 million) eHarmony (1.5 million) Last.fm (2.5 million) Blizzard Battle.net Brute force attacks on passwords is the #1 way we break into companies during pentests! Want to see the poor passwords people choose? SkullSecurity has very good lists from previous breaches.  Looking for more information? Tom wrote a white paper on how easy it is to profile user passwords on social networks. The password problem.  Users continue to make poor password choices. Why?  Too many to remember? It’s easier to use the same password for each site Also the same user id and email Failures in user awareness? Users are not provided the technology to help Social networks and other sites make it easy to choose weak passwords, little adoption of two factor authentication because users will complain Mobile apps are not designed to constantly enter passwords.  This is why you “stay logged in”. Worse case scenario? Mat Honan’s “Epic” Hacking What is the solution? It’s tough but we need to stop blaming the companies that hold our data…take personal responsibility and educate yourself! It’s also complex to figure out a solution. Technology can help: KeePass, 1Password, LastPass, Google Two-Step Verification (application specific passwords), Facebook Two Factor Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 30 – The Password Episode appeared first on Shared Security Podcast.

This is the 29th episode of the Social Media Security Podcast.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: MySpace charged for violating user privacy, vows to do better How a fake Justin Bieber “sextorted” hundreds of girls through Facebook FBPwn: A cross-platform Facebook social engineering tool Tom and Scott’s take on the Facebook IPO LinkedIn CSRF (Cross-site Request Forgery) controls attacked Scott gives us an update on his mobile honeystick project We are still planning on getting back to regular podcasts! Stay tuned.  Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 29 – Fake Bieber, Facebook Social Engineering Tool, MySpace Who? appeared first on Shared Security Podcast.

This is the 28th episode of the Social Media Security Podcast recorded back a few months ago.  Content is still relevant! This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: Facebook starts rolling out Timeline to everyone (what you need to know about the timeline privacy) Twitter Acquires Web Security Firm Dasient Trojan steals e-cash vouchers from Facebook users Facebook ducks U.S. privacy question LinkedIn Friend Finder…what you need to know! Don’t worry! We are still planning on getting back to regular podcasts.  Stay tuned.  Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening!   The post Social Media Security Podcast 28 – Facebook Timeline, US Privacy Questions, Twitter Acquisitions appeared first on Shared Security Podcast.

This is the 27th episode of the Social Media Security Podcast recorded November 11, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: Locked Out Of Facebook? Your Friends Will Soon Be Able To Help You Get Back In Anti-Facebook Social Network “Unthink” Launches To Public Most social networks users don’t keep up with privacy settings changes Facebook video games are stupid, anyway Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 27 – Facebook Friend Unlock, The Anti-Facebook, Facebook Games appeared first on Shared Security Podcast.

This is the 26th episode of the Social Media Security Podcast recorded September 8, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast: Google + Security and Privacy New Facebook Privacy Controls, what’s changed? New Tool: FBPwn– A cross-platform Java based Facebook profile dumper Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 26 – Google +, New Facebook Privacy Controls, FBPwn Tool appeared first on Shared Security Podcast.

This is the 25th episode of the Social Media Security Podcast recorded July 1, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast:   LinkedIn SSL Leaves Accounts Vulnerable to Hijacking Facebook adds two-factor authentication, other new security features Facebook facial recognition. How it looks, fact and myth, and how we would fix the problems. Firesheep for Android Phones (FaceNiff) LinkedIn, Foursquare and Netflix on Android Store Your Passwords in Unencryped Text Files Social Media Background Checks Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 25 – Facebook Security Updates, FaceNiff, Social Media Background Checks appeared first on Shared Security Podcast.

This is the 24th episode of the Social Media Security Podcast recorded April 6, 2011.  This episode was hosted by Tom Eston and Scott Wright with special guest James Ruffer. Below are the show notes, links to articles and news mentioned in the podcast: Why Should the CSO Care About an Employee’s Personal Social Media Account? Virally spreading scam spreads over Twitter (ProfileSpy) Spammers Using Facebook Events to Trick Users ‘Cree.py’ Social Engineering Tool Pinpoints A Person’s Physical Location US Military plan would create many fake Social Media Identities for use in fighting terrorism What the app privacy investigation means to you Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 24 – Personal Social Media Accounts, Cree.py, ProfileSpy, App Privacy appeared first on Shared Security Podcast.

This is the 23rd episode of the Social Media Security Podcast recorded February 25th, 2011.  This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: New changes to Facebook and security implications Facebook now supports full SSL browsing (optional), social authentication improvements Facebook rolls out new messaging system Facebook now allows iframes within tab applications.  Possible security issue with applications! API bug responsible for Zuckerberg page hack Facebook ‘tag spam’ targets indiscriminate friend collectors Dispelling the Myths of Facebook Privacy and Security Government Calls for Privacy Protections for Device Location Scott’s little initiative to identify and discuss “internal” or “private” social networking tools for enterprises Question from a listener: What’s the business model around people search engines like Spokeo.com?  How about digital insurance? Check out Scott’s new Canadian security podcast: Security, Eh? Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening! The post Social Media Security Podcast 23 – Recent Changes to Facebook, Enterprise Social Media Tools, Spokeo appeared first on Shared Security Podcast.