Naked Security Podcast-logo

Naked Security Podcast

Technology Podcasts

We take an expert look at the latest cybersecurity incidents, how they happened, and why. Tune in weekly to learn what you can do to stop bad things from happening to you!

We take an expert look at the latest cybersecurity incidents, how they happened, and why. Tune in weekly to learn what you can do to stop bad things from happening to you!

Location:

Canada

Description:

We take an expert look at the latest cybersecurity incidents, how they happened, and why. Tune in weekly to learn what you can do to stop bad things from happening to you!

Language:

English


Episodes

S3 Ep67: Tax scams, carder busts and crypto capers

1/27/2022
Watch out for tax scams. Crooks with the motto "In Fraud We Trust". How not to write a data breach notification. Where to find the "10" key on your telephone. https://nakedsecurity.sophos.com/tax-scam-emails-are-alive-and-well-as-us-tax-season-starts https://nakedsecurity.sophos.com/alleged-carder-gang-mastermind-and-three-acolytes-under-arrest-in-russia https://nakedsecurity.sophos.com/cryptocoin-broker-crypto-com-says-2fa-bypass-led-to-35m-theft With Paul Ducklin and Doug Aamoth. Original...

Duration:00:27:00

S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis

1/20/2022
Russia busts Revil. Romance scammer sent to prison. Wormable Windows hole patched. Memories of the HAPPY99 virus. Linux disk encryption trouble. Apple browsers leak personal data. And how (not) to paint a computer. https://nakedsecurity.sophos.com/revil-ransomware-crew-allegedly-busted https://nakedsecurity.sophos.com/romance-scammer-who-targeted-670-women https://nakedsecurity.sophos.com/wormable-windows-http-hole...

Duration:00:28:29

S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle

1/13/2022
A JavaScript coder sabotages his own projects. Routers with critical holes. Honda cars party like it's 2002. The FTC warns everyone to patch. And a Log4Shell-like bug in another Java library. https://nakedsecurity.sophos.com/javascript-developer-destroys-own-projects https://nakedsecurity.sophos.com/home-routers-with-netusb-support https://nakedsecurity.sophos.com/honda-cars-in-flashback-to-2002 https://nakedsecurity.sophos.com/ftc-threatens-legal-action...

Duration:00:30:44

S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug

1/5/2022
Log4Shell - the gift that keeps on taking. Scammers threatening your social media accounts. Apple Home has a pecuu[...]uuliar bug. And why 2FA is easier than you think. https://nakedsecurity.sophos.com/sfw-the-top-n-cybersecurity-stories https://nakedsecurity.sophos.com/log4shell-vulnerability-number-four https://nakedsecurity.sophos.com/log4shell-the-movie https://nakedsecurity.sophos.com/instagram-copyright-infringment-scams https://nakedsecurity.sophos.com/apple-home-software-bug With...

Duration:00:13:35

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs

12/16/2021
Understanding Log4Shell. Fixing Log4Shell. What criminals are up to with Log4Shell. Apple's latest security fixes. And what (not to) do when your mouse gets stuck. https://nakedsecurity.sophos.com/log4shell-explained https://nakedsecurity.sophos.com/log4shell-java-vulnerability https://news.sophos.com/log4shell-hell-anatomy-of-an-exploit https://nakedsecurity.sophos.com/apple-security-updates-are-out With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge...

Duration:00:24:01

S3 Ep62: The S in IoT stands for security (and much more)

12/9/2021
Mozilla's "BigSig" buffer overflow hole. UK to put IoT vendors on notice. The Mother of All Demos. Cryptocurrency company catastrophe. Firefox gets an extra sandbox. And an access point from outer space (OK, from home). https://nakedsecurity.sophos.com/mozilla-patches-exploitable-bigsig https://nakedsecurity.sophos.com/iot-devices-must-protect-consumers https://nakedsecurity.sophos.com/cryptocurrency-startup-fails-to-subtract https://nakedsecurity.sophos.com/firefox-update-brings-a-whole-new...

Duration:00:23:23

S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness

12/2/2021
Call scammers and cryptocoin treachery. Cloud insecurity and yet more cryptocoin treachery. Facial recognition creepiness. And the wannabe wizard that went to school with a trainee Sith. https://nakedsecurity.sophos.com/us-government-securities-watchdog-spoofed https://nakedsecurity.sophos.com/cloud-security-dont-wait-until-your-next-bill https://nakedsecurity.sophos.com/controversial-face-matchers-clearview-set-to-be-fined With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge...

Duration:00:24:39

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public

11/24/2021
Cybersecurity tips for the holiday season and beyond. Exchange at risk from public exploit. GoDaddy loses passwords for 1.2m users. Longest-lived Windows version ever. Don't make your cookies public. And the day that umbrellas became an anti-DDoS tool. https://nakedsecurity.sophos.com/black-friday-and-cyber-monday-heres-what https://nakedsecurity.sophos.com/check-your-patches-public-exploit-now-out https://nakedsecurity.sophos.com/godaddy-admits-to-password-breach-check...

Duration:00:30:20

S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase

11/18/2021
The infamous Emotet malware makes a comeback. Crooks smirk at the world with a fake FBI warning. Why tubes are also valves. Samba fixes an intriguing bug. The suitcase that needs no handle. And a virtual-versus-real monitor mixup. https://nakedsecurity.sophos.com/emotet-malware-the-report-of-my-death https://nakedsecurity.sophos.com/dhs-warning-about-hackers-in-your-network https://nakedsecurity.sophos.com/samba-update-patches-plaintext-passwork-plundering...

Duration:00:33:37

S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust

11/11/2021
We enjoy the Sophos 2022 Threat Report. The world's {oldest, coolest} continously maintained browser. Facebook folds up its Face Recognition feature. Crooks combine a new social engineering scam with a new way of packaging malware. Kaseya ransomware suspect busted. And how to block radio communications in a land with no hills. https://nakedsecurity.sophos.com/2022-threat-report https://nakedsecurity.sophos.com/customer-complaint-email-scam...

Duration:00:27:20

S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars

11/4/2021
Norbert (huzzah for Norbert!) does tech support. Europol digs into the ransomware scene. Microsoft finds a wacky bug in Apple's shell. The Morris worm turns 33. Edge on Linux phans the phlames. Ola! Gibberish peculiarity textual solvage. https://nakedsecurity.sophos.com/europol-announce-targeting-of-12-suspects https://nakedsecurity.sophos.com/microsoft-documents-shrootless-hack https://nakedsecurity.sophos.com/memories-of-the-internet-worm...

Duration:00:21:51

S3 Ep56: Cryptotrading rodent, ransomware hackback, and a Docusign phish

10/28/2021
Bliss is a hill in wine country. Lessons from a cryptotrading hamster. Ransomware gang hacked back. Docusign phishers go after 2FA codes. Sleep mode considered harmful. https://nakedsecurity.sophos.com/revil-ransomware-gang-allegedly-forced-offline https://nakedsecurity.sophos.com/banking-scam-uses-docusign-phish https://nakedsecurity.sophos.com/to-the-moon-cryptocurrency-hamster-mr-goxx With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got...

Duration:00:34:21

S3 Ep55.8: Purple teaming - learning to think like your adversaries

10/25/2021
Special minisode! Michelle Farenci knows her stuff, because she's a cybersecurity practitioner inside a cybersecurity company. Learn why thinking like an attacker makes you a better defender. Full transcript: https://nakedsecurity.sophos.com/listen-up-4-cybersecurity-first-purple-teaming

Duration:00:25:21

S3 Ep55.6: Cyberinsurance - help or hindrance?

10/25/2021
Special minisode! Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance. Full transcript: https://nakedsecurity.sophos.com/becybersmart-2021-cyberinsurance

Duration:00:26:32

S3 Ep55.4: Supply chain attacks and how to avoid them

10/25/2021
Special minisode! Chester Wisniewski, Principal Research Scientist at Sophos, gives you useful and actionable advice to reduce the risk of supply chain attacks. Full transcript: https://nakedsecurity.sophos.com/becybersmart-2021-supply-chain-attacks

Duration:00:26:42

S3 Ep55.2: Malware - the never-ending story

10/25/2021
Special Minisode! Fraser Howard, Director of Threat Research at Sophos, talks about malware and how to fight it. Fraser's breadth and depth of knowledge in the threat-fighting field is second to none. Full transcript: https://nakedsecurity.sophos.com/becybersmart-2021-week4

Duration:00:28:06

S3 Ep55: Live malware, global encryption, dating scams, and secret emanations

10/21/2021
Hook up with our forthcoming Live Malware Demo presentation. Why we think you should celebrate Global Encryption Day. A whole new twist on bogus online "friendships". How to stop your network cables giving you away. And why superglue is NOT a cybersecurity tool! Register for the Live Malware Demo: https://jaarbeurs.swoogo.com/tbx2021/registersocially?ref=Sophos Further reading: https://nakedsecurity.sophos.com/becybersmart-2021-week3...

Duration:00:37:35

S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish

10/14/2021
Apple (you guessed it!) fixes yet another iPhone 0-day. Apache patches an embarrassing bug and then has to patch the patch. It's Fight The Phish week. And the user who got punched right in the nose by a recalcitrant computer. https://nakedsecurity.sophos.com/apple-quietly-patches-yet-another-iphone-0-day https://nakedsecurity.sophos.com/apache-patch-proves-patchy https://nakedsecurity.sophos.com/becybersmart-2021-week2 With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge...

Duration:00:32:11

S3 Ep53: Apple Pay, giftcards, cybermonth, and ransomware busts

10/7/2021
Apple Pay gets hacked (sort of). DOJ busts four gift card scamming suspects. We give you our top tips for #Cybermonth. Ukrainian Cyberpolice take on ransomware crooks. And, believe it or not, the user that volunteered to RTFM!? https://nakedsecurity.sophos.com/how-to-steal-money-via-apple-pay https://nakedsecurity.sophos.com/gift-card-fraud-four-suspects-hit https://nakedsecurity.sophos.com/gift-card-hack-exposed https://nakedsecurity.sophos.com/becybersmart-2021-week1...

Duration:00:34:49

S3 Ep52: Let's Encrypt, Outlook leak, and VMware exploit

9/29/2021
Let's Encrypt brings HTTPS to everyone. Researchers rediscover an Outlook data leakage issue. VMware keeps it real. And when the mouse is away, the cat will play. https://nakedsecurity.sophos.com/serious-security-lets-encrypt-gets-ready-to-go-it-alone https://nakedsecurity.sophos.com/how-outlook-autodiscover-could-leak-your-passwords https://nakedsecurity.sophos.com/vmware-patch-bulletin-warns-this-needs-your-immediate-attention With Paul Ducklin and Doug Aamoth. Original music by Edith...

Duration:00:32:42