Shared Security Podcast

In episode 339, hosts Tom Eston and Scott Wright discuss the massive AT&T data breach affecting 110 million customers, which is larger than a previous breach from March affecting 73 million customers. They also talk about the importance of reading privacy policies on sites like Facebook and Instagram, as these platforms may use user data […] The post Massive AT&T Data Breach Impact, Meta’s Privacy Policy Updates appeared first on Shared Security Podcast.

In episode 338, we discuss the recent breach of the two-factor authentication provider Authy and its implications for users. We also explore a massive password list leak titled ‘Rock You 2024’ that has surfaced online. Find out why this file may not be as significant as it seems and the importance of avoiding password reuse. […] The post Authy Breach: What It Means for You, RockYou 2024 Password Leak appeared first on Shared Security Podcast.

In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police Department’s new guidelines on facial recognition technology following a lawsuit over a wrongful arrest due to misidentification, shedding light on the broader issues […] The post Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices appeared first on Shared Security Podcast.

In episode 336 of the Shared Security Podcast, we discuss the Biden administration’s recent ban on Kaspersky antivirus software in the U.S. due to security concerns linked to its Russian origins. We also highlight the importance of keeping all software updated, using recent examples of supply chain attacks that have compromised several popular WordPress plugins. […] The post The U.S. Bans Kaspersky Antivirus, WordPress Plugin Supply Chain Attacks appeared first on Shared Security Podcast.

In this special episode of the Shared Security Podcast, host Tom Eston interviews Vivek Ramachandran, the founder of SquareX. Vivek shares his journey in WiFi security, recounting his introduction of the Cafe Latte man-in-the-middle attack and founding of Pentest Academy. He discusses his latest venture, SquareX, a company focused on browser security to protect employees […] The post Exploring Cutting-Edge Browser Security with Vivek Ramachandran – Founder of SquareX appeared first on Shared Security Podcast.

In this episode of the Shared Security Podcast, the team debates the Surgeon General’s recent call for social media warning labels and explores the pros and cons. Scott discusses whether passwords should be stored in web browsers, potentially sparking strong opinions. The hosts also provide an update on Microsoft’s delayed release of CoPilot Plus PCs […] The post Social Media Warning Labels, Should You Store Passwords in Your Web Browser? appeared first on Shared Security Podcast.

In episode 334, hosts Tom Eston, Scott Wright, and Kevin Johnson discuss two major topics. First, they explore the ongoing legal battle between Citizen Lab and the Israeli spyware company NSO Group. The courts have consistently blocked NSO’s attempts to access Citizen Lab’s documents to protect victim privacy. Second, they discuss Apple’s new AI features […] The post Citizen Lab vs. NSO Group, Apple AI and Privacy appeared first on Shared Security Podcast.

In episode 333 of the Shared Security Podcast, Tom and Scott discuss a recent massive data breach at Ticketmaster involving the data of 560 million customers, the blame game between Ticketmaster and third-party provider Snowflake, and the implications for both companies. Additionally, they discuss Live Nation’s ongoing monopoly investigation. In the ‘Aware Much’ segment, the […] The post Ticketmaster Data Breach and Rising Work from Home Scams appeared first on Shared Security Podcast.

In this episode host Tom Eston welcomes Jen VanAntwerp, founder of Sober in Cyber. Jen shares her journey in cybersecurity and marketing, and discusses the motivation behind creating alcohol-free networking events. Sober in Cyber provides much-needed alternatives to typical alcohol-centered industry events, fostering inclusive environments for both sober professionals and those simply seeking a different […] The post Sober in Cyber: Creating Alcohol-Free Networking in Cybersecurity with Jen VanAntwerp appeared first on Shared Security Podcast.

Episode 331 of the Shared Security Podcast discusses privacy and security concerns related to two major technological developments: the introduction of Windows PC’s new feature ‘Recall,’ part of Microsoft’s Copilot+, which captures desktop screenshots for AI-powered search tools, and Slack’s policy of using user data to train machine learning features with users opted in by […] The post Microsoft’s Copilot+ Recall Feature, Slack’s AI Training Controversy appeared first on Shared Security Podcast.

In episode 330 Tom, Scott, and Kevin discuss the new features for iPhones and Android phones designed to warn users about secret trackers, possibly aiding in identifying stalkers. The hosts discuss Apple and Google’s collaboration on a technology called DOLT (Detecting Unwanted Location Trackers), aiming to improve user privacy by detecting Bluetooth trackers like Tiles […] The post New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report appeared first on Shared Security Podcast.

In this first-ever in-person recording of Shared Security, Tom and Kevin, along with special guest Matt Johansen from Reddit, discuss their experience at the RSA conference in San Francisco, including their walk-through of ‘enhanced security’ and the humorous misunderstanding that ensued. The conversation moves to the ubiquity of AI and machine learning buzzwords at the […] The post Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools appeared first on Shared Security Podcast.

In episode 328, Tom and Kevin discuss two major cybersecurity and privacy news stories. The first topic covers the FCC issuing fines to major US wireless carriers for sharing users’ real-time location data, totaling nearly $200 million. They express surprise and skepticism over the carriers’ actions and deliberate on whether the fines would be impactful […] The post FCC Fines Wireless Carriers $200 million, Google’s Fight Against Malicious Apps appeared first on Shared Security Podcast.

In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing’s decreased prevalence, it remains the second most popular method for gaining initial network access. Discussions include the impact of high-profile vulnerabilities and […] The post Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up? appeared first on Shared Security Podcast.

In this episode Erin Gallagher, cybersecurity awareness lead at Fastly, discusses her journey into the field of security awareness and her unique approach to enhancing cybersecurity within tech companies. Erin shares her unconventional path from a communication major to leading security awareness programs at IBM and a large insurance company, before joining Fastly. She highlights […] The post Navigating Security Awareness in the Tech Industry with Erin Gallagher appeared first on Shared Security Podcast.

In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained commit access and inserted a backdoor. The episode further delves into a cybersecurity incident where hackers stole 340,000 social security numbers from a […] The post Linux Backdoor Infection Scare, Massive Social Security Number Heist appeared first on Shared Security Podcast.

Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist. Co-host Scott Wright joins the discussion, highlighting how millions of AT&T customer account passcodes, along with personal information, were compromised due to a leak discovered by a security researcher and reported by […] The post Massive AT&T Data Leak, The Danger of Thread Hijacking appeared first on Shared Security Podcast.

In episode 323, the hosts discuss two prominent topics. The first segment discusses a significant vulnerability discovered in hotel locks, branded as ‘Unsaflok,’ affecting 3 million doors across 131 countries. The vulnerability allows attackers to create master keys from a regular key, granted access to all doors in a hotel. The co-hosts also discuss the […] The post New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues appeared first on Shared Security Podcast.

In this episode, special guest Alyssa Miller joins the hosts for an insightful and entertaining conversation covering a broad range of topics from social engineering anecdotes involving Kevin Johnson to Alyssa’s journey in aviation and being a pilot. They discuss the challenges within the cybersecurity industry, including the transition to cloud computing and the neglect […] The post Alyssa Miller: Charting the Course Through InfoSec and Aviation appeared first on Shared Security Podcast.

In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. They also talk about the anti-TikTok bill passed by the House, which could force ByteDance to sell TikTok or face a ban in app stores. The episode also covers a significant update […] The post The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update appeared first on Shared Security Podcast.