Shared Security Podcast

In episode 328, Tom and Kevin discuss two major cybersecurity and privacy news stories. The first topic covers the FCC issuing fines to major US wireless carriers for sharing users’ real-time location data, totaling nearly $200 million. They express surprise and skepticism over the carriers’ actions and deliberate on whether the fines would be impactful […] The post FCC Fines Wireless Carriers $200 million, Google’s Fight Against Malicious Apps appeared first on Shared Security Podcast.

In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing’s decreased prevalence, it remains the second most popular method for gaining initial network access. Discussions include the impact of high-profile vulnerabilities and […] The post Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up? appeared first on Shared Security Podcast.

In this episode Erin Gallagher, cybersecurity awareness lead at Fastly, discusses her journey into the field of security awareness and her unique approach to enhancing cybersecurity within tech companies. Erin shares her unconventional path from a communication major to leading security awareness programs at IBM and a large insurance company, before joining Fastly. She highlights […] The post Navigating Security Awareness in the Tech Industry with Erin Gallagher appeared first on Shared Security Podcast.

In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained commit access and inserted a backdoor. The episode further delves into a cybersecurity incident where hackers stole 340,000 social security numbers from a […] The post Linux Backdoor Infection Scare, Massive Social Security Number Heist appeared first on Shared Security Podcast.

Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist. Co-host Scott Wright joins the discussion, highlighting how millions of AT&T customer account passcodes, along with personal information, were compromised due to a leak discovered by a security researcher and reported by […] The post Massive AT&T Data Leak, The Danger of Thread Hijacking appeared first on Shared Security Podcast.

In episode 323, the hosts discuss two prominent topics. The first segment discusses a significant vulnerability discovered in hotel locks, branded as ‘Unsaflok,’ affecting 3 million doors across 131 countries. The vulnerability allows attackers to create master keys from a regular key, granted access to all doors in a hotel. The co-hosts also discuss the […] The post New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues appeared first on Shared Security Podcast.

In this episode, special guest Alyssa Miller joins the hosts for an insightful and entertaining conversation covering a broad range of topics from social engineering anecdotes involving Kevin Johnson to Alyssa’s journey in aviation and being a pilot. They discuss the challenges within the cybersecurity industry, including the transition to cloud computing and the neglect […] The post Alyssa Miller: Charting the Course Through InfoSec and Aviation appeared first on Shared Security Podcast.

In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. They also talk about the anti-TikTok bill passed by the House, which could force ByteDance to sell TikTok or face a ban in app stores. The episode also covers a significant update […] The post The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update appeared first on Shared Security Podcast.

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part. They explore the possibility of inadequate security measures on these platforms and the implications of Meta potentially profiting from fraudulent ads. The episode also […] The post Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware appeared first on Shared Security Podcast.

In Episode 319, Tom and Kevin discuss the potential data privacy risks associated with having an AI ‘girlfriend’ or ‘boyfriend’ and why one should refrain from sharing their personal data with such AIs. They engage in a humorous conversation about the unusual advertisements these AI companions attract, while expressing concerns over their deceptive and sensitive […] The post Don’t Trust Your AI Girlfriend or Boyfriend, Exposing US Government Data Collection appeared first on Shared Security Podcast.

In episode 318, we discuss the trending ‘get to know me’ posts on social media platforms like Instagram and the potential risks of sharing personal information publicly, particularly in light of potential misuse for password resetting. We recount a similar trend observed years ago when social media was in its infancy. The second topic covers […] The post ‘Get to Know Me’ Privacy Risks, Pros and Cons of Publicly Sharing Ring Doorbell Footage appeared first on Shared Security Podcast.

In episode 317, Tom and Kevin discuss a reported deepfake scam that allegedly led to the theft of 25.6 million from a multinational company and Canada’s attempt to ban the Flipper Zero device, believing it plays a role in auto thefts. They critique the Canadian government’s understanding of the device and its capabilities, questioning whether […] The post 25.6 Million Dollar Deepfake Scam, Exploring Canada’s Flipper Zero Ban appeared first on Shared Security Podcast.

In episode 316, we have the pleasure to chat with Jason Haddix, a prominent influencer in the cybersecurity community. With an intriguing career path, from being a ‘computer kid’, venturing into the nascent dark web, to becoming a respected figure in the Bug Bounty space, his journey is nothing short of inspiration. We dive into […] The post Jason Haddix on Bug Bounties and Cybersecurity Career Growth appeared first on Shared Security Podcast.

In this episode of the Shared Security Podcast, we discuss the concerning issue of victim-blaming in cybersecurity with special guest, Andra Zaharia, host of the Cyber Empathy and We Think We Know podcasts. Key topics include the societal issues within cybersecurity, the role of empathy in business and cybersecurity, leadership’s role in empathy and the […] The post The Problem of Victim Blaming in Cybersecurity: Empathy, Responsibility & Ethical Practices appeared first on Shared Security Podcast.

In this episode, host Tom Eston provides a detailed explanation of the ‘Stolen Device Protection’ for iPhones – a new security feature by Apple. This feature triggers enhanced security factors such as Face ID, Touch ID, and an hour-long security delay for critical actions when the phone is away from familiar locations. Tom also provides […] The post Secure Your iPhone: Exploring Stolen Device Protection appeared first on Shared Security Podcast.

In Episode 313, hosts Tom and Scott discuss the world of scambaiting, discussing what it is, the tactics used, and its effectiveness in stopping scammers. They talk about popular channels like Scammer Payback and Kitboga that show these scams in progress. Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

In episode 312, Tom and Scott discuss the implications of a new law in Ohio that may require parental consent for children under 16 using social media, including the pros and cons of this legislation. They also discuss Meta’s new link history feature and the repercussions it might have on ad targeting on Facebook and […] The post Ohio’s New Social Media Law, Meta’s Link History Feature, 175 Million Passcode Guesses appeared first on Shared Security Podcast.

In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The iPhone exploit, known as Operation Triangulation, has complex chains of events that lead to compromised iPhone security. Meanwhile, the lawsuit against Google claims […] The post Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App appeared first on Shared Security Podcast.

In this episode, host Tom Eston shares the three key lessons he’s learned over his 18-year career in cybersecurity: effective communication, continuous learning, and empathy. He talks about the importance of understanding and reaching both technical and non-technical audiences, the necessity of continuous learning despite your role, and the power of empathy in contributing to […] The post The Three Keys to Success in Cybersecurity appeared first on Shared Security Podcast.

In our last episode of the year, we replay our predictions for 2023 reviewing what we got right and what we didn’t. We cover various topics, such as Twitter’s influence, the future of Mastodon, the ban of TikTok in certain states, and the rising issue of ransomware. In addition, we give credit to Scott for […] The post The Year in Review and 2024 Predictions appeared first on Shared Security Podcast.