Shared Security
About
Available on
Community
447 episodes
In episode 323, the hosts discuss two prominent topics. The first segment discusses a significant vulnerability discovered in hotel locks, branded as ‘Unsaflok,’ affecting 3 million doors across 131 countries. The vulnerability allows attackers to create master keys from a regular key, granted access to all doors in a hotel. The co-hosts also discuss the […] The post New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues https://sharedsecurity.net/2024/04/01/new-hotel-lock-vulnerabilities-glassdoor-anonymity-issues/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, special guest Alyssa Miller joins the hosts for an insightful and entertaining conversation covering a broad range of topics from social engineering anecdotes involving Kevin Johnson to Alyssa’s journey in aviation and being a pilot. They discuss the challenges within the cybersecurity industry, including the transition to cloud computing and the neglect […] The post Alyssa Miller: Charting the Course Through InfoSec and Aviation https://sharedsecurity.net/2024/03/25/alyssa-miller-charting-the-course-through-infosec-and-aviation/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. They also talk about the anti-TikTok bill passed by the House, which could force ByteDance to sell TikTok or face a ban in app stores. The episode also covers a significant update […] The post The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update https://sharedsecurity.net/2024/03/18/the-tiktok-ban-bill-your-car-is-spying-on-you-signals-username-update/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part. They explore the possibility of inadequate security measures on these platforms and the implications of Meta potentially profiting from fraudulent ads. The episode also […] The post Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware https://sharedsecurity.net/2024/03/11/whos-to-blame-for-hacked-social-media-accounts-spoofed-online-meeting-requests-and-malware/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In Episode 319, Tom and Kevin discuss the potential data privacy risks associated with having an AI ‘girlfriend’ or ‘boyfriend’ and why one should refrain from sharing their personal data with such AIs. They engage in a humorous conversation about the unusual advertisements these AI companions attract, while expressing concerns over their deceptive and sensitive […] The post Don’t Trust Your AI Girlfriend or Boyfriend, Exposing US Government Data Collection https://sharedsecurity.net/2024/03/04/dont-trust-your-ai-girlfriend-or-boyfriend-exposing-us-government-data-collection/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 318, we discuss the trending ‘get to know me’ posts on social media platforms like Instagram and the potential risks of sharing personal information publicly, particularly in light of potential misuse for password resetting. We recount a similar trend observed years ago when social media was in its infancy. The second topic covers […] The post ‘Get to Know Me’ Privacy Risks, Pros and Cons of Publicly Sharing Ring Doorbell Footage https://sharedsecurity.net/2024/02/26/get-to-know-me-privacy-risks-pros-and-cons-of-publicly-sharing-ring-doorbell-footage/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 317, the Tom and Kevin discuss a reported deepfake scam that allegedly led to the theft of 25.6 million from a multinational company and Canada’s attempt to ban the Flipper Zero device, believing it plays a role in auto thefts. They critique the Canadian government’s understanding of the device and its capabilities, questioning […] The post 25.6 Million Dollar Deepfake Scam, Exploring Canada’s Flipper Zero Ban https://sharedsecurity.net/2024/02/19/new-deepfake-scam-exploring-canadas-flipper-zero-ban/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 316, we have the pleasure to chat with Jason Haddix, a prominent influencer in the cybersecurity community. With an intriguing career path, from being a ‘computer kid’, venturing into the nascent dark web, to becoming a respected figure in the Bug Bounty space, his journey is nothing short of inspiration. We dive into […] The post Jason Haddix on Bug Bounties and Cybersecurity Career Growth https://sharedsecurity.net/2024/02/12/jason-haddix-on-bug-bounties-and-cybersecurity-career-growth/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode of the Shared Security Podcast, we discuss the concerning issue of victim-blaming in cybersecurity with special guest, Andra Zaharia, host of the Cyber Empathy and We Think We Know podcasts. Key topics include the societal issues within cybersecurity, the role of empathy in business and cybersecurity, leadership’s role in empathy and the […] The post The Problem of Victim Blaming in Cybersecurity: Empathy, Responsibility & Ethical Practices https://sharedsecurity.net/2024/02/05/the-problem-of-victim-blaming-in-cybersecurity-empathy-responsibility-ethical-practices/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, host Tom Eston provides a detailed explanation of the ‘Stolen Device Protection’ for iPhones – a new security feature by Apple. This feature triggers enhanced security factors such as Face ID, Touch ID, and an hour-long security delay for critical actions when the phone is away from familiar locations. Tom also provides […] The post Secure Your iPhone: Exploring Stolen Device Protection https://sharedsecurity.net/2024/01/29/secure-your-iphone-exploring-stolen-device-protection/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In Episode 313, hosts Tom and Scott discuss the world of scambaiting, discussing what it is, the tactics used, and its effectiveness in stopping scammers. They talk about popular channels like Scammer Payback and Kitboga that show these scams in progress. Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked https://sharedsecurity.net/2024/01/22/the-world-of-scambaiting-preventing-social-media-account-takeovers-network-wrenches-hacked/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 312, Tom and Scott discuss the implications of a new law in Ohio that may require parental consent for children under 16 using social media, including the pros and cons of this legislation. They also discuss Meta’s new link history feature and the repercussions it might have on ad targeting on Facebook and […] The post Ohio’s New Social Media Law, Meta’s Link History Feature, 175 Million Passcode Guesses https://sharedsecurity.net/2024/01/15/ohios-new-social-media-law-metas-link-history-feature-175-million-passcode-guesses/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The iPhone exploit, known as Operation Triangulation, has complex chains of events that lead to compromised iPhone security. Meanwhile, the lawsuit against Google claims […] The post Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App https://sharedsecurity.net/2024/01/08/most-advanced-iphone-exploit-ever-googles-5-billion-settlement-apples-journal-app/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, host Tom Eston shares the three key lessons he’s learned over his 18-year career in cybersecurity: effective communication, continuous learning, and empathy. He talks about the importance of understanding and reaching both technical and non-technical audiences, the necessity of continuous learning despite your role, and the power of empathy in contributing to […] The post The Three Keys to Success in Cybersecurity https://sharedsecurity.net/2024/01/01/the-three-keys-to-success-in-cybersecurity/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In our last episode of the year, we replay our predictions for 2023 reviewing what we got right and what we didn’t. We cover various topics, such as Twitter’s influence, the future of Mastodon, the ban of TikTok in certain states, and the rising issue of ransomware. In addition, we give credit to Scott for […] The post The Year in Review and 2024 Predictions https://sharedsecurity.net/2023/12/25/the-year-in-review-and-2024-predictions/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 308, we discuss the often overlooked topic of password management for the elderly. Addressing the commonly held belief that writing down passwords is a bad idea, we discuss the nuances and context of this practice. Elderly individuals who may struggle with technology can benefit from recording passwords, but we discuss the importance of […] The post Password Security for the Elderly: Tips and Best Practices https://sharedsecurity.net/2023/12/18/password-security-for-the-elderly-tips-and-best-practices/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In episode 307, Tom and Scott debunk misinformation circulating about the iOS 17 NameDrop feature by law enforcement and others on social media. Next, they discuss the potential risks of QR code scams, detailing a real-life incident where a woman lost a significant amount of money due to a QR code scam. Finally, the episode […] The post iOS 17 NameDrop Debunking, Real World QR Code Attacks, Impact of Ransomware on Hospitals https://sharedsecurity.net/2023/12/11/ios-17-namedrop-debunking-real-world-qr-code-attacks-impact-of-ransomware-on-hospitals/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since her career at Microsoft, before discussing her new role at Semgrep that recently acquired WeHackPurple. Tanya sheds light on her decision to partner […] The post Application Security Trends & Challenges with Tanya Janca https://sharedsecurity.net/2023/12/04/application-security-trends-challenges-with-tanya-janca/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, Tom shows off AI generated images of a “Lonely and Sad Security Awareness Manager in a Dog Pound” and the humorous outcomes. The conversation shifts to Apple’s upcoming support for Rich Communication Services (RCS) and the potential security implications. Lastly, Tom and Kevin reflect on reports of AI-powered voice cloning scams targeting […] The post Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly https://sharedsecurity.net/2023/11/27/apple-finally-adopts-rcs-ai-powered-scams-targeting-the-elderly/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this week’s episode of the Shared Security Podcast, hosts Tom Eston, Scott Wright and Kevin Johnson tackle a number of topics related to AI, privacy and security. They begin with an amusing discussion about their respective roles on the podcast, before shifting to big tech’s use of user data and whether subscribers should pay […] The post Paying Big Tech for Privacy, New Privacy Policy Study, Biden’s Executive Order on AI https://sharedsecurity.net/2023/11/20/paying-big-tech-for-privacy-new-privacy-policy-study-bidens-executive-order-on-ai/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, we discuss the SEC’s charges against SolarWinds’ CISO for misleading investors about a major cyberattack. Plus don’t miss our discussion about the shady world of “Classiscam Scam-as-a-Service,” a very popular cyber criminal service that creates fake user accounts, posts fraudulent reviews, and boosts the reputation of dishonest sellers while defrauding e-commerce platforms. […] The post SEC vs. SolarWinds CISO, Classiscam Scam-as-a-Service https://sharedsecurity.net/2023/11/13/sec-vs-solarwinds-ciso-classiscam-scam-as-a-service/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, we explore the recent Okta breach where hackers obtained sensitive customer data via unauthorized access to the Okta support system. Next, we discuss the emerging threat of “quishing,” a combination of voice calls and phishing that preys on unsuspecting victims. Finally, we discuss Google Play Protect’s new feature, “Real-time App Analysis,” which […] The post Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning https://sharedsecurity.net/2023/11/06/okta-hacked-again-quishing-is-the-new-phishing-google-play-protect-real-time-scanning/ appeared first on Shared Security Podcast https://sharedsecurity.net.
Did you know that your mobile phone provider can give data like phone numbers you’ve called and received, the time and date of those calls, and even your location data to their parent companies, affiliates, and agents? In this episode we show you how to opt out so you can stop your data from being […] The post How to Opt Out of CPNI Data Sharing https://sharedsecurity.net/2023/10/30/how-to-opt-out-of-cpni-data-sharing/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In milestone episode 300, Jayson E. Street (a renowned hacker, helper, and human who has successfully robbed banks, hotels, government facilities, and Biochemical companies on five continents) joins us to share what he’s been up to recently and to talk about his new role at Secure Yeti. Next, we explore the alarming rise of ‘phantom […] The post Special Guest Jayson E. Street, Phantom Hacker Scams, 23andMe User Data For Sale https://sharedsecurity.net/2023/10/23/special-guest-jayson-e-street-phantom-hacker-scams-23andme-user-data-for-sale/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode we explore the remarkable journey of Tib3rius, a web application hacking expert and content creator. In this engaging conversation, we discuss: Tib3rius’ passion for community education and content creation. What fuels his desire to empower the next generation of cybersecurity professionals? His expertise and enthusiasm for web application hacking, and we explore […] The post Educating the Next Cybersecurity Generation with Tib3rius https://sharedsecurity.net/2023/10/16/educating-the-next-cybersecurity-generation-with-tib3rius/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, we discuss the Mozilla Foundation’s alarming report that reveals why cars are the top privacy concern. Modern vehicles, equipped with data-collecting tech, pose significant risks to consumers’ privacy, with data sharing even extending to law enforcement. Listen in to our discussion as we explore the urgent need for transparency and *gasp* regulations […] The post Your Car is a Privacy Nightmare, Password Creation Best Practices, Sony Hacked Again https://sharedsecurity.net/2023/10/09/your-car-is-a-privacy-nightmare-password-creation-best-practices-sony-hacked-again/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode, we explore the growing trend of AI surveillance in corporations, where cutting-edge technology is used to monitor employees, optimize productivity, and raise ethical concerns. Next, we uncover a disturbing Instagram scam that lures unsuspecting victims into a trap, highlighting the deceptive tactics employed by cyber criminals on social media. Finally, discover the […] The post Is My Boss Spying on Me, Instagram Painting Scam, Kia and Hyundai TikTok Challenge https://sharedsecurity.net/2023/10/02/is-my-boss-spying-on-me-instagram-painting-scam-kia-and-hyundai-tiktok-challenge/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode Matt Johansen, Security Architect at Reddit and Vulnerable U newsletter and YouTube content creator, joins host Tom Eston to discuss Matt’s background as one of the original “Security Twits”, his career journey, his passion for mental health advocacy, the significance of the recent MGM ransomware attack, and a discussion on the pros […] The post Content Creation, Mental Health in Cyber, The MGM Ransomware Attack https://sharedsecurity.net/2023/09/25/content-creation-mental-health-in-cyber-the-mgm-ransomware-attack/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode Ryan Davis, Chief Information Security Officer at NS1, speaks with host Tom Eston about the changing role of the CISO, acquisitions, what the biggest challenges are, and Ryan’s advice for those considering a career as a CISO. This is one episode you don’t want to miss if you’re curious what a CISO […] The post The Changing Role of the CISO with Ryan Davis, Chief Information Security Officer at NS1 https://sharedsecurity.net/2023/09/18/the-changing-role-of-the-ciso-with-ryan-davis-chief-information-security-officer-at-ns1/ appeared first on Shared Security Podcast https://sharedsecurity.net.
In this episode we discuss the FBI’s remarkable takedown of the Qakbot botnet, a saga involving ransomware, cryptocurrency, and the FBI pushing an uninstaller to thousands of victim PCs. Next, we explore how a major U.S. energy organization fell victim to a QR code phishing attack, highlighting the ever-evolving tactics used by attackers. Finally, we […] The post The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15 https://sharedsecurity.net/2023/09/11/the-fbis-qakbot-takedown-qr-code-phishing-attacks-dox-anyone-in-america-for-15/ appeared first on Shared Security Podcast https://sharedsecurity.net.
