Shared Security

This week we discuss the Apache Log4j vulnerability and the impact it will have on organizations now and into the future, details on how Apple AirTags are being used by thieves to steal cars, and a FBI training document describes what data can be obtained by encrypted messaging apps.

Life360, a popular family safety app used by 33 million people worldwide, is selling location data to a dozen data brokers, phones of 11 U.S. State Department employees were hacked with spyware from the infamous NSO Group, and details on a bizarre story about a mother and daughter that face 16 years in prison for hacking into a school computer system to rig a homecoming queen election.

This month we discuss Business Email Compromise (BEC) scams. What are they, how to identify them, and why BEC scams have created over $1.8 billion worth of losses to businesses last year alone.

Is the TikTok app listening to you and playing videos based on your conversations? Apple takes the unique step of warning certain activists that their phones may be targeted by attackers, and details on how a UK government website was serving porn to its visitors.

Co-host Scott Wright joins Tom Eston for part three in our series on how to break into a cybersecurity career. Scott shares his career journey and gives us some insight into his career path going from consulting into starting his own company. If you’re a college student or thinking about getting into cybersecurity, this is one episode you don’t want to miss!

In milestone episode 200: The Federal Bureau of Investigation’s external email system was compromised sending spam emails with a fake warning of a cyberattack, new research released about ransomware negotiation and some helpful negotiation tips, and details on Mozilla's naughty list of privacy-crushing gifts.

Details on the Robinhood data breach (apparently caused by a social engineering attack) affecting approximately 7 million customers, and a discussion about surveillance and privacy concerns from a 600-hour leak of Dallas Police Department helicopter footage.

Facebook shuts down their face recognition system and deletes more than a billion facial recognition templates, how phone bots are being used to trick victims into giving up their multi-factor authentication codes, and the US blacklists the NSO Group and 3 other companies for malicious cyber activities.

Dana Mantilia joins us this month to talk about cybersecurity awareness, her incredible YouTube channel, and the ever changing role of the CISO (Chief Information Security Officer).

Do we really need a federal data agency to regulate social media companies? Watch out for Squirrelwaffle and Qakbot malspam attacks, and ransomware hits a major candymaker ahead of Halloween (is nothing sacred anymore?!)

Details on the F12 "hacking" incident of the Missouri state education website and the foolish response from the Missouri governor, Over 30 countries (except China and Russia) meet to fight ransomware globally, and the FBI's warning about fake unemployment benefit websites.

Clickbait news about the rise of "killware", Details on 1Password’s new feature to securely share passwords with others, and a new study by university researchers in the UK shows how Android phones snoop on their users.

Co-host Scott Wright presents a new framework to help people become "security champions" in their organization, a discussion about the great Facebook outage of 2021, and details on the Twitch data breach exposing source code and creator payouts.

Will Apple AirTag's replace malicious payload USB drops? Details on Private Relay and Hide My Email features included with iCloud+, and a fun discussion about Amazon's Astro robot and the Ring camera drone!

October is Cybersecurity Awareness Month so in this episode we discuss multi-factor authentication and the use of authenticator apps. Multi-factor authentication is one of the most important things that you can enable to secure your online accounts but its unfortunately overlooked by most people. Listen to this episode to learn what multi-factor authentication is, all about authenticator apps, and how we can get more people to start using multi-factor authentication.