New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report
The Shared Security Show
by Tom Eston, Kevin Johnson, Scott Wright
3d ago
In episode 330 Tom, Scott, and Kevin discuss the new features for iPhones and Android phones designed to warn users about secret trackers, possibly aiding in identifying stalkers. The hosts discuss Apple and Google’s collaboration on a technology called DOLT (Detecting Unwanted Location Trackers), aiming to improve user privacy by detecting Bluetooth trackers like Tiles and AirTags. They also highlight the findings from the 2024 Verizon Data Breach Investigations Report (DBIR), discussing key statistics on company breaches, the average time to remediate vulnerabilities, the rise in ransomware ..read more
Visit website
Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools
The Shared Security Show
by Tom Eston, Kevin Johnson, Matt Johansen
1w ago
In this first-ever in-person recording of Shared Security, Tom and Kevin, along with special guest Matt Johansen from Reddit, discuss their experience at the RSA conference in San Francisco, including their walk-through of ‘enhanced security’ and the humorous misunderstanding that ensued. The conversation moves to the ubiquity of AI and machine learning buzzwords at the conference, questioning the genuine impact versus hype, and the saturation of AI claims among vendors. They explore the real-world applications of AI, how it’s currently being utilized in cybersecurity, and its potential to ass ..read more
Visit website
FCC Fines Wireless Carriers $200 million, Google’s Fight Against Malicious Apps
The Shared Security Show
by Tom Eston, Kevin Johnson
2w ago
In episode 328, Tom and Kevin discuss two major cybersecurity and privacy news stories. The first topic covers the FCC issuing fines to major US wireless carriers for sharing users’ real-time location data, totaling nearly $200 million. They express surprise and skepticism over the carriers’ actions and deliberate on whether the fines would be impactful or merely seen as the cost of doing business. The second topic revolves around Google’s announcement that it prevented 2.28 million malicious apps from reaching the Play Store in 2023, marking a significant effort towards enhancing platform sec ..read more
Visit website
Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?
The Shared Security Show
by Tom Eston, Kevin Johnson, Scott Wright
3w ago
In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing’s decreased prevalence, it remains the second most popular method for gaining initial network access. Discussions include the impact of high-profile vulnerabilities and the potential reasons behind the shift in cyberattack tactics. The episode also explores the challenges of maintaining online privacy within relationships, especially when one partner prioriti ..read more
Visit website
Navigating Security Awareness in the Tech Industry with Erin Gallagher
The Shared Security Show
by Tom Eston, Erin Gallagher, Scott Wright
1M ago
In this episode Erin Gallagher, cybersecurity awareness lead at Fastly, discusses her journey into the field of security awareness and her unique approach to enhancing cybersecurity within tech companies. Erin shares her unconventional path from a communication major to leading security awareness programs at IBM and a large insurance company, before joining Fastly. She highlights the challenges and strategies of tailoring security training to diverse roles within tech companies, emphasizing the importance of role-based training over traditional methods like phishing simulations. Erin also tack ..read more
Visit website
Linux Backdoor Infection Scare, Massive Social Security Number Heist
The Shared Security Show
by Tom Eston, Kevin Johnson
1M ago
In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained commit access and inserted a backdoor. The episode further delves into a cybersecurity incident where hackers stole 340,000 social security numbers from a government consulting firm, emphasizing the implications and broader concerns related to data security in government contractors and the inefficacy of response mechanisms. Additionally, the hosts explore the negative influences of ..read more
Visit website
Massive AT&T Data Leak, The Danger of Thread Hijacking
The Shared Security Show
by Tom Eston, Scott Wright
1M ago
Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist. Co-host Scott Wright joins the discussion, highlighting how millions of AT&T customer account passcodes, along with personal information, were compromised due to a leak discovered by a security researcher and reported by TechCrunch. The episode also details the thread jacking phishing attack, emphasizing the importance of recognizing unexpected email threads and the potential dangers of malicious attachments. The episode con ..read more
Visit website
New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues
The Shared Security Show
by Tom Eston, Kevin Johnson, Scott Wright
1M ago
In episode 323, the hosts discuss two prominent topics. The first segment discusses a significant vulnerability discovered in hotel locks, branded as ‘Unsaflok,’ affecting 3 million doors across 131 countries. The vulnerability allows attackers to create master keys from a regular key, granted access to all doors in a hotel. The co-hosts also discuss the vulnerability’s relation to legacy systems and the implications for hotel security. The second segment shifts focus to Glassdoor, revealing that the popular company review site can no longer guarantee anonymity due to changes following its acq ..read more
Visit website
Alyssa Miller: Charting the Course Through InfoSec and Aviation
The Shared Security Show
by Tom Eston, Kevin Johnson, Scott Wright, Alyssa Miller
2M ago
In this episode, special guest Alyssa Miller joins the hosts for an insightful and entertaining conversation covering a broad range of topics from social engineering anecdotes involving Kevin Johnson to Alyssa’s journey in aviation and being a pilot. They discuss the challenges within the cybersecurity industry, including the transition to cloud computing and the neglect of on-prem data centers. Alyssa also shares a personal story about encountering workplace discrimination, offering advice based on her experiences. Additionally, the discussion touches on upcoming conference talks Alyssa is gi ..read more
Visit website
The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update
The Shared Security Show
by Tom Eston, Kevin Johnson, Scott Wright
2M ago
In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. They also talk about the anti-TikTok bill passed by the House, which could force ByteDance to sell TikTok or face a ban in app stores. The episode also covers a significant update to Signal, allowing users to use usernames instead of phone numbers, enhancing privacy. Insights into privacy policies, the importance of understanding consent, and the broader implications of data collection and sharing among different entities are also discussed ..read more
Visit website

Follow The Shared Security Show on FeedSpot

Continue with Google
Continue with Apple
OR