This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dig into everything from dodgy data startups to accidental database wipes by AI tools. Whether it’s passwords, passkeys, or privacy, this episode covers the real-world risks that slip through the cracks of digital life—and what security professionals can learn from them.
🔍 Farnsworth Intelligence & $50 Breach Data – A sketchy startup offers hacked data for pocket change. We unpack the ethical nightmare and what it says about the commodification of stolen info.
🔐 158-Year-Old Business Crushed by a Weak Password – Ransomware took down The Royal Mint’s paper supplier. One reused password triggered a chain reaction of damage.
🧽 Clorox Hit by “Just Asking” – Hackers used basic social engineering to trick staff into sharing passwords. The result? A lawsuit and $49M in damages.
📁 SharePoint Exploits Still Work – Legacy SharePoint systems are being targeted in the wild. We explain why updating your systems is table stakes—not optional.
🧠 Windows 11 Copilot Vision – Microsoft’s AI assistant watches how you work. We look at the privacy implications of system-level activity tracking.
🔑 Passkey Friction & Frustration – They're the future of authentication—but only if users understand them. We break down what’s working, and what’s still broken.
🇬🇧 UK Online Safety Act – New laws now require age verification for adult content in the UK. But what does that mean for privacy and enforcement?
🤖 AI Deletes a Database (Oops) – A dev tool gave one engineer too much power. We talk about guardrails, defaults, and the real risks of AI in production.
👾 Reddit Malware Ads – Malicious ads are sneaking through Reddit’s filters. We discuss the broken reporting flow and why community trust is on the line.
📉 QR Codes That Expire? – Ever scanned a QR code that no longer works? We explain why some codes time out—and what that means for security and UX.
📞 The Netstat Scam – Fake ISP reps use netstat commands to convince victims their connection is “compromised.” Old trick, still effective.
🪪 Fake IDs & Physical Access Risks – It’s not just digital anymore. We explore how low-tech social engineering can breach high-security environments.
🔁 Ring.com Login Confusion – A bug in Ring’s login system left users rattled. It’s a small issue, but a big reminder about user trust and account security.
📣 Bonus: Ant is heading to the SANS Security Awareness Summit in Chicago! Expect livestreams, interviews, and plenty of behind-the-scenes content.
🕒 Timestamps
00:00 Introduction and Overview
02:57 Breach Marketplace: Ethics & Stolen Data
05:53 One Weak Password Crashes 158-Year-Old Firm
09:12 Clorox Breach via Simple Social Engineering
11:57 SharePoint Exploits Still Active in the Wild
15:07 Windows Copilot: Privacy or Overreach?
17:57 Passkeys: Why Users Still Struggle
21:05 UK Age Checks: Safety vs. Privacy
24:01 AI Deletes Database: The Risks of Autopilot
37:44 Replit’s Data Loss Incident
39:11 What Is Vibe Coding?
42:08 Password Management Still a Mess
46:03 Reddit Malware Ads Slip Through
50:11 QR Codes That Expire? UX Meets Security
52:17 Netstat Scam: An Old Trick Returns
55:58 Phishing Emails from Local Councils
01:01:57 Gift Card Scams and Account Takeovers
01:03:23 Fake IDs and Physical Access Risks
01:10:39 Ring.com Login Bug Raises Trust Issues
📩 For links, videos, and the newsletter – head to riskycreative.com
💬 Check Out This Episode's Discussion Points
📧 hello@riskycreative.com
🔗 riskycreative.com
🎵 Our Intro & Outro Song (© 16! by falling forever)
License: https://creativecommons.org/licenses/by/4.0
