Shows
IT-Sicherheit für die Ohren - Der Sophos-PodcastSophos Security SOS Week - Teil 3Ende 2022 hatte Sophos wieder einmal drei Folgen seiner Security SOS Week mit seinen Sicherheitsexperten auf die Beine gestellt. Im Mittelpunkt der Folgen steht dabei, wie ein Angriff von den Sophos Threat Huntern eingedämmt und neutralisiert wird und wie Unternehmen dieses Wissen nutzen können, um die eigenen Abwehrmaßnahmen und Pläne zur Bedrohungsabwehr zu verbessern. Die sehr interessanter Inhalte dieser Webinar-Reihe stellen wir nun auch als Podcast zur Verfügung, hier kommt Teil 3 zum Thema "Cybersecurity as a Service".
Egal, ob Sie Teil eines dedizierten Security-Operations-Teams sind oder als IT-Profi zwischen technischem Support und Cybersecurity jongl...2023-01-2346 minIT-Sicherheit für die Ohren - Der Sophos-PodcastSophos Security SOS Week - Teil 2Ende 2022 hatte Sophos wieder einmal drei Folgen seiner Security SOS Week mit seinen Sicherheitsexperten auf die Beine gestellt. Im Mittelpunkt der Folgen steht dabei, wie ein Angriff von den Sophos Threat Huntern eingedämmt und neutralisiert wird und wie Unternehmen dieses Wissen nutzen können, um die eigenen Abwehrmaßnahmen und Pläne zur Bedrohungsabwehr zu verbessern. Die sehr interessanter Inhalte dieser Webinar-Reihe stellen wir nun auch als Podcast zur Verfügung, hier kommt Teil 2 "Incident Response: Ein Tag im Leben eines Cyber Threat Responders".
Wie läuft eine Reaktion auf einen Cybersecurity-Vorfall in der Praxis ab? Wie st...2023-01-1342 minIT-Sicherheit für die Ohren - Der Sophos-PodcastSophos Security SOS Week - Teil 1Ende 2022 hatte Sophos wieder einmal drei Folgen seiner Security SOS Week mit seinen Sicherheitsexperten auf die Beine gestellt. Im Mittelpunkt der Folgen steht dabei, wie ein Angriff von den Sophos Threat Huntern eingedämmt und neutralisiert wird und wie Unternehmen dieses Wissen nutzen können, um die eigenen Abwehrmaßnahmen und Pläne zur Bedrohungsabwehr zu verbessern. Die sehr interessanter Inhalte dieser Webinar-Reihe stellen wir nun auch als Podcast zur Verfügung und starten mit Teil 1 "Abwehr von Cyberbedrohungen".
Früher waren Bedrohungen oft leicht zu erkennen und zu verhindern – einfach, weil sie sich so sehr von allem an...2023-01-0543 min
Naked SecurityS3 Ep68: Bugs, scams, privacy... and fonts?!Stealing root on Linux. Snooping on RAM with a video driver bug. Apple patches a zero-day hole. SMS scams promise home PCR machines. German court freaks out over fonts. How to be private. And a paint robot that went wild.
https://nakedsecurity.sophos.com/pwnkit-security-bug-gets-you-root
https://nakedsecurity.sophos.com/linux-kernel-patches-performance-can-be-harmful-bug
https://nakedsecurity.sophos.com/apple-patches-safari-data-leak
https://nakedsecurity.sophos.com/coronavirus-sms-scam-offers-home-pcr
https://nakedsecurity.sophos.com/website-operator-fined-for-using-google-fonts
https://nakedsecurity.sophos.com/happy-data-privacy-day
Original music by Edith Mudge
Got questions/suggestions/stories to share?
Email tips@sophos.com
2022-02-0326 minNaked SecurityS3 Ep51: OMIGOD a gaping hole, waybill scams, and Face ID hackedA scarily exploitable hole in Microsoft open source code. A simpler take on delivery scams. A Face ID bypass hack, patched for the initial release of iOS 15. And how not to get locked in a cabling closet.
Coder? Use Sophos Intelix yourself for free: https://sophos.com/intelix
With Paul Ducklin and Doug Aamoth.
Original music by Edith Mudge
Got questions/suggestions/stories to share?
Email tips@sophos.com
Twitter @NakedSecurity
Instagram @NakedSecurity2021-09-2338 min
Naked SecurityS3 Ep32: AirTag jailbreak, Dell vulns, and the never-ending scamApple's brand new AirTag product got hacked already. Things you can learn from Colonial Pipeline's ransomware misfortune. Why Dell patched a bunch of driver bugs going back more than a decade. And the "Is it you in the video?" scam just keeps on coming back.
Additional links you will find useful:
https://news.sophos.com/en-us/using-sophos-edr-to-identify-endpoints-impacted-by-dell
https://nakedsecurity.sophos.com/ransomware-dont-expect-a-full-recovery
https://www.sophos.com/ransomware
With Kimberly Truong, Doug Aamoth and Paul Ducklin.
Original music by Edith Mudge
2021-05-1338 minNaked SecurityS3 Ep27: Census scammers, beg bounties and data breach finesHow scammers copied a government website almost to perfection. What to do about those fake "bug" hunters who ask for payment for finding "vulnerabilities" that aren't. Why the Dutch data protection authority fined Booking.com for not sending in a data breach disclosure fast enough.
Useful podcasts and videos mentioned in this episode:
https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac
https://nakedsecurity.sophos.com/s3-ep8-a-conversation-with-katie-moussouris
https://nakedsecurity.sophos.com/what-should-you-say-if-you-have-a-data-breach
With Kimberly Truong, Doug Aamoth and Paul Ducklin.
2021-04-0846 minNaked SecurityS3 Ep25: Drained accounts, ransomware attacks and Linux badwareHow a social engineer ripped off a victim lured in by one of those "small outstanding fee to pay" home delivery scams. The ransomware crooks targeting networks that still haven’t done their Hafnium patches. And the Linux kernel security holes that lay there undiscovered for 15 years.
Related articles that we refer to in the show:
https://nakedsecurity.sophos.com/beware-the-dhl-delivery-message
https://nakedsecurity.sophos.com/watch-out-scummy-scammers
https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac
https://nakedsecurity.sophos.com/blackkingdom-ransomware
https://nakedsecurity.sophos.com/serious-security-webshells-explained
https://nakedsecurity.sophos.com/naked-security-live-hafnium-explained
https://nakedsecurity.so...2021-03-2547 minNaked SecurityS3 Ep19.5: How NOT to be a bug bounty hunterIn this special mini-episode, Paul Ducklin talks to Sophos cybersecurity expert Chester Wisniewski about bug bounty hunting.
How does bug bounty hunting work? What should you do if you get a bug report that doesn't follow established protocol? Chester tells you how to deal with so-called "beg bounties", where self-styled "experts" beg you for money or even threaten you with ill-defined "problems" they claim to have found.
https://news.sophos.com/en-us/have-a-domain-name-beg-bounty-hunters-may-be-on-their-way
https://nakedsecurity.sophos.com/beware-of-technical-experts-bombarding-you-with-bug-reports
Original...2021-02-1216 minNaked SecurityS3 Ep15.5: Home schooling - how to stay secureThanks to coronavirus lockdown rules in the UK, and the temporary closure of all schools, Sally Adam suddenly found herself responsible for cybersecurity where it mattered more than ever: on a home network that jointly served for home, work and school.
Paul Ducklin talks to Sally about how she did it, and how to keep your own family’s digital life safe.
https://nakedsecurity.sophos.com/home-schooling-how-to-stay-secure
https://nakedsecurity.sophos.com/home-wi-fi-security-tips
Original music by Edith Mudge
***
Got questions/suggestions/stories to share?
Email tips@so...2021-01-1919 minNaked SecurityS3 Ep11: DIY phishes, sandwich scams and vaccine hackingWe look at phishing tricks that really work, investigate a bizarre scam involving Subway sandwiches, and ask whether cybercriminals have lost their interest in the rest of us now they have coronavirus-related targets to go after.
With Kimberly Truong, Doug Aamoth and Paul Ducklin.
https://nakedsecurity.sophos.com/phishing-tricks-that-really-work
https://nakedsecurity.sophos.com/subway-sandwich-scam-mystifies
https://nakedsecurity.sophos.com/was-there-a-covid-19-vaccine-hack
Original music by Edith Mudge
***
Got questions/suggestions/stories to share?
Email tips@sophos.com
Twitter @NakedSecurity
Instagram @NakedSecurity2020-12-1744 minNaked SecurityS3 Ep10.5: 20 years of cyberthreats that shaped infosecNaked Security's Paul Ducklin interviews Sophos expert John Shier about his recently published paper, "20 years of cyberthreats that shaped information security."
Join John on a dizzying journey all the way from legendary viruses such as ILOVEYOU and Code Red, which flooded the internet in 2000, to present-day ransomware gangs like Ryuk and REvil, who are extorting millions of dollars in blackmail money per attack.
https://news.sophos.com/20-years-of-cyberthreats
Original music by Edith Mudge
Got questions/suggestions/stories to share?2020-12-1421 minNaked SecurityS3 Ep10: Hacking iPhones, sunken Enigmas and double scamsWe dig into research that figured out a way to steal data from iPhones wirelessly, we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea, and we give you advice on how to talk to phone scammers.
With Kimberly Truong, Doug Aamoth and Paul Ducklin.
https://nakedsecurity.sophos.com/how-to-steal-photos-off-someones-iphone
https://nakedsecurity.sophos.com/german-divers-find-enigma-crypto-machine
https://nakedsecurity.sophos.com/vishing-criminals-let-rip-with-two-scams
Original music by Edith Mudge2020-12-1046 minNaked SecurityS3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tipsWe look at a network intrusion where the crooks tried to take over dozens of different online accounts from every user, we discuss the potential dangers of digital doorbells, and we give you some handy hints for improving your wireless security at home.
With Kimberly Truong, Doug Aamoth and Paul Ducklin.
https://nakedsecurity.sophos.com/gift-card-hack-exposed-you-pay-they-play
https://nakedsecurity.sophos.com/bzzzzzzt-how-safe-is-that-keenly-priced-digital-doorbell
https://nakedsecurity.sophos.com/home-wi-fi-security-tips-5-things-to-check
Original music by Edith Mudge
Got questions/suggestions...2020-12-0348 minNaked SecurityS3 Ep7: When ransomware crooks get a big fat zero!In this episode: we say thanks to companies that refuse to pay ransomware hush money, dig into the new Sophos 2021 Threat Report, and take a quick look inside a malicious Linux kernel driver. Also, a sneak preview of our upcoming podcast interview with bug bounty pioneer Katie Moussouris.
With Kimberly Truong, Doug Aamoth and Paul Ducklin
***
Cult videogame company Capcom pays a big round $0.00 to ransomware crooks https://nakedsecurity.sophos.com/cult-videogame-company-capcom-pays-a-big-round-0
The Sophos Threat Report 2021 https://nakedsecurity.sophos.com/sophos-threat-report-2021
The Cloud Snooper Malware https://nakedsecurity.sophos.com...2020-11-1943 minNaked SecurityS3 Ep6: How not to get scammedIn this episode: When payments go astray, why "just in case" cybersecurity warnings do more harm than good, how to shop safely on Black Friday and beyond, and (oh no!) what to do when all your emails disappear.
With Kimberly Truong, Doug Aamoth and Paul Ducklin
***
To register for the Sophos Evolve event: https://sophos.com/evolve
Smishing attack tells you “mobile payment problem” – don’t fall for it https://nakedsecurity.sophos.com/smishing-attack-tells-you-mobile-payment-problem
“Instant bank fraud” hoax is back – don’t spread fake news https://nakedsecurity.sophos.com/instant-bank-fra...2020-11-1247 minNaked SecurityS3 Ep5: Chrome, Flash and malware for saleIn this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of "malware-as-a-service", and the malware risks from image search. Also (oh! no!), why you should take care before you pair.
With Kimberly Truong, Doug Aamoth and Paul Ducklin
https://nakedsecurity.sophos.com/another-chrome-zero-day-this-time-on-android
https://nakedsecurity.sophos.com/adobe-flash-its-the-end-of-the-end-of-the-end
https://nakedsecurity.sophos.com/buer-loader-malware-as-a-service-joins-emotet
Original music by Edith Mudge
Got questions/suggestions/stories to share?
Email...2020-11-0539 minNaked SecurityS3 Ep4.5: FBI "ransomware warning" for healthcare is a warning for everyoneOn Wednesday, the FBI, CISA and HHS released an unprecedented warning against "an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers." In this quick mini-sode, Chester Wisniewski (Principal Research Scientist at Sophos) discusses what the threat is, what this advisory means, and why this warning is a warning for everyone.
With Kimberly Truong and special guest, Chester Wisniewski @chetwisniewski
RESOURCES:
Read the article from Naked Security https://nakedsecurity.sophos.com/2020/10/29/fbi-ransomware-warning-for-healthcare-is-a-warning-for-everyone/
Get tools and guidance to protect your organization https://www.sophos.com/en-us/content/healthcare-targeted-ransomware.aspx ...2020-10-3013 minNaked SecurityS3 Ep4: Facebook scams, vishing, and smartphone privacy tipsThis week: Facebook scammers trick you with fake copyright notices, voice scammers automate their attacks on the vulnerable, how to tune up your mobile privacy, and (oh! no!) the best/worst IT helpdesk call ever.
With Kimberly Truong, Doug Aamoth and Paul Ducklin
***
Facebook “copyright violation” tries to get past 2FA – don’t fall for it https://nakedsecurity.sophos.com/facebook-copyright-violation-tries-to-get-past-2fa
Phone scamming – friends don’t let friends get vished https://nakedsecurity.sophos.com/phone-scamming-friends-dont-let-friends-get-vished
Time for a mobile privacy reset? https://nakedsecurity.sophos.com/time-for-a-mobile-privacy-reset
***
Origin...2020-10-3046 minNaked SecurityS3 Ep3: Breaking crypto, busting hackers and pwning ChromeThis week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and (oh no!) why your vocabulary needs the word "restore" even more than it needs "backup".
With Kimberly Truong, Doug Aamoth and Paul Ducklin
***
US Department of Justice reignites the Battle to Break Encryption https://nakedsecurity.sophos.com/us-department-of-justice-reignites
Russian “government hackers” charged with cybercrimes by the US https://nakedsecurity.sophos.com/russian-government-hackers-charged
Chrome zero-day in the wild – patch now! https...2020-10-2236 minNaked SecurityS3 Ep2: Creepy smartwatches, botnets and Pings of DeathIn this episode: we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and (oh no!) find the source of mysterious beeping from every computer in the office.
With Kimberly Truong, Doug Aamoth and Paul Ducklin
***
Creepy covert camera “feature” found in popular smartwatch for kids https://nakedsecurity.sophos.com/creepy-covert-camera-feature-found
Microsoft on the counterattack! Trickbot malware network takes a hit https://nakedsecurity.sophos.com/microsoft-on-the-counterattack-trickbot
Windows' "Ping of Death" bug r...2020-10-1538 minNaked SecurityS3 Ep1: Ransomware - is it really OK to pay?Join us for the first episode in our brand new Series 3! This week we wonder whether Cybersecurity Awareness Month is a waste of time, explain the concept of "linkless phishing", ask if it's ever OK to pay a ransomware demand, and advise what to do when the CEO won't stop looking at naughty sites.
With Paul Ducklin, Kimberly Truong and Doug Aamoth
Tips for National Cybersecurity Awareness Month https://nakedsecurity.sophos.com/if-you-connect-it-protect-it
Phishing without links https://nakedsecurity.sophos.com/serious-security-phishing-without-links
REvil ransomware crew dangles $1M cybercrime carrot https://nakedsecurity.sophos...2020-10-0942 min
Naked SecurityS2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapadesEND OF SERIES SPECIAL: This week Mark shares why Pablo Escobar’s brother is suing Apple for $2.6b, Greg talks about a malicious ‘Octopus Scanner’ targeting developers on Github and Duck discusses the “Sign in with Apple” account takeover flaw.
Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and Greg Iddon.
Related articles:
Github uncovers malicious ‘Octopus Scanner’ targeting developers https://nakedsecurity.sophos.com/2020/06/01/github-uncovers-malicious-scanner-targeting-developers/
No password required! “Sign in with Apple” account takeover flaw patched https://nakedsecurity.sophos.com/2020/06/01/no-password-required-sign-in-with-apple-account-takeover-flaw-patched/
Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw https://nakedsecurity.sophos.com/2020/05/28/pablo-escobars-broth...2020-06-0545 min
Naked SecurityS2 Ep41: Super-sized ransomware, FBI v Apple and AirPods hot or notThis week Peter shares how Ragnar Locker ransomware deploys a virtual machine to dodge security, Mark discusses the latest in the Apple v FBI saga and Duck talks "MagicPairing."
Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Peter Mackenzie.
Listen now!
Related articles:
Signal secure messaging can now identify you without a phone number https://nakedsecurity.sophos.com/2020/05/22/signal-secure-messaging-can-now-identify-you-without-a-phone-number/
Apple and Google launch COVID-19 contact tracing API https://nakedsecurity.sophos.com/2020/05/22/apple-and-google-launch-covid-19-contact-tracing-api/
VIDEO: What is the dark web? https://www.youtube.com/watch?v=9F3rz7GfPys&t=52s
Ragnar Locker ransomware deploys virtual...2020-05-2750 min
Naked SecurityS2 Ep40: Demonic printers, a sleazy stalker and 10 reasons to patchThis week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now.
Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon.
Related articles:
Beware the DHL delivery message email – it could be a package scam
https://nakedsecurity.sophos.com/2020/05/13/beware-the-dhl-delivery-message-email-it-could-be-a-package-scam/
Microsoft joins encrypted DNS club with Windows 10 option
https://nakedsecurity.sophos.com/2020/05/15/microsoft-joins-encrypted-dns-club-with-windows-10-option/
Criminal forum trading stolen data suffers ironic data breach
https://nakedsecurity.sophos.com/2020/05/13/criminal-forum-trading-stolen-data-suffers-ironic-data-breach/
Woman stalked by sandwich server via her COVID-19 contact tracing info ht...2020-05-2052 min
Naked SecurityS2 Ep39: Thunderspy, government encryption, and reply all mistakesIn this episode Mark discusses government encryption, Duck tells us why turning your computer off is a cool idea and Greg regales us with his reply all woes.
Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin, Greg Iddon and Producer Alice Duckett.
Related articles:
Clearview AI won’t sell vast faceprint collection to private companies https://nakedsecurity.sophos.com/2020/05/11/clearview-ai-wont-sell-vast-faceprint-collection-to-private-companies/
Celebrity personal data taken in ransomware attack https://nakedsecurity.sophos.com/2020/05/11/celebrity-personal-data-taken-in-ransomware-attack/
Reveal the identities of alleged pirates, court tells ISP https://nakedsecurity.sophos.com/2020/05/05/reveal-the-identities-of-alleged-pirates-court-tells-isp/
Maze ransomware: extorting victims for 1 year and counting https://news.so...2020-05-1351 min
Naked SecurityS2 Ep38: Crashing iPhones, ransomware tales and human chatbotsIn this episode Duck discusses the iPhone "word of death", Peter shares a shocking ransomware story and Alice talks about a chatbot that shows empathy. Or so it says.
Host Anna Brading is joined by Naked Security regular Paul Ducklin, Threat Response expert Peter Mackenzie and Producer Alice Duckett.
Related articles:
https://nakedsecurity.sophos.com/godaddy-unauthorized-individual-had-access-to-login-info
https://nakedsecurity.sophos.com/adult-live-streaming-site-cam4-leaks-millions-of-emails-private-chats
https://nakedsecurity.sophos.com/coronavirus-pandemic-coincides-with-spike-in-online-puppy-scams
https://nakedsecurity.sophos.com/iphone-word-of-death-could-crash-your-phone-what-you-need-to-know2020-05-0648 min
Naked SecurityS2 Ep37: Microsoft fixes, airgap fun and free games for 2FAThis week we talk ransomware apologies, whether companies should be pushing 2FA and good vibrations, kind of...
We're proud to be nominated for Best Cybersecurity Podcast in the European Cybersecurity Blogger Awards. If you enjoy our show, please vote for us:
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform?fbzx=1378805297375984251
Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and Producer Alice Duckett.
Listen now!
Further reading:
https://nakedsecurity.sophos.com/evil-gif-account-takeover-flaw-patched-in-teams
https://nakedsecurity.sophos.com/warning-fake-zoom-hr-meeting-emails-phish-for-your-password
https://nakedsecurity.sophos.com/patch-now-microsoft-issues-unexpected-office-fix
https://nakedsecurity.sophos.com/fan-vibrations-can-be-used-transmit-data-from-air-gapped-machines2020-04-3039 min
Naked SecurityS2 Ep36: Rogue Chrome extensions, Signal fears and Darth VaderThis week we discuss 49 rogue Chrome extensions, Signal fears over the EARN IT Act and how Darth Vader sent someone viral for all the wrong reasons.
Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and Producer Alice Duckett.
Listen now!
First three stories:
https://nakedsecurity.sophos.com/critical-bug-in-google-chrome-get-your-update-now
https://nakedsecurity.sophos.com/new-sextortion-scam-high-level-of-risk-your-account-has-been-hacked
https://nakedsecurity.sophos.com/tiktok-announces-family-pairing-bust-your-moves-but-cap-the-risk
Main topics:
https://nakedsecurity.sophos.com/49-malicious-chrome-extensions-caught-pickpocketing-crypto-wallets
https://nakedsecurity.sophos.com/signal-well-be-eaten-alive-by-earn-it-acts-anti-encryption-wolves
https://nakedsecurity.sophos.com/creep-shamed-on-facebook-was-actually-man-taking-selfie-with-darth-vader
Mentioned in the episode:
https://nakedsecurity.sophos.com/the-talking-angela-witch-hunt-what-on-earth-is-going-on
https://nakedsecurity.sophos.com/no-houseparty-hasnt-hacked-your-phone-and-stolen-your-bank-details2020-04-2242 min
Naked SecurityS2 Ep35: TikTok woes, sextortion scams and passwords vs. single sign-onThis week we discuss a TikTok flaw, why sextortion scammers are rearing their heads again and whether single sign-on is better than having loads of different passwords.
Host Anna Brading is joined by Sophos experts Mark Stockey, Paul Ducklin and Producer Alice Duckett.
Listen now!
Related articles:
https://nakedsecurity.sophos.com/tiktok-users-beware-hackers-could-swap-your-videos-with-their-own
https://nakedsecurity.sophos.com/sextortion-emails-and-porn-scams-are-back-dont-let-them-scare-you
Find out Mark's new method of authentication by listening to last week's episode:
https://soundcloud.com/sophossecurity/s2-ep34-can-you-trust-hackers-on-how-not-to-get-hacked
Duck's anti-sextortion video to share with your friends and family:
https://www.youtube.com/watch?v=veY0WzoubQw2020-04-1544 min
Naked SecurityS2 Ep34: Can you trust hackers on how not to get hacked?This week we discuss the hackers' forum that got hacked (lol), how the coronavirus pandemic has deferred a security update, and why jumping to conclusions is always a bad idea.
Oh, and we came across plans for a toilet that identifies you by scanning your, errrm... you'll have to listen to find out.
Listen now!
Related stories:
https://nakedsecurity.sophos.com/hackers-forum-hacked-ogusers-database-dumped-again
https://nakedsecurity.sophos.com/covid-19-forces-browser-makers-to-continue-supporting-tls-1-0
https://nakedsecurity.sophos.com/no-houseparty-hasnt-hacked-your-phone-and-stolen-your-bank-details
https://nakedsecurity.sophos.com/as-if-the-world-couldnt-get-any-weirder-this-ai-toilet-scans-your-anus-to-identify-you/2020-04-0850 min
Naked SecurityS2 Ep33: Ransomware on sale, dark web disaster, dead drops and pillow fortsThis week we bring you the podcast from our makeshift home studios (pillow forts). We discuss Dharma ransomware, the tour guide who turned out to be a Chinese spy, and why thousands of dark web sites have disappeared.
Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon, Peter Mackenzie and Producer Alice Duckett.
Listen now!
Related articles:
https://nakedsecurity.sophos.com/dharma-ransomware-source-code-on-sale-for-2000
https://nakedsecurity.sophos.com/tour-guide-chinese-spy-gets-four-years-for-sd-card-dead-drops
https://nakedsecurity.sophos.com/thousands-of-dark-web-sites-deleted-in-attack-on-free-hosting-service2020-04-0152 min
Naked SecurityS2 Ep32: ZoomBombing, Android malware and the WhatsApp Martinelli hoaxIn this episode, Greg looks at why the WhatsApp Martinelli hoax has come back in a big way, Duck decompiles some coronavirus-themed Android malware, and Anna tells you what ZoomBombing is and why you really, really need to get the security settings right on your Zoom meetings.
Join host Anna Brading with Sophos experts Paul Ducklin and Greg Iddon.
Listen now!
Related articles:
https://nakedsecurity.sophos.com/whatsapp-martinelli-hoax-is-back-warning-about-dance-of-the-pope
https://nakedsecurity.sophos.com/android-malware-uses-coronavirus-for-sextortion-ransomware-combo
https://nakedsecurity.sophos.com/trolls-zoombomb-work-from-home-videocall-with-filth2020-03-2535 min
Naked SecurityS2 Ep31: Remote working, malwareless ransomware and EARN ITThis week, Duck advises how to keep your company safe while working remotely, Peter discusses a malwareless ransomware attack, and Mark shares the latest in the EARN IT saga.
Host Anna Brading is joined by Sophos experts Paul Ducklin, Peter Mackenzie and Mark Stockley.
Listen now!
Links for you:
https://nakedsecurity.sophos.com/earn-it-act-threatens-end-to-end-encryption
https://nakedsecurity.sophos.com/5-tips-for-working-safely-from-home2020-03-1948 min
Naked SecurityS2 Ep30: Let's Encrypt, ULTRASONIC attacks and ransomware in your backupsThis week we talk about why Let's Encrypt might have to celebrate its billionth certificate twice, wonder if James Bond could hack Siri with ultrasound and make backups surprisingly interesting.
Host Mark Stockley is joined by Sophos experts Greg 'Fido' Iddon and Peter Mackenzie.
Related articles:
Let's Encrypt:
https://nakedsecurity.sophos.com/2020/03/02/lets-encrypt-issues-one-billionth-free-certificate/
https://nakedsecurity.sophos.com/2020/03/04/why-3-million-lets-encrypt-certificates-are-being-killed-off-today/
SurfingAttack:
https://nakedsecurity.sophos.com/2020/03/02/siri-and-google-assistant-hacked-in-new-ultrasonic-attack/
Ransomware in your backups
https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/2020-03-1145 min
Naked SecurityS2 Ep29: Facial recognition, malware madness and smart speakersThis week we discuss the latest in the Clearview AI debacle, get more tales from the ransomware swamp and discover how often our smart speakers are listening to us.
Host Anna Brading is joined by Sophos experts Alice Duckett, Paul Ducklin and Peter Mackenzie.
Related articles:
Facial recognition and Clearview:
https://nakedsecurity.sophos.com/clearview-ai-loses-entire-database-of-faceprint-buying-clients-to-hackers
https://nakedsecurity.sophos.com/facebook-google-youtube-order-clearview-to-stop-scraping-faceprints
Malware madness:
https://nakedsecurity.sophos.com/revil-ransomware-exploiting-vpn-flaws-made-public-last-april
https://nakedsecurity.sophos.com/gandcrab-ransomware-revisited-is-it-back-under-a-revil-new-guise
Smart speakers:
https://nakedsecurity.sophos.com/smart-speakers-mistakenly-eavesdrop-up-to-19-times-a-day2020-03-0443 min
Naked SecurityS2 Ep28: Stalkerware, when cybercrooks return, and phishing gone wildThis week we discuss the stalkerware app that spilled bucketloads of ultrapersonal data, a double-whammy ransomware attack on a homeless charity, and an Amazon Prime phishing attack with a skull-and-crossbones twist.
Producer Alice Duckett hosts the show with Sophos experts Paul Ducklin, Greg Iddon and Peter Mackenzie.
Related articles:
https://nakedsecurity.sophos.com/2020/02/24/kidsguard-stalkerware-leaks-data-on-secretly-surveilled-victims/
https://nakedsecurity.sophos.com/2020/02/21/the-amazon-prime-phishing-attack-that-wasnt/2020-02-2645 min
Naked SecurityS2 Ep27: Bluetooth vulnerabilities, dodgy Chrome extensions and forgotten encryption passwordsThis week we discuss why Google abruptly pulled over 500 Chrome extensions from its Web Store, the case of a man held in custody for refusing to decrypt two hard drives and research detailing a number of security holes in Bluetooth chips from several different vendors.
Greg Iddon plays host and Producer this week and is joined by fellow Sophos experts Paul Ducklin and Peter Mackenzie.
Listen now!
Related articles:
Google pulls 500 malicious Chrome extensions after researcher tip-off: https://nakedsecurity.sophos.com/2020/02/17/google-pulls-500-malicious-chrome-extensions-after-researcher-tip-off/
Suspect who refused to decrypt hard drives released after four years: https://nakedsecurity.sophos.com/2020/02/17/google-pulls-500-malicious-chrome-extensions-after-researcher-tip-off/
...2020-02-2137 min
Naked SecurityS2 Ep26: Robbin Hood ransomware, Twitter parodies and SMS 2FA WHAT?This week we welcome back Peter who discusses RobbinHood - the ransomware that brings its own bug. Greg explains how a student's Twitter account was handed over to their college and Duck talks SMS 2FA.
Host Anna Brading is joined by Sophos experts Peter Mackenzie, Paul Ducklin and Greg Iddon.
Listen now!
Related articles:
RobbinHood – the ransomware that brings its own bug: https://nakedsecurity.sophos.com/2020/02/07/robbin-hood-the-ransomware-that-brings-its-own-bug/
Living off another land: Ransomware borrows vulnerable driver to remove security software: https://news.sophos.com/en-us/2020/02/06/living-off-another-land-ransomware-borrows-vulnerable-driver-to-remove-security-software/
Apple proposes simple security upgrade for SMS 2FA codes: https://nakedsecurity.sophos.com/2020/02/03/apple-proposes-simple-security-upgrade-for-sms-2fa-codes/
Tw...2020-02-1245 min
Naked SecurityS2 Ep25: You've seen WHAT on public Trello boards?Over the past couple of years, Sophos' Director of Security Craig Jones has discovered a worrying amount of personal data on public Trello boards. Mark says companies shouldn’t microchip their employees and Duck discusses a bug that could have blown a hole in OpenSMTPD.
Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and special guest Craig Jones.
Listen now!
Related articles:
Trello exposed! Search turns up huge trove of private data: https://nakedsecurity.sophos.com/2020/01/30/trello-exposed-search-turns-up-huge-trove-of-private-data/
Employers can’t force you to get microchipped, Indiana reps say https://nakedsecurity.sophos.com/2020/01/30/employers-cant-force-you-to-get-microchipped-indiana-reps-say/
Serious Security – How ‘special...2020-02-0547 min
Naked SecurityS2 Ep24: Tinder, angry customers and weleakinfo takedownThis week we discuss 70,000 images being stolen from Tinder, the weleakinfo.com FBI bust and how Sonos annoyed its longstanding customers.
Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and producer Alice Duckett.
Listen now!
Related articles:
Sonos’s tone-deaf legacy product policy angers customers: https://nakedsecurity.sophos.com/2020/01/23/sonoss-tone-deaf-legacy-product-policy-angers-customers/
FBI seizes credentials-for-sale site: https://nakedsecurity.sophos.com/2020/01/20/fbi-seizes-credentials-for-sale-site-weleakinfo-com/
What do online file sharers want with 70,000 Tinder images? https://nakedsecurity.sophos.com/2020/01/21/what-do-online-file-sharers-want-with-70000-tinder-images/2020-01-2952 min
Naked SecurityS2 Ep23: Snake ransomware, VPN vulnerabilities and is your phone listening to you?This week we cover Snake ransomware, VPN vulnerabilities and decide whether our phones are spying on us.
Mark also revisits his growing list of pet peeves and Anna tests whether getting deep fake feet to your phone via SMS is real.
Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and Producer Alice Duckett.
Listen now!
Related articles:
Snake alert! This ransomware is not a game… https://nakedsecurity.sophos.com/2020/01/13/snake-alert-this-ransomware-is-not-a-game/
Browser zero day: Update your Firefox right now! https://nakedsecurity.sophos.com/2020/01/09/browser-zero-day-update-your-firefox-right-now/
REvil ransomware exploiting VPN flaws made public last April: https://nakedsecurity.sophos.com/2020/01/08/re...2020-01-1651 min
Naked SecurityS2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swampThis week we discuss the IT exec who scammed his employer out of $6m with fake invoices and the death of Python 2. Peter also shares two of his latest investigations from the ransomware swamp.
Producer Alice Duckett is joined by Mark Stockley, Greg Iddon and Peter Mackenzie in this week's episode.
Thank you to everyone who gives us feedback on the podcast and helps us promote it on social media, it really helps us reach more people.
Listen now!
Related articles:
IT exec sets up fake biz to scam his employer out of $6m: https://nakedsecurity.sophos.com/2020/01/07/it-exec-sets-up-fake-biz-to-scam-his-employer-out-of-6m/
...2020-01-0844 min
Naked SecurityS2 Ep21 - Plundervolt, domain name gunfight and Facebook snubs CongressHere are the week's top stories - we explain the Plundervolt attack, look into a gunfight over a domain name, and explore the encryption drama that's unfolding between Facebook and Congress.
Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon.
Listen and share!
Related articles:
https://nakedsecurity.sophos.com/doitforstate-domain-name-thief-gets-14-years-for-pistol-whipping-plot
https://nakedsecurity.sophos.com/plundervolt-stealing-secrets-by-starving-your-computer-of-voltage
https://nakedsecurity.sophos.com/facebook-refuses-to-break-end-to-end-encryption2019-12-1844 min
Naked SecurityS2 Ep20 - Why don't they send ransomware on floppies anymore?As always, we pick the top three cybersecurity stories of the week to discuss. This week we talk about open-source supply chain madness, Snatch ransomware and iPhone 11 tracking concerns.
Host Anna Brading is joined by Sophos experts Mark Stockley, Peter Mackenzie and Paul Ducklin.
Listen and share!
Related articles:
Will the new iPhone 11 track you even if you tell it not to? https://nakedsecurity.sophos.com/2019/12/09/will-the-new-iphone-11-track-you-even-if-you-tell-it-not-to/
Snatch ransomware pwns security using sneaky ‘safe mode’ reboot https://nakedsecurity.sophos.com/2019/12/10/snatch-ransomware-pwns-security-using-sneaky-safe-mode-reboot/
Machine-raiding Python libraries squashed by community https://nakedsecurity.sophos.com/2019/12/05/machine-raiding-python-libraries-squashed-by-community/2019-12-1142 min
Naked SecurityS2 Ep19 - One of us just prevented a ransomware attackPeter Mackenzie saved a casino from a ransomware attack, a children's smartwatch leaks location data and HPE warns of impending SSD disk doom.
Host Anna Brading is joined by Peter Mackenzie, Paul Ducklin and Mark Stockley.
Related articles:
Children's smartwatch: https://nakedsecurity.sophos.com/2019/11/28/kids-smartwatch-security-tracker-can-be-hacked-by-anyone/
SSD disk impending doom: https://nakedsecurity.sophos.com/2019/11/28/hpe-warns-of-impending-ssd-disk-doom/2019-12-0442 min
Naked SecurityS2 Ep18 – Missing cryptoqueen, festive phishing and can the web be saved?This week we discuss the large scale crypto-scam which tricked people into investing $400m, Tim Berners-Lee's proposed principles to save the web from a 'digital dystopia' and how to stay safe online during the festive season.
Producer Alice Duckett hosts the show with Sophos experts Paul Ducklin and Peter Mackenzie.
Listen now!
Related articles:
Crypto-scam: https://nakedsecurity.sophos.com/2019/11/25/onecoin-crypto-scam-lawyer-found-guilty-of-worldwide-400m-fraud/
Web principles: https://nakedsecurity.sophos.com/2019/11/26/sir-tim-berners-lee-publishes-plan-to-save-the-web-from-digital-dystopia/
Festive scams: https://nakedsecurity.sophos.com/2019/11/19/ho-ho-ouch-there-are-4x-more-fake-retailer-sites-than-real-ones/2019-11-2747 min
Naked SecurityS2 Ep17 - Fake AirBnBs, lying ISPs and a glance at the cyberfutureA huge Airbnb scam ends with promises to verify every host and listing, Mozilla says ISPs are lying to Congress about encrypted DNS and we discuss the Sophos Threat Report 2020.
Host Anna Brading is joined by Sophos experts Peter Mackenzie and Greg Iddon on this week's episode of the podcast.
Listen now!
Related articles:
Airbnb: https://nakedsecurity.sophos.com/2019/11/11/huge-airbnb-scam-leads-to-promise-to-vet-every-host-every-listing/
Mozilla: https://nakedsecurity.sophos.com/2019/11/06/mozilla-says-isps-are-lying-to-congress-about-encrypted-dns/
2020 threat report: https://www.sophos.com/en-us/labs/security-threat-report.aspx2019-11-1342 min
Naked SecurityS2 Ep16 - BlueKeep's back, ransomware batters Spain, and yet more sextortionMass ransomware hit Spain earlier this week, BlueKeep's back and there's yet another twist in the sextortion saga.
Sophos experts Mark Stockley, Peter Mackenzie and Paul Ducklin join Producer Alice Duckett this week to discuss.
We also have a brand new Naked Security YouTube channel subscribe here: https://www.youtube.com/channel/UCuTRp4eg7vwZFYMzHP4KDlA?view_as=subscriber
Listen now!
Related articles:
RDP BlueKeep exploit shows why you really, really need to patch: https://nakedsecurity.sophos.com/rdp-bluekeep-exploit-shows-why-you-really-really-need-to-patch/
Ransomware attacks in Spain leave radio station in “hysteria”: https://nakedsecurity.sophos.com/spanish-ransomware-hits-two-companies/
Sextortion scammers are hijacking blogs – and victims are pa...2019-11-0648 min
Naked SecurityS2 Ep15 - City under attack! VPN hacked, floppies nixedThis week we discuss the cyberattack with a difference on the city Johannesburg, how a hacker accessed company web servers via NordVPN and why the US nuclear weapons command finally ditched 8-inch floppies.
Host Anna Brading is joined by Mark Stockley, Greg Iddon and Peter Mackenzie.
Listen now!
Related articles:
Ransomware with a difference as hackers threaten to release city data: https://nakedsecurity.sophos.com/2019/10/28/johannesburg-hit-by-second-malware-attack/
Hacker breached servers used by NordVPN: https://nakedsecurity.sophos.com/2019/10/23/hacker-breached-servers-used-by-nordvpn/
US nuclear weapons command finally ditches 8-inch floppies: https://nakedsecurity.sophos.com/2019/10/22/us-nuclear-weapons-command-finally-ditches-8-inch-floppies/2019-10-3046 min
Naked SecurityS2 Ep14 - Samsung fingerprint fail, mystery black boxes and invisible Android appsThis week we discuss the screen protector which bypasses fingerprint readers on Samsung’s flagship smartphones, icon-hiding Android adware and a mystery black box.
Host Anna Brading is joined by Sophos experts Mark Stockley and - for his final appearance - Matt Boddy.
Read our related articles here:
Samsung fingerprint reader spoofed: https://nakedsecurity.sophos.com/2019/10/21/samsung-galaxy-s10-fingerprint-reader-beaten-by-3-gel-protector/
Icon-hiding Android adware returns to the Play Market: https://news.sophos.com/en-us/2019/10/08/icon-hiding-android-adware-returns-to-the-play-market/
Pen testers find mystery black box connected to ship’s engines: https://nakedsecurity.sophos.com/2019/10/17/pen-testers-find-mystery-black-box-connected-to-ships-engines/2019-10-2339 min
Naked SecurityS2 Ep13 - Weird Android zero-day and other tech failsThis week producer Alice Duckett steps in to host the show with Sophos experts Mark Stockley and Greg Iddon.
They discuss Twitter's two-factor authentication faux pas, the risks of copy and pasting code from Stack Overflow and an Android zero-day with a difference.
If you're interested in learning more, read our related articles:
Twitter fail: https://nakedsecurity.sophos.com/2019/10/10/twitter-used-2fa-phone-numbers-for-targeted-advertising/
Stack Overflow: https://nakedsecurity.sophos.com/2019/10/09/copy-and-paste-sharing-on-stack-overflow-spreads-insecure-code/
Android Zero Day: https://nakedsecurity.sophos.com/2019/10/07/android-devices-hit-by-zero-day-exploit-google-thought-it-had-patched/2019-10-1544 min
Naked SecurityS2 Ep12 - Dark Web, O.MG Cable spying and securing new laptopsThis week host Anna Brading is joined by Sophos experts Mark Stockley and Greg Iddon.
They discuss the bust of CyberBunker, a malicious lightning cable that's about to hit the mass market and how to secure your laptop.
Related articles:
Darknet: https://nakedsecurity.sophos.com/2019/10/01/darknet-hosting-provider-busted-in-underground-nato-bunker/
O.MG lightning cable: https://nakedsecurity.sophos.com/2019/10/02/omg-evil-lightning-cable-hits-prime-time/
Secure your new laptop: https://nakedsecurity.sophos.com/2019/10/04/buying-a-new-laptop-heres-how-to-secure-it/2019-10-1045 min
Naked SecurityS2 Ep11 - Fleeceware, Chrome bug and the sextortion scam that won't dieThis week host Anna Brading is joined by Sophos experts Mark Stockley and Greg Iddon.
They discuss National Cyber Security Awareness Month, the latest chrome bug, 'Fleeceware' and why people are still falling for emails claiming they've recorded you through your webcam.
Related articles:
Greg talks about SophosLabs’ latest research into ‘Fleeceware’: https://nakedsecurity.sophos.com/2019/09/27/fleeceware-play-store-apps-quietly-charging-up-to-250/
Source article: https://news.sophos.com/en-us/2019/09/25/fleeceware-apps-overcharge-users-for-basic-app-functionality/
Mark discusses how Chrome brought Hollywood to a standstill: https://nakedsecurity.sophos.com/2019/09/27/chrome-cripples-movie-studio-mac-pros/
Chrome Update Google thread: https://support.google.com/chrome/thread/15235262
Anna covers the sextortion emails that just won’t die. Here’s the orig...2019-10-0343 min
Naked SecurityS2 Ep10 – Emotet’s back, mutant WannaCry and Insta scamThis week host Anna Brading is joined by Sophos experts Mark Stockley, Ben Jones and Peter Mackenzie.
Ben explains why emotet is back, Peter shares his latest research into WannaCry and Mark shares the latest social media phish.
Related articles:
Emotet:
https://nakedsecurity.sophos.com/2019/01/25/fighting-emotet-lessons-from-the-front-line/
WannaCry:
https://nakedsecurity.sophos.com/2019/09/18/wannacry-the-worm-that-just-wont-die/
https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/WannaCry-Aftershock.pdf
Instagram phish:
https://nakedsecurity.sophos.com/2019/09/24/instagram-phish-poses-as-copyright-infringement-warning-dont-click/2019-09-2549 min
Naked SecurityS2 Ep9 - Wikipedia down, Firefox VPN and NetCAT attacksThis week, Producer Alice Duckett steps in to host the show with Paul Ducklin, Mark Stockley and Greg Iddon.
Greg discusses the most disruptive Distributed Denial of Service (DDoS) attack in recent memory affecting Wikipedia, Mark shares another privacy boost for Firefox users and Duck explains why SSH-stealing NetCAT is not really a problem.
Related articles
Wikipedia DDos:
https://nakedsecurity.sophos.com/2019/09/11/wikipedia-fights-off-huge-ddos-attack/
Firefox Private Network:
https://nakedsecurity.sophos.com/2019/09/13/mozilla-private-network-vpn-gives-firefox-another-privacy-boost/
NetCat:
https://nakedsecurity.sophos.com/2019/09/13/intel-ssh-stealing-netcat-bug-not-really-a-problem/2019-09-1847 min
Naked SecurityS2 Ep8 - Facebook Phone Leak, $5m Ransoms And DNS ControversyThis week, Producer Alice Duckett steps in to host the show with Paul Ducklin, Ben Jones and special guest Peter Mackenzie.
Peter shares the latest ransomware trends, Ben discusses a Facebook data leak which led to the exposure of 419 million phone numbers and Duck explains why not everyone is happy about Mozilla's move towards DNS over HTTPS.
Related articles
Mozilla:
https://nakedsecurity.sophos.com/2019/09/10/mozilla-increases-browser-privacy-with-encrypted-dns/
Facebook:
https://nakedsecurity.sophos.com/2019/09/06/database-exposed-133-million-us-facebook-users-phone-numbers/
Ransomware:
https://nakedsecurity.sophos.com/2019/09/09/us-city-balks-at-paying-5-3-million-ransomware-demand/
RDP research:
https://sophos.com/rdp2019-09-1148 min
Naked SecurityS2 Ep7 - iPhones attacked, Twitter hack and set-top box Android botnetThis week on the Naked Security podcast host Anna Brading is joined by Mark Stockley, Paul Ducklin and Matt Boddy.
They discuss iPhone zero days, android botnets and how the founder and CEO of Twitter had his account hijacked.
Do you have a question? Let us know and we’ll answer them next week.
Related Naked Security articles:
iPhone hacking: https://nakedsecurity.sophos.com/2019/08/30/sophisticated-iphone-hacking-went-unnoticed-for-over-two-years/
Twitter takeover: https://nakedsecurity.sophos.com/2019/08/30/jacks-twitter-attacked-phone-number-hacked/
Iphone
Botnet targets set-top boxes: https://nakedsecurity.sophos.com/2019/08/30/botnet-targets-set-top-boxes-using-android-os/
Read our rdp research: https://sophos.com/rdp2019-09-0545 min
Naked SecurityS2 Ep6 - Instagram phishing, jailbreaking iPhones and social media hoaxesThis week on the Naked Security podcast host Anna Brading is joined by Mark Stockley and Paul Ducklin.
They discuss sophisticated Instagram phishing attacks, jailbreaking iPhones and the latest social media hoax.
Do you have a question? Let us know and we’ll answer them next week.
Related Naked Security articles:
Jailbreaking:
https://nakedsecurity.sophos.com/apple-ios-update-ends-in-jailbroken-iphones
https://nakedsecurity.sophos.com/emergency-ios-patch-fixes-jailbreaking-flaw
Social media hoaxes:
https://nakedsecurity.sophos.com/privacy-policy-change-hoax-infects-instagram
https://nakedsecurity.sophos.com/hoax-alert-facebook-deadline
https://nakedsecurity.sophos.com/please-dont-spread-the-facebook-giraffe-picture-hoax
https://nakedsecurity.sophos.com/the-momo-challenge-urban-legend
https://nakedsecurity.sophos.com/the-talking-angela-witch-hunt
Phishing:
https://nakedsecurity.sophos.com/instagram-phishing-uses-2fa-as-a-lure
https://www.sophos.co...2019-08-2844 min
Naked SecurityS2 Ep5 - Phishing, eavesdropping voice assistants and quick fire questionsThis week on the Naked Security podcast we discuss whether big tech companies are spying on you and the latest phishing scams.
Do you have a question? Let us know and we’ll answer them next week.
With Anna Brading, Ben Jones and Matt Boddy.
Humans are listening to your voice recordings – Our articles are below:
Microsoft: https://nakedsecurity.sophos.com/2019/08/09/your-skype-translator-calls-may-be-heard-by-humans/
And then updating its policy: https://nakedsecurity.sophos.com/2019/08/16/microsoft-wont-shift-on-ai-recordings-policy/
Facebook: https://nakedsecurity.sophos.com/2019/08/15/facebook-got-humans-to-listen-in-on-some-messenger-voice-chats/
Google and Apple: https://nakedsecurity.sophos.com/2019/08/05/google-and-apple-suspend-contractor-access-to-voice-recordings/
Apple saying no to backdoor the San Bernadino terrorist’s iPhone: https://nakedsecurity.sophos.com/20...2019-08-2143 min
Naked SecurityS2 Ep3 - Ransomware, surveillance and data theftThe Naked Security podcast tells you how to keep crooks out of your home network, discusses whether the government should be able to read our private messages or not, and digs into the crooks behind the Baldr malware.
With Anna Brading, Paul Ducklin, Mark Stockley and Ben Jones.
This week's links:
https://nakedsecurity.sophos.com/nas-vendors-hit-by-brute-force
https://nakedsecurity.sophos.com/ep-025-business-email-compromise
https://sophos.com/rdp
https://nakedsecurity.sophos.com/five-eyes-nations-demand-access2019-08-0745 min
Naked SecurityS2 Ep2 - EvilGnome, leaky browser add ons and the latest on BlueKeepThis week we discuss EvilGnome, leaky browser add ons and the latest on BlueKeep.
With Anna Brading, Paul Ducklin, Mark Stockley and Matt Boddy.
What we talked about this week:
https://nakedsecurity.sophos.com/2019/07/26/happy-sysadminday-2019/
https://nakedsecurity.sophos.com/happy-sysadminday-2019
https://nakedsecurity.sophos.com/evilgnome-linux-malware
https://nakedsecurity.sophos.com/rdp-bluekeep-exploit-shows-why
https://nakedsecurity.sophos.com/browser-plug-ins-peddled-personal-data2019-08-0146 min
Naked SecurityS2 Ep1 - FaceApp, logic bombs and youngsters' online safetyThe Naked Security podcast - now in Series 2! This week we investigate whether FaceApp is as dangerous as they say, how to keep logic bombs out of your software, and how to help youngsters stay safe online.
With Anna Brading, Paul Ducklin, Mark Stockley and Matt Boddy.
What we talked about this week:
https://nakedsecurity.sophos.com/faceapp-panic-sets-internet-alight
https://nakedsecurity.sophos.com/the-momo-challenge-urban-legend-what-on-earth-is-going-on/
https://nakedsecurity.sophos.com/how-my-instagram-account-got-hacked/
https://nakedsecurity.sophos.com/programmer-from-hell-plants-logic-bombs-to-guarantee-future-work/
https://www.youtube.com/watch?v=QEkoetCHVRY
https://twitter.com/NakedSecurity/status/1153627392965042176
https://twitter.com/NakedSecurity/status/11521713990013665282019-07-251h 01
Naked SecurityEp. 028 - SPEWS, Android security and scary Facebook messagesThe Naked Security podcast tells you how to make your web signup forms safer, explains how Android phones can be used as security tokens, and looks into a Facebook "hidden message" that escaped into the wild..
With Anna Brading. Paul Ducklin and Matthew Boddy.
This week's links:
https://nakedsecurity.sophos.com/serious-security-how-web-forms-can-steal
https://nakedsecurity.sophos.com/android-phones-transformed-into-anti-phishing
https://nakedsecurity.sophos.com/facebook-admits-supply-chain-data-leak
Music by: https://purple-planet.com/2019-04-1619 min
Naked SecurityEp. 027 - Honeypots, GPS rollover and the MySpace data vortexThe Naked Security podcast reveals how long you can expect to go unnoticed online, explains why we still have applications where every bit matters, and comes up with a new vocabulary for "data loss" on the scale of MySpace's music file implosion.
With Anna Brading, Paul Ducklin, Matthew Boddy and Benedict Jones.
This week's links:
https://nakedsecurity.sophos.com/knock-and-dont-run
https://nakedsecurity.sophos.com/ep-025
https://nakedsecurity.sophos.com/serious-security-gps-week-rollover
https://nakedsecurity.sophos.com/myspace-songs-come-back
Music by: https://purple-planet.com/2019-04-1024 min
Naked SecurityEp. 026 - Android bloatware, hackable routers and website attacksThe Naked Security podcast looks into the annoying problem of bloatware on Android phones, explains a zero-day bug in a TP-Link router and how it turned into bad PR, and gives you advice on how to keep crooks out of your web server.
With Anna Brading, Paul Ducklin, Matthew Boddy and Benedict Jones.
This week's links:
https://nakedsecurity.sophos.com/preinstalled-android-software
https://nakedsecurity.sophos.com/tp-link-router-zero-day
https://nakedsecurity.sophos.com/supermarket-patches-its-web
Music by: https://purple-planet.com/2019-04-0323 min
Naked SecurityEp. 025 - Business Email Compromise and IoT surprisesThe Naked Security podcast explains how to avoid losing money to the cybercrime known as BEC, or Business Email Compromise, and gives you tips on what to look out for when you plug new devices into your network.
With Paul Ducklin, Matthew Boddy and Benedict Jones.
This week's links:
https://nakedsecurity.sophos.com/fbi-arrests-74-in-global-business-email-compromise-takedown
https://nakedsecurity.sophos.com/why-you-should-be-cautious-of-emails-from-friends-or-colleagues
https://nakedsecurity.sophos.com/7-tips-for-securing-the-internet-of-things
https://nakedsecurity.sophos.com/what-if-your-security-camera-were-an-insecurity-camera
https://nakedsecurity.sophos.com/upnp-flaws-turn-millions-of-firewalls-into-doorstops
To get Sophos XG Firewall Home Edition (100% free):
https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx
Music by: https://purple-planet.com/2019-03-2624 min
Naked SecurityEp. 024 - Sextortion, malicious adverts and randomness explainedIn this Naked Security podcast, we explain how to handle sextortion, look at techniques for getting rid of malvertising, and discuss the things that make randomness hard.
With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/final-warning-email
https://nakedsecurity.sophos.com/cia-bribery-scam
https://nakedsecurity.sophos.com/sextortion-whats-new
https://nakedsecurity.sophos.com/chrome-will-soon-block-drive-by
https://nakedsecurity.sophos.com/serious-security-when-randomness-isnt
How to report cybercrime online:
https://nakedsecurity.sophos.com/beware-sextortionists/#comment-5621990
Music by: https://purple-planet.com/2019-03-2025 min
Naked SecurityEp. 023 - Facebook promises and Google Chrome patchesThis week, the Naked Security Podcast tries to figure out where Mark Zuckerberg's new "Facebook Privacy Promise" is going, and digs into both the technical and community aspects of a recent Chrome zero-day bug.
With Anna Brading, Mark Stockley and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/study-throws-security-shade-on-freelance
https://nakedsecurity.sophos.com/zuck-says-facebook-is-becoming-more-privacy-focused
https://nakedsecurity.sophos.com/serious-chrome-zero-day-google-says-update
Music by: https://purple-planet.com/2019-03-1523 min
Naked SecurityEp. 022 - Plaintext passwords, cryptocoin criminality and the Momo monstrosityThe Naked Security podcast explains why storing plaintext passwords is an unnecessary evil, investigates a cryptocurrency spat between a software maker and a disgruntled user, and tells you some earnest but unpopular truths about how to keep your children safe online.
With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/millions-of-utilities-customers-passwords-stored-in-plain-text
https://nakedsecurity.sophos.com/disgruntled-dev-blames-crypto-wallet-for-losing-cryptocoins
https://nakedsecurity.sophos.com/the-momo-challenge-urban-legend
https://nakedsecurity.sophos.com/the-momo-challenge-why-its-time-to-stop-the-hype
Related links:
https://nakedsecurity.sophos.com/serious-security-how-to-store-your-users-passwords-safely
https://nakedsecurity.sophos.com/the-passwordless-web-explained
Music by: https://purple-planet.com/2019-03-0531 min
Naked SecurityEp. 021 - Leaked calls, a virus on the loose and passwords on displayThe Naked Security podcast investigates a massive medical data blunder, tells you how NOT to do vulnerability disclosure, and asked whether password managers do more harm than good.
With Anna Brading, Paul Ducklin, Mark Stockley and Matt Boddy.
This week's stories:
https://nakedsecurity.sophos.com/milions-of-private-medical-calls-exposed
https://nakedsecurity.sophos.com/virus-attack-hackers-unleash
https://nakedsecurity.sophos.com/password-managers-leaking-data
Music by: https://purple-planet.com/2019-02-2630 min
Naked SecurityEp. 020 - Leaky containers, careless coders and risky USB cablesThe Naked Security podcast explains the recent security hole in Linux products such as Docker and Kubernetes, ponders whether Apple's insistence on 2FA for developers will bring rogue apps under control, and tells you whether to worry about booby-trapped USB cables.
With Anna Brading, Paul Ducklin and Greg Iddon.
This week's stories:
https://nakedsecurity.sophos.com/linux-container-bug-could-eat-your-server
https://nakedsecurity.sophos.com//apple-fighting-pirate-app-developers
https://nakedsecurity.sophos.com/evil-usb-o-mg-cable
Music by: https://purple-planet.com/2019-02-2020 min
Naked SecurityEp. 019 - Android holes, iOS screengrabbing and USB pooThe Naked Security podcast pokes a stick into the latest critical security bugs in Android, investigates the dubious art of iOS screenshots you didn't take yourself, and marvels at the USB drive that survived a seal's digestive tract.
With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/android-vulnerabilities-open-pie
https://nakedsecurity.sophos.com/iphone-apps-record-your-screen
https://nakedsecurity.sophos.com/anyone-want-to-lay-claim-to-the-usb
Music by: https://purple-planet.com/2019-02-1224 min
Naked SecurityEp. 018 - Home invasions, snoopy apps and Android versus iOSThe Naked Security podcast looks at who was at fault in a network home invasion, investigates how both Google and Facebook fell foul of Apple's developer rules, and answers the vital question, "Which is better, Android or iPhone?"
With Anna Brading, Paul Ducklin and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/hacker-talks-to-baby
https://nakedsecurity.sophos.com/apple-kicks-facebook
https://nakedsecurity.sophos.com/google-says-sorry
https://twitter.com/NakedSecurity/status/1090960185441562624
Music by: https://purple-planet.com/2019-02-0524 min
Naked SecurityEp. 017 - DNS hijacking, a weird breach and a cybersecurity confessionThe Naked Security Podcast digs into a US Emergency Directive to stop government sites getting hijacked, examines a data breach with a difference, and hears a cybersecurity expert's confession of how his Instagram got hacked.
With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
This week's stories:
https://nakedsecurity.sophos.com/us-gov-declares-emergency
https://nakedsecurity.sophos.com/bqs-dodgy-database-divulges-data
https://nakedsecurity.sophos.com/how-my-instagram-account-got-hacked
Social network advice:
https://nakedsecurity.sophos.com/how-to-secure-your-instagram-account-using-2fa
https://nakedsecurity.sophos.com/how-to-secure-your-twitter-account
https://nakedsecurity.sophos.com/how-to-protect-your-facebook-
https://nakedsecurity.sophos.com/facebook-fallout-what-are-your-options
Music by: https://purple-planet.com/2019-01-3027 min
Naked SecurityEp. 016 - Email fraud, Android insecurity, Collection #1 and the 10 Year ChallengeThe Naked Security podcast looks at high-value email crime, Google's latest attempt to clean up the Play Store, how you can buy a billion email addresses for just $45, and the conspiracy theories that say the "10 year challenge" is a dangerous trap! With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
https://nakedsecurity.sophos.com/email-crooks-swindle-woman
https://nakedsecurity.sophos.com/google-locks-down-access
https://nakedsecurity.sophos.com/vast-data-berg-washes-up
https://nakedsecurity.sophos.com/is-the-ten-year-challenge
Music by: https://purple-planet.com/2019-01-2230 min
Naked SecurityEp. 015 - USB anti-hacking, bypassing 2FA and government insecurityNaked Security looks at whether the latest USB hardware proposals will be used for security or for anti-piracy, investigates an open-source toolkit for bypassing 2FA, and explains how the US government shutdown is affecting online security. With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy.
https://nakedsecurity.sophos.com/usb-c-authentication-sounds-great
https://nakedsecurity.sophos.com/2fa-codes-can-be-phished
https://nakedsecurity.sophos.com/shutdown-hits-government-web
Music by: https://purple-planet.com/2019-01-1725 min
Naked SecurityEp. 014 - Rickrolls, Acrobat and zombie handsThe Naked Security Podcast investigates the ethics of remote rickrolling, whether Acrobat is the new Flash, and how to fool biometrics with a zombie hand. With Anna Brading. Paul Ducklin, Mark Stockley and Matthew Boddy.
https://nakedsecurity.sophos.com/dont-fall-victim-to-the-chromecast
https://nakedsecurity.sophos.com/update-now-adobe-acrobat
https://nakedsecurity.sophos.com/vein-authentication-beaten
Music by https://purple-planet.com/2019-01-1225 min
Naked SecurityEp. 013 - Breaches, Facebook and ransomware reinventedThe Naked Security Podcast rings out 2018 with a look at the big issues of the past year. With Anna Brading, Paul Ducklin and Matthew Boddy.
https://nakedsecurity.sophos.com/huge-marriott-breach
https://nakedsecurity.sophos.com/big-facebook-breach
https://nakedsecurity.sophos.com/cambridge-analyticas-secret
https://nakedsecurity.sophos.com/iranian-hackers-charged
https://nakedsecurity.sophos.com/after-samsam-ryuk
https://nakedsecurity.sophos.com/how-to-pick-a-proper-password
https://nakedsecurity.sophos.com/two-factor-authentication-2fa
Music by https://purple-planet.com/2018-12-2125 min
Naked SecurityEp. 012 - WordPress worms, Android fraud and Flash failsIn this Naked Security podcast, Anna Brading, Paul Ducklin and Mark Stockley confront the latest cybersecurity threats affecting WordPress, Android and Flash.
https://nakedsecurity.sophos.com/massive-botnet-chews-through
https://nakedsecurity.sophos.com/android-click-fraud-apps
https://nakedsecurity.sophos.com/flash-zero-day-exploit-spotted
Music by https://purple-planet.com/2018-12-1318 min
Naked SecurityWelcome to the wonderful world of GDPR! Where next?GDPR enforcement started in May 2018. Where next?
Join Sophos Naked Security's Paul Ducklin and Vincent Vanbiervliet, Product Manager of Data Protection at Sophos, as they talk about how to turn security into a business asset - a value to be embraced, not just a cost to be minimised.2018-07-1720 min
Naked SecurityRansomware revisited – is it really the worst sort of malware?Is ransomware really the worst sort of cyberattack you can experience? Or is it more of a “worst among equals,” given all the other sorts of malware out there too?
Sophos security expert James Burchell explains what to do when faced with a multitude of cyberthreats.
https://sophos.com/securitysos2017-06-2423 min
Naked SecuritySurveillance - when does security turn into snooping?Here's the third episode of our June 2017 "Sophos Security SOS" series - a week of topical podcasts, originally recorded and broadcast live.
Sophos cybersecurity specialist Luke Groves talks to Paul Ducklin about how to take charge of security inside your organisation without creating an uncomfortable culture of snooping and surveillance.
https://sophos.com/securitysos2017-06-2229 min
Naked SecurityPhishing – how this troublesome crime is evolvingHere's the second episode of our June 2017 "Sophos Security SOS" series - a week of topical podcasts, originally recorded and broadcast live.
In this episode, Paul Ducklin interviews Sophos malware specialist Peter Mackenzie about the evolution of phishing. Join us to learn how to keep your own users safe.
https://sophos.com/securitysos2017-06-2027 min
Naked SecurityGDPR – Burden or opportunity? Cost or value?This is the first in our June 2017 "Sophos Security SOS" series - a week of topical podcasts, originally recorded and broadcast live. In this episode, Paul Ducklin interviews Sophos expert John Shaw about the new European data protection laws (GDPR), how they affect organizations in Europe, North America and beyond, and how to turn them into an opportunity rather than merely shouldering them as a burden.
https://sophos.com/securitysos2017-06-2030 min
Naked SecurityChet Chat 224 - Dec 1, 2015Join Sophos experts Chester Wisniewski and John Shier for the latest episode in our weekly security podcast.
This week: daily December tips on Naked Security, a big breach at VTech, insecurity-by design in the IoT, Geekweek, a cybercrime bust...and Sophos Home as a present for the festive season!2015-12-0519 min
Naked SecurityChet Chat 222 - Nov 19, 2015Join Sophos security experts John Shier and Paul Ducklin as they dissect the week's computer security news with their usual mix of insight and wit.
In this episode: we reach our "double nelson"; busts in the JPMorgan hack; malware on iOS, Android and OS X; get Sophos Home for free; and how BadBIOS is back...this time, on your TV.2015-11-2014 min
Naked SecuritySophos Techknow - Malware on Linux: When Penguins AttackSophos security expert Chester Wisniewski took a week's worth of known-bad website data from SophosLabs and worked backwards to investigate some important questions: Which platform hosts the most malware? How does it get there? And what can we do about it?
Paul Ducklin dug into the research data with Chester, and the result was this fascinating and educational podcast, revealingly subtitled, "When Penguins Attack."2015-07-0321 min
Radio Sophos FranceSophos Podcast Ep.012 - Actu Sophos Et Media Sociaux StratégieRelance des podcasts, il est temps de vous abonner.
Quelques points sur l'actualité Sophos, solutions et agenda.
Puis quelques éléments clé de notre stratégie digitale orientée vers l'éducation des utilisateurs informatique.
http://012.RadioSophos.fr2015-03-2500 min
Naked SecuritySophos Techknow - Dealing with RansomwareSophos security experts Paul Ducklin and Chester Wisniewski tell you what you need to know about the what, the why and the how of ransomware.
What is ransomware? Why has it become such a problem? And how do you protect yourself from it?2014-11-2517 min
Naked SecuritySophos Techknow - Firewalls DemystifiedJoin Sophos experts Paul Ducklin and Chester Wisniewski as they take a clear but entertaining trip through the components you'll find in a modern network firewall, helping you to understand the what, how and why of each part.
Whether you're an IT professional responsible for implementing a network security policy, the CFO who has to pay for it, or just a concerned user keen to learn more about defense in depth, this podcast will tell you what you need to know...2014-07-2124 min
Naked SecuritySophos Security Threat Report 2014Sophos Security Threat Report 2014 by Sophos2013-12-1017 min
Naked SecuritySophos Security Chet Chat - Episode 118.99 - October 4, 2013In the last third of Sophos Security Chet Chat 118 Chet interviews Vanja Svajcer from SophosLabs about his presentation on potentially unwanted Android apps. Many users are being inundated with advertising pop-ups and other pesky behaviours, leading security vendors toward providing tools to block these apps.2013-10-2711 min
Naked SecuritySophos Security Chet Chat - Episode 113 - July 19, 2013Chet and Duck talk about the stolen "master Android keys", Tumblr security flaws, Club Nintendo password woes and the new Sophos puzzle for BlackHat 2013.2013-10-2714 min
Naked SecuritySophos Security Chet Chat - Episode 108 - May 8, 2013Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat. Duck explains a WWII steganography technique and introduces a contest. Chester and Duck then discuss internet camera vulnerabilities, game software rigged to mint Bitcoins and more password database breaches.2013-10-2714 min
Naked SecuritySophos Security Chet Chat - Episode 92 - June 5, 2012Michael Argast from Telus joined Chet once again to discuss the week's news. Topics covered include Flame malware, Do Not Track, TACK, Conficker and Sophos Mobile Security for Android.2013-10-2720 min
Naked SecuritySophos Security Chet Chat - Episode 82 - February 3, 2012This week, Paul Ducklin joins Chet to talk about the Sophos Security Threat Report 2012, the new anti-phishing proposal known as DMARC and mobile phone numbers being leaked through HTTP headers at O2.2013-10-2714 min
Naked SecuritySophos Security Chet Chat - Episode 61 - May 27, 2011Chester Wisniewski sits down with one of the most experienced Sophos technical support experts to discuss best practices and how we can use the tools we have to do a better job defending against modern malware.2013-10-2621 min
Naked SecuritySophos Security Chet Chat - Episode 58 - April 30, 2011Sophos Security Chet Chat 58 features Paul Ducklin and Chester Wisniewski discussing the week's most pertinent security topics. This week: the Coreflood take-down; password loss at DSLReports; Sony's big data breach; Iran claims a "Stars" virus attack; and Facebook shuts down Ars Technica.2013-10-2618 minRadio Sophos FranceSophos Podcast Ep.006 - Provectio, partenaire Sophos depuis 10 ans !Sophos France fait confiance à Provectio Hosting pour héberger en toute sécurité ses supports de communication en marketing digital.
http://www.sophosfranceblog.fr/provectio-hosting-marketing-digital-sophos-france/2013-03-2700 min