U.S. ‘No Fly List’ Leaks, AI-Powered Phishing, Wi-Fi Used to See Humans Through Walls
A hacker discovered a copy of the US No Fly List, which contains the names of people banned from traveling in or out of the US on commercial flights, on an unsecured Jenkins server connected to a commercial airline.
Will...
Social Zombies Revisited: Your Friends Want to Eat Your Brains
On this week’s episode, We’re excited to bring you a classic conference talk that Tom Eston gave with co-host Kevin Johnson back in 2009 at DEF CON 17 in Las Vegas. The talk is called “Social Zombies: Your Friends...
Meta’s EU Ad Practices Ruled Illegal, Twitter API Data Breach, Vulnerabilities in Major Car Brands
Facebook has been ordered to pay a fine of $414m by EU regulators who ruled that the company had broken EU law by forcing users to accept personalized ads. The ruling could have a major impact on Facebook’s advertising...
LastPass Password Vaults Stolen, Pig Butchering Scams, Okta Source Code Theft
Things get worse for LastPass as a security breach in November resulted in the theft of customer data, including encrypted password vaults and unencrypted web addresses.
Pig butchering scams, a variation of business email compromise and romance scams, are on...
How to Stop Online Tracking: 3 New Ways
In this episode host Tom Eston discusses one of the biggest privacy concerns people have today, online tracking by companies and advertisers. Tom will cover the following topics, tips, and new techniques to help you stop being tracked:
Why should...
The Year in Review and 2023 Predictions
In our last episode of the year, we discuss the year that was 2022. What did we get right? What did we get wrong? And what are our cybersecurity and privacy predictions for 2023?
Thank you to all of our...
Apple to Allow Third-Party App Stores, Lensa AI App Privacy Risks, Real-Life Invisibility Cloak
Apple is considering giving third-party app stores access to its iPhones and iPads in the European Union (EU) to comply with new competition law. Will the “sideloading” of apps change Apple’s walled garden of security?
Lensa the AI app that...
ChatGPT Goes Viral, More Trouble for LastPass, Apple’s New Data Protections
A chatbot developed by OpenAI, called ChatGPT, has gone viral and is able to mimic human language and speech styles and can interact with users in a conversational way. It can be used for a range of purposes, including...
SASE: Is it Just Another Cybersecurity Buzzword?
In this sponsored episode co-host Tom Eston discusses SASE (Secure Access Service Edge) and if its more than just the latest cybersecurity buzzword with Carlos Salas from NordLayer. Topics include:
– What is SASE (Secure Access Service Edge)?
– What’s the...
Is Social Media at a Tipping Point, The TikTok Invisible Challenge, San Francisco Police Can Use Killer Robots
A recent data breach of 5.4 million Twitter users and Meta being fined $265 million dollars from a 2021 data leak, and people are fleeing Twitter because of Elon Musk. Are we finally seeing a tipping point in social...
How to Break Into a Cybersecurity Career – Rob Fuller (Mubix)
This week we continue our series on how to break into a cybersecurity career with long time industry veteran, Rob Fuller (Mubix). Rob speaks with us about how he started his career in the Marine Corps, his time on...
The Rise of Mastodon, Twitter in Trouble, Largest Privacy Settlement in US History
Former Twitter users are migrating en masse to Mastodon so what is Mastodon and what do you need to know about Mastodon from a security and privacy perspective? Twitter was flooded by a wave of imposter accounts after the...
How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR)
Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how...
Cybersecurity’s Role in Combating Midterm Election Disinformation
Katie Teitler, Senior Cybersecurity Strategist at Axonius and co-host on the popular Enterprise Security Weekly podcast, joins us to discuss the role of cybersecurity in combating midterm election disinformation. We discuss the difference is between misinformation and disinformation, how...
CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications
Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. Plus, details on the recent (ISC)2 bylaw vote...
GitHub says hackers cloned code-signing certificates in breached repository
Enlarge
GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom.
Code-signing certificates place...
QNAP addresses a critical flaw impacting its NAS devices
Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices.
QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that...
Chromebook SH1MMER exploit promises admin jailbreak
Schools' laptops are out if this one gets around, but beware bricking Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.…
MusicLM: Google AI generates music in various genres at 24 kHz
Enlarge / An AI-generated image of an exploding ball of music. (credit: Ars Technica)
On Thursday, researchers from Google announced a new generative AI model called MusicLM that can create...
Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
