Saturday, July 20, 2019

Series 2 Launch – RDP Exposed

The Naked Security podcast is back - in our brand new studio! We present our latest research into RDP security and just how quickly crooks can find you online. Anna Brading talks to Matt Boddy, Ben Jones and Mark Stockley. https://sophos.com/rdp

Ep. 028 – SPEWS, Android security and scary Facebook messages

The Naked Security podcast tells you how to make your web signup forms safer, explains how Android phones can be used as security tokens, and looks into a Facebook "hidden message" that escaped into the wild.. With Anna Brading. Paul...

Ep. 027 – Honeypots, GPS rollover and the MySpace data vortex

The Naked Security podcast reveals how long you can expect to go unnoticed online before crooks first come knocking on your door, explains why we still have applications where bandwidth is in such tight supply that every bit matters,...

Ep. 026 – Android bloatware, hackable routers and website attacks

The Naked Security podcast looks into the annoying problem of bloatware on Android phones, explains a zero-day bug in a TP-Link router and how it turned into bad PR, and gives you advice on how to keep crooks out...

Ep. 025 – Business Email Compromise and IoT surprises

The Naked Security podcast explains how to avoid losing money to the cybercrime known as BEC, or Business Email Compromise, and gives you tips on what to look out for when you plug new devices into your network. With Paul...

Ep. 024 – Sextortion, malicious adverts and randomness explained

In this Naked Security podcast, we explain how to handle sextortion, look at techniques for getting rid of malvertising, and discuss the things that make randomness hard. With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy. This week's stories: https://nakedsecurity.sophos.com/final-warning-email https://nakedsecurity.sophos.com/cia-bribery-scam https://nakedsecurity.sophos.com/sextortion-whats-new https://nakedsecurity.sophos.com/chrome-will-soon-block-drive-by https://nakedsecurity.sophos.com/serious-security-when-randomness-isnt How to...

Ep. 023 – Facebook promises and Google Chrome patches

This week, the Naked Security Podcast tries to figure out where Mark Zuckerberg's new "Facebook Privacy Promise" is going, and digs into both the technical and community aspects of a recent Chrome zero-day bug. With Anna Brading, Mark Stockley and...

Ep. 022 – Plaintext passwords, cryptocoin criminality and the Momo monstrosity

The Naked Security podcast explains why storing plaintext passwords is an unnecessary evil, investigates a cryptocurrency spat between a software maker and a disgruntled user, and tells you some earnest but unpopular truths about how to keep your children...

Ep. 021 – Leaked calls, a virus on the loose and passwords on display

The Naked Security podcast investigates a massive medical data blunder, tells you how NOT to do vulnerability disclosure, and asked whether password managers do more harm than good. With Anna Brading, Paul Ducklin, Mark Stockley and Matt Boddy. This week's stories: https://nakedsecurity.sophos.com/milions-of-private-medical-calls-exposed https://nakedsecurity.sophos.com/2019/02/20/virus-attack-hackers-unleash https://nakedsecurity.sophos.com/2019/02/21/password-managers-leaking-data Music...

Ep. 020 – Leaky containers, careless coders and risky USB cables

The Naked Security podcast explains the recent security hole in Linux products such as Docker and Kubernetes, ponders whether Apple's insistence on 2FA for developers will bring rogue apps under control, and tells you whether to worry about booby-trapped...

Ep. 019 – Android holes, iOS screengrabbing and USB poo

The Naked Security podcast pokes a stick into the latest critical security bugs in Android, investigates the dubious art of iOS screenshots you didn't take yourself, and marvels at the USB drive that survived a seal's digestive tract. With Anna...

Ep. 018 – Home invasions, snoopy apps and Android versus iOS

The Naked Security podcast looks at who was at fault in a network home invasion, investigates how both Google and Facebook fell foul of Apple's developer rules, and answers the vital question, "Which is better, Android or iPhone?" With Anna...

Ep. 017 – DNS hijacking, a weird breach and a cybersecurity confession

The Naked Security Podcast digs into a US Emergency Directive to stop government sites getting hijacked, examines a data breach with a difference, and hears a cybersecurity expert's confession of how his Instagram got hacked. With Anna Brading, Paul Ducklin,...

Ep. 016 – Email fraud, Android insecurity, Collection #1 and the 10 Year Challenge

The Naked Security podcast looks at high-value email crime, Google's latest attempt to clean up the Play Store, how you can buy a billion email addresses for just $45, and the conspiracy theories that say the "10 year challenge"...

Ep. 015 – USB anti-hacking, bypassing 2FA and government insecurity

Naked Security looks at whether the latest USB hardware proposals will be used for security or for anti-piracy, investigates an open-source toolkit for bypassing 2FA, and explains how the US government shutdown is affecting online security. With Anna Brading,...

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.