Informações:
Sinopse
Podcast by SophosLabs
Episódios
-
S3 Ep149: How many cryptographers does it take to change a light bulb?
24/08/2023 Duração: 16minMiss Manners confronts copy-and-paste. WinRAR patches bugs. When Airplane mode isn't. How many cryptographers to change a light bulb? https://nakedsecurity.sophos.com/using-winrar-be-sure-to-patch https://nakedsecurity.sophos.com/snakes-in-airplane-mode https://nakedsecurity.sophos.com/smart-light-bulbs-could-give-away-your-password With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Email questions and suggestions to: tips@sophos.com
-
S3 Ep148: Remembering crypto heroes
17/08/2023 Duração: 18minNavajo Code Talkers Day. Beta bogosities. Skimming shenanigans. Hooligan hosting. A cybercrime conundrum. https://nakedsecurity.sophos.com/fbi-warns-about-scams-that-lure-you-in-as-a-mobile-beta-tester https://nakedsecurity.sophos.com/grab-hold-and-give-it-a-wiggle-atm-card-skimming https://nakedsecurity.sophos.com/crimeware-server-used-by-netwalker-ransomware-seized With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Email questions and suggestions to: tips@sophos.com
-
S3 Ep147: What if you type in your password during a meeting?
09/08/2023 Duração: 15minAn amazing Art Deco computer. Yet more performance-versus-security trouble. Is sound alone enough to sniff out your password? A rap song (of sorts) with a cybersecurity connection. https://nakedsecurity.sophos.com/2023/08/08/serious-security-why-learning-to-touch-type-could-protect-you-from-audio-snooping/ https://nakedsecurity.sophos.com/2023/08/04/crocodile-of-wall-street-and-her-husband-plead-guilty-to-giant-sized-cryptocrimes/ With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Email questions and suggestions to: tips@sophos.com
-
S3 Ep146: Tell us about that breach! (If you want to.)
03/08/2023 Duração: 17minFirefox fixes flaws. The exciting vulnerability that you don't need to be afraid of. Breach reporting rules with lots of leeway. https://nakedsecurity.sophos.com/firefox-fixes-a-flurry-of-flaws https://nakedsecurity.sophos.com/performance-and-security-clash-yet-again https://nakedsecurity.sophos.com/sec-demands-four-day-disclosure-limit With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Email questions and suggestions to: tips@sophos.com
-
S3 Ep145: Bugs With Impressive Names!
27/07/2023 Duração: 19minApple patches two zero-days, one for a second time. How a 30-year-old cryptosystem got cracked. All your secret are belong to Zenbleed. Remembering those dodgy PC/Mac ads. https://nakedsecurity.sophos.com/apple-ships-that-recent-rapid-response https://nakedsecurity.sophos.com/hacking-police-radios-30-year-old-crypto-flaws https://nakedsecurity.sophos.com/zenbleed-how-the-quest-for-cpu-performance With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Email questions and suggestions to: tips@sophos.com
-
S3 Ep144: When threat hunting goes down a rabbit hole
20/07/2023 Duração: 16minWhy your Mac's calendar app says it's JUL 17. One patch, one line, one file. Careful with that {axe,file}, Eugene. Storm season for Microsoft. When typos make you sing for joy. https://nakedsecurity.sophos.com/zimbra-collaboration-suite-warning https://nakedsecurity.sophos.com/google-virus-total-leaks-list https://nakedsecurity.sophos.com/microsoft-hit-by-storm-season With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep143: Supercookie surveillance shenanigans
13/07/2023 Duração: 17minRemembering the slide rule. What you need to know about Patch Tuesday. Supercookie surveillance shenanigans. When bugs arrive in pairs. Apple's rapid patch that needed a rapid patch. User-Agent considered harmful. https://nakedsecurity.sophos.com/microsoft-patches-four-zero-days-finally-takes-action https://nakedsecurity.sophos.com/serious-security-rowhammer-returns https://nakedsecurity.sophos.com/ghostscript-bug-could-allow-rogue-documents-to-run-system https://nakedsecurity.sophos.com/urgent-apple-fixes-critical-zero-day-hole https://nakedsecurity.sophos.com/apple-silently-pulls-its-latest-zero-day-update With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep142: Putting the X in X-Ops
06/07/2023 Duração: 14minFirst there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate "Ops" teams working together, with cybersecurity correctness as a guiding light. With Paul Ducklin and Matt Holdcroft. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep141: What was Steve Jobs's first job?
29/06/2023 Duração: 17minPONG for one player. Apple pushes out anti-spyware patch. Beware bad passwords on Linux servers. "Twitter hacker" gets 5 years. When mobile phones and dental hygiene collide. https://nakedsecurity.sophos.com/apple-patch-fixes-zero-day-kernel-hole https://nakedsecurity.sophos.com/beware-bad-passwords-as-attackers-co-opt-linux-servers https://nakedsecurity.sophos.com/uk-hacker-busted-in-spain-gets-5-years https://nakedsecurity.sophos.com/aussie-pm-says-shut-down-your-phone-every-24-hours With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep140: So you think you know ransomware?
22/06/2023 Duração: 18minGee Whizz BASIC (probably). Think you know ransomware? Megaupload, 11 years on. ASUS warns of critical router bugs. MOVEit mayhem Part III. https://nakedsecurity.sophos.com/the-ransomware-documentary-brand-new-video-series https://nakedsecurity.sophos.com/megaupload-duo-will-go-to-prison https://nakedsecurity.sophos.com/asus-warns-router-customers-patch-now https://nakedsecurity.sophos.com/moveit-mayhem-3 With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep139: Are password rules like running through rain?
15/06/2023 Duração: 17minMagnetic core memory. Patch Tuesday and SketchUp shenanigans. More MOVEit mitigations. Mt. Gox back in the news. Gozi malware criminal imprisoned at last. Are password rules like running through rain? https://nakedsecurity.sophos.com/patch-tuesday-fixes-4-critical-rce-bugs https://nakedsecurity.sophos.com/more-moveit-mitigations-new-patches https://nakedsecurity.sophos.com/history-revisited-us-doj-unseals-mt-gox-cybercrime-charges https://nakedsecurity.sophos.com/gozi-banking-malware-it-chief-finally-jailed https://nakedsecurity.sophos.com/thoughts-on-scheduled-password-changes With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep138: I like to MOVEit, MOVEit
08/06/2023 Duração: 22minCalling all modems. KeePass gets an update. MOVEit gets pwned. Chromium zero-day. The backdoor that wasn't really. WPBT explained. https://nakedsecurity.sophos.com/serious-security-that-keepass-master-password-crack https://nakedsecurity.sophos.com/moveit-zero-day-exploit-used-by-data-breach-gangs https://nakedsecurity.sophos.com/chrome-zero-day-this-exploit-is-in-the-wild https://nakedsecurity.sophos.com/researchers-claim-windows-backdoor With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep137: 16th century crypto skullduggery
01/06/2023 Duração: 21minHow to say "GIF". A Blackmailer-in-the-Middle attack. Knitting your own crypto. KeePass master password shenanigans. Binge listening. https://nakedsecurity.sophos.com/ransomware-tales-the-mitm-attack https://nakedsecurity.sophos.com/serious-security-verification-is-vital https://nakedsecurity.sophos.com/serious-security-that-keepass-master-password-crack With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep136: Navigating a manic malware maelstrom
25/05/2023 Duração: 20minLuminiferous aether. A $10m cybercrime reward. Bank scam kingpin gets 13 years. Three Apple 0-days. A Python malware maelstrom. https://nakedsecurity.sophos.com/us-offers-10m-bounty-for-russian-ransomware-suspect https://nakedsecurity.sophos.com/phone-scamming-kingpin-gets-13-years https://nakedsecurity.sophos.com/apples-secret-is-out-3-zero-days-fixed https://nakedsecurity.sophos.com/pypi-open-source-code-repository-deals-with-manic-malware-maelstrom With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep135: Sysadmin by day, extortionist by night
18/05/2023 Duração: 16minAn Apple product that flopped (and was not the Newton). Two-faced sysadmin jailed for 6 years. The smart plug with the unsmart security hole. Clearview AI again, once more, again. https://nakedsecurity.sophos.com/whodunnit-cybercrook-gets-6-years https://nakedsecurity.sophos.com/belkin-wemo-smart-plug-v2-the-buffer-overflow https://nakedsecurity.sophos.com/zut-alors-raclage-crapuleux-clearview-ai With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep134: It's a PRIVATE key - the hint is in the name!
11/05/2023 Duração: 17minThe world-changing Visible Calculator. How not to get a job. Private keys - the hint is in the name. Microsoft's complicated bootkit patch. Taming Bluetooth trackers. https://nakedsecurity.sophos.com/php-packagist-supply-chain-poisoned-by-hacker https://nakedsecurity.sophos.com/low-level-motherboard-security-keys-leaked https://nakedsecurity.sophos.com/bootkit-zero-day-fix-is-this-microsofts-most-cautious https://nakedsecurity.sophos.com/tracked-by-hidden-tags-apple-and-google-unite With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep133: Apple takes "tight-lipped" to a whole new level
04/05/2023 Duração: 18minNew England gets BASIC. Google hits back at CryptBot crooks. Apple seals its lips on security. Mac malware-as-a-service. World Password Day. PaperCut: disclose or don't disclose? https://nakedsecurity.sophos.com/google-wins-court-order-to-force-isps-to-filter https://nakedsecurity.sophos.com/apple-delivers-first-ever-rapid-security-response https://nakedsecurity.sophos.com/mac-malware-for-hire-steals-passwords-and-cryptocoins https://nakedsecurity.sophos.com/world-password-day-2-2-4 https://nakedsecurity.sophos.com/papercut-security-vulnerabilities-under-active-attack With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep132: Proof-of-concept lets anyone hack at will
27/04/2023 Duração: 17minThe CIH or SpaceFiller virus revisited. Google's 2FA security shortcut. Server vulns under active attack. Two Chrome zero-days, but was it one attack? https://nakedsecurity.sophos.com/20-years-ago-today-what-we-can-learn-from-the-cih-virus https://nakedsecurity.sophos.com/google-leaking-2fa-secrets https://nakedsecurity.sophos.com/papercut-security-vulnerabilities-under-active-attack https://nakedsecurity.sophos.com/double-zero-day-in-chrome-and-edge-check-your-versions With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep131: Can you really have fun with FORTRAN?
20/04/2023 Duração: 20minFun with FORTRAN?! An extreme data breach and its consequences. Rogue 2FA apps live in action. Juicejacking revisited. https://nakedsecurity.sophos.com/ex-ceo-of-breached-pyschotherapy-clinic-gets-prison-sentence https://nakedsecurity.sophos.com/beware-rogue-2fa-apps-in-app-store-and-google-play https://nakedsecurity.sophos.com/fbi-and-fcc-warn-about-juicejacking With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep130: Open the garage bay doors, HAL
13/04/2023 Duração: 18minA common business-oriented language. Patch Tuesday. Secure Boot (without the "Secure" part). Apple zero-days. World-readable garage doors. Motherboard malware threats. https://nakedsecurity.sophos.com/microsoft-fixes-a-zero-day-and-two-curious-bugs https://nakedsecurity.sophos.com/apple-issues-emergency-patches-for-spyware https://nakedsecurity.sophos.com/apple-zero-day-spyware-patches-extended https://nakedsecurity.sophos.com/us-government-warning-what-if-anyone-could-open https://nakedsecurity.sophos.com/attention-gamers-motherboard-maker-msi-admits-to-breach With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)