Informações:
Sinopse
Podcast by SophosLabs
Episódios
-
S3 Ep129: When spyware arrives from someone you trust
06/04/2023 Duração: 17minA supply chain attack that foisted spyware on trusting users. Wi-Fi encryption bypass via left-over data. Surely there should be TWO World Backup Days? https://nakedsecurity.sophos.com/supply-chain-blunder-puts-3cx-telephone-app-users-at-risk https://nakedsecurity.sophos.com/researchers-claim-they-can-bypass-wi-fi-encryption https://nakedsecurity.sophos.com/world-backup-day-is-here-again-5-tips With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep128: So you want to be a cybercriminal?
30/03/2023 Duração: 19minRIP Gordon Moore, the more in Moore's Law. Photo cropping bugfix. DDoS honeypot. E-commerce patches. Apple 0-day and lots more. https://nakedsecurity.sophos.com/in-memoriam-gordon-moore https://nakedsecurity.sophos.com/microsoft-assigns-cve-to-snipping-tool-bug https://nakedsecurity.sophos.com/cops-use-fake-ddos-services https://nakedsecurity.sophos.com/woocommerce-payments-plugin https://nakedsecurity.sophos.com/apple-patches-everything-including-a-zero-day With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep127: When you chop someone out of a photo, but there they are anyway...
23/03/2023 Duração: 18minThe mobile phone bugs that Google kept quiet, just in case. The mysterious case of ATM video uploads. When redacted data springs back to life. https://nakedsecurity.sophos.com/dangerous-android-phone-0-day-bugs-revealed https://nakedsecurity.sophos.com/bitcoin-atm-customers-hacked-by-video-upload https://nakedsecurity.sophos.com/google-pixel-phones-had-a-serious-data-leakage-bug https://nakedsecurity.sophos.com/windows-11-also-vulnerable-to-acropalypse With Paul Ducklin and Chester Wisniewski Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep126: The price of fast fashion (and feature creep)
16/03/2023 Duração: 20minThe price of fast fashion. Firefox fixes. Feature creep fail curtailed in Patch Tuesday updates. https://nakedsecurity.sophos.com/shein-shopping-app-goes-rogue https://nakedsecurity.sophos.com/firefox-111-patches-11-holes https://nakedsecurity.sophos.com/microsoft-fixes-two-0-days With Paul Ducklin and Chester Wisniewski Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep125: When security hardware has security holes
09/03/2023 Duração: 20minMemories of Michelangelo (the virus, not the artist). Data leakage bugs in TPM 2.0. Ransomware bust, ransomware warning, and anti-ransomware advice. https://nakedsecurity.sophos.com/serious-security-tpm-2-0-vulns https://nakedsecurity.sophos.com/doppelpaymer-ransomware-supsects-arrested https://nakedsecurity.sophos.com/feds-warn-about-right-royal-ransomware With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep124: When so-called security apps go rogue
02/03/2023 Duração: 18minHow Woz nearly gave away the Apple I. Rogue software packages. Rogue network "administrators". Rogue keyloggers. Rogue authenticators. https://nakedsecurity.sophos.com/npm-javascript-packages-abused-to-create-scambait https://nakedsecurity.sophos.com/dutch-police-arrest-three-cyberextortion-suspects https://nakedsecurity.sophos.com/lastpass-the-crooks-used-a-keylogger https://nakedsecurity.sophos.com/beware-rogue-2fa-apps-in-app-store-and-google-play With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep123: Crypto company compromise kerfuffle
23/02/2023 Duração: 18minThe first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The hidden cost of success. https://nakedsecurity.sophos.com/godaddy-admits-crooks-hit-us-with-malware https://nakedsecurity.sophos.com/twitter-tells-users-pay-up https://nakedsecurity.sophos.com/coinbase-breached-by-social-engineers With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep122: Stop calling every breach "sophisticated"!
16/02/2023 Duração: 17minThe birth of ENIAC. A "sophisticated attack" (someone got phished). A cryptographic hack enabled by a security warning. Valentine's Day Patch Tuesday. Apple closes spyware-sized 0-day hole. https://nakedsecurity.sophos.com/reddit-admits-it-was-hacked- https://nakedsecurity.sophos.com/serious-security-gnutls-follows-openssl https://nakedsecurity.sophos.com/microsoft-patch-tuesday-36-rce-bugs https://nakedsecurity.sophos.com/apple-fixes-zero-day-spyware-implant-bug With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep121: When cybercrime victims are culprits, too
09/02/2023 Duração: 20minCryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? https://nakedsecurity.sophos.com/tracers-in-the-dark https://nakedsecurity.sophos.com/using-vmware-worried-about-esxi-ransomware https://nakedsecurity.sophos.com/openssh-fixes-double-free-memory-bug https://nakedsecurity.sophos.com/openssl-fixes-high-severity-data-stealing-bug https://nakedsecurity.sophos.com/finnish-psychotherapy-extortion-suspect-arrested https://nakedsecurity.sophos.com/password-stealing-vulnerability-reported-in-keypass With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Special: Tracers in the Dark with Andy Greenberg
06/02/2023 Duração: 25minDo we really need a "war against cryptography" - codes and ciphers that the government can easily crack if it thinks there's an emergency - to cement our collective online security? Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary on this and many other vital issues, including anonymity and privacy, as we talk to him about his tremendous new book, Tracers in the Dark. https://andygreenberg.net https://nakedsecurity.sophos.com https://sophos.com/nobackdoors Original music by Edith Mudge (https://www.edithmudge.com)
-
S3 Ep120: When dud crypto simply won't let go
02/02/2023 Duração: 16minThe mighty CPU that wasn't. Hive ransomware takedown. Dutch data crime suspect busted. Samba finally gets rid of MD5. GitHub admits to an intrusion. Storing passwords securely. https://nakedsecurity.sophos.com/hive-ransomware-servers-shut-down https://nakedsecurity.sophos.com/dutch-suspect-locked-up https://nakedsecurity.sophos.com/serious-security-the-samba-logon-bug https://nakedsecurity.sophos.com/github-code-signing-certificates-stolen With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep119: Breaches, patches, leaks and tweaks!
26/01/2023 Duração: 20minThe programming language almost called Oak. GoTo admits to more breach woes. T-Mobile spills 37 million records. Apple patches everything, even iOS 12. And Google mAkES tYpOs for sECurity. https://nakedsecurity.sophos.com/goto-admits-customer-cloud-backups-stolen https://nakedsecurity.sophos.com/t-mobile-admits-to-37000000-customer-records-stolen https://nakedsecurity.sophos.com/apple-patches-are-out-old-iphones https://nakedsecurity.sophos.com/serious-security-how-deliberate-typos-might-improve-dns With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep118: Guess your password? No need if it's stolen already!
19/01/2023 Duração: 18minThe HAPPY99 virus reminds us that less is more. Trouble with JSON Web Tokens. Investment scammers busted in Europe. The LifeLock "breach" that wasn't. https://nakedsecurity.sophos.com/popular-jwt-cloud-security-library-patches https://nakedsecurity.sophos.com/multi-million-investment-scammers-busted https://nakedsecurity.sophos.com/serious-security-unravelling-the-nortonlifelock-hack With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep117: The crypto crisis that wasn't (and farewell forever to Win 7)
12/01/2023 Duração: 18minTwo stories from the underground. Bank scammers busted. The crypto-crack that wasn't. And the end of two Windows eras at the same time. https://nakedsecurity.sophos.com/inside-a-scammers-lair-ukraine-busts-40 https://nakedsecurity.sophos.com/rsa-crypto-cracked-or-perhaps-not https://nakedsecurity.sophos.com/microsoft-patch-tuesday-one-0-day With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep116: Last straw for LastPass? Is crypto doomed?
05/01/2023 Duração: 23minThe ground-breaking HP-35 digital calculator. Last straw for LastPass? Congress takes on quantum computing. 33 1/3-year-old cybersecurity lessons. Machine learning supply chain attack. https://www.hpmuseum.org/hp35.htm https://nakedsecurity.sophos.com/lastpass-finally-admits-they-did-steal-your-password-vaults https://nakedsecurity.sophos.com/us-passes-the-quantum-computing-cybersecurity-preparedness-act https://nakedsecurity.sophos.com/naked-security-33-1-3-cybersecurity-predictions-for-2023 https://nakedsecurity.sophos.com/pytorch-machine-learning-toolkit-pwned With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep115: True crime stories - A day in the life of a cybercrime fighter
29/12/2022 Duração: 18minOnce more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep114: Preventing cyberthreats - stop them before they stop you!
22/12/2022 Duração: 23minJoin world-renowned Sophos expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a "specialist in everything", and he also has the knack of explaining this tricky and treacherous subject in plain English. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep113: Pwning the Windows kernel: the crooks who hoodwinked Microsoft
15/12/2022 Duração: 21minThe irony of the CAN-SPAM law. When genuine kernel drivers go rogue. Apple patches everything. Stealing data via secret radio waves. E-commerce supply chain drama. https://nakedsecurity.sophos.com/patch-tuesday-0-days-rce-bugs-and-a-curious-tale https://nakedsecurity.sophos.com/apple-patches-everything-finally-reveals-mystery https://nakedsecurity.sophos.com/covid-bit-the-wireless-spyware-trick- https://nakedsecurity.sophos.com/credit-card-skimming-the-long-and-winding-road With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep112: Beware! Data breaches can haunt you more than once...
08/12/2022 Duração: 20minThe worm that wasn't a Goner. LastPass suffers a sting in the data breach tail. Apple's secretive update. Ping o' Death. SIM swapping explained. A Beatles-esque 0-day in Chrome and Edge. https://nakedsecurity.sophos.com/lastpass-admits-to-customer-data-breach https://nakedsecurity.sophos.com/apple-pushes-out-ios-security-update https://nakedsecurity.sophos.com/ping-of-death-freebsd-fixes-crashtastic-bug https://nakedsecurity.sophos.com/sim-swapper-sent-to-prison-for-2fa-cryptocurrency-heist https://nakedsecurity.sophos.com/number-nine-chrome-fixes-another-2022-zero-day With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)
-
S3 Ep111: The business risk of a sleazy "nudity unfilter"
01/12/2022 Duração: 19minChristmas wormage. Prurient malware. Cryptorom busts. Voice call spoofing. https://nakedsecurity.sophos.com/cryptorom-pig-butchering-scam-sites-seized https://nakedsecurity.sophos.com/tiktok-invisible-challenge-porn-malware https://nakedsecurity.sophos.com/voice-scamming-site-ispoof-seized-100s-arrested With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)