Search for episodes from Sophos Podcasts with a specific topic:

Latest episodes from Sophos Podcasts

S3 Ep149: How many cryptographers does it take to change a light bulb?

Play Episode Listen Later Aug 24, 2023 16:21


Miss Manners confronts copy-and-paste. WinRAR patches bugs. When Airplane mode isn't. How many cryptographers to change a light bulb? Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep148: Remembering crypto heroes

Play Episode Listen Later Aug 17, 2023 18:40


Navajo Code Talkers Day. Beta bogosities. Skimming shenanigans. Hooligan hosting. A cybercrime conundrum. Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep147: What if you type in your password during a meeting?

Play Episode Listen Later Aug 9, 2023 15:42


An amazing Art Deco computer. Yet more performance-versus-security trouble. Is sound alone enough to sniff out your password? A rap song (of sorts) with a cybersecurity connection. Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep146: Tell us about that breach! (If you want to.)

Play Episode Listen Later Aug 3, 2023 17:40


Firefox fixes flaws. The exciting vulnerability that you don't need to be afraid of. Breach reporting rules with lots of leeway. Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep145: Bugs With Impressive Names!

Play Episode Listen Later Jul 27, 2023 19:40


Apple patches two zero-days, one for a second time. How a 30-year-old cryptosystem got cracked. All your secret are belong to Zenbleed. Remembering those dodgy PC/Mac ads. Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep144: When threat hunting goes down a rabbit hole

Play Episode Listen Later Jul 20, 2023 16:11


Why your Mac's calendar app says it's JUL 17. One patch, one line, one file. Careful with that {axe,file}, Eugene. Storm season for Microsoft. When typos make you sing for joy. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep143: Supercookie surveillance shenanigans

Play Episode Listen Later Jul 13, 2023 17:33


Remembering the slide rule. What you need to know about Patch Tuesday. Supercookie surveillance shenanigans. When bugs arrive in pairs. Apple's rapid patch that needed a rapid patch. User-Agent considered harmful. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep142: Putting the X in X-Ops

Play Episode Listen Later Jul 6, 2023 14:21


First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate "Ops" teams working together, with cybersecurity correctness as a guiding light. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep141: What was Steve Jobs's first job?

Play Episode Listen Later Jun 29, 2023 17:50


PONG for one player. Apple pushes out anti-spyware patch. Beware bad passwords on Linux servers. "Twitter hacker" gets 5 years. When mobile phones and dental hygiene collide. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep140: So you think you know ransomware?

Play Episode Listen Later Jun 22, 2023 18:36


Gee Whizz BASIC (probably). Think you know ransomware? Megaupload, 11 years on. ASUS warns of critical router bugs. MOVEit mayhem Part III. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep139: Are password rules like running through rain?

Play Episode Listen Later Jun 15, 2023 17:15


Magnetic core memory. Patch Tuesday and SketchUp shenanigans. More MOVEit mitigations. Mt. Gox back in the news. Gozi malware criminal imprisoned at last. Are password rules like running through rain? Twitter @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep138: I like to MOVEit, MOVEit

Play Episode Listen Later Jun 8, 2023 22:21


Calling all modems. KeePass gets an update. MOVEit gets pwned. Chromium zero-day. The backdoor that wasn't really. WPBT explained. Twitter @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep137: 16th century crypto skullduggery

Play Episode Listen Later Jun 1, 2023 21:16


How to say "GIF". A Blackmailer-in-the-Middle attack. Knitting your own crypto. KeePass master password shenanigans. Binge listening. Email tips@sophos.com Twitter @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep136: Navigating a manic malware maelstrom

Play Episode Listen Later May 25, 2023 20:01


Luminiferous aether. A $10m cybercrime reward. Bank scam kingpin gets 13 years. Three Apple 0-days. A Python malware maelstrom. Email tips@sophos.com Twitter @NakedSecurity

S3 Ep135: Sysadmin by day, extortionist by night

Play Episode Listen Later May 18, 2023 16:50


An Apple product that flopped (and was not the Newton). Two-faced sysadmin jailed for 6 years. The smart plug with the unsmart security hole. Clearview AI again, once more, again. Intro and outro music by Edith Mudge (https://www.edithmudge.com). Hit us up on Twitter: @NakedSecurity

S3 Ep134: It's a PRIVATE key - the hint is in the name!

Play Episode Listen Later May 11, 2023 17:52


The world-changing Visible Calculator. How not to get a job. Private keys - the hint is in the name. Microsoft's complicated bootkit patch. Taming Bluetooth trackers. Email: tips@sophos.com Twitter: https://twitter.com/nakedsecurity Original music by Edith Mudge (www.edithmudge.com)

S3 Ep133: Apple takes "tight-lipped" to a whole new level

Play Episode Listen Later May 4, 2023 18:11


New England gets BASIC. Google hits back at CryptBot crooks. Apple seals its lips on security. Mac malware-as-a-service. World Password Day. PaperCut: disclose or don't disclose? Original music by Edith Mudge (https://www.edithmudge.com).

S3 Ep132: Proof-of-concept lets anyone hack at will

Play Episode Listen Later Apr 27, 2023 17:23


The CIH or SpaceFiller virus revisited. Google's 2FA security shortcut. Server vulns under active attack. Two Chrome zero-days, but was it one attack? Email: tips@sophos.com Twitter: @NakedSecurity

S3 Ep131: Can you really have fun with FORTRAN?

Play Episode Listen Later Apr 20, 2023 20:52


Fun with FORTRAN?! An extreme data breach and its consequences. Rogue 2FA apps live in action. Juicejacking revisited. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge.

S3 Ep130: Open the garage bay doors, HAL

Play Episode Listen Later Apr 13, 2023 18:20


A common business-oriented language. Patch Tuesday. Secure Boot (without the "Secure" part). Apple zero-days. World-readable garage doors. Motherboard malware threats. Original music by Edith Mudge (https://www.edithmudge.com) Email tips@sophos.com Twitter @NakedSecurity

S3 Ep129: When spyware arrives from someone you trust

Play Episode Listen Later Apr 6, 2023 17:40


A supply chain attack that foisted spyware on trusting users. Wi-Fi encryption bypass via left-over data. Surely there should be TWO World Backup Days? Email tips@sophos.com Original music by Edith Mudge (https://www.edithmudge.com) Twitter @NakedSecurity

S3 Ep128: So you want to be a cybercriminal?

Play Episode Listen Later Mar 30, 2023 19:31


RIP Gordon Moore, the more in Moore's Law. Photo cropping bugfix. DDoS honeypot. E-commerce patches. Apple 0-day and lots more. Email tips@sophos.com Twitter @NakedSecurity

S3 Ep127: When you chop someone out of a photo, but there they are anyway...

Play Episode Listen Later Mar 23, 2023 18:01


The mobile phone bugs that Google kept quiet, just in case. The mysterious case of ATM video uploads. When redacted data springs back to life. Email tips@sophos.com Twitter @NakedSecurity

S3 Ep126: The price of fast fashion (and feature creep)

Play Episode Listen Later Mar 16, 2023 20:04


The price of fast fashion. Firefox fixes. Feature creep fail curtailed in Patch Tuesday updates. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep125: When security hardware has security holes

Play Episode Listen Later Mar 9, 2023 20:47


Memories of Michelangelo (the virus, not the artist). Data leakage bugs in TPM 2.0. Ransomware bust, ransomware warning, and anti-ransomware advice. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep124: When so-called security apps go rogue

Play Episode Listen Later Mar 2, 2023 18:18


How Woz nearly gave away the Apple I. Rogue software packages. Rogue network "administrators". Rogue keyloggers. Rogue authenticators. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep123: Crypto company compromise kerfuffle

Play Episode Listen Later Feb 23, 2023 18:26


The first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The cost of success. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep122: Stop calling every breach "sophisticated"!

Play Episode Listen Later Feb 16, 2023 17:49


The birth of ENIAC. A "sophisticated attack" (someone got phished). A cryptographic hack enabled by a security warning. Valentine's Day Patch Tuesday. Apple closes spyware-sized 0-day hole. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep121: When cybercrime victims are culprits, too

Play Episode Listen Later Feb 9, 2023 20:51


Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Special: Tracers in the Dark with Andy Greenberg

Play Episode Listen Later Feb 6, 2023 25:02


Do we really need a "war against cryptography" - codes and ciphers that the government can easily crack if it thinks there's an emergency - to cement our collective online security? Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary on this and many other vital issues, including anonymity and privacy, as we talk to him about his tremendous new book, Tracers in the Dark. Original music by Edith Mudge.

S3 Ep120: When dud crypto simply won't let go

Play Episode Listen Later Feb 2, 2023 16:29


The mighty CPU that wasn't. Hive ransomware takedown. Dutch data crime suspect busted. Samba finally gets rid of MD5. GitHub admits to an intrusion. Storing passwords securely. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep119: Breaches, patches, leaks and tweaks!

Play Episode Listen Later Jan 26, 2023 20:34


The programming language almost called Oak. GoTo admits to more breach woes. T-Mobile spills 37 million records. Apple patches everything, even iOS 12. And Google mAkES tYpOs for sECurity.

S3 Ep118: Guess your password? No need if it's stolen already!

Play Episode Listen Later Jan 19, 2023 18:12


The HAPPY99 virus reminds us that less is more. Trouble with JSON Web Tokens. Investment scammers busted in Europe. The LifeLock "breach" that wasn't. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep117: The crypto crisis that wasn't (and farewell forever to Win 7)

Play Episode Listen Later Jan 12, 2023 18:43


Two stories from the underground. Bank scammers busted. The crypto-crack that wasn't. And the end of two Windows eras at the same time. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep116: Last straw for LastPass? Is crypto doomed?

Play Episode Listen Later Jan 5, 2023 23:51


The ground-breaking HP-35 digital calculator. Last straw for LastPass? Congress takes on quantum computing. 33 1/3-year-old cybersecurity lessons. Machine learning supply chain attack. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep115: True crime stories - A day in the life of a cybercrime fighter

Play Episode Listen Later Dec 29, 2022 18:40


Once more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Original music by Edith Mudge Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity

S3 Ep114: Preventing cyberthreats - stop them before they stop you!

Play Episode Listen Later Dec 22, 2022 23:06


Join world-renowned Sophos expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a "specialist in everything", and he also has the knack of explaining this tricky and treacherous subject in plain English. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep113: Pwning the Windows kernel: the crooks who hoodwinked Microsoft

Play Episode Listen Later Dec 15, 2022 21:25


The irony of the CAN-SPAM law. When genuine kernel drivers go rogue. Apple patches everything. Stealing data via secret radio waves. E-commerce supply chain drama. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep112: Beware! Data breaches can haunt you more than once...

Play Episode Listen Later Dec 8, 2022 20:36


The worm that wasn't a Goner. LastPass suffers a sting in the data breach tail. Apple's secretive update. The Ping o' Death. SIM swapping explained. A Beatles-esque 0-day in Chrome and Edge. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep111: The business risk of a sleazy "nudity unfilter"

Play Episode Listen Later Dec 1, 2022 19:37


Christmas-themed wormage. Prurient malware. Cryptorom busts. Voice call spoofing. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep110: Spotlight on cyberthreats - an expert speaks

Play Episode Listen Later Nov 24, 2022 22:03


Security specialist John Shier tells you the "news you can really use" - how to boost your cybersecurity based on real-world advice from the 2023 Sophos Threat Report. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep109: How one leaked email password could drain your business

Play Episode Listen Later Nov 17, 2022 26:00


Microsoft's tilt at the MP3 marketplace. Apple's not-a-zero-day emergency. Cracking the lock on Android phones. Browser-in-the-Browser revisited. The Emmenthal cheese attack. Business Email Compromise and how to prevent it. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep108: What would YOU do if you found $3 billion in a popcorn tin?

Play Episode Listen Later Nov 10, 2022 20:05


Radio waves so mysterious they're known only as X-Rays. Were there six 0-days or only four? The cops that found $3 billion in a popcorn tin. Blue badge confusion. When URL scanning goes wrong. Tracking down every last unpatched file. Why even unlikely exploits can earn "high" severity levels. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep107: Eight months to kick out the crooks and you think that's GOOD?

Play Episode Listen Later Nov 3, 2022 22:53


The man who put Boole in Boolean. OpenSSL's bated-breath update. Apple's zero-day finally settled. New Chrome zero-day. SHA-3 code gets a patch. Extreme extortion via stolen medical data. Data breach response the nonchalant way. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep106: Facial recognition without consent - should it be banned?

Play Episode Listen Later Oct 27, 2022 20:48


Windows XP (fondly?!) remembered. Clearview AI courts controversy again. DEADBOLT ransomware crooks get counterhacked. Women cryptologists commemorated in US. How to measure randomness. Deconstructing Apple's latest security bulletins. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep105: WONTFIX! The MS Office cryptofail that "isn't a security flaw"

Play Episode Listen Later Oct 20, 2022 24:10


Coolest videogame ever. Zoom thinks everyone's a developer. The Patch Tuesday that wasn't. A data breach coverup. Log4Shell all over again. And the Office cryptofail that Microsoft won't fix. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep104: Should hospital ransomware attackers be locked up for life?

Play Episode Listen Later Oct 13, 2022 20:08


What goes up... must come down. Ransomware criminal avoids a life sentence. Former CSO convicted over Uber megabreach coverup. WhatsApp fights rip-off rogue apps. The Countess of Computer Science. Could a weird email brick your iPhone? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep103.5: OAuth 2 and why Microsoft is forcing you into it

Play Episode Listen Later Oct 9, 2022 16:43


Naked Security meets Sophos X-Ops! Duck and Chet dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls it "Modern Auth", though it's more than a decade old, and is finally forcing Exchange Online customers to switch to it. Original music by Edith Mudge

S3 Ep103: Scammers in the Slammer (and other stories)

Play Episode Listen Later Oct 6, 2022 20:01


A fridge-sized calculator made with transistors (really). ProxyNotShell situation reviewed. Romance and BEC scammer gets 25 years in the slammer. Is there an answer to nuisance callers? Is the answer voicemail? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep102.5: "ProxyNotShell" Exchange bugs - an expert speaks

Play Episode Listen Later Oct 1, 2022 14:34


Chester Wisniewski gives you actionable advice on how to deal with two actively exploited Exchange zero-days that suddenly burst into the news. Learn who's affected and how, find out what you can do while waiting for Microsoft's patches, and plan your threat hunting in case the worst happens to you. Original music by Edith Mudge

S3 Ep102: Cutting through cybersecurity news hype

Play Episode Listen Later Sep 29, 2022 21:17


What's the real deal with LAPSUS$? How did Optus get hacked? Was there really a WhatsApp 0-day? What if "deleted" data comes back from the dead to haunt you? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

Claim Sophos Podcasts

In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

Claim Cancel