Podcasts about Mobile security

In this week’s What the Hack, Arthur Goldstuck speaks to Lester Kiewit about Samsung’s launch of the Galaxy A Series in Braamfontein and its surprising inclusion of a 12-month Aura mobile security subscription—bringing armed response to a more affordable market. He also reviews the new Oppo Reno13, highlights what’s expected at the Shanghai Motor Show, and shares practical advice on avoiding ATM swap and clone scams while travelling over the long weekends. Good Morning Cape Town with Lester Kiewit is a podcast of the CapeTalk breakfast show. This programme is your authentic Cape Town wake-up call. Good Morning Cape Town with Lester Kiewit is informative, enlightening and accessible. The team’s ability to spot & share relevant and unusual stories make the programme inclusive and thought-provoking. Don’t miss the popular World View feature at 7:45am daily. Listen out for #LesterInYourLounge which is an outside broadcast – from the home of a listener in a different part of Cape Town - on the first Wednesday of every month. This show introduces you to interesting Capetonians as well as their favourite communities, habits, local personalities and neighbourhood news. Thank you for listening to a podcast from Good Morning Cape Town with Lester Kiewit. Listen live – Good Morning CapeTalk with Lester Kiewit is broadcast weekdays between 06:00 and 09:00 (SA Time) https://www.primediaplus.com/station/capetalk Find all the catch-up podcasts here https://www.primediaplus.com/capetalk/good-morning-cape-town-with-lester-kiewit/audio-podcasts/good-morning-cape-town-with-lester-kiewit/ Subscribe to the CapeTalk daily and weekly newsletters https://www.primediaplus.com/competitions/newsletter-subscription/ Follow us on social media: CapeTalk on Facebook: www.facebook.com/CapeTalk   CapeTalk on TikTok: www.tiktok.com/@capetalk   CapeTalk on Instagram: www.instagram.com/capetalkza  CapeTalk on X: www.x.com/CapeTalk  CapeTalk on YouTube: www.youtube.com/@CapeTalk567  See omnystudio.com/listener for privacy information.

Arthur Goldstuck, CEO of Worldwide Worx and Editor-in-Chief of Gadget.co.za, spoke to Lester Kiewit in this week’s What the Hack segment following his return from the Google Cloud Next conference in Las Vegas. He shared insights from an AI-enhanced screening of The Wizard of Oz at The Sphere, discussed the world’s first trifold smartphone - the Huawei Mate XT - and previewed Samsung’s new Galaxy A series, which brings AI to more affordable devices. Arthur also offered practical VPN tips for staying secure on public Wi-Fi.See omnystudio.com/listener for privacy information.

BONUS: AI and Cybersecurity - An Introduction to The Hidden Threats in Our Connected World with Dr. Eric Cole In this BONUS episode, we explore the evolving landscape of cybersecurity in the age of artificial intelligence. Dr. Eric Cole, a renowned cybersecurity expert and author of Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World, shares critical insights about how AI is transforming security strategies. From the privacy concerns of our always-connected devices to practical tips for protecting your business and personal information, this conversation offers essential knowledge for navigating our increasingly digital world. The Double-Edged Sword of AI in Cybersecurity "We are giving away our IP, our data, and our privacy. The data set is what gives value to AI." The rise of artificial intelligence presents both opportunities and serious risks in the cybersecurity landscape. Dr. Cole emphasizes that while many focus solely on AI's benefits, we often overlook the fact that we're surrendering vast amounts of our sensitive information, intellectual property, and private data to AI providers. This data becomes the foundation of AI's value and capabilities, creating a significant privacy concern that many organizations fail to properly address. As we embrace these new technologies, we must carefully consider what information we're willing to share and what safeguards should be in place. Modern Attack Vectors: The Human Element "Attacks today are mostly social engineering. We end up having to retrain people to not trust their email." Today's cybersecurity threats have evolved beyond traditional technical exploits to focus primarily on social engineering—manipulating people into compromising their own security. Dr. Cole explains that modern attackers increasingly target the human element, requiring organizations to fundamentally retrain employees to approach communications with healthy skepticism. Particularly concerning are mobile threats, as our phones constantly record audio and other personal data. Dr. Cole warns that "free" apps often come with a hidden price: your privacy and security. Understanding these attack vectors is essential for developing effective defense strategies in both personal and professional contexts. Cybersecurity as a Business Enabler "Security is not a barrier, not an obstacle. Cybersecurity is a business enabler." Dr. Cole challenges the common perception that security measures primarily restrict functionality and impede business operations. Instead, he reframes cybersecurity as a critical business enabler that should be integrated into strategic decision-making. Organizations need to make deliberate decisions about the tradeoffs between security and functionality, understanding that proper security measures protect business continuity and reputation. Dr. Cole particularly warns about supply chain attacks, which have become increasingly prevalent, and emphasizes that awareness is the foundation of any effective protection strategy. He recommends centralizing data for easier security management and advises that client devices should minimize storing sensitive data. Mobile Phones: The Ultimate Tracking Device "You don't go anywhere without your cell phone. Your cell phone is never more than a foot from you it's with you wherever you go... which means if somebody wants to track and monitor you they can." We often worry about theoretical tracking technologies while overlooking the sophisticated tracking device we voluntarily carry everywhere—our mobile phones. Dr. Cole points out the irony that people who would never accept being "chipped" for tracking purposes willingly keep their phones within arm's reach at all times. These devices record our locations, conversations, messages, and activities, creating a comprehensive digital trail of our lives. With access to someone's phone, anyone can trace their movements for months and access an alarming amount of personal information. This risk is compounded when we back up this data to cloud services, effectively giving third parties access to our most sensitive information. Understanding these vulnerabilities is the first step toward more mindful mobile security practices. Business Opportunities in the Security Space "We have too much information, too much data. How can we use that data effectively?" The cybersecurity landscape presents significant business opportunities, particularly in making sense of the overwhelming amount of security data organizations collect. Dr. Cole identifies data correlation and effective data utilization as key investment areas. Modern security systems generate vast quantities of logs and alerts, but transforming this raw information into actionable intelligence remains a challenge. Companies that can develop solutions to effectively analyze, correlate, and extract meaningful insights from security data will find substantial opportunities in the market, helping organizations strengthen their security posture while managing the complexity of modern threats. Essential Training for Security-Conscious Developers "Go for secure coding courses. This helps us understand how software can be exploited." For software developers looking to build more secure applications, Dr. Cole recommends focusing on penetration testing skills and secure coding practices. Understanding how software can be exploited from an attacker's perspective provides invaluable insights for designing more robust systems. By learning the methodologies and techniques used by malicious actors, developers can anticipate potential vulnerabilities and incorporate appropriate safeguards from the beginning of the development process. This proactive approach to security helps create applications that are inherently more resistant to attacks rather than requiring extensive security patches and updates after deployment. About Dr. Eric Cole Dr. Eric Cole is the author of "Cyber Crisis, Protecting Your Business from Real Threats in the Virtual World." He is a renowned cybersecurity expert with over 20 years of experience helping organizations identify vulnerabilities and build robust defense solutions against advanced threats. He has trained over 65,000 professionals worldwide through his best-selling cybersecurity courses and is dedicated to making cyberspace a safe place for all. You can link with Dr. Eric Cole on LinkedIn, or visit his company's website Secure-Anchor.com. 

Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com

What happens when you meet a cybersecurity founder over dinner and 12 hours later, they're on your podcast? You get one of the most brutally honest conversations about mobile security. In this episode, Rocky Cole, co-founder of iVerify, lays out why mobile security is dangerously behind—and why businesses are in denial about the scale of the threat. We dive into: The biggest myth in mobile security—why MDM (Mobile Device Management) is not a security tool and never was. Why enterprise security leaders are still ignoring mobile security (even when businesses are now prime targets). How attackers have outpaced traditional mobile security measures—and what needs to change. The operational bottlenecks holding CISOs back from fixing the problem—and how to work around them. Rocky shares raw insights from the frontlines of mobile security, including how his team uncovered new Pegasus infections, why BYOD security is broken, and what companies should be doing NOW. If you're still treating mobile devices differently than desktops, this episode will change your perspective—fast.

You could be carrying an AI agent in your pocket.

Mobile phone fraud continues to pose a significant threat, with cybercriminals employing increasingly sophisticated tactics like phishing, malware, and fraudulent apps. Just last week, the Singapore Police Force issued a warning about a new phishing scam targeting victims through fake PayNow websites. These scammers send text messages claiming that a "certificate" is about to expire, directing users to a fraudulent website where they are tricked into sharing sensitive personal and financial information. Eugene Liderman, Director of Android Security Strategy at Google, shares with us insights on the broader trends in cybercrime, including how fraudsters are leveraging advanced technologies like AI to design increasingly convincing scams, and expert tips to keep your cyber health in check. See omnystudio.com/listener for privacy information.

Mobile Apps verarbeiten sensible Daten – persönliche, geschäftliche, Zahlungsinformationen – und sind damit ein beliebtes Angriffsziel für Kriminelle. Welche Schwachstellen und Risiken hier häufig auftauchen, erläutert Peter Jung, Experte für die Sicherheit von Anwendungen auf Mobilgeräten bei SRC Security Research & Consulting. Dabei geht es auch um typische Angriffsszenarien, insbesondere im Bereich Banking, sowie um Sicherheitsfaktoren und Schutzmaßnahmen – sowohl vonseiten des Unternehmens, das die App entwickelt oder betreibt, als auch des Nutzers.

He emphasizes the impact of reducing waste by just 5% in logistics and explains how simple changes, like reducing container usage, can bring significant cost savings and add real value to the business. Watch the full episode here

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Using a phone to read or communicate has become so standard that church people are expected to read scripture with their phones. Using mobile devices to transmit secure information. Traditionally, secure communication was based on desktop systems; today, we need to pivot and learn how to apply mobile device management to leverage the cloud to provide safe and secure communications through mobile devices. Our guest today, Harold Smith, has spent the last twenty years gaining a deep understanding of secure communications and applying that understanding to developing a trusted mobile development platform. During the interview, you will be bombarded with acronyms like NIAC (National Information Assurance Partnership), MATTER (Mobile Apps to the Tactical Edge Ready), and many more. As a bonus, Harold provides a brilliant sidebar on another acronym: SBIR (Small Business Innovation Research). If you are trying to break into the federal market, this precis is just what you need. The takeaway is that Monkton provides a platform for developers to deliver safe and secure code to people in our mobile world. This can mean a warfighter, a clinician, or even an emergency responder from FEMA.  

Host Dave Sobel welcomes Dennis O'Shea, CEO of Mobile Mentor, a managed services provider (MSP) with a unique background in mobile technology. Dennis shares insights from his extensive experience in the industry, particularly focusing on the generational differences in attitudes toward data security and privacy. He highlights how younger generations, especially Generation Z, have a more relaxed approach to sharing personal information, influenced by their social media habits, contrasting sharply with the more privacy-conscious attitudes of older generations.The conversation shifts to the evolving landscape of device usage in the workplace, where mobile devices are becoming increasingly prevalent. Dennis recounts his journey from working at Nokia to founding Mobile Mentor, where he initially focused on helping businesses adopt mobile technology. As Microsoft introduced Microsoft 365, Dennis recognized the need for comprehensive security across various device platforms, leading Mobile Mentor to expand its services to include endpoint security for a diverse range of devices, including smartphones, tablets, and laptops.Dennis also discusses the impact of regional regulations on data security practices, particularly comparing the stringent privacy laws in Australia and New Zealand to the more relaxed regulatory environment in the United States. He notes that organizations in regulated markets tend to take security more seriously, often having dedicated budgets and personnel for security, while those in unregulated markets may adopt a more casual approach. This disparity highlights the importance of understanding local regulations and their influence on organizational security practices.As the episode concludes, Dennis emphasizes the critical need for organizations to establish robust data governance frameworks, especially in light of the increasing integration of AI technologies. He warns that many organizations are unprepared for the challenges posed by AI, particularly regarding data classification and protection. By automating basic IT operations, organizations can free up resources to focus on data governance, ultimately positioning themselves to leverage AI effectively in the future. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

In this episode of Tech Burst Talks, I sit down with Ian Chong from Samsung Electronics to talk about his work on the mobile B2B team and the cutting-edge advancements Samsung is making, particularly in AI technology for smartphones. We dive into the new Galaxy AI capabilities, including features like Circle to Search, Live Translate, and Transcript Assist. Ian shares why on-device AI is critical for ensuring both security and speed and discusses Samsung's collaborations with major tech players. We also explore how AI is being implemented in industries like law enforcement and finance. On a lighter note, Ian opens up about his passion for coffee and his quirky sock collection. To wrap up, we talk about the future of AI and its transformative potential across different sectors. Show Notes: 00:45 Welcome to Tech Burst Talks 01:00 Introducing Ian Chong and His Role at Samsung 01:35 AI Innovations in Samsung Smartphones 02:13 Galaxy AI Features in Action 04:25 Live Translate and Business Features 08:00 Samsung's Security Measures 10:49 Rugged Devices for Various Industries 13:27 Customer Insights on AI 16:58 Samsung's Open Ecosystem and Partnerships 21:45 Enhancing Experiences with AI 22:21 Addressing AI Skepticism 24:25 The Power of Hyper-Connected Devices 25:38 Future of AI and Gen AI 26:44 AI in Retail and B2B Applications 29:36 Transformative AI in Healthcare 31:20 Personal Addictions: Coffee and Crazy Socks 36:18 Reflections and Future Aspirations 38:29 Final Thoughts and Farewell  

He discusses the dynamic nature of the market and how his company plays a pivotal role in setting industry standards. Their mission? Ensuring top-tier security for customers in a constantly evolving landscape. Watch the full episode here

In this episode, we tackle a fresh perspective on a common cybersecurity question: What keeps a CISO awake at night? According to Michael Covington, VP of Strategy at Jamf, the real issue isn't about external threats but rather a lack of robust security processes, especially in mobile device management. Covington shares insights on how a well-thought-out strategy can let CISOs rest easy, with their minds at ease knowing that key areas, from cyber hygiene to compliance, are under control. Our conversation dives into three primary areas that Covington believes are essential for keeping mobile device vulnerabilities at bay and ensuring secure integration within enterprise ecosystems. First, he highlights the often-overlooked importance of cyber hygiene. He notes that nearly 40% of mobile users operate devices with known vulnerabilities, a staggering figure that reveals the challenges organizations face in keeping devices up-to-date and correctly configured. Covington argues that regular updates, vigilant configuration management, and consistent patching practices are not just best practices—they're fundamental in building a secure foundation. Second, we explore the complexities of compliance, particularly when it comes to mobile devices. Covington points out that many organizations struggle to balance security regulations with the diverse landscape of personal and work devices. He suggests that the right tools can streamline compliance, ensuring that mobile devices align with broader corporate standards without creating unnecessary friction. Lastly, Covington addresses the evolving nature of BYOD (Bring Your Own Device) policies and the intricacies of managing shared devices. Despite their long-standing presence, these device policies often present challenges, with many organizations lacking effective management strategies. Covington emphasizes the need for layered solutions that integrate into existing security frameworks without overwhelming IT teams or sacrificing the user experience. Join us as we unpack Jamf's approach to these challenges and discuss the future of mobile security in industries from healthcare to aviation. How can organizations prepare for the next wave of AI-driven data on mobile devices? And what steps can they take now to ensure seamless, secure access for users? Listen in and share your thoughts on the balance between security, compliance, and user enablement in today's mobile-driven world.

He delves into the challenges of working with critical infrastructures and IoT. He emphasizes ensuring secure connectivity and reliable data transmission between devices to safeguard essential systems. Watch the full episode here

Join us as we dive into the world of iOS mobile security with Dave Poirier, a senior iOS developer and security expert. Dave shares his extensive knowledge on topics like iOS security frameworks, common security pitfalls, handling sensitive data, incident response, and the ever-evolving mobile threat landscape. Drawing from his experience and resources such as OWASP and NIST, Dave provides actionable advice for developers looking to secure their apps.

In this episode of The Security Podcast of Silicon Valley, host Jon McLachlan sits down with Haseeb Awan, the visionary Founder and CEO of Efani Secure Mobile. Join us as Haseeb shares his inspiring journey from co-founding BitAccess to creating a bulletproof mobile service designed to protect against the rising threat of SIM swapping and digital identity theft. Haseeb opens up about his personal experiences with security breaches, the challenges he faced, and the innovative solutions Efani offers to ensure top-notch security for its users. Tune in for an engaging conversation filled with insights, resilience, and a commitment to making the digital world a safer place.

He discusses the strategic investment in Mobile Virtual Network Operators (MVNOs) at the Total Telecom Congress. He emphasizes how this move can secure any connection to any network. Watch the full episode here

In this episode, we dive into the rapidly evolving mobile security landscape, exploring how the rise in SIM swap attacks and data breaches shapes the market. We discuss the future of secure mobile services, highlighting key trends and challenges consumers must know. We also debunk common misconceptions about mobile security, particularly around SIM swaps, and offer practical advice on how individuals can protect themselves. Finally, we examine the critical features and practices that make a mobile service truly secure and why these still need to be widely adopted across the industry. Don't miss this insightful discussion on staying safe in the mobile world.Find more information at https://efani.com/bicshttps://www.efani.com/numberscanMark Kreitzman is a seasoned cybersecurity expert with over twenty-five years of experience building cybersecurity companies. He has deep insights into the evolving threats to digital assets, with a particular focus on mobile security and data privacy. Mark's extensive background in cybersecurity makes him an invaluable resource for discussing current and emerging threats in our increasingly mobile and digitized world, as well as how to mitigate personal and business risks related to mobile communications.Sponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what process they went through to Break into Cybersecurity, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership and tips/tricks/advice from cybersecurity leaders.Check out our books: Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUIHack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career

rev 1 COVID has made the workforce remote; phones have enabled that transition. Unfortunately, one result of this transformation is your phone is now part of the attack surface. After you listen to this interview, you will never look at your phone again in the same way. You will learn that your phone is packed with vulnerabilities. You can have apps on your phone that are sending data back to China without you doing a thing. This may give an individual a security concern, but what if you work for the federal government? It is not just the phone. Malicious actors are taking sites by cybersecurity companies and copying them down to the pixel. From there, a harried phone user sees a site that appears to be valid and exchanges identity information. Today we have a couple of experts on securing mobile devices. They review ways to protect applications, maintain operating systems, and suggest ways to train people to resist web-based attacks.

Send us a textUnlock the secrets to safeguarding your organization's most sensitive data and enhance your cybersecurity acumen. Join us on the CISSP Cyber Training Podcast as I, Sean Gerber, break down the critical importance of managing secrets within popular collaboration tools like Slack, Jira, and Confluence. Discover practical methods such as real-time monitoring and swift remediation to secure API keys and encryption tokens. Learn how fostering a culture of security awareness through educational initiatives can significantly mitigate risks and enhance overall security posture.Next, we turn our attention to data sanitization and media destruction—essential processes for maintaining confidentiality and regulatory compliance. I'll guide you through various methods of data sanitization and media destruction, from degaussing to shredding and pulping, while also demystifying the concepts of MTBF and MTTF. We'll delve into the challenges of data classification and the importance of proper data labeling. Whether you're prepping for the CISSP exam or simply looking to deepen your cybersecurity knowledge, this episode is rich with actionable insights and expert guidance. Tune in and elevate your cybersecurity skills to the next level!Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!

In this episode, Aprajita talks about the latest digital scam making waves – fraudulent APK files. As more people download apps from unofficial sources, cybercriminals are finding new ways to exploit unsuspecting users, leading to significant financial and personal harm. Aprajita breaks down how these APK frauds operate, why they pose such a serious threat, and what steps you can take to protect yourself. Stay tuned and learn how to safeguard your data and devices from this new wave of digital fraud!

Send us a textWhat if AI could be your company's best asset—and its biggest risk? Join me, Sean Gerber, on this enlightening episode of the CISSP Cyber Training Podcast, where we journey through the essentials of cybersecurity with a particular focus on media protection techniques from Domain 7.5 of the CISSP ISC² training manual. We'll also navigate the secure-by-design principles crucial in the age of artificial intelligence. With AI transforming large enterprises, I'll share eye-opening statistics on its adoption and delve into the risks it brings, such as cloud misconfigurations leading to severe breaches. Plus, we'll discuss the alarming rise of deepfake scams with a real-world example that shook a UK energy firm to its core.Ever wondered how to choose the best data encryption method for your needs? This episode has got you covered! We'll discuss various encryption techniques like AES, RSA, and ECC, and why it's essential to select the right one based on media type. Trust me, understanding key management and rotation is vital for maintaining data integrity, especially when dealing with cloud storage and third-party providers. I'll also walk you through secure erasure methods, from the DOD 5220.22-M standard to physical destruction techniques like shredding and degaussing, ensuring your data truly becomes irretrievable.Lastly, don't miss our deep dive into mobile device protection. I'll highlight the critical software and physical security measures necessary to defend your devices against threats, emphasizing the importance of regular updates and robust antivirus solutions. We'll explore strategies for data encryption, backup, and recovery, and clarify the differences between MTBF and MTTF and their relevance to your systems. Wrapping up with the environmental factors affecting device usage and data management, this episode is packed with actionable insights to elevate your cybersecurity game. Tune in now to arm yourself with the knowledge necessary to protect your digital world!Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!

Philipp highlights the importance of efficiency and waste reduction in combating climate change. He shares how his firm is heavily invested in E-sim technology, which boasts a 42% carbon reduction advantage compared to traditional plastic SIM cards. Watch the full episode here

Schulte highlights the importance of providing security technology that ensures all customers can enjoy its benefits. He explains IoT as connecting everything that runs on power, showcasing the future of interconnected devices. Watch the full episode here

Guest: Abraham Aranguren, Managing Director at 7ASecurity [@7aSecurity]On LinkedIn | https://www.linkedin.com/in/abrahamaranguren/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode recorded in Lisbon at the OWASP AppSec Global event, Sean Martin engages in a comprehensive discussion with Abraham Aranguren, a cybersecurity trainer skilled at hacking IoT, iOS, and Android devices. The conversation delves into the intricacies of mobile application security, touching on both the technical and procedural aspects that organizations must consider to build and maintain secure apps.Abraham Aranguren, known for his expertise in cybersecurity training, shares compelling insights into identifying IoT vulnerabilities without physically having the device. By reverse engineering applications, one can uncover potential security flaws and understand how apps communicate with their IoT counterparts. For instance, Aranguren describes exercises where students analyze mobile apps to reveal hardcoded passwords and unsecured Wi-Fi connections used to manage devices like drones.A significant portion of the discussion revolves around real-world examples of security lapses in mobile applications. Aranguren details an incident involving a Chinese government app that harvests personal data from users' phones, highlighting the serious privacy implications of such vulnerabilities. Another poignant example is Hong Kong's COVID-19 contact-tracing app, which stored sensitive user information insecurely, revealing how even high-budget applications can suffer from critical security flaws if not properly tested.Sean Martin, drawing from his background in software quality assurance, emphasizes the importance of establishing clear, repeatable processes and workflows to ensure security measures are consistently applied throughout the development and deployment phases. He and Aranguren agree that while developers need to be educated in secure coding practices, organizations must also implement robust processes, including code reviews, automated tools for static analysis, and third-party audits to identify and rectify potential vulnerabilities.Aranguren stresses the value of pentests, noting that organizations often show significant improvement over multiple tests. He shares experiences of clients who, after several engagements, greatly reduced the number of exploitable vulnerabilities. Regular, comprehensive testing, combined with a proactive approach to fixing identified issues, helps create a robust security posture, ultimately making applications harder to exploit and dissuading potential attackers.For businesses developing apps, this episode underscores the necessity of integrating security from the ground up, continuously educating developers, enforcing centralized security controls, and utilizing pentests as a tool for both validation and education. The ultimate goal is to make applications resilient enough to deter attackers, ensuring both the business and its users are protected.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:

Guest: Abraham Aranguren, Managing Director at 7ASecurity [@7aSecurity]On LinkedIn | https://www.linkedin.com/in/abrahamaranguren/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode recorded in Lisbon at the OWASP AppSec Global event, Sean Martin engages in a comprehensive discussion with Abraham Aranguren, a cybersecurity trainer skilled at hacking IoT, iOS, and Android devices. The conversation delves into the intricacies of mobile application security, touching on both the technical and procedural aspects that organizations must consider to build and maintain secure apps.Abraham Aranguren, known for his expertise in cybersecurity training, shares compelling insights into identifying IoT vulnerabilities without physically having the device. By reverse engineering applications, one can uncover potential security flaws and understand how apps communicate with their IoT counterparts. For instance, Aranguren describes exercises where students analyze mobile apps to reveal hardcoded passwords and unsecured Wi-Fi connections used to manage devices like drones.A significant portion of the discussion revolves around real-world examples of security lapses in mobile applications. Aranguren details an incident involving a Chinese government app that harvests personal data from users' phones, highlighting the serious privacy implications of such vulnerabilities. Another poignant example is Hong Kong's COVID-19 contact-tracing app, which stored sensitive user information insecurely, revealing how even high-budget applications can suffer from critical security flaws if not properly tested.Sean Martin, drawing from his background in software quality assurance, emphasizes the importance of establishing clear, repeatable processes and workflows to ensure security measures are consistently applied throughout the development and deployment phases. He and Aranguren agree that while developers need to be educated in secure coding practices, organizations must also implement robust processes, including code reviews, automated tools for static analysis, and third-party audits to identify and rectify potential vulnerabilities.Aranguren stresses the value of pentests, noting that organizations often show significant improvement over multiple tests. He shares experiences of clients who, after several engagements, greatly reduced the number of exploitable vulnerabilities. Regular, comprehensive testing, combined with a proactive approach to fixing identified issues, helps create a robust security posture, ultimately making applications harder to exploit and dissuading potential attackers.For businesses developing apps, this episode underscores the necessity of integrating security from the ground up, continuously educating developers, enforcing centralized security controls, and utilizing pentests as a tool for both validation and education. The ultimate goal is to make applications resilient enough to deter attackers, ensuring both the business and its users are protected.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:

Today on Tech Talks Daily, we're diving into the world of cutting-edge technology with Rob Devlin, co-founder and CEO of Metalenz. This pioneering company, spun out of Harvard, is reshaping how we think about optics in technology with their groundbreaking meta-surface optics. Metalenz has introduced a revolutionary flat lens technology that manipulates light much like traditional curved lenses but on a nanostructured surface. This innovation allows for multi-lens stacks to be collapsed into a single flat optic at a semiconductor scale, drastically reducing size and cost while enhancing the capabilities of sensing devices. Rob discusses Metalenz's first-generation technology, which is already enhancing tens of millions of devices with advanced 3D sensing for mobile augmented reality and photography. Looking ahead, Metalenz is setting ambitious goals with their next-gen "PolarID," aimed at providing secure facial recognition for Android users. This new technology, developed in partnership with Samsung, promises to deliver secure face unlock solutions that are not only more compact but also three times cheaper than current technologies used by competitors like Apple. The impact of Metalenz's innovations extends beyond just cost and size reduction. By enabling polarization imaging, Metalenz is poised to bring this sophisticated security feature to over a billion Android users worldwide who seek Apple-level security without the hefty price tag. This strategic move, enhanced by their collaboration with Samsung to co-optimize optics and image sensors, is set to redefine the standards of mobile security and performance. Furthermore, Rob shares insights into the potential future applications of Metalenz technology, including biomarker detection and health monitoring through polarization imaging. These advancements are expected to enrich machine vision and autonomous systems with richer data inputs, paving the way for significant breakthroughs in various industries. Join us as Rob Devlin explores the journey of Metalenz from its academic roots to becoming a key player in global technology markets, aiming to make enhanced security accessible to millions more consumers without compromising on cost or functionality. What are your thoughts on the integration of such advanced technologies in everyday devices? Let's discuss how innovations like Metalenz are setting new paradigms in the tech world.

Philipp Schulte, CEO of Giesecke+Devrient Mobile Security, pioneers connectivity and IoT innovation. His corporate strategy expertise, coupled with CFO experience, drives his passion for innovation. With a background in management consulting and academia, he brings a strategic vision to the forefront. On The Menu: 1. IoT provides secure technology for critical infrastructures, ensuring reliable data transmission and security benefits. 2. Investments in transportation, logistics, and tracking solutions optimizing supply chains, and enhancing environmental control. 3. Efficiency and waste reduction, such as eliminating plastic SIM cards, lead to CO2 footprint advantages. 4. Reducing complexity and ensuring interoperability is crucial for IoT's full growth potential. 5. Importance of balancing regulatory changes like the AI Act and Cyber Resilience Act to foster a healthy IoT ecosystem. 6. Security is built into all layers, including chips, operating systems, encryption technology, and data management. Click here for a free trial: https://bit.ly/495qC9U Follow us on social media to hear from us more - Facebook- https://bit.ly/3ZYLiew Instagram- https://bit.ly/3Usdrtf Linkedin- https://bit.ly/43pdmdU Twitter- https://bit.ly/43qPvKX Pinterest- https://bit.ly/3KOOa9u Happy creating! #PhilippSchulte #G+D #MarketerOfTheMonth #IoT #Innovation #Outgrow #Podcastoftheday #MarketingPodcast #Marketing

In this episode of State of Identity, host Cameron D'Ambrosi welcomes Uku Tomikas, CEO of Messente, for an in-depth exploration of the digital identity landscape and the role of mobile communications within it. Discover what's shifting in the digital identity as mobile devices become central to our digital selves as literal authenticators and symbolic representations of our identity. Learn how Messente navigates the changing landscape of digital identity, combating fraud and enhancing security with innovative mobile technology while uncovering key takeaways on the future of authentication, the impact of SMS OTPs, and the revolutionary potential of subscriber data in digital identity verification.  

HGF Delivers the weekly breaches in “Whose Been Popped?” Oracle's macOS 14.4 Java hiccup, the ever-adapting landscape of ransomware warfare, the emerging threat of Loop DoS attacks, and the Biden-Harris administration's call to action for water sector cybersecurity. Original URLs: https://www.bleepingcomputer.com/news/apple/oracle-warns-that-macos-144-update-breaks-java-on-apple-cpus/ https://www.guidepointsecurity.com/blog/t-o-x-i-n-b-i-o-ransomware-recruitment-efforts-following-law-enforcement-disruption/ https://www.helpnetsecurity.com/2024/03/20/raas-recruit-affiliates/ https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html https://cispa.de/en/loop-dos https://www.epa.gov/newsreleases/biden-harris-administration-engages-states-safeguarding-water-sector-infrastructure https://www.cybersecuritydive.com/news/warnings-state-linked-cyber-threats-water/710834/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ macOS 14.4, Java Issues, Oracle Warning, Ransomware Wars, Law Enforcement, Cybersecurity, Loop DoS Attack, Water Sector Cyber Threats, Biden-Harris Administration, Cyberattack Prevention, Mobile Security, Password Managers, Apple Silicon CPUs Search Phrases: macOS 14.4 Java problems Oracle advice on macOS update Ransomware recruitment post-crackdown Effects of law enforcement on ransomware Understanding Loop DoS attacks Cyber threats to water infrastructure Biden-Harris cyber security efforts Protecting against cyberattacks in the water sector How ransomware groups adapt Cybersecurity measures for water systems Impact of macOS updates on Java Dealing with ransomware wars New cybersecurity threats 2024 Administration's response to cybersecurity in infrastructure Cybersecurity tips for protecting critical infrastructure Transcript: mar 21 [00:00:00] offsetkeyz: welcome back to the Daily Decrypt. Today, we're joined by HotGirlFarmer, as she delivers last week's breaches in your favorite segment, Who's Been Popped. Also, the company Oracle alerts customers that the new Mac OS 14. 4 update will disrupt Java functionality and urges. Customers to postpone this update. Ransomware as a Service groups are upping their recruitment efforts, defying law enforcement disruptions. With cunning resilience. What are ransomware as a service groups and how are they recruiting? Stick around to find out. And the White House is really doubling down on water utilities, urging states and governors to collaborate to help protect this critical infrastructure. And finally, researchers have discovered a new loop denial of service attack that targets [00:01:00] UDP based application level protocols, putting an estimated 300, internet hosts at risk for continuous looping and unneeded stress. How will this affect everyday users? Alrighty, so before we get into the breaches with Hot Girl Farmer, I just wanted to warn macOS users to maybe postpone the most recent update to avoid any system disruptions. There are no current workarounds and Java isn't liking the new update. This isn't like how it used to be in the earlier 2000s where Java ran everything on your computer. It shouldn't affect you unless you're developing in Java. But besides Java issues, Updated users are reporting issues with their printer drivers, lost iCloud files, and connectivity issues with USB hubs and monitors. So let's just hold off on the new macOS 14. 4 upgrade for a few more days. [00:01:53] HGF: [00:02:00] First off, hackers targeted MediaWorks, a company in New Zealand, demanding a ransom in cryptocurrency from victims who just wanted to win a free radio contest. MediaWorks is out here like, sorry, your name, address, and birthday were part of our grand prize giveaway to some hackers. Hopping on a financial rollercoaster, the International Monetary Fund got their emails hacked. And these weren't just any emails, they were the kind that you use fancy words in hoping to sound smart. The IMF is like the person who insists on using a $10 word when a $1 word will do, and now everyone knows they've been using "Synergy" wrong this whole time. [00:02:41] HGF: Meanwhile in France, they've turned data breaches into an art form, with up to 43 million people affected. It's a breach so chic, it's practically wearing a striped shirt and smoking a cigarette. And let's not forget Alabama, where the state government websites faced a denial of service [00:03:00] attack. Alabama's like, Our websites are slower than molasses in January, but don't you worry, your data's as safe as a church potluck. Except in this case, the potluck's been crashed by every hacker in a 10 mile radius. So, what have we learned aside from the fact that the world is a hacker's oyster? Keep your friends close, your passwords closer, and maybe, try not to store your entire life on a device that could be hacked by a 12 year old with a grudge. In the grand scheme of things, we're all just trying to make it through this digital world. [00:03:32] transition: Thanks for watching! [00:03:38] offsetkeyz: We've been hearing a lot coming out of the White House about critical infrastructure, such as power and water. They've been providing a lot of guidance recently and encouraging collaboration to avoid cyber attacks. So what do they know that we don't know? It's starting to get me a little scared. So just two days ago, the Biden Harris administration released some more guidance on how to stay safe, but is [00:04:00] also urgently calling governors and state governments to start collaborating. and really hardening the systems of their critical water infrastructure. When we think about crippling cyber threats, we tend to think about big corporations and ransomware and things like that, but those may be where the money is, but those who are out to get the United States of America, like maybe China and maybe Russia, I'm not sure. We'll be targeting our critical infrastructure first Now, if you are working in it in a critical infrastructure like power or water, our hats are off to you. I know what you're up against and even. The White House knows what you're up against, which is why they're starting to step in. So keep doing the Lord's work out there and try to get it as secure as possible. Because, hey, we all need water to live. And I don't want to be making that Walmart run when my water stops working. That's going to be crazy. So part of the major efforts by the Biden Harris administration includes creating a cybersecurity task force between the EPA and the [00:05:00] NSC, promoting existing resources to protect against cyberattacks on water systems. According to the letter from the White House, there have been an increased amount of attacks on water systems driven by both countries or nation state actors and run of the mill cyber criminals. So I'm glad to see our federal government stepping in and helping where they can. But we might be reaching the point where we need to take our own health and wellbeing into our own hands, stock up on water, buy a nice filter, maybe get a rain bucket for outside. Make sure that you and your family are taken care of in the event that the water does go down. [00:05:40] offsetkeyz: Recently we've been seeing a lot of ransomware as a service groups being shut down by the FBI and other three letter organizations, which is great. But the FBI can only do so much, and what they've been doing is trying to capture individuals who are responsible for running these ransomware as a service groups or developers, [00:06:00] but mostly they're just shutting down dark web websites. with big banners that say claimed by the FBI. So in most instances, the individuals behind these ransomware as a service groups are just moving and creating new ransomware as a service groups, or joining others, strengthening their staffing. But let's back up for a second. What is ransomware as a service? Well, this is the new hot thing in ransomware, where it's essentially Cloud as a service, or something that you would sign up to use not really knowing how to make it yourself, but you want to use the tools to conduct a ransomware. So a good example of something you might use as a service is something like Squarespace, where if you don't know how to do web development, but you want a website, you would then pay for Squarespace's services and they give you some features, right? Depending on how much you're willing to pay. So Squarespace specifically is considered software as a service. Now ransomware as a service does exactly [00:07:00] that. I would like to ransomware somebody. So I go sign up for an account at one of these places. Such as Medusa or Cloak, as referenced in the article by HelpNet Security that's linked in our show notes below. And depending on the amount you want to pay for this service, you can get perks. Thanks. The amounts are surprisingly low between 800 to 1, 000 a year to access this product and they're getting lower. They're being pushed harder onto end users and the perks are getting better too. One of the lowest tiers is once you reach a million dollars in ransom payments, you get access to dumped hashes, you get access to a bunch of tools that make it easier to do the initial compromise. There have also been a string of Exit scams across the dark web, which is essentially when a company like Medusa or any ransomware as a service will Receive the ransom that you [00:08:00] went out and earned and then just close down their site keeping all of the money most ransomware as a services Set up the platform to receive the money And then they pay you about 85 percent of the ransom, as agreed upon before using the service. But now these groups are starting to let you collect the ransom, and then allow you to pay that 15 percent usage fee. helping to encourage people to use their services and not be so afraid of exit scams or other scams on the dark web. But what's so crazy about this is that they're literally just posting ads on the dark web. They're in forums and they are offering these perks and security researchers are able to see them in real time and see who's interacting with them. And the beauty of the dark web is that. If you're doing it correctly, it can be completely anonymous. Now I don't encourage you to get on the dark web to see this type of activity, but it is available to you. And if you'd like more information about the dark web, I released a talk about a week ago, maybe two weeks ago at this point, outlining at a high level how the dark web [00:09:00] works. [00:09:12] offsetkeyz: And finally, researchers have developed or discovered a new denial of service or DOS attack. that relies on UDP based application level protocols. And if you're not familiar, there are two main protocols on the transport layer that you interact with on a daily basis. UDP and TCP. UDP is the faster of the two, and it doesn't require any sort of verification that the data has been received. And this is often used when gaming online with your friends or talking, or even streaming like YouTube videos. Those rely heavily on UDP because you need to get the data as quickly as possible when streaming videos. And it doesn't really matter if every single frame is accounted for, you can occasionally drop frames, which might result in a little skip, but [00:10:00] overall, most of them are going to get through kind of like a shotgun spray. Whereas TCP is more for like text based communications or things where data needs to be verified on both ends, and it's a little slower due to the verification. So, UDP inherently doesn't verify, which is important to understand this type of attack, because this loop denial of service exploits UDP's lack of source IP validation to create endless communication loops between servers, eventually overwhelming them. Additionally, protocols like DNS, NTP, and TFTP are among those vulnerable to these attacks, potentially affecting basic internet functionalities. So this does tie back into the attack on DNS, which is essentially like a lookup of what you're trying to navigate to. So, when you navigate to facebook.com it reaches out to a DNS server and says, Hey, what the heck is facebook. com? And it replies with an address. Without those [00:11:00] DNS servers, we actually can't move about the internet like we do on the day to day. So this attack is easily triggered by a single spoofed message and can stress entire networks with 300, 000 hosts already at risk. There's no evidence of this loop denial of service being used in the wild, but its exploitation is considered trivial, affecting major vendors like Cisco and Microsoft. Now, these are likely a little further down the pipeline than you're familiar with as a regular user or even as a cybersecurity analyst. but you might notice slower internet speeds, stuff like that, if this happens, with the potential for it to completely shut down your internet connection. And on that note, not much is to be done on the user level. Just letting you know what's possible and what the attackers are doing. Hitting you from all kinds of angles. All right, and that is all we've got for you today. A little bit longer of an episode because we missed yesterday due to technical [00:12:00] issues, but we're back and better than ever, and we will talk to you some more tomorrow.

Is your digital footprint secure? In our latest episode we unravel the complexities of email and mobile security. Join Dean Morstad, a seasoned cybersecurity expert, as he shares invaluable insights and practical tips to enhance your digital safety. The conversation includes: - Why and how are most of us viewed as a “product”?  - Practical email security tips and best practices - How to avoid phishing scams and other social engineering strategies - Mobile device and location tracking insights - Organizational security policy tips  - Why use a password manager 

In this enlightening and comprehensive interview, we sit down with Mark Kreitzman, the General Manager of Ifani, to delve into the critical and often overlooked world of mobile security. Mark shares his personal journey into the realm of cybersecurity, providing valuable insights into the challenges and solutions in protecting our digital lives. Don't miss!

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.Guests:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonIngrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/ingridgliottone/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.Guests:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonIngrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/ingridgliottone/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Segment One: MSP Question of the Week/Notes on the News We combine our two segments-- With Twitter X's arrival (and departure, which social media should MSPs be using? We compile a list of our social media necassities for MSPs and how to take advantage of it.  And...Is our industry dominated by the “Magnificent Seven?” Reuters: “The outsized gains have come with big earnings expectations for the seven companies: Apple (AAPL.O), Microsoft (MSFT.O), Alphabet (GOOGL.O), Amazon (AMZN.O), Nvidia (NVDA.O), Tesla (TSLA.O) and Meta Platforms (META.O). BofA Global Research projects they will increase earnings by an average of 19% over the next 12 months, more than double the 8% estimated rise for the rest of the S&P 500.” --- Segment Two: Fives Minutes with A Smart Person - Lucas Acosta  "I'm a fixer. I left Apple to provide business-class solutions for businesses using Apple products. We've got a fantastic team offering a few specific solutions for businesses using Apple products. I'd love to connect and learn how you're using your Mac, iPhone, iPad, Watch, or HomePod! ;) Specialties: Mobile Device Management (MDM), Mobile Content Management (MCM), Asdeq, MobileIron, AirWatch, Casper Suite, Mac consulting, iPad consulting, Apple IT, Mobile Security, Mac training, iPad training, Group training. Did I mention I work with people I love? I'm proud of every single one of my team members. I hire only full-time W2 employees with benefits. We've got a fantastic culture built around servanthood, and hospitality." Lucas's LinkedIn page:  https://www.linkedin.com/in/lucasacosta/ Blog and newsletter on MSP best practices: https://lucasacosta.com  --- Our Social Media:  https://www.linkedin.com/in/james-kernan-varcoach/ https://www.instagram.com/james_kernan/?hl=en https://twitter.com/JKernan https://www.linkedin.com/in/karlpalachuk/ https://www.instagram.com/karlpalachuk/?hl=en https://www.youtube.com/@smallbizthoughts   Sponsor Memo: Small Biz Thoughts Technology Community NOW is the time to join the Small Biz Thoughts Technology Community. Check us out at https://SmallBizThoughts.ORG There is no better value for training and education in managed services. Forms, templates, and checklists are just the start. Our Community includes ALL of the best-selling books on managed services in all available formats, plus free 5-week courses, members-only programs, and the best business training available to managed service providers anywhere. Prices go up July 1st. Join now and you can lock in the lower price for life. See all the details and Join us today at https://www.SmallBizThoughts.org.

If your client is already driving a Bugatti Veyron around the streets of London do you also need to be not just overt but incredibly nimble? We are delighted to welcome Sebastian Bouchard, Founder of 242 Security and 242 Mobile Security to the podcast to ask:How can motorcycle outriders help and what threats are they designed to counter?What type of licensing and insurance is required in this field?Should every EP operator learn mobile security skills?What role do outriders have beyond security and into the field of concierge services?Could mobile security units ever be covert?About 242 Mobile Security:WebsiteMore about the Circuit:The Circuit Magazine is written and produced by volunteers, most of who are operationally active, working full time in the security industry. The magazine is a product of their combined passion and desire to give something back to the industry. By subscribing to the magazine you are helping to keep it going into the future. Find out more >If you liked this podcast, we have an accompanying weekly newsletter called 'On the Circuit' where we take a deeper dive into the wider industry. Opt in here >The Circuit team is:Elijah ShawJon MossShaun WestPhelim RoweConnect with Us: Circuit MagazineBBA ConnectNABA ProtectorBritish Bodyguard Association

How much of your life is tied up on your phone? This week, Security Noise looks at the client side of mobile security. In this episode, we explore some current topics surrounding mobiles and how you should treat them. Joining us are several folks from the Mobile Security team at TrustedSec: Drew Kirkpatrick, Rob Simon, and Whitney Phillips. Security Noise is hosted by Geoff Walton with Producer/Contributor Skyler Tuter.

Amazon Web Services and Microsoft Azure face antitrust probe. Cybercriminals 'CAN' steal your car, using novel IoT hack Romance Scams: Authorities claw back funds from "Pig-butchering" cybercrime ring EU Chips act likely to get the green light on April 18 Designing Tabletop exercises that actually thwart attacks Vincent Korstanje, CEO of Kigen, talks about how to make IoT devices more secure and trustworthy. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Vincent Korstanje Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: decisions.com/twit bitwarden.com/twit ZipRecruiter.com/twiet

Amazon Web Services and Microsoft Azure face antitrust probe. Cybercriminals 'CAN' steal your car, using novel IoT hack Romance Scams: Authorities claw back funds from "Pig-butchering" cybercrime ring EU Chips act likely to get the green light on April 18 Designing Tabletop exercises that actually thwart attacks Vincent Korstanje, CEO of Kigen, talks about how to make IoT devices more secure and trustworthy. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Vincent Korstanje Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: decisions.com/twit bitwarden.com/twit ZipRecruiter.com/twiet

Amazon Web Services and Microsoft Azure face antitrust probe. Cybercriminals 'CAN' steal your car, using novel IoT hack Romance Scams: Authorities claw back funds from "Pig-butchering" cybercrime ring EU Chips act likely to get the green light on April 18 Designing Tabletop exercises that actually thwart attacks Vincent Korstanje, CEO of Kigen, talks about how to make IoT devices more secure and trustworthy. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Vincent Korstanje Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: decisions.com/twit bitwarden.com/twit ZipRecruiter.com/twiet

Amazon Web Services and Microsoft Azure face antitrust probe. Cybercriminals 'CAN' steal your car, using novel IoT hack Romance Scams: Authorities claw back funds from "Pig-butchering" cybercrime ring EU Chips act likely to get the green light on April 18 Designing Tabletop exercises that actually thwart attacks Vincent Korstanje, CEO of Kigen, talks about how to make IoT devices more secure and trustworthy. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Vincent Korstanje Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: decisions.com/twit bitwarden.com/twit ZipRecruiter.com/twiet

GuestsSteve Luczynski, Senior Manager / Critical Infrastructure Security, Accenture Federal Services [@Accenture] and Chairman of the Board for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/steveluczynski/On Twitter | https://twitter.com/cyberpilot22Henry Danielson, Adjunct Professor/Lecturer, Cal Poly College of Liberal Arts [@CalPolyCLA], Technical Advisor, California Polytechnic State University California Cybersecurity Institute [@CalPolyCCI], and Volunteer at Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/henry-danielson-43a61213/On Twitter | https://twitter.com/hdanielsonAt Cal Poly | https://cci.calpoly.edu/about-cci/staff____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcweb____________________________Episode Notes"Discover the exciting world of the Aerospace Village at RSA Conference 2023, and dive into hands-on experiences with cybersecurity experts and cutting-edge technology." Welcome to ITSPmagazine's RSA Conference 2023 coverage, where we dive into the world of cybersecurity and engage with experts in a week full of fun and exciting activities. We're on the road to RSA Conference 2023 in San Francisco, and one event we can't miss is the Sandbox, specifically the Aerospace Village. In this podcast episode, we're joined by our good friends Steve Luczynski and Henry Danielson from the Aerospace Village to discuss what's in store for us at this year's conference.The Aerospace Village is a small nonprofit run by volunteers from around the world, aiming to build relationships between government, industry, security researchers, and hackers, inspire people to join the cybersecurity workforce, and promote awareness in the aviation and space sectors. This year, RSA Conference 2023 features a Sandbox where attendees can interact with the latest technical hands-on experiences, learn from experts, and explore what's happening in the cybersecurity world.In this episode, our guests discuss the various partners and activities in the Aerospace Village, such as CT Cubed's drone quadcopter simulation in AR and VR experience, IntelleGenesis's runway lighting scenario demonstration, and Boeing's continuous security level maintenance activity. You'll also get a chance to try out a real Airbus simulator, courtesy of pen test partners, to understand the potential vulnerabilities in electronic flight bags and their impact on pilot operations.Join us for an exciting, fun-filled week at RSA Conference 2023, where you can learn, network, and discover the latest trends in cybersecurity. Don't miss out on this unique opportunity to interact with experts, explore cutting-edge technologies, and immerse yourself in the world of aerospace cybersecurity. Be sure to listen, share, and subscribe to ITSPmagazine's podcast for more exciting episodes and insights from the RSA Conference 2023!____________________________ResourcesLearn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________Catch the video here: https://www.youtube.com/watch?v=Htvn7AkCJSsFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

What basic steps can you take to protect your computer, phone, and tablet from hacks, malware, and ransomware? Dom Bettinelli, Pat Scott, and Fr. Andrew Kinstetter discuss software and best practices for basic security. The post PC and Mobile Security Basics appeared first on StarQuest Media.

Designed to keep your sensitive data safe from prying eyes, Bitdefender Mobile Security for iOS offers the most powerful protection against threats with the least impact on battery life. Their innovative technologies predict, prevent, detect, and remediate all of the latest cyber threats, ranging from phishing, scam, and fraud schemes, to malware-ridden apps, and even theft attempts. For more information, visit https://bitdefender.com

A global leader in cybersecurity, Bitdefender delivers best-in-class threat prevention, detection, and response solutions for Android devices across the globe. Their innovative technologies predict, prevent, detect, and remediate all of the latest cyber threats, ranging from phishing, scam, and fraud schemes, to malware-ridden apps, and even theft attempts. Visit https://bitdefender.com to get protected today.

Hear from global Jamf subject matter experts on what they're seeing in security, phishing, supporting customers and how Jamf is offering to help. Understand trends in security, mobility, BYOD and more.

On this podcast's fourth episode, we learn about mobile security from Amit Modi, the Chief Technology Officer (CTO) and CISO of Movius Interactive Corporation, a leading global provider of cloud-based secure mobile communications software. The company helps enterprises deliver better engagement for their clients., and connect with their customers in more convenient, cost-effective, and compliant ways. Host Jeremy Snyder and Amit also chat about cloud security, how you can secure your mobile devices, the primary attack vector against secured mobile communication, and what you should know about mobile communications. Read the associated short blog on what mobile security is and some opportunities and threats AI brings to mobile security here: https://www.horangi.com/blog/ai-and-the-future-of-mobile-security Read the transcript here: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbTRnS01xOHAyQUJtMmxxbWRKR3p4Z1hSUVZaQXxBQ3Jtc0tsQ3dFdGFNU1l4dXRUWF9RWkFTSGZqSWl4Y0lheE54ZEZuZnI2c2FsTEQ3WjFCS3phVWJJVE96eDVxUXB6MmdDQWpWeEFDU2hkS240bXNOTS1rQjRxRHJaenljdEMyaVB5QWNJVGE2bXIyVGZmblBMbw&q=https%3A%2F%2Finfo.horangi.com%2Fhubfs%2FAsk%2520A%2520CISO%2520Transcripts%2FAsk%2520A%2520CISO%2520SE03EP04%2520Transcript%2520-%2520AI%2520and%2520the%2520Future%2520of%2520Mobile%2520Security.pdf&v=ybeSkzRS4Vg - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Amit's LinkedIn: https://www.linkedin.com/in/amit-modi-5b1644/

Today on the Social-Engineer Podcast: The Security Awareness Series, Ryan and I are joined by Haseeb Awan. Haseeb is the CEO & Founder of Efani Secure Mobile, a company that works with ultra-high-net-worth individuals on their Mobile Security. Previously, he co-founded one of the largest Bitcoin ATM networks. He has been featured on NYT, TechCrunch, Wall Street Journal, Hulu, and several international media outlets.  [Feb 20, 2023]   00:00 - Intro 00:50 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Tuxcare – tuxcare.com -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:55 - Haseeb Awan Intro 05:23 - What led you from Bitcoin to Sim Swapping? 10:10 - More Than Financial Loss 12:27 - Protecting Something Out of Your Control 14:06 - It's About More than the Price 16:52 - Security vs Convenience 20:00 - Explaining Without Scaring 24:26 - The Importance of Stories 26:15 - Consider It Insurance 28:38 - Will the TelCos Follow Suit? 31:19 - Tips for a More Secure Company 32:33 - Book Recommendations: -          Zero to One – Peter Thiel 34:08 - Find Haseeb Awan Online -          Twitter: https://twitter.com/haseeb -          Twitter: https://twitter.com/efani -          LinkedIn: linkedin.com/company/efani/ -          YouTube: https://youtube.com/@efani 34:52 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

introducing @operat0r talked a bit about mobile device hacking and rooting/jailbreaking phones for testing Grab the powershell script here: https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy   Check out the Youtube videos, including demo! Part2 is here: https://www.youtube.com/watch?v=RXgwUWpRuYA