Podcast appearances and mentions of paul ducklin

  • 12PODCASTS
  • 313EPISODES
  • 26mAVG DURATION
  • ?INFREQUENT EPISODES
  • May 1, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about paul ducklin

Latest podcast episodes about paul ducklin

Smashing Security
The closed loop conundrum, default passwords, and Baby Reindeer

Smashing Security

Play Episode Listen Later May 1, 2024 54:03


The UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken for the person who stole his name, and are you au fait with the latest scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:New laws to protect consumers from cyber criminals come into force in the UK - UK Government.Mirai - Wikipedia.Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.5 scams you need to know about in 2024 - Which? News.How fraudsters are getting fake articles onto Facebook - BBC News.Five Scams To Beware In 2024 - Forbes Advisor UK.Eerie ‘breathing' mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun.How to spot fraud - UK Government.Etymology Monday: David Crystal on the word ‘gaggle' - Literary Minded.Moon - Wikipedia.Baby Reindeer - Netflix.Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Sonrai's Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!

Smashing Security
Wireless charging woe, AI romance apps, and ransomware revisited

Smashing Security

Play Episode Listen Later Feb 29, 2024 53:46


Your smartphone may be toast - if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger - ArXiv.FBI offers free decryption help for LockBit ransomware victims - Paul Ducklin.LockBitsupp unmasked!!? Graham's reaction to the FBI and NCA's LockBit ransomware revelation - YouTube.Dating Statistics And Facts In 2024 – Forbes Health.Romantic AI Chatbots Don't Have Your Privacy at Heart - Mozilla Privacy Not Included.Promptsmart.Solving a celestial mystery: the Sun, Earth and Moon model - Museum of Natural History, Oxford.Lotus Bud.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market todayKolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or

Smashing Security
For research purposes only

Smashing Security

Play Episode Listen Later Dec 14, 2023 56:51


A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Fuzzy Duck - Wikipedia.Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit.Rule 34 - Wikipedia.We are (temporarily) offline - InflateVids on Patreon.Fast Company's Apple News access hijacked to send an obscene push notification - The Verge.Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It' - Vice.The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin.Russian influence and cyber operations adapt for long haul and exploit war fatigue - Microsoft.How Zelensky became Hollywood man of the hour - The Guardian.Nigel Farage wishes Hugh Janus a happy birthday - YouTube.Don Johnson - Cameo.Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register.Winning hearts and minds - Military Wiki.AdGuard Home - GitHub.Garmin Edge 130 Plus - Garmin.Garmin Connect IQ - Garmin.The Thermapen.Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool - Amazon.

Smashing Security
Another T-Mobile breach, ThemeBleed, and farewell Naked Security

Smashing Security

Play Episode Listen Later Sep 28, 2023 58:15


Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:T-Mobile customer reports privacy breach - Twitter.T-Mobile US exposes some customer data – but don't call it a breach - The Register.T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer.Connectivity Source - Despite appearances, don't confuse it with T-Mobile.ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes.If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times.They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone.The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media.Egg crack challenge,the last baby is so cute - YouTube.Trailer for “The Deepest Breath” - YouTube.“The Deepest Breath” - Netflix.Nitpick: Meaningless communications.Naked Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees...

Sophos Podcasts
S3 Ep142: Putting the X in X-Ops

Sophos Podcasts

Play Episode Listen Later Jul 6, 2023 14:21


First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate "Ops" teams working together, with cybersecurity correctness as a guiding light. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

Hacking Humans
The rise of ChatGPT: A look into the future of chatbots.

Hacking Humans

Play Episode Listen Later Jun 8, 2023 53:25


This week, our CyberWire UK Correspondent Carole Theriault is talking with Paul Ducklin from Sophos about where ChatGPT could be going in the future. Joe and Dave share quite a bit of follow up from listeners, discussing several people writing in about dating apps and the men who use them, along with a question from listener Bryan who asks about an email scheme an intern working for his company received. Joe's story hones in on AI, discussing in particular how artificial intelligence is changing the social engineering game forever. Dave has the story on how hackers hide malicious links within pictures to redirect users to phishing sites. Our catch of the day comes from listener Cyrus, who shares an email they received about benefits with a hilarious twist. Links to stories: How AI Is Changing Social Engineering Forever The Picture in Picture Attack Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Sophos Podcasts
S3 Ep131: Can you really have fun with FORTRAN?

Sophos Podcasts

Play Episode Listen Later Apr 20, 2023 20:52


Fun with FORTRAN?! An extreme data breach and its consequences. Rogue 2FA apps live in action. Juicejacking revisited. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge.

Sophos Podcasts
S3 Ep115: True crime stories - A day in the life of a cybercrime fighter

Sophos Podcasts

Play Episode Listen Later Dec 29, 2022 18:40


Once more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Original music by Edith Mudge Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity

Smashing Security
285: Uber's hidden hack, tips for travel, and AI accent fixes

Smashing Security

Play Episode Listen Later Jul 27, 2022 68:05


Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Plus don't miss our featured interview with Ian Farquhar of Gigamon. Visit https://www.smashingsecurity.com/285 to check out this episode's show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes. Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Ian Farquhar and Paul Ducklin.

Smashing Security
285: Uber's hidden hack, tips for travel, and AI accent fixes

Smashing Security

Play Episode Listen Later Jul 27, 2022 68:06


Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans https://www.smashingsecurity.com/hosts/graham-cluley (Graham Cluley) and https://www.smashingsecurity.com/hosts/carole-theriault (Carole Theriault), joined this week by Naked Security's Paul Ducklin. Plus don't miss our featured interview with Ian Farquhar of Gigamon. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: https://www.justice.gov/usao-ndca/pr/uber-enters-non-prosecution-agreement (Uber Enters Non-Prosecution Agreement Related to 2016 Data Breach ) — US Department of Justice. https://www.bloomberg.com/news/articles/2022-06-28/uber-former-security-chief-must-face-fraud-charges-judge-rules (Former Uber Security Chief Joe Sullivan Must Face Driver Fraud Charges ) — Bloomberg. https://techcrunch.com/2018/09/26/uber-to-pay-148-million-in-data-breach-settlement/ (Uber to pay $148 million in data breach settlement ) — TechCrunch. https://grahamcluley.com/uber-hackers-paid-data-breach/ (Uber paid hackers $100,000 to keep data breach quiet) — Graham Cluley. https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html (Uber CISO's trial underscores the importance of truth, transparency, and trust ) — CSO Online. https://nakedsecurity.sophos.com/2022/07/15/7-cybersecurity-tips-for-your-summer-vacation/ (7 cybersecurity tips for your summer vacation!) — Naked Security. https://www.sanas.ai/demo (Sanas demo.) https://www.prnewswire.com/news-releases/sanas-raises-32m-for-breakthrough-ai-technology-for-real-time-accent-translation-301572710.html (Sanas Raises $32M for Breakthrough AI Technology for Real-Time Accent Translation) — Sanas press release. https://spectrum.ieee.org/ai-accent-translator (This 6-Million-Dollar AI Changes Accents as You Speak) — IEEE Spectrum. https://www.newscientist.com/article/2288976-call-centre-workers-can-use-ai-to-mimic-your-accent-on-the-phone/ (Call centre workers can use AI to mimic your accent on the phone) — New Scientist. https://www.computerworld.com/article/2548265/a-little-less-accent--a-little-more-customer-service.html (A little less accent, a little more customer service ) — ComputerWorld. https://accentadvisor.com/what-is-accent-reduction/ (What Is Accent Reduction? ) — Accent Advisor. https://colinmorris.github.io/blog/compound-curse-words (Compound pejoratives on Reddit – from 'buttface' to 'wankpuffin') — Colin Morris. https://en.wikipedia.org/wiki/Melissa_(computer_virus) (Melissa computer virus) — Wikipedia. https://www.dedhamhall.co.uk/ (Dedham Hall.) https://poly.cam/capture/42434A6D-7BAB-4CAC-9059-73E914D703CA (3D capture of Carole Theriault) — Polycam. https://www.smashingsecurity.com/store (Smashing Security merchandise (t-shirts, mugs, stickers and stuff)) Sponsored by: https://bitwarden.com/smashing/ (Bitwarden)– Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing. https://www.smashingsecurity.com/solcyber (SolCyber) – SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. If the bad guys aren't being discriminating about who they're attacking, how can you settle for anything less? https://www.gigamon.com/smashing (Gigamon) - Gigamon's latest report into the state of ransomware. Support the show: You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on...

Hacking Humans
Extortion scams and the LGBTQ+ community.

Hacking Humans

Play Episode Listen Later Jul 21, 2022 48:16


This week, Carole Theriault sits down to talk with Paul Ducklin from Sophos on extortion scams targeting LGBTQ+ communities. Joe and Dave share multiple pieces of listener follow up, the first from Matt and Kevin, who write in to share a Wikipedia link regarding N.B. (Nota Bene, or note well) and an ad from 1801. The second one is a write in from someone who is referred to as "P," who shares more information on the Facebook link shortener discussion. Finally, Joe and Dave get a great piece of listener feedback from listener and friend of the show Jonathan, who writes in about resist fingerprinting and how Firefox doesn't block fingerprinting. Dave's story is on trafficking victims being forced to scam people. Joe's story is on a credit union being targeted for phone scams. Our catch of the day comes from listener Ian, who shares how his son was trying to get college housing accommodations and went through Facebook, only to find out that not everyone is as trustworthy as they seem. Links to stories: From Industrial-Scale Scam Centers, Trafficking Victims Are Being Forced to Steal Billions Don't fall for a scam targeting Ent Credit Union customers Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Sophos Podcasts
S3 Ep76: Deadbolt, LAPSUS$, Zlib and a Chrome 0-day

Sophos Podcasts

Play Episode Listen Later Mar 31, 2022 26:04


The DEADBOLT ransomware. LAPSUS$ members bust - or were they? Zlib patches a 17-year-old bug. Chrome experiences another weird 0-day. And Clippy. Yes, THAT Clippy. No, we're not sure why. https://nakedsecurity.sophos.com/serious-security-deadbolt-the-ransomware https://nakedsecurity.sophos.com/uk-police-arrest-7-hacking-suspects https://nakedsecurity.sophos.com/zlib-data-compressor-fixes-17-year-old-security-bug https://nakedsecurity.sophos.com/google-chrome-patches-mysterious-new-zero-day With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep75: Okta, CryptoRom, OpenSSL and CafePress

Sophos Podcasts

Play Episode Listen Later Mar 23, 2022 35:50


LAPSUS$ hackers break into Okta. The CryptoRom money-scamming malware is back on phones. OpenSSL gets into an infinite loop. CafePress fined for covering up a data breach. https://nakedsecurity.sophos.com/beware-bogus-betas-cryptocoin-scammers https://nakedsecurity.sophos.com/openssl-patches-infinite-loop-dos-bug https://nakedsecurity.sophos.com/web-vendor-cafepress-fined-500000 https://nakedsecurity.sophos.com/serious-security-how-to-store-your-users-passwords With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Command Line Heroes
Lurking Logic Bombs

Command Line Heroes

Play Episode Listen Later Mar 22, 2022 21:44


Logic bombs rarely have warning sounds. The victims mostly don't know to expect one. And even when a logic bomb is discovered before it's triggered, there isn't always enough time to defuse it. But there are ways to stop them in time. Paul Ducklin recounts the race to defuse the CIH logic bomb—and the horrible realization of how widespread it was. Costin Raiu explains how logic bombs get planted, and all the different kinds of damage they can do. And Manuel Egele shares some strategies for detecting logic bombs before their conditions are met.If you want to read up on some of our research on logic bombs, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.  

Sophos Podcasts
S3 Ep45: Routers attacked, hacking tool hacked, and betrayers betrayed

Sophos Podcasts

Play Episode Listen Later Aug 12, 2021 41:59


Home and small business routers under attack. A hacking tool favoured by crooks gets hacked. The Navajo Nation's selfless cryptographic contribution to America. A cybercrook gets aggrieved at being ripped off by cybercrooks. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep45: Routers attacked, hacking tool hacked, and betrayers betrayed

Sophos Podcasts

Play Episode Listen Later Aug 12, 2021 41:59


Home and small business routers under attack. A hacking tool favoured by crooks gets hacked. The Navajo Nation's selfless cryptographic contribution to America. A cybercrook gets aggrieved at being ripped off by cybercrooks. https://nakedsecurity.sophos.com/home-and-small-business-routers-under-attack https://nakedsecurity.sophos.com/cobalt-strike-network-attack-tool-patches https://www.reaganlibrary.gov/archives/speech/proclamation-4954-national-navaho-code-talkers-day https://nakedsecurity.sophos.com/conti-ransomware-affiliate-goes-rogue With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep44: Unreported holes, retro computing, and tech support for malware

Sophos Podcasts

Play Episode Listen Later Aug 5, 2021 36:32


The latent 0-day that didn't get reported until it was too late. Retro computing: reliving the TRS-80. Crooks that help you install their malware. And a 5-minute billionaire (who ended up with $400). With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep44: Unreported holes, retro computing, and tech support for malware

Sophos Podcasts

Play Episode Listen Later Aug 5, 2021 36:32


The latent 0-day that didn't get reported until it was too late. Retro computing: reliving the TRS-80. Crooks that help you install their malware. And a 5-minute billionaire (who ended up with $400). https://nakedsecurity.sophos.com/microsoft-researcher-found-apple-0-day https://nakedsecurity.sophos.com/bazarcaller-the-malware-gang With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust

Sophos Podcasts

Play Episode Listen Later Jul 28, 2021 39:16


Apple's emergency 0-day fix. Two sorts of Windows nightmare, neither involving printers. Twitter hacker busted. And our very own Doug ruins a brand new TV. https://nakedsecurity.sophos.com/apple-emergency-zero-day-fix https://nakedsecurity.sophos.com/windows-petitpotam-network-attack https://nakedsecurity.sophos.com/windows-hivenightmare-bug https://nakedsecurity.sophos.com/us-court-gets-uk-twitter-hack-suspect-arrested https://nakedsecurity.sophos.com/porn-blast-disrupts-bail-hearing https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Smashing Security
238: Fashion captain, fraud family, and DEF CON. D'oh!

Smashing Security

Play Episode Listen Later Jul 28, 2021 53:30


Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin. Visit https://www.smashingsecurity.com/238 to check out this episode's show notes and episode links. We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes. Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Paul Ducklin.

Sophos Podcasts
S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust

Sophos Podcasts

Play Episode Listen Later Jul 28, 2021 39:16


Apple's emergency 0-day fix. Two sorts of Windows nightmare, neither involving printers. Twitter hacker busted. And our very own Doug ruins a brand new TV. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep42: Viruses, Nightmares, patches, rewards and scammers

Sophos Podcasts

Play Episode Listen Later Jul 22, 2021 28:21


Learning from computer virus history. The PrintNightmare saga continues. Apple puts out a patch, but doesn't say why. Snitch on a crook and earn $10 million. Scammers do grammar. And the Business Email Compromise that wasn't. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep42: Viruses, Nightmares, patches, rewards and scammers

Sophos Podcasts

Play Episode Listen Later Jul 22, 2021 28:21


Learning from computer virus history. The PrintNightmare saga continues. Apple puts out a patch, but doesn't say why. Snitch on a crook and earn $10 million. Scammers do grammar. And the Business Email Compromise that wasn't. https://nakedsecurity.sophos.com/the-code-red-worm-20-years-on https://nakedsecurity.sophos.com/more-printnightmare https://nakedsecurity.sophos.com/apple-iphone-patches-are-out-no-news https://nakedsecurity.sophos.com/want-to-earn-10-million-snitch https://nakedsecurity.sophos.com/home-delivery-scams-get-smarter With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories

Sophos Podcasts

Play Episode Listen Later Jul 14, 2021 32:14


We explain how a format string bug could lock your iPhone out of your own network. We revisit the PrintNightmare saga, which is sort-of fixed but not really. We look back at the 20-year-old Code Red virus. We look at what cybercriminals spend money on (hint: more cybercrime). And in this week's "Oh! No!", we learn how farm animals can disrupt your network. https://nakedsecurity.sophos.com/take-care-dont-get-tricked https://nakedsecurity.sophos.com/printnightmare-official-patch-is-out https://nakedsecurity.sophos.com/where-do-all-those-cybercrime-payments-go With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories

Sophos Podcasts

Play Episode Listen Later Jul 14, 2021 32:14


We explain how a format string bug could lock your iPhone out of your own network. We revisit the PrintNightmare saga, which is sort-of fixed but not really. We look back at the 20-year-old Code Red virus. We look at what cybercriminals spend money on (hint: more cybercrime). And in this week's "Oh! No!", we learn how farm animals can disrupt your network. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep40: Kaseya breach, PrintNightmare 0-day, and hacking versus the law

Sophos Podcasts

Play Episode Listen Later Jul 8, 2021 35:10


The "Independence Day Weekend" ransomware drama. The PrintNightmare nightmare continues. An email hacker gets his conviction overturned. In this week's Oh! No! story, a server room fills with toxic fumes... This week's articles: https://nakedsecurity.sophos.com/kaseya-ransomware-attackers-say-pay-70-m https://nakedsecurity.sophos.com/printnightmare-the-zero-day-hole https://nakedsecurity.sophos.com/printnightmare-official-patch-is-out https://nakedsecurity.sophos.com/us-email-hacker-gets-his-computer-trespass The IBM 3270 "retrofont" that Duck loves: https://github.com/rbanffy/3270font With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Sophos Podcasts
S3 Ep40: Kaseya breach, PrintNightmare 0-day, and hacking versus the law

Sophos Podcasts

Play Episode Listen Later Jul 8, 2021 35:10


The "Independence Day Weekend" ransomware drama. The PrintNightmare nightmare continues. An email hacker gets his conviction overturned. In this week's Oh! No! story, a server room fills with toxic fumes... With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep39: Paying the date, #SocialMediaDay tips, and a special splintersode

Sophos Podcasts

Play Episode Listen Later Jun 30, 2021 39:34


When you spend tens of pounds but get billed thousands because the system mistook the date for the amount. Our tips to make #SocialMediaDay your safest day on social media yet. And a clip from a great new privacy splintersode we'll be airing next week. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

original paying social media day paul ducklin doug aamoth
Sophos Podcasts
S3 Ep38: Clop busts, destructive Linux hacking, and rooted bicycles

Sophos Podcasts

Play Episode Listen Later Jun 24, 2021 38:05


Ukrainian cops bring out the BFG (Big Fearsome Grinder) and cut open some doors. A repeated request for destructive Linux code enters its 15th year. Peloton exercise bicycles found to be rootable. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems

Sophos Podcasts

Play Episode Listen Later Jun 17, 2021 37:30


Will quantum cryptography mean the end of encryption? How was the FBI able to get bitcoins back in the Colonial Pipeline ransomware case? What is the ALPACA attack, and does it make your browsing less secure? With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep36: Trickbot coder busted, passwords cracked, and breaches judged

Sophos Podcasts

Play Episode Listen Later Jun 10, 2021 37:34


Alleged malware coder from the Trickbot gang arrested. 5500 passwords cracked and salaries stolen by "credential stuffing" crook. And we answer a listener's question about just how tough to be when judging a company that's had a breach. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble

Sophos Podcasts

Play Episode Listen Later Jun 3, 2021 36:11


The fascinating tale of a bug that's baked into Apple's latest chip. Why the Aussie data breach warning site HIBP is partnering with the FBI. And a coronavirus tracking toolkit that fell foul of privacy rules. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep34: Apple bugs, scammers busted, and how crooks bypass 2FA

Sophos Podcasts

Play Episode Listen Later May 26, 2021 43:25


Apple patches a raft of serious security holes. Police arrest eight suspects in an online scamming ring. We explain how WhatsApp messages from hacked accounts are helping cybercrooks bypass 2FA. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep33: Eufy camera leak, Afterburner crisis, and AirTags (again)

Sophos Podcasts

Play Episode Listen Later May 19, 2021 38:46


We look into an unnerving case of mixed-up video feeds. We warn you against "going rogue" when you can't get the download you want from the regular place. We explain how Apple's new AirTag product got hacked (again). With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep32: AirTag jailbreak, Dell vulns, and the never-ending scam

Sophos Podcasts

Play Episode Listen Later May 12, 2021 38:33


Apple's brand new AirTag product got hacked already. Things you can learn from Colonial Pipeline's ransomware misfortune. Why Dell patched a bunch of driver bugs going back more than a decade. And the "Is it you in the video?" scam just keeps on coming back. Additional links you will find useful: https://news.sophos.com/en-us/using-sophos-edr-to-identify-endpoints-impacted-by-dell https://nakedsecurity.sophos.com/ransomware-dont-expect-a-full-recovery https://www.sophos.com/ransomware With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug

Sophos Podcasts

Play Episode Listen Later May 5, 2021 38:42


We look into Apple's recent emergency updates that closed off four in-the-wild browser bugs. We explain how the infamous "Flubot" home delivery scam works and how to stop it. We investigate a recent security bug that threatened the PHP ecosystem. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep30: AirDrop worries, Linux pests and ransomware truths

Sophos Podcasts

Play Episode Listen Later Apr 29, 2021 47:39


We investigate whether AirDrop is really as dangerous as researchers claimed. We discuss the pestiferous problem of fake Linux bugs submitted as an academic exercise. We review the latest Sophos Ransomware Report and uncover uncomfortable truths about paying up. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns

Sophos Podcasts

Play Episode Listen Later Apr 21, 2021 48:44


How Firefox showed the hand to a widely abused online tracking trick. Why reading from one part of your computer's memory can paradoxically (and sneakily) let you write to another part. And yet more IoT bugs, this time a whole slew of them that go by the moniker "name:wreck". With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy

Sophos Podcasts

Play Episode Listen Later Apr 14, 2021 48:00


We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web. We wrestle with some of the privacy issues relating to COVID-19 infection tracking apps. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep27: Census scammers, beg bounties and data breach fines

Sophos Podcasts

Play Episode Listen Later Apr 7, 2021 46:09


How scammers copied a government website almost to perfection. What to do about those fake "bug" hunters who ask for payment for finding "vulnerabilities" that aren't. Why the Dutch data protection authority fined Booking.com for not sending in a data breach disclosure fast enough. Useful podcasts and videos mentioned in this episode: https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac https://nakedsecurity.sophos.com/s3-ep8-a-conversation-with-katie-moussouris https://nakedsecurity.sophos.com/what-should-you-say-if-you-have-a-data-breach With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor

Sophos Podcasts

Play Episode Listen Later Apr 1, 2021 37:37


Why Apple had to rush out a security update for iDevices. Two cryptographic security holes patched in OpenSSL. How PHP nearly got backdoored by crooks. With Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep25: Drained accounts, ransomware attacks and Linux badware

Sophos Podcasts

Play Episode Listen Later Mar 25, 2021 47:00


How a social engineer ripped off a victim lured in by one of those "small outstanding fee to pay" home delivery scams. The ransomware crooks targeting networks that still haven't done their Hafnium patches. And the Linux kernel security holes that lay there undiscovered for 15 years. Related articles that we refer to in the show: https://nakedsecurity.sophos.com/beware-the-dhl-delivery-message https://nakedsecurity.sophos.com/watch-out-scummy-scammers https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac https://nakedsecurity.sophos.com/blackkingdom-ransomware https://nakedsecurity.sophos.com/serious-security-webshells-explained https://nakedsecurity.sophos.com/naked-security-live-hafnium-explained https://nakedsecurity.sophos.com/serious-security-the-linux-kernel-bugs With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep24: How not to get snooped, scammed or hoaxed

Sophos Podcasts

Play Episode Listen Later Mar 17, 2021 47:26


We discuss an iPhone app that allowed anyone to snoop on anyone's calls - but not in the way you might expect. We investigate a data breach where 150,000 surveillance cameras protecting hundreds or thousands of customers were apparently "secured" by a single password... that got leaked onto the internet. And we urge you as keenly as we can: "Don't spread hoaxes, folkses." With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

iphone original scammed hoaxed paul ducklin doug aamoth
Sophos Podcasts
S3 Ep19.5: How NOT to be a bug bounty hunter

Sophos Podcasts

Play Episode Listen Later Feb 12, 2021 16:28


In this special mini-episode, Paul Ducklin talks to Sophos cybersecurity expert Chester Wisniewski about bug bounty hunting. How does bug bounty hunting work? What should you do if you get a bug report that doesn't follow established protocol? Chester tells you how to deal with so-called "beg bounties", where self-styled "experts" beg you for money or even threaten you with ill-defined "problems" they claim to have found. https://news.sophos.com/en-us/have-a-domain-name-beg-bounty-hunters-may-be-on-their-way https://nakedsecurity.sophos.com/beware-of-technical-experts-bombarding-you-with-bug-reports Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep15.5: Home schooling - how to stay secure

Sophos Podcasts

Play Episode Listen Later Jan 19, 2021 19:07


Thanks to coronavirus lockdown rules in the UK, and the temporary closure of all schools, Sally Adam suddenly found herself responsible for cybersecurity where it mattered more than ever: on a home network that jointly served for home, work and school. Paul Ducklin talks to Sally about how she did it, and how to keep your own family's digital life safe. https://nakedsecurity.sophos.com/home-schooling-how-to-stay-secure https://nakedsecurity.sophos.com/home-wi-fi-security-tips Original music by Edith Mudge *** Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep14: Money scams, HTTPS by default, and hardcoded passwords

Sophos Podcasts

Play Episode Listen Later Jan 7, 2021 46:39


We advise you how to react when a friend suddenly asks for money, explain why Chromium is finally aiming for HTTPS by default, and warn you why you should never, ever hardcode passwords into your software. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Original music by Edith Mudge *** Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

money original scams passwords default chromium hardcoded paul ducklin doug aamoth
Sophos Podcasts
S3 Ep11: DIY phishes, sandwich scams and vaccine hacking

Sophos Podcasts

Play Episode Listen Later Dec 17, 2020 44:59


We look at phishing tricks that really work, investigate a bizarre scam involving Subway sandwiches, and ask whether cybercriminals have lost their interest in the rest of us now they have coronavirus-related targets to go after. With Kimberly Truong, Doug Aamoth and Paul Ducklin. https://nakedsecurity.sophos.com/phishing-tricks-that-really-work https://nakedsecurity.sophos.com/subway-sandwich-scam-mystifies https://nakedsecurity.sophos.com/was-there-a-covid-19-vaccine-hack Original music by Edith Mudge *** Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep10.5: 20 years of cyberthreats that shaped infosec

Sophos Podcasts

Play Episode Listen Later Dec 14, 2020 21:24


Naked Security's Paul Ducklin interviews Sophos expert John Shier about his recently published paper, "20 years of cyberthreats that shaped information security." Join John on a dizzying journey all the way from legendary viruses such as ILOVEYOU and Code Red, which flooded the internet in 2000, to present-day ransomware gangs like Ryuk and REvil, who are extorting millions of dollars in blackmail money per attack. https://news.sophos.com/20-years-of-cyberthreats Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep10: Hacking iPhones, sunken Enigmas and double scams

Sophos Podcasts

Play Episode Listen Later Dec 10, 2020 46:45


We dig into research that figured out a way to steal data from iPhones wirelessly, we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea, and we give you advice on how to talk to phone scammers. With Kimberly Truong, Doug Aamoth and Paul Ducklin. https://nakedsecurity.sophos.com/how-to-steal-photos-off-someones-iphone https://nakedsecurity.sophos.com/german-divers-find-enigma-crypto-machine https://nakedsecurity.sophos.com/vishing-criminals-let-rip-with-two-scams Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tips

Sophos Podcasts

Play Episode Listen Later Dec 3, 2020 48:56


We look at a network intrusion where the crooks tried to take over dozens of different online accounts from every user, we discuss the potential dangers of digital doorbells, and we give you some handy hints for improving your wireless security at home. With Kimberly Truong, Doug Aamoth and Paul Ducklin. https://nakedsecurity.sophos.com/gift-card-hack-exposed-you-pay-they-play https://nakedsecurity.sophos.com/bzzzzzzt-how-safe-is-that-keenly-priced-digital-doorbell https://nakedsecurity.sophos.com/home-wi-fi-security-tips-5-things-to-check Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity