300 episodes

Podcast by Sophos

Naked Security Podcast Sophos

    • Technology

Podcast by Sophos

    S2 Ep26: Robbin Hood ransomware, Twitter parodies and SMS 2FA WHAT?

    S2 Ep26: Robbin Hood ransomware, Twitter parodies and SMS 2FA WHAT?

    This week we welcome back Peter who discusses RobbinHood - the ransomware that brings its own bug. Greg explains how a student's Twitter account was handed over to their college and Duck talks SMS 2FA.

    Host Anna Brading is joined by Sophos experts Peter Mackenzie, Paul Ducklin and Greg Iddon.

    Listen now!

    Related articles:
    RobbinHood – the ransomware that brings its own bug: https://nakedsecurity.sophos.com/2020/02/07/robbin-hood-the-ransomware-that-brings-its-own-bug/
    Living off another land: Ransomware borrows vulnerable driver to remove security software: https://news.sophos.com/en-us/2020/02/06/living-off-another-land-ransomware-borrows-vulnerable-driver-to-remove-security-software/
    Apple proposes simple security upgrade for SMS 2FA codes: https://nakedsecurity.sophos.com/2020/02/03/apple-proposes-simple-security-upgrade-for-sms-2fa-codes/
    Twitter hands over student’s account to his college:
    https://nakedsecurity.sophos.com/2020/02/04/twitter-gave-access-to-students-account-to-his-college/
    Peter's ransomware list (tweet): https://twitter.com/AltShiftPrtScn/status/1225715096124567557
    Joshua Saxe AI malware detector (tweet): https://twitter.com/joshua_saxe/status/1225521199800864769
    Security ML models encoded as Yara rules: https://github.com/sophos-ai/yaraml_rules

    • 46 min
    S2 Ep25: You've seen WHAT on public Trello boards?

    S2 Ep25: You've seen WHAT on public Trello boards?

    Over the past couple of years, Sophos' Director of Security Craig Jones has discovered a worrying amount of personal data on public Trello boards. Mark says companies shouldn’t microchip their employees and Duck discusses a bug that could have blown a hole in OpenSMTPD.

    Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and special guest Craig Jones.

    Listen now!

    Related articles:

    Trello exposed! Search turns up huge trove of private data: https://nakedsecurity.sophos.com/2020/01/30/trello-exposed-search-turns-up-huge-trove-of-private-data/
    Employers can’t force you to get microchipped, Indiana reps say https://nakedsecurity.sophos.com/2020/01/30/employers-cant-force-you-to-get-microchipped-indiana-reps-say/
    Serious Security – How ‘special case’ code blew a hole in OpenSMTPD https://nakedsecurity.sophos.com/2020/01/31/serious-security-how-special-case-code-blew-a-hole-in-opensmtpd/

    • 48 min
    S2 Ep24: Tinder, angry customers and weleakinfo takedown

    S2 Ep24: Tinder, angry customers and weleakinfo takedown

    This week we discuss 70,000 images being stolen from Tinder, the weleakinfo.com FBI bust and how Sonos annoyed its longstanding customers.

    Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and producer Alice Duckett.

    Listen now!

    Related articles:
    Sonos’s tone-deaf legacy product policy angers customers: https://nakedsecurity.sophos.com/2020/01/23/sonoss-tone-deaf-legacy-product-policy-angers-customers/
    FBI seizes credentials-for-sale site: https://nakedsecurity.sophos.com/2020/01/20/fbi-seizes-credentials-for-sale-site-weleakinfo-com/
    What do online file sharers want with 70,000 Tinder images? https://nakedsecurity.sophos.com/2020/01/21/what-do-online-file-sharers-want-with-70000-tinder-images/

    • 52 min
    S2 Ep23: Snake ransomware, VPN vulnerabilities and is your phone listening to you?

    S2 Ep23: Snake ransomware, VPN vulnerabilities and is your phone listening to you?

    This week we cover Snake ransomware, VPN vulnerabilities and decide whether our phones are spying on us.

    Mark also revisits his growing list of pet peeves and Anna tests whether getting deep fake feet to your phone via SMS is real.

    Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and Producer Alice Duckett.

    Listen now!

    Related articles:
    Snake alert! This ransomware is not a game… https://nakedsecurity.sophos.com/2020/01/13/snake-alert-this-ransomware-is-not-a-game/
    Browser zero day: Update your Firefox right now! https://nakedsecurity.sophos.com/2020/01/09/browser-zero-day-update-your-firefox-right-now/
    REvil ransomware exploiting VPN flaws made public last April: https://nakedsecurity.sophos.com/2020/01/08/revil-ransomware-exploiting-vpn-flaws-made-public-last-april/
    Windows 7 computers will no longer be patched after today: https://nakedsecurity.sophos.com/2020/01/14/windows-7-computers-will-no-longer-be-patched-after-today/

    • 51 min
    S2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swamp

    S2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swamp

    This week we discuss the IT exec who scammed his employer out of $6m with fake invoices and the death of Python 2. Peter also shares two of his latest investigations from the ransomware swamp.

    Producer Alice Duckett is joined by Mark Stockley, Greg Iddon and Peter Mackenzie in this week's episode.

    Thank you to everyone who gives us feedback on the podcast and helps us promote it on social media, it really helps us reach more people.

    Listen now!

    Related articles:
    IT exec sets up fake biz to scam his employer out of $6m: https://nakedsecurity.sophos.com/2020/01/07/it-exec-sets-up-fake-biz-to-scam-his-employer-out-of-6m/
    Python is dead. Long live Python! https://nakedsecurity.sophos.com/2020/01/03/python-is-dead-long-live-python/

    • 44 min
    S2 Ep21 - Plundervolt, domain name gunfight and Facebook snubs Congress

    S2 Ep21 - Plundervolt, domain name gunfight and Facebook snubs Congress

    Here are the week's top stories - we explain the Plundervolt attack, look into a gunfight over a domain name, and explore the encryption drama that's unfolding between Facebook and Congress.

    Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon.

    Listen and share!

    Related articles:
    https://nakedsecurity.sophos.com/doitforstate-domain-name-thief-gets-14-years-for-pistol-whipping-plot
    https://nakedsecurity.sophos.com/plundervolt-stealing-secrets-by-starving-your-computer-of-voltage
    https://nakedsecurity.sophos.com/facebook-refuses-to-break-end-to-end-encryption

    • 44 min

Top Podcasts In Technology

Listeners Also Subscribed To