Podcast by Sophos
Podcast by Sophos
S2 Ep26: Robbin Hood ransomware, Twitter parodies and SMS 2FA WHAT?
This week we welcome back Peter who discusses RobbinHood - the ransomware that brings its own bug. Greg explains how a student's Twitter account was handed over to their college and Duck talks SMS 2FA.
Host Anna Brading is joined by Sophos experts Peter Mackenzie, Paul Ducklin and Greg Iddon.
RobbinHood – the ransomware that brings its own bug: https://nakedsecurity.sophos.com/2020/02/07/robbin-hood-the-ransomware-that-brings-its-own-bug/
Living off another land: Ransomware borrows vulnerable driver to remove security software: https://news.sophos.com/en-us/2020/02/06/living-off-another-land-ransomware-borrows-vulnerable-driver-to-remove-security-software/
Apple proposes simple security upgrade for SMS 2FA codes: https://nakedsecurity.sophos.com/2020/02/03/apple-proposes-simple-security-upgrade-for-sms-2fa-codes/
Twitter hands over student’s account to his college:
Peter's ransomware list (tweet): https://twitter.com/AltShiftPrtScn/status/1225715096124567557
Joshua Saxe AI malware detector (tweet): https://twitter.com/joshua_saxe/status/1225521199800864769
Security ML models encoded as Yara rules: https://github.com/sophos-ai/yaraml_rules
S2 Ep25: You've seen WHAT on public Trello boards?
Over the past couple of years, Sophos' Director of Security Craig Jones has discovered a worrying amount of personal data on public Trello boards. Mark says companies shouldn’t microchip their employees and Duck discusses a bug that could have blown a hole in OpenSMTPD.
Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and special guest Craig Jones.
Trello exposed! Search turns up huge trove of private data: https://nakedsecurity.sophos.com/2020/01/30/trello-exposed-search-turns-up-huge-trove-of-private-data/
Employers can’t force you to get microchipped, Indiana reps say https://nakedsecurity.sophos.com/2020/01/30/employers-cant-force-you-to-get-microchipped-indiana-reps-say/
Serious Security – How ‘special case’ code blew a hole in OpenSMTPD https://nakedsecurity.sophos.com/2020/01/31/serious-security-how-special-case-code-blew-a-hole-in-opensmtpd/
S2 Ep24: Tinder, angry customers and weleakinfo takedown
This week we discuss 70,000 images being stolen from Tinder, the weleakinfo.com FBI bust and how Sonos annoyed its longstanding customers.
Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and producer Alice Duckett.
Sonos’s tone-deaf legacy product policy angers customers: https://nakedsecurity.sophos.com/2020/01/23/sonoss-tone-deaf-legacy-product-policy-angers-customers/
FBI seizes credentials-for-sale site: https://nakedsecurity.sophos.com/2020/01/20/fbi-seizes-credentials-for-sale-site-weleakinfo-com/
What do online file sharers want with 70,000 Tinder images? https://nakedsecurity.sophos.com/2020/01/21/what-do-online-file-sharers-want-with-70000-tinder-images/
S2 Ep23: Snake ransomware, VPN vulnerabilities and is your phone listening to you?
This week we cover Snake ransomware, VPN vulnerabilities and decide whether our phones are spying on us.
Mark also revisits his growing list of pet peeves and Anna tests whether getting deep fake feet to your phone via SMS is real.
Host Anna Brading is joined by Sophos experts Mark Stockley, Greg Iddon and Producer Alice Duckett.
Snake alert! This ransomware is not a game… https://nakedsecurity.sophos.com/2020/01/13/snake-alert-this-ransomware-is-not-a-game/
Browser zero day: Update your Firefox right now! https://nakedsecurity.sophos.com/2020/01/09/browser-zero-day-update-your-firefox-right-now/
REvil ransomware exploiting VPN flaws made public last April: https://nakedsecurity.sophos.com/2020/01/08/revil-ransomware-exploiting-vpn-flaws-made-public-last-april/
Windows 7 computers will no longer be patched after today: https://nakedsecurity.sophos.com/2020/01/14/windows-7-computers-will-no-longer-be-patched-after-today/
S2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swamp
This week we discuss the IT exec who scammed his employer out of $6m with fake invoices and the death of Python 2. Peter also shares two of his latest investigations from the ransomware swamp.
Producer Alice Duckett is joined by Mark Stockley, Greg Iddon and Peter Mackenzie in this week's episode.
Thank you to everyone who gives us feedback on the podcast and helps us promote it on social media, it really helps us reach more people.
IT exec sets up fake biz to scam his employer out of $6m: https://nakedsecurity.sophos.com/2020/01/07/it-exec-sets-up-fake-biz-to-scam-his-employer-out-of-6m/
Python is dead. Long live Python! https://nakedsecurity.sophos.com/2020/01/03/python-is-dead-long-live-python/
S2 Ep21 - Plundervolt, domain name gunfight and Facebook snubs Congress
Here are the week's top stories - we explain the Plundervolt attack, look into a gunfight over a domain name, and explore the encryption drama that's unfolding between Facebook and Congress.
Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon.
Listen and share!