Shared Security Podcast

Tom Eston, Scott Wright, Kevin Tackett
  • 0.0 (0)
  • Noticias tecnológicas
  • Cada semana

Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Tackett break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.

  1. Can the Government Shut Down Frontier AI Overnight?

    hace 17 h

    Can the Government Shut Down Frontier AI Overnight?

    The U.S. government reportedly ordered Anthropic to suspend access to two of its newest frontier AI models, Fable 5 and Mythos 5, citing national security concerns tied to a possible jailbreak. Anthropic complied, but pushed back on the reasoning, arguing that the reported behavior was narrow and that similar capabilities already exist in other advanced AI models. In this episode, Tom, Scott, and Kevin discuss why treating AI capabilities like export-controlled technology may create more problems than it solves. The conversation connects today’s AI restrictions to earlier fights over encryption export controls, hacker tools, and government attempts to regulate technical capability by banning access. The bigger concern: defenders may lose access to tools that help them find, fix, and test vulnerable code while attackers simply move to other models or providers. The team also looks at what this means for businesses using cloud-based AI tools. If an AI service can disappear because of a government order, vendor decision, or geopolitical restriction, security and engineering teams need alternatives, back-out plans, and a realistic “ripcord” strategy for mission-critical workflows. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Anthropic statement: Fable/Mythos access https://www.anthropic.com/news/fable-mythos-access Reuters: US blocks foreign access to Anthropic's most advanced AI models https://www.reuters.com/technology/us-blocks-foreign-access-anthropics-most-advanced-ai-models-axios-reports-2026-06-13/ Decrypt: US Government Orders Anthropic to Pull Claude Fable/Mythos AI Models https://decrypt.co/371027/us-government-orders-anthropic-pull-claude-fable-mythos-ai-models Katie Moussouris / Luta Security: The Fable 5 Export Controls Harm US Cyber Defensehttps://www.lutasecurity.com/post/the-fable-5-export-controls-harm-us-cyber-defense ** Watch this episode on YouTube ** https://youtu.be/Y62TlfnVtRg ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code "sharedsecurity". ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact

    19 min
  2. Guarding AI Agents: Boundaries and Safeguards

    15 jun

    Guarding AI Agents: Boundaries and Safeguards

    AI agents are useful, but they become risky when they can take action in real systems. In this episode, Tom Eston discusses recent reporting about attackers tricking Meta’s AI support chatbot into helping hijack Instagram accounts, and why that story matters far beyond social media. Tom explains practical guardrails for AI agents: read-only access first, human approval for consequential actions, separated accounts and contexts, prompt-injection awareness, least privilege, logging, monitoring, and adversarial testing for support and account recovery workflows. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show **  Podcast: Hackers Asked Meta AI To Let Them In. It Worked https://www.404media.co/podcast-hackers-asked-meta-ai-to-let-them-in-it-worked/ The Verge summary of the Meta/Instagram AI support chatbot exploit https://www.theverge.com/tech/941179/meta-instagram-ai-support-chatbot-exploit-hacked ** Watch this episode on YouTube **https://youtu.be/TL3MGnI4hUU ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Guarding AI Agents: Boundaries and Safeguards appeared first on Shared Security Podcast.

    11 min
  3. Mobile Application Security: What Every Organization Needs to Know

    10 jun

    Mobile Application Security: What Every Organization Needs to Know

    Mobile apps are now deeply connected platforms for identities, payments, sessions, APIs, healthcare, retail, gaming, and cloud services. In this special episode, Tom Eston talks with Joel Destefano, Senior Product Manager at Guardsquare, about the modern mobile app threat landscape and why organizations can’t treat mobile security as an afterthought. Topics include runtime manipulation, API abuse, account takeover, fake apps, overlays, malware-assisted fraud, reverse engineering, iOS vs Android risk, AI-assisted attacks, and why backend-only security is not enough. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Find out more about Guardsquare https://www.guardsquare.com/ Guardsquare’s Blog and Research Center https://www.guardsquare.com/blog https://www.guardsquare.com/mobile-app-security-research-center/welcome OWASP Mobile Application Security https://owasp.org/www-project-mobile-app-security/ OWASP MASVS https://mas.owasp.org/MASVS/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Mobile Application Security: What Every Organization Needs to Know appeared first on Shared Security Podcast.

    32 min
  4. Microsoft Threatens Legal Action Over Exploit Disclosure

    8 jun

    Microsoft Threatens Legal Action Over Exploit Disclosure

    Microsoft’s response to a researcher publicly disclosing proof-of-concept exploit code has reignited an old debate in security: where does responsible disclosure end and reckless disclosure begin? Tom and Scott discuss the Nightmare Eclipse controversy, the history of full disclosure, bug bounty incentives, and why legal threats against researchers may ultimately hurt customers. They also explain why researchers still need to follow responsible processes — and why vendors need to avoid punishing the people who help make their products safer. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** The Verge: Microsoft is threatening legal action for disclosing exploits https://www.theverge.com/tech/940416/microsoft-nightmare-eclipse-zero-day-vulnerability Microsoft MSRC Blog: A shared responsibility: Protecting customers through coordinated vulnerability disclosure https://www.microsoft.com/en-us/msrc/blog/2026/05/a-shared-responsibility-protecting-customers-through-coordinated-vulnerability-disclosure Kevin Beaumont / DoublePulsar: Microsoft’s stance on zero day exploits is a dumpster fire of their own making https://doublepulsar.com/microsofts-stance-on-zero-day-exploits-is-a-dumpster-fire-of-their-own-making-0946117940a4 ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Microsoft Threatens Legal Action Over Exploit Disclosure appeared first on Shared Security Podcast.

    17 min
  5. Apple Finally Fixes One of Texting’s Biggest Security Problems

    1 jun

    Apple Finally Fixes One of Texting’s Biggest Security Problems

    Apple and Google are finally bringing end-to-end encrypted RCS messaging to iPhone and Android chats. In this episode, Tom Eston and Kevin Tackett explain why that matters, why insecure SMS is not going away anytime soon, and why Signal is still the better choice for truly sensitive conversations. They also revisit the green bubble versus blue bubble debate, platform trust issues, and what everyday users should understand before assuming every text message is private. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Victory! End-to-End Encrypted RCS Comes to Apple and Android Chats https://www.eff.org/deeplinks/2026/05/victory-end-end-encrypted-rcs-comes-apple-and-android-chats ‘Blue Bubbles’—Apple Says iPhone Messaging Is Still ‘Best’ https://www.forbes.com/sites/zakdoffman/2026/05/26/blue-bubbles-apple-says-iphone-messaging-is-still-best/ End-to-end encrypted RCS messaging begins rolling out today in beta https://www.apple.com/newsroom/2026/05/end-to-end-encrypted-rcs-messaging-begins-rolling-out-today-in-beta/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Apple Finally Fixes One of Texting’s Biggest Security Problems appeared first on Shared Security Podcast.

    15 min
  6. Should AI Have Access to Your Financial Life?

    25 may

    Should AI Have Access to Your Financial Life?

    OpenAI is now allowing some ChatGPT users to connect their bank accounts and financial data directly to the platform. In this episode, we discuss the technology behind the feature, the convenience it promises, and the serious privacy and security questions it raises. From AI-generated budgeting advice to the risks of centralized financial profiling, we examine what happens when conversational AI gains visibility into your spending habits, debts, subscriptions, and financial goals. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** ChatGPT Can Now Connect to Your Bank Account and See All Your Transactions https://gizmodo.com/chatgpt-can-now-connect-to-your-bank-account-and-see-all-your-transactions-2000759306 ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Should AI Have Access to Your Financial Life? appeared first on Shared Security Podcast.

    25 min
  7. Cybersecurity Lessons from the Canvas Data Breach

    18 may

    Cybersecurity Lessons from the Canvas Data Breach

    In this episode we discuss the recent cyber attack targeting Instructure’s widely used learning platform, Canvas, and the major late-breaking development that Instructure reached an “agreement” with the ShinyHunters cybercriminal group after threats to leak large amounts of stolen student and faculty data. Instructure says the stolen data was returned and that attackers provided digital confirmation that the information was destroyed, but the company did not deny making a payment—language that many in cybersecurity interpret as a ransom settlement. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Cyberattack on Canvas system causes chaos for students at thousands of schools https://apnews.com/article/cyberattack-schools-canvas-instructure-shinyhunters-a0d7719689263e6b5f90d0e633391b5b Instructure strikes agreement with hackers after Canvas breach hits Duke, thousands of other schools https://www.dukechronicle.com/article/duke-university-instructure-reaches-agreement-with-canvas-hackers-shinyhunters-cyberattack-leak-down-stolen-data-ransom-20260512 ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Cybersecurity Lessons from the Canvas Data Breach appeared first on Shared Security Podcast.

    17 min
  8. Passwords Are Still Failing Us (World Password Day 2026)

    11 may

    Passwords Are Still Failing Us (World Password Day 2026)

    World Password Day was on May 7th—but are we actually getting better at password security? In this episode, we discuss why compromised credentials are still behind the majority of breaches in 2026. From password reuse and phishing to infostealer malware and MFA bypass techniques, attackers are finding it easier than ever to log in instead of hack in. We also talk about whether passkeys can finally shift the landscape—and what organizations should be doing right now to reduce risk. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Password Statistics 2026 – Trends, Facts & Data Insights https://www.privateproxyguide.com/password-statistics/ World Password Day 2026: Attackers simply log in https://www.organisator.ch/en/operational-excellence/2026-04-30/world-password-day-2026-angreifer-loggen-sich-einfach-ein/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Passwords Are Still Failing Us (World Password Day 2026) appeared first on Shared Security Podcast.

    22 min
Ver todo (566)

Acerca de

Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Tackett break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.

Información

  • Creador
    Tom Eston, Scott Wright, Kevin Tackett
  • Años de actividad
    2009 - 2026
  • Episodios
    566
  • Clasificación
    Apto
  • Copyright
    © 2026
  • Mostrar sitio web
    Shared Security Podcast

También te podría interesar