Legitimate Cybersecurity Podcasts

LegitimateCybersecurity
  • 5.0 (2)
  • Technology
  • Updated Weekly

Legitimate Cybersecurity Podcast - designed to empower you with real-world cybersecurity information, stories, and advice.

  1. 6d ago

    AI-Built Apps Are Leaking Private Company Data

    Researchers just found thousands of AI-built apps leaking medical records, financial data, and customer PII straight to the open internet. The scary part isn't that AI writes code — it's that it writes code just well enough that nobody asks questions. Frank Downs and Dustin Brewer break down the hidden cost of vibe coding: insecure-by-default software shipped to production, AI tools replacing the junior developers who'd grow into the people who fix it, and AI quietly wired into services you never consented to — including a dentist's chair that records every cleaning and sends it to an insurance-linked system. AI learned security from us. And we were never good at it. 🎙️ Listen: https://legitimatecybersecurity.podbean.com/ 📩 Media/interview: admin@legitimatecybersecurity.com Hosted by Frank Downs and Dustin Brewer. Chapters: 00:00 The code works — that's the problem 01:24 "Do you consider yourself a coder?" 03:15 What AI actually learned to copy (us) 04:58 Vibe-coded tools running in production 05:19 3,380 exposed apps, 5,000 data leaks 07:56 Who fixes it when the cyber team finds holes? 08:26 The $1.5M QA cut that cost $6M 09:35 AI talking to AI: nobody reads the code 15:21 "Your password is God" — security never changed 16:27 Should AI touch the live service? 17:48 The dentist chair that records everything 21:00 Where the line actually is (help desk vs. prod) 24:20 AI monitoring employees & the gold-standard trap 28:23 Always-on "streaming AI" is 5 years out 29:25 The coming AI caste system 30:34 Adversaries already use it (the Lego propaganda) 33:14 We're about to lose every junior analyst 40:15 The Twitter "efficiency" parallel 41:35 Keep on cybering #vibecoding #cybersecurity #aisecurity #dataprivacy #shadowit #infosec #aitools #privacy #devsecops #surveillance

    43 min

  2. May 26

    AI Pioneer Warns: AI Wants Your Private Files

    AI companies are running out of easy data — and the next target may be your private files, calendars, medical records, photos, and desktop activity. AI pioneer Dr. Jonathan Schaeffer joins Frank Downs and Dustin Brewer to explain why today’s AI tools are powerful, flawed, and increasingly hungry for personal data. In this episode of Legitimate Cybersecurity, Frank and Dustin talk with Dr. Jonathan Schaeffer, University of Alberta Professor Emeritus, AI pioneer, AAAI Fellow, entrepreneur, and founder of Synsara. They discuss why today’s chatbot boom is not the AI future many researchers imagined, why “hallucination” is the wrong word for AI errors, how AI companies depend on more and more data, and why desktop AI tools may create a new privacy boundary problem. The conversation also covers AI bias, manipulation, private data, local AI, regulation, data centers, environmental costs, and why solving AI’s safety and privacy problems should matter before the race to AGI gets even faster. Dr. Schaeffer’s key warning is that current AI systems do not understand the consequences of their answers, yet people increasingly treat them like trusted authorities. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 — AI’s privacy problem is getting bigger 01:27 — Jonathan Schaeffer’s AI origin story 03:29 — Beating humans at checkers before Deep Blue 05:48 — Why modern AI feels like the wrong future 07:50 — Why “hallucination” is the wrong word 09:01 — How “chat” created false trust 10:32 — AI does not understand consequences 13:52 — Why AI companies are desperate for data 15:12 — Your private files are the real gold mine 16:32 — The hidden cost of “free” AI tools 20:44 — AI wants access to your desktop 22:50 — The safety, security, and privacy problem 24:05 — The AGI race is moving faster than safeguards 27:07 — Why Jonathan built private local AI tools 30:59 — The security risk nobody talks about 32:31 — Why AI systems need audits 34:21 — When AI answers become manipulation 39:13 — Influence, rage content, and algorithmic persuasion 42:21 — Why AI regulation cannot keep up 46:05 — Canada’s failed attempt to regulate AI 50:40 — Is it already too late? 55:16 — What polar exploration teaches us about AI risk 59:39 — Data centers, power, water, and responsibility 1:03:18 — Jonathan’s life advice: fun beats money #ArtificialIntelligence #AIPrivacy #Cybersecurity #DataPrivacy #ChatGPT #AISafety #Privacy #TechPolicy #LegitimateCybersecurity #Synsara

    1h 5m

  3. May 18

    Your Ex May Still Have Access to Your Phone

    Your ex may still have access to your accounts, your phone, or your private life — even after you changed your password. This episode explains how cyberstalking hides inside logged-in devices, shared biometrics, old account access, and security questions people close to you already know. On this episode of Legitimate Cybersecurity, hosts Frank Downs and Dr. Dustin Brewer break down real cyberstalking cases involving toxic exes, stolen images, account impersonation, hidden device access, and the overlooked settings that keep people exposed. Most people think the danger is “getting hacked.” But in toxic relationships, the real danger is often simpler: someone close to you already had the key. Frank and Dustin explain: Why changing your password may not log someone out How old devices can stay connected to your accounts Why shared phones, laptops, and biometrics create risk How security questions can be abused by people who know you What warning signs suggest someone may be monitoring you Where to get professional help if this is happening to you This episode is part of our cyber safety series for people dealing with toxic relationships, stalking, harassment, and digital abuse. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 — Your Ex, Walmart, or the State Agency Problem 00:51 — Why Cyberstalking Is Now Everyday Life 01:27 — Case 1: She Changed Her Password, But He Stayed Logged In 03:39 — Why “Logged-In Devices” Are So Hard to Read 05:20 — Don’t Share Accounts in Relationships 07:28 — The Netflix / Hotel TV Problem 08:20 — Why Access Tokens Keep People Logged In 10:21 — Marriott, Hotel TVs, and Automatic Logouts 11:41 — Case 2: Private Images Posted for 14 Years 13:36 — The Law Slowly Caught Up 14:41 — Photos, Trust, and Digital Leverage 16:32 — Treat Your Phone Like a Toothbrush 17:43 — Red Flags: When They Know Things They Shouldn’t 20:20 — Case 3: He Added His Thumbprint to Her Phone 22:28 — Why Biometrics Can Become Relationship Risk 23:31 — Used Phones, Forensics, and Hidden Data 28:27 — Don’t Let Someone Else Use Your AI Either 30:49 — Security Questions Are Broken 32:08 — Personal Cyber Hygiene Checklist 34:18 — One Year of Legitimate Cybersecurity 34:53 — Where to Get Real Help 35:46 — Keep on Cyberin’ #cyberstalking #cybersafety #digitalsafety #toxicrelationships #onlineprivacy #phonesecurity #cybersecurity #domesticabuseawareness #dataprivacy #legitimatecybersecurity

    36 min

  4. May 8

    A $29 Tracker Could Be Following You Right Now

    One could be hidden in your car, purse, luggage, or jacket — and it may cost less than dinner. Bluetooth trackers were built to find lost keys, but they can also turn nearby phones into a surveillance network. In this episode of Legitimate Cybersecurity, hosts Frank Downs and Dr. Dustin Brewer break down how AirTags, Tile trackers, Samsung SmartTags, Find My-compatible devices, and other Bluetooth beacons can be abused for stalking, theft, and surveillance. They explain why these devices do not “call home” like GPS trackers, how nearby phones quietly report their location, why some safety alerts can fail, and what to do if you suspect someone is tracking you. This episode also covers real-world cases involving hidden trackers, vehicle sweeps, modded AirTags, stalkerware, smart clothing, and the broader problem of everyday devices becoming personal surveillance infrastructure. If you think you may be in danger, contact professionals who can help: National Domestic Violence Hotline: 1-800-799-7233 Coalition Against Stalkerware: StopStalkerware.org Operation Safe Escape: SafeEscape.org Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 0:00 — A $29 tracker could be on you 0:46 — Why Bluetooth trackers changed personal safety 2:55 — How AirTags actually track location 5:18 — Why abusers use trackers instead of GPS 7:18 — AirTags, Find My, and Apple’s safety alerts 10:04 — Tile trackers and the limits of smaller networks 11:38 — Samsung SmartTags and smart home tracking 13:07 — Modded trackers and the speaker loophole 14:31 — The ethics of tiny surveillance devices 18:48 — Cars, phones, and surveillance double standards 22:33 — Real cases where trackers led to violence 24:27 — Pattern-of-life tracking in the real world 26:48 — Flipper Zero, Bluetooth footprints, and NFC risks 33:12 — What to do if you think you’re being tracked 34:00 — Where to search your car for hidden trackers 35:37 — Behavioral signs someone may be monitoring you 37:23 — Smart clothing and Bluetooth tracking risks 39:41 — Resources for stalking and domestic violence help 41:09 — Final thoughts #cybersecurity #airtag #BluetoothTracking #digitalprivacy #Stalkerware #personalsafety #surveillance #smartdevices #legitimatecybersecurity

    42 min

  5. May 4

    An Aquarium Hacked A Casino. Your House Is Next

    Gloria Globman — CTO of Acclaimed Technical Services, former Senior Cyber Advisor at the US Embassy in Tokyo, US Navy veteran, and Presidential Rank Award recipient — joins Frank Downs and Dustin Brewer to translate what's really happening on your home network. Every smart device is a tiny computer with a camera, a microphone, and an internet connection, constantly talking to its manufacturer, the cloud, and other devices on your Wi-Fi. Many of them will never be patched again. Some of the manufacturers don't even exist anymore. In this episode we cover why mid-sized companies keep underfunding security until it's too late, how AI tools like Mythos and Zealot are compressing the patch window to almost nothing, why the upcoming TP-Link ban probably won't save you, and the simple home-router moves that actually do. If you've ever brought a personal phone onto the work Wi-Fi, set up a smart camera you've stopped thinking about, or assumed "the cloud" means it's somebody else's problem — this one is for you. 🎙 Listen to the audio version: https://legitimatecybersecurity.podbean.com/ 📩 Media / interview requests: admin@legitimatecybersecurity.com 👥 Hosts: Frank Downs and Dustin Brewer 🎤 Guest: Gloria Globman, CTO, Acclaimed Technical Services Chapters: 00:00 The IoT problem nobody locks down 00:36 Meet Gloria Globman — Tokyo, the IC, and 20 years of cyber 02:10 Your smart devices are unlocked front doors 03:51 Cognitive offloading: convenience until it isn't 04:42 The aquarium that hacked a casino (MGM) 05:17 Are IoT devices just printers 2.0? 06:14 When personal phones meet corporate Wi-Fi 08:35 Work moved home — security posture didn't 09:19 Mid-sized companies and the 15–20% rule 10:16 Why "not sexy" budgets keep getting cut 11:24 Highest-impact moves: zero trust, segmentation, encryption 12:16 Patch, patch, patch — and why AI changed the timer 12:39 Mythos vs. Zealot: orchestrated AI attacks 16:09 Microsegmentation for your actual house 17:39 Why companies embrace BYOD anyway 18:48 Why VDI never quite won 22:18 Risk transference dysmorphia: "it's the cloud's problem" 22:53 Botnets, dead routers, and the FBI cleanup 23:24 Goodbye TP-Link — security move or theater? 26:25 What the average person should actually do tonight 28:21 Password managers, quantum, and MFA 29:44 Gloria's one piece of life advice #cybersecurity #iotsecurity #smarthome #zerotrust #byod #HomeNetworkSecurity #infosec #dataprivacy #patchtuesday #legitimatecybersecurity

    31 min

  6. Apr 27

    AI Is Now Faking Loved Ones and Setting Prices

    AI is no longer just answering prompts — it is imitating dead relatives, profiling shoppers, and helping companies decide what people pay. That matters because the same hidden data systems behind convenience can reshape grief, prices, privacy, work, and trust without clear consent. In this episode of Legitimate Cybersecurity, Frank Downs and Dr. Dustin Brewer break down a disturbing wave of AI and surveillance stories: AI avatars of deceased loved ones, Maryland’s move against surveillance pricing, Washington’s restrictions around public access to ALPR data, Virginia’s precise geolocation data ban, deepfake CEO scams, remote hiring impersonation, and employee webcam monitoring. The big question: When AI can imitate people, price you individually, and watch you at work, what does consent even mean anymore? Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 — AI avatars of dead loved ones 01:19 — Grief, deception, and consent 02:48 — When an AI “person” is not really a person 04:00 — Frank’s Afghanistan story and withheld grief 07:14 — The problem with resurrecting people through AI 09:16 — AI ghosts, Benjamin Franklin, and Disney presidents 10:58 — Maryland moves against surveillance pricing 12:37 — When dynamic pricing becomes predatory 14:38 — Market pricing vs. personal profiling 15:35 — Washington limits access to ALPR data 18:10 — Virginia bans precise geolocation data sales 21:30 — Location data, pricing, and individual targeting 22:56 — Deepfake CEO scams and wire-transfer fraud 24:17 — The “three-finger test” for deepfakes 26:04 — Remote hiring scams and AI impersonation 28:23 — Laptop farms, proxies, and scam infrastructure 29:56 — Employee webcam and microphone monitoring 34:30 — Final thoughts: stay dressed at work #ai #cybersecurity #privacy #surveillance #dataprivacy #Deepfakes #geolocation #SurveillancePricing #remotework #legitimatecybersecurity

    34 min

  7. Apr 18

    Can AI Agents Actually Hack Systems?

    A new AI is being framed as a tool that can find zero-days fast and even “hack its way out” of containment. If that claim is real, defenders, developers, and everyday users are about to feel the consequences. On this episode of Legitimate Cybersecurity, hosts Frank Downs and Dustin Brewer are joined by Jason Casey, CEO of Beyond Identity, to break down the panic around Anthropic’s “Mythos” discussion, what AI can actually do for offense and defense, and where the marketing may be outrunning the real-world risk. They dig into whether this is a true cybersecurity turning point, or the latest example of the industry turning fear into momentum. They also explore how AI is already reshaping blue team work, governance, detection, and security operations. Plus: hacked smart vacuums, trackable e-ink nails, wearable surveillance, and why convenience keeps creating new attack surfaces nobody asked for. Media/interview: admin@legitimatecybersecurity.com Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 The new AI panic begins 00:59 What “Mythos” is supposed to do 02:17 Is this a real threat or brilliant marketing? 07:12 Will this change security budgets and priorities? 10:11 Why cybersecurity leaders amplify moments like this 13:58 How AI actually helps blue teams 21:49 Rules, patterns, and better AI detection 23:59 The idea of an AI “security factory” 31:50 Beyond Identity’s new governance layer 35:30 Hacked vacuums, smart nails, and wearable tracking 45:00 Final takeaways #legitimatecybersecurity #artificialintelligence #cybersecurity #anthropic #claude #aisecurity #zerodayjay #blueteam

    46 min

  8. Apr 10

    Why Is LinkedIn Spying on Your Browser?

    A new lawsuit alleges LinkedIn may have been collecting data from inside users’ browsers in ways most people never expected. If that is true, this is not just normal tracking. It is a much more invasive look into how websites can profile you behind the scenes. In this episode of Legitimate Cybersecurity, Frank Downs and Dustin Brewer break down the class-action allegations against LinkedIn, explain browser extension detection in plain English, and talk about why so many people are fed up with paying for platforms that still treat their identity like a product. They also walk through what this kind of tracking could reveal about you, why regulation keeps falling behind, and what everyday users can do right now to limit exposure online. 📩 Media/interview: admin@legitimatecybersecurity.com 🎧 Audio: https://legitimatecybersecurity.podbean.com/ Chapters: 00:00 LinkedIn is spying on you? 00:37 What this new lawsuit actually alleges 01:34 Why this one feels different 03:32 Why people are so fed up with LinkedIn 06:04 What websites can already learn about you 08:23 How browser extension detection works 10:13 Why this feels so invasive 14:51 What you can do to protect yourself 18:11 Browser vs app: which gives companies more access? 20:46 Consent, ethics, and hidden tracking 26:56 Will regulation ever catch up? 28:15 Final thoughts #linkedin #privacy #BrowserTracking #cybersecurity #dataprivacy #onlinetracking #surveillance #digitalprivacy #technews #legitimatecybersecurity

    29 min
See All (55)

Ratings & Reviews

5
out of 5
2 Ratings

About

Legitimate Cybersecurity Podcast - designed to empower you with real-world cybersecurity information, stories, and advice.

Information

  • Creator
    LegitimateCybersecurity
  • Years Active
    2025 - 2026
  • Episodes
    55
  • Rating
    Explicit
  • Copyright
    © Copyright 2025 All rights reserved.
  • Show Website
    Legitimate Cybersecurity Podcasts

You Might Also Like