Naked Security Sophos

In this episode: we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and (oh no!) find the source of mysterious beeping from every computer in the office.

With Kimberly Truong, Doug Aamoth and Paul Ducklin

***

Creepy covert camera “feature” found in popular smartwatch for kids https://nakedsecurity.sophos.com/creepy-covert-camera-feature-found

Microsoft on the counter­attack! Trickbot malware network takes a hit https://nakedsecurity.sophos.com/microsoft-on-the-counterattack-trickbot

Windows' "Ping of Death" bug revealed https://nakedsecurity.sophos.com/windows-ping-of-death-bug

***

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Join us for the first episode in our brand new Series 3! This week we wonder whether Cybersecurity Awareness Month is a waste of time, explain the concept of "linkless phishing", ask if it's ever OK to pay a ransomware demand, and advise what to do when the CEO won't stop looking at naughty sites.

With Paul Ducklin, Kimberly Truong and Doug Aamoth

Tips for National Cybersecurity Awareness Month https://nakedsecurity.sophos.com/if-you-connect-it-protect-it

Phishing without links https://nakedsecurity.sophos.com/serious-security-phishing-without-links

REvil ransomware crew dangles $1M cybercrime carrot https://nakedsecurity.sophos.com/revil-ransomware-crew-dangles-1000000-cybercrime-carrot

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Get ready. A brand new season arrives Thursday, October 8th. 

END OF SERIES SPECIAL: This week Mark shares why Pablo Escobar’s brother is suing Apple for $2.6b, Greg talks about a malicious ‘Octopus Scanner’ targeting developers on Github and Duck discusses the “Sign in with Apple” account takeover flaw.

Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and Greg Iddon.

Related articles:
Github uncovers malicious ‘Octopus Scanner’ targeting developers https://nakedsecurity.sophos.com/2020/06/01/github-uncovers-malicious-scanner-targeting-developers/
No password required! “Sign in with Apple” account takeover flaw patched https://nakedsecurity.sophos.com/2020/06/01/no-password-required-sign-in-with-apple-account-takeover-flaw-patched/
Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw https://nakedsecurity.sophos.com/2020/05/28/pablo-escobars-brother-sues-apple-for-2-6b-over-facetime-flaw/

This week Peter shares how Ragnar Locker ransomware deploys a virtual machine to dodge security, Mark discusses the latest in the Apple v FBI saga and Duck talks "MagicPairing."

Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Peter Mackenzie.

Listen now!

Related articles:
Signal secure messaging can now identify you without a phone number https://nakedsecurity.sophos.com/2020/05/22/signal-secure-messaging-can-now-identify-you-without-a-phone-number/
Apple and Google launch COVID-19 contact tracing API https://nakedsecurity.sophos.com/2020/05/22/apple-and-google-launch-covid-19-contact-tracing-api/
VIDEO: What is the dark web? https://www.youtube.com/watch?v=9F3rz7GfPys&t=52s
Ragnar Locker ransomware deploys virtual machine to dodge security https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/
FBI finally unlock shooter’s iPhones, Apple berated for not helping https://nakedsecurity.sophos.com/2020/05/20/fbi-finally-unlock-shooters-iphones-berate-apple-for-not-helping/
Apple “MagicPairing” for AirPods – the magic isn’t perfect yet https://nakedsecurity.sophos.com/2020/05/19/apple-magicpairing-for-airpods-the-magic-isnt-perfect-yet/

This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now.

Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon.

Related articles:
Beware the DHL delivery message email – it could be a package scam
https://nakedsecurity.sophos.com/2020/05/13/beware-the-dhl-delivery-message-email-it-could-be-a-package-scam/
Microsoft joins encrypted DNS club with Windows 10 option
https://nakedsecurity.sophos.com/2020/05/15/microsoft-joins-encrypted-dns-club-with-windows-10-option/
Criminal forum trading stolen data suffers ironic data breach
https://nakedsecurity.sophos.com/2020/05/13/criminal-forum-trading-stolen-data-suffers-ironic-data-breach/
Woman stalked by sandwich server via her COVID-19 contact tracing info https://nakedsecurity.sophos.com/2020/05/14/woman-stalked-by-sandwich-server-via-her-covid-19-contact-tracing-info/
PrintDemon – patch this ancient Windows printer bug!
https://nakedsecurity.sophos.com/2020/05/14/printdemon-patch-this-ancient-windows-printer-bug/
Top 10 most exploited vulnerabilities list released by FBI, DHS CISA https://nakedsecurity.sophos.com/2020/05/15/top-10-most-exploited-vulnerabilities-list-released-by-fbi-dhs-cisa/