Naked Security Sophos

This week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and (oh no!) why your vocabulary needs the word "restore" even more than it needs "backup".

With Kimberly Truong, Doug Aamoth and Paul Ducklin

***

US Department of Justice reignites the Battle to Break Encryption https://nakedsecurity.sophos.com/us-department-of-justice-reignites

Russian “government hackers” charged with cybercrimes by the US https://nakedsecurity.sophos.com/russian-government-hackers-charged

Chrome zero-day in the wild – patch now! https://nakedsecurity.sophos.com/chrome-zero-day-in-the-wild

***

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

In this episode: we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and (oh no!) find the source of mysterious beeping from every computer in the office.

With Kimberly Truong, Doug Aamoth and Paul Ducklin

***

Creepy covert camera “feature” found in popular smartwatch for kids https://nakedsecurity.sophos.com/creepy-covert-camera-feature-found

Microsoft on the counter­attack! Trickbot malware network takes a hit https://nakedsecurity.sophos.com/microsoft-on-the-counterattack-trickbot

Windows' "Ping of Death" bug revealed https://nakedsecurity.sophos.com/windows-ping-of-death-bug

***

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Join us for the first episode in our brand new Series 3! This week we wonder whether Cybersecurity Awareness Month is a waste of time, explain the concept of "linkless phishing", ask if it's ever OK to pay a ransomware demand, and advise what to do when the CEO won't stop looking at naughty sites.

With Paul Ducklin, Kimberly Truong and Doug Aamoth

Tips for National Cybersecurity Awareness Month https://nakedsecurity.sophos.com/if-you-connect-it-protect-it

Phishing without links https://nakedsecurity.sophos.com/serious-security-phishing-without-links

REvil ransomware crew dangles $1M cybercrime carrot https://nakedsecurity.sophos.com/revil-ransomware-crew-dangles-1000000-cybercrime-carrot

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Get ready. A brand new season arrives Thursday, October 8th. 

END OF SERIES SPECIAL: This week Mark shares why Pablo Escobar’s brother is suing Apple for $2.6b, Greg talks about a malicious ‘Octopus Scanner’ targeting developers on Github and Duck discusses the “Sign in with Apple” account takeover flaw.

Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and Greg Iddon.

Related articles:
Github uncovers malicious ‘Octopus Scanner’ targeting developers https://nakedsecurity.sophos.com/2020/06/01/github-uncovers-malicious-scanner-targeting-developers/
No password required! “Sign in with Apple” account takeover flaw patched https://nakedsecurity.sophos.com/2020/06/01/no-password-required-sign-in-with-apple-account-takeover-flaw-patched/
Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw https://nakedsecurity.sophos.com/2020/05/28/pablo-escobars-brother-sues-apple-for-2-6b-over-facetime-flaw/

This week Peter shares how Ragnar Locker ransomware deploys a virtual machine to dodge security, Mark discusses the latest in the Apple v FBI saga and Duck talks "MagicPairing."

Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Peter Mackenzie.

Listen now!

Related articles:
Signal secure messaging can now identify you without a phone number https://nakedsecurity.sophos.com/2020/05/22/signal-secure-messaging-can-now-identify-you-without-a-phone-number/
Apple and Google launch COVID-19 contact tracing API https://nakedsecurity.sophos.com/2020/05/22/apple-and-google-launch-covid-19-contact-tracing-api/
VIDEO: What is the dark web? https://www.youtube.com/watch?v=9F3rz7GfPys&t=52s
Ragnar Locker ransomware deploys virtual machine to dodge security https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/
FBI finally unlock shooter’s iPhones, Apple berated for not helping https://nakedsecurity.sophos.com/2020/05/20/fbi-finally-unlock-shooters-iphones-berate-apple-for-not-helping/
Apple “MagicPairing” for AirPods – the magic isn’t perfect yet https://nakedsecurity.sophos.com/2020/05/19/apple-magicpairing-for-airpods-the-magic-isnt-perfect-yet/