386 episodes

We take an expert look at the latest cybersecurity incidents, how they happened, and why. Tune in weekly to learn what you can do to stop bad things from happening to you!

Got questions/suggestions/stories to share?
Email: tips@sophos.com
Twitter: @NakedSecurity
Instagram: @NakedSecurity

Naked Security Sophos

    • Technology
    • 4.7 • 54 Ratings

We take an expert look at the latest cybersecurity incidents, how they happened, and why. Tune in weekly to learn what you can do to stop bad things from happening to you!

Got questions/suggestions/stories to share?
Email: tips@sophos.com
Twitter: @NakedSecurity
Instagram: @NakedSecurity

    S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns

    S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns

    How Firefox showed the hand to a widely abused online tracking trick. Why reading from one part of your computer's memory can paradoxically (and sneakily) let you write to another part. And yet more IoT bugs, this time a whole slew of them that go by the moniker "name:wreck".



    With Kimberly Truong, Doug Aamoth and Paul Ducklin.



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 48 min
    S3 Ep28.5: Hacking back - is attack an acceptable form of defence?

    S3 Ep28.5: Hacking back - is attack an acceptable form of defence?

    Sophos cybersecurity expert Chester Wisniewski provides excellent, topical and timely commentary on the FBI’s recent use of a malware-like method to forcibly clean up hundreds of servers still infected in the Hafnium aftermath.



    With Paul Ducklin and Chester Wisniewski



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 19 min
    S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy

    S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy

    We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web. We wrestle with some of the privacy issues relating to COVID-19 infection tracking apps.



    With Kimberly Truong, Doug Aamoth and Paul Ducklin.



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 48 min
    S3 Ep27: Census scammers, beg bounties and data breach fines

    S3 Ep27: Census scammers, beg bounties and data breach fines

    How scammers copied a government website almost to perfection. What to do about those fake "bug" hunters who ask for payment for finding "vulnerabilities" that aren't. Why the Dutch data protection authority fined Booking.com for not sending in a data breach disclosure fast enough.



    Useful podcasts and videos mentioned in this episode:

    https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac

    https://nakedsecurity.sophos.com/s3-ep8-a-conversation-with-katie-moussouris

    https://nakedsecurity.sophos.com/what-should-you-say-if-you-have-a-data-breach



    With Kimberly Truong, Doug Aamoth and Paul Ducklin.



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 46 min
    S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor

    S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor

    Why Apple had to rush out a security update for iDevices. Two cryptographic security holes patched in OpenSSL. How PHP nearly got backdoored by crooks.



    With Doug Aamoth and Paul Ducklin.



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 37 min
    S3 Ep25: Drained accounts, ransomware attacks and Linux badware

    S3 Ep25: Drained accounts, ransomware attacks and Linux badware

    How a social engineer ripped off a victim lured in by one of those "small outstanding fee to pay" home delivery scams. The ransomware crooks targeting networks that still haven’t done their Hafnium patches. And the Linux kernel security holes that lay there undiscovered for 15 years.

    Related articles that we refer to in the show:
    https://nakedsecurity.sophos.com/beware-the-dhl-delivery-message
    https://nakedsecurity.sophos.com/watch-out-scummy-scammers
    https://nakedsecurity.sophos.com/s3-ep12-a-chat-with-social-engineering-hacker-rachel-tobac
    https://nakedsecurity.sophos.com/blackkingdom-ransomware
    https://nakedsecurity.sophos.com/serious-security-webshells-explained
    https://nakedsecurity.sophos.com/naked-security-live-hafnium-explained
    https://nakedsecurity.sophos.com/serious-security-the-linux-kernel-bugs



    With Kimberly Truong, Doug Aamoth and Paul Ducklin.



    Original music by Edith Mudge



    Got questions/suggestions/stories to share?

    Email tips@sophos.com

    Twitter @NakedSecurity

    Instagram @NakedSecurity

    • 47 min

Customer Reviews

4.7 out of 5
54 Ratings

54 Ratings

Sm@rt speller ,

5 Star Review

Love the show. Actually can be done in less than 30 seconds.

Craig_S_92 ,

Informative and Fun

I’ve subscribed to many IT and security podcasts and find many too long and dry to keep me engaged. The Naked Security podcast content has always been on point and the hosts are always entertaining. It’s one of the few I listen to as soon as it’s published.

TheFinalWolf ,

Good Security (and general) Podcast

This is a fun podcast to keep tabs on some interesting security news.

I do have a request though: I would love to hear much more from Doug and Kim.
I’m not trying to be mean, but Paul seems to sort of take over too much. I enjoy various facts and technical jargon, but I’ve found myself muttering ‘let them speak’ much too often.

Top Podcasts In Technology

Listeners Also Subscribed To