The Shared Security Show

Nov 23 2020 22 mins 4.9k

Hosted by cybersecurity and privacy professionals Tom Eston and Scott Wright, Shared Security is a weekly show that explores the trust you put in people and technology. We bring you news, tips, advice, and interviews with cybersecurity and privacy experts to help you live more secure and private in our connected world.





















































































































































































































































The Shared Security Podcast 42 – Car Theft, Risky Apps, Facebook Security Checkup
Jul 14 2015 31 mins  
Podcast Update: The new website for the Shared Security Podcast will hopefully be live for the next episode! We hope you enjoy the new topics and format! This is the 42nd episode of the Shared Security Podcast sponsored by the Streetwise Security Zone. This episode was hosted by Tom Eston and Scott Wright recorded June 3, 2015. Below are the show notes, links to articles and news mentioned in the podcast: * Marauder’s Map plugin for Chrome allows geolocation of messenger communications for friends or people in a message thread * Facebook check-up feature being tested which is a new tool that might help users understand and select privacy settings that make sense to them * How social networks make it easy for adopted children to find their birth parents, not always with desirable or expected results. The focus is on a young girl who grew up believing her birth mother was like a Disney princess, and understandably wanted to connect with her. This story shows it isn’t always a good decision, and highlights the need for honesty with young adopted children regarding their past. * Risky mobile apps that parents need to know about. * How new smart key fobs are making it easy for thieves to break into cars with a $17 gadget you can buy online. Some people are starting to put their key fobs in the freezer to shield them from the radio signals used by thieves. Please send any show feedback to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Thanks for listening!

Social Media Security Podcast 41 – Podcast Updates, Internet of Things, TV Privacy
May 15 2015 42 mins  
This is the 41st episode of the Social Media Security Podcast sponsored by the Streetwise Security Zone. This episode was hosted by Tom Eston and Scott Wright recorded April 29, 2015. Below are the show notes, links to articles and news mentioned in the podcast: Important Podcast Update! While we haven’t finalized the details we’re hoping to rename the podcast as “Shared Security”. We have been discussing the fact that the privacy and security topics we’ve been covering are really spreading to more than just social media. Now, we see the important stories as being ones that relate to who and what we trust as connected individuals and businesses. So, we’ve decided that it might be time to rename the podcast to be more inclusive of important security stories beyond just social media, and we’ve decided on a new name for the program… “Shared Security” We think Shared Security brings to mind not only social media, but mobile technology, cloud technology, and as I’m sure you’ve heard by now, The Internet of Things (IoT). So our new podcast, Shared Security, will try to bring you timely stories, news and tips for living securely in a connected world. The name also brings to mind the fact that we will increasingly need to share our thoughts on what the risks are and how to deal with them. You can expect the same level of insight and practical guidance, just on a broader scope. We haven’t yet figured out how we will officially change the program name people see on iTunes or the feed for RSS. So for the moment, the feed and official title will be the same…Social Media Security. However, with this episode we’re going to try to cover a broader range of stories, when appropriate. Stay tuned for additional rebranding changes as we roll them out. As always, we’d like to hear your thoughts! Scott and Tom * Recent Facebook and Instagram vulnerabilities * Security for the Internet of Things will get really, really bad before it gets good * Samsung TV’s are listening to you * Trend Micro and Ponemon released a study on personal information, privacy and the connected world. * In this report, they mention that Gartner predicts 25 billion connected devices by 2020 – I think that’s a low estimate- The report breaks down the value of certain types of personal information to attackers, like your health condition (for an American it’s $82.90 per record) * Discussion about The 2015 Verizon Data Breach Incident Report * Commentary on the risks from Internet of Things Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Don’t forget to subscribe to the podcast in iTunes,


Social Media Security Podcast 39 – Snapcash, Yik Yak, LinkedIn Security and Privacy Tips
Dec 12 2014 33 mins  
This is the 39th episode of the Social Media Security Podcast sponsored by SecureState and the Streetwise Security Zone. This episode was hosted by Tom Eston, Scott Wright recorded December 12, 2014. Below are the show notes, links to articles and news mentioned in the podcast: * “Snapcash” has been announced by the creators of Snapchat. Can Snapchat gain enough consumer confidence to break into the payments field? * Yik Yak is a social app for browsing anonymous chats in your locale and it’s gaining popularity with teens and causing some problems for schools. * Yik Yak is also not as private or anonymous as you think as a new security vulnerability was just disclosed! * How to opt out of Twitter’s new app tracking feature * Facebook’s updated Privacy Policy? Not much new, but policies have been reworded to be somewhat less onerous to read * Facebook At Work – Will it work? * Scott and Tom share our opinions on the big Sony Pictures security breach * Scott shares some best practices on how to secure your LinkedIn account. Tom shares some good tips to make your LinkedIn account more private. Here are a few of the tips we discussed: * 1) Turn on HTTPS for all sessions: – Check the “Secure Connections” box in the security settings page 2) Turn on Two-Step Verification – The security settings page will tell you whether or not two-step verification is already set up – You can turn it on, and provide a mobile phone where SMS messages will be sent Both are accessible by doing the following while logged in to your LinkedIn account on the Web: a) Hover the mouse cursor over your profile picture b) Click on the Account tab in the bottom left of the page c) Click on “Manage Security Settings” Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Don’t forget to subscribe to the podcast in iTunes, follow us on Twitter and like us on Facebook. Thanks for listening!  



Social Media Security Podcast 37 – Special Guest Kevin Johnson (@Secureideas), Managing Your Digital Footprint
Oct 02 2014 59 mins  
This is the 37th episode of the Social Media Security Podcast sponsored by SecureState and the Streetwise Security Zone. This episode was hosted by Tom Eston, Scott Wright and special guest Kevin Johnson recorded September 19th 2014. Below are the show notes, links to articles and news mentioned in the podcast: Special Topic! Managing Your Digital Footprint (thanks to Chris John Riley for the idea!) * Personal objectives for using social media * Types of footprints you might have (likes, comments, photos, tags, etc.) * Ways you can be exposed, and how to find them (Google search, Facebook search, Linkedin Search, etc.) * Ways to manage exposure going forward * This site has a good, short set of tips to review: http://krishnade.com/digital-footprint/ LinkedIn address book guessing… http://omnifeed.com/article/www.komonews.com/news/local/LinkedIn-flaw-helps-hackers-discover-email-addresses-275537041.html The LinkedIn LION – Are You Exposing Yourself to the Hyenas? https://www.linkedin.com/today/post/article/20140812143638-171396975-the-linkedin-lion-are-you-exposing-yourself-to-the-hyenas Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Don’t forget to subscribe to the podcast in iTunes, follow us on Twitter and like us on Facebook. Thanks for listening!



Social Media Security Podcast 34 – Facebook Privacy, LinkedIn Scammers, Naughty Employees
Jul 01 2014 36 mins  
This is the 34th episode of the Social Media Security Podcast sponsored by SecureState and the Streetwise Security Zone. This episode was hosted by Tom Eston and Scott Wright recorded June 18th 2014. Below are the show notes, links to articles and news mentioned in the podcast: * Facebook Switches Default Setting to Private to Prevent Oversharing * Facebook Fights Malware With Free Security Software * Facebook Microphone Update To Store Data: Social Media Giant Confirms New Feature Will Aggregate Information * Facebook responds to this privacy issue * How to “Hack” Someone’s “Private” Friends List on Facebook to See All of Their Friends * 6 tips on how to avoid Linkedin Scammers * Some HP Employees Were Busted For This Hilariously Awful Attack Against Competitor, Splunk * Bruce Schneier posted a link to this article about how ISIS in Iraq is using their free mobile app to mass tweet on behalf of individual users, without triggering spam blocks. * Tom talked about SecureState’s free phishing awareness tool called “King Phisher”. This tool can be used to conduct your own phishing awareness campaigns. Check out the webinar and download the tool. Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Don’t forget to subscribe to the podcast in iTunes, follow us on Twitter and like us on Facebook. Thanks for listening!




Social Media Security Podcast 30 – The Password Episode
Sep 25 2012 41 mins  
This is the 30th episode of the Social Media Security Podcast sponsored by SecureState. This episode was hosted by Tom Eston and Scott Wright. In this episode we talk about the password problem and why we continue to choose easy to guess passwords. Tom and Scott also talk about ways to select more secure passwords and how technology can help. Below are the show notes, links to articles and news mentioned in the podcast: The password Episode! It’s episode 30! * Study shows hackers more focused on passwords than those who create them Major password breaches in the last few months: * Formspring (420,000) * LinkedIn (6 million) * eHarmony (1.5 million) * Last.fm (2.5 million) * Blizzard Battle.net Brute force attacks on passwords is the #1 way we break into companies during pentests! Want to see the poor passwords people choose? SkullSecurity has very good lists from previous breaches. Looking for more information? Tom wrote a white paper on how easy it is to profile user passwords on social networks. The password problem. Users continue to make poor password choices. Why? * Too many to remember? * It’s easier to use the same password for each site * Also the same user id and email * Failures in user awareness? * Users are not provided the technology to help * Social networks and other sites make it easy to choose weak passwords, little adoption of two factor authentication because users will complain * Mobile apps are not designed to constantly enter passwords. This is why you “stay logged in”. Worse case scenario? * Mat Honan’s “Epic” Hacking What is the solution? * It’s tough but we need to stop blaming the companies that hold our data…take personal responsibility and educate yourself! * It’s also complex to figure out a solution. * Technology can help: KeePass, 1Password, LastPass, Google Two-Step Verification (application specific passwords), Facebook Two Factor Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. You can also









Social Media Security Podcast 22 – Skype Email, Taxonomy of Socnet Data, Facebook Graph API
Jan 27 2011 37 mins  
This is the 22nd episode of the Social Media Security Podcast recorded January 21, 2011. This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: * Skype credit email as an apology – a new trend we can expect in 2011 from good guys and bad guys. Screen shot mentioned in the podcast. Scott’s note: I searched for posts about this email before clicking on it, and it was actually legitimate. However, this would be a very compelling phishing attack for any organization that recently suffered a PR setback. Any time you get an unexpected email, even if it looks like the circumstances make sense, you need to check on its authenticity. And any organization issuing such an Email should also post an announcement of the campaign on their home page, and issue a press release to make it easy for people to verify the legitimacy of the email. * Bruce Schneier’s taxonomy of social network personal data * Facebook now tells you about people you know who have found friends using their Friend Finder Scott’s note: I always tell people never to enter their email address and password on sites that aren’t their email service. You don’t know what they will do with your password, or if it might be captured. It also exposes your friends to potentially unwanted email messages – e.g. spam. * Facebook Lets Developers Ask a User for Their Address, Phone Number in the Graph API * Twitter Worm Pushing Rogue Antivirus Scam Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. You can also subscribe to the podcast in iTunes and follow us on Twitter. Thanks for listening!




Social Media Security Podcast 19 – New Changes to Facebook, Social Media Risk Survey, LinkedIn Scams
Nov 01 2010 39 mins  
This is the 19th episode of the Social Media Security Podcast recorded October 8, 2010. This episode was hosted by Tom Eston and Scott Wright. Below are the show notes, links to articles and news mentioned in the podcast: * Social Media Security Awareness Month – at SecureState! Two new white paper’s released: Security Gaps in Social Media Websites for Children Open Door to Attackers Aiming To Prey On Children by Scott White. Profiling User Passwords on Social Networks by Tom Eston * SocialScan service and social media consulting available. * Panda Security Publishes Findings from First Annual Social Media Risk Index for SMBs * Survey: Fear of data loss, security risks via social media sites on the upswing * Facebook Competitor Diaspora Hit With Security Criticisms * New changes to Facebook. What you need to know: * New groups (tag people just like places). Ability to download all of your data to a zip file. Dashboard for more granular control of applications. New one time password feature and session controls * Facebook Groups: Privacy Blunder or Twitter Replacement? * Don’t Get Duped by LinkedIn Spam Scam Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. You can also subscribe to the podcast in iTunes and follow us on Twitter. Thanks for listening!





















No review available yet...