Microsoft Edge whitelists flash autorun on Facebook, WinRAR vulnerability existed for up to 19 years, and researcher Ken Munro says hackers could easy sink ships at seas on episode 225 of our daily cybersecurity podcast.
Lazarus Group targets Russian companies for the first time, Russian nation-state hackers have quickest breakout time, and a remote code execution flaw existed in WordPress of 6 years on episode 223 of our daily cybersecurity podcast.
Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.
Australia says 'state actor' responsible for Parliament hacks and discloses party hacks, third collection of hacked databases hits the Dark Web, and Google backs off ad-blocker breaking Chrome changes on episode 222 of our daily cybersecurity podcast.
500px announces breach impacting all 14.8 million of it's users, MacOS malware disguised as Windows .exe, and numerous Lenovo Watch X security vulnerabilities detailed on episode 220 of our daily cybersecurity podcast.
Data of up to 100,000 Australians exposed, cyberattack on VFEmail destroys 18 years worth of data, and electric scooter hacked and controlled remotely on episode 219 of our daily cybersecurity podcast.
The arrival of functional quantum computers may be closer than you think. I'm joined by Avesta Hojjati, Head of DigiCert Labs and Brian LaMacchia, Distinguished Engineer and Head of the Security and Cryptography Group at Microsoft Research to talk about coming quantum revolution and what it means for security.
Australian Parliament computer network compromised, new phishing attack using Google Translate, and Apple patches FaceTime bug as well as two zero-days Google says were exploited in the wild on episode 216 of our daily cybersecurity podcast.
MacOS zero-day flaw discovered but researcher won't share with Apple, Google cautions Nest users against poor password practices, and Mozilla Firefox to get site isolation feature on episode 215 of our daily cybersecurity podcast.
RDP vulnerabilities make new reverse RDP attacks possible, new Google Chrome extension warns users of leaked passwords, and OpenOffice and LibreOffice vulnerabilities on episode 214 of our daily cybersecurity podcast.
In this week’s episode of the podcast (#132): in the wake of news of the biggest fine yet for violations of the NERC Critical Infrastructure Protection (CIP) standard, we talk with Willy Lighter and Saurabh Sharma of the firm Virsec about whether the industry’s main security standard even matters in an age of sophisticated, nation-backed...
In this week’s episode (#131): a shareholder lawsuit targeting Yahoo! executives was settled quietly. But it could have big implications for the C-Suite at breached firms. Also: as the US pursues criminal charges against Huawei for corporate espionage, we look at one of the federal government’s most potent tools to stop the transfer of...
New Microsoft Exchange Zero-Day and iPhoneX jailbreak attacks based on known vulnerabilities and a wave of attacks using App Engine Google Cloud Platform to deliver malware on episode 209 of our daily cybersecurity podcast.
Image based malware targeting Mac users through ads, phishing campaign using fake voicemail messages to steal passwords, and banking trojan rotating tactics to evade detection on episode 208 of our daily cybersecurity podcast.
In this week’s episode (#130): we speak with security researcher Troy Hunt, founder of HaveIBeenPwned.com about his latest disclosure: a trove of more than 700 million online account credentials he’s calling “Collection #1.” Also we speak to Martin Hagen of the Norwegian device firm Tailit about how failing a security audit of...
Google fined $57 million by France for GDPR violations, WPML Wordpress Plug-in developer's site hacked by ex-employee, and a Windows Zero-Day gets a micropodcast on episode 206 of our daily cybersecurity podcast.
Twitter bug exposed protected tweets of some Android users, ES File Explorer potentially exposes data of 100 million users, and Microsoft launched Azure DevOps bug bounty program on episode 204 of our daily cybersecurity podcast.
In this week’s podcast: For all the great new gadgets unveiled in Las Vegas, how many can be repaired? Kyle Wiens of iFixit joins us to report from the CES show. Also: more and more our physical surroundings are populated by small, wireless sensors. How secure are they from hacking and manipulation? Not very says our second guest, Roi Mit of...
In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And do security and privacy have a seat at the table at the world's largest electronics event? We sit down with IoT luminary and...