Sophos Podcasts

What do ransomware blackmailers ask for when they don't want money? Why did Firefox get two updates in three days? How did Adafruit get hoist by the petard of shadow IT? And what's with those dirty Linux pipes? https://nakedsecurity.sophos.com/ransomware-with-a-difference https://nakedsecurity.sophos.com/firefox-patches-two-in-the-wild-exploits https://nakedsecurity.sophos.com/adafruit-suffers-github-data-breach https://nakedsecurity.sophos.com/dirty-pipe-linux-kernel-bug https://events.sophos.com/cyberinsurance With Paul Ducklin and Chester Wisniewski. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

How good is Apple's AirTag stalker detection? Why are web coders still making Y2K-like blunders? And how many Instagram scams can you get in one weekend? https://nakedsecurity.sophos.com/apple-airtag-anti-stalking https://nakedsecurity.sophos.com/did-we-learn-nothing-from-y2k https://nakedsecurity.sophos.com/instagram-scammers-as-busy-as-ever With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

VM escapes could put your host servers at risk. PHP fixes an input validation bug in input validation code. A WordPress plugin maker shows you how to write a decent security report. And French scammers remind us that sextortion is sadly still a thing. https://nakedsecurity.sophos.com/vmware-fixes-holes https://nakedsecurity.sophos.com/irony-alert-php-fixes-security-flaw https://nakedsecurity.sophos.com/wordpress-backup-plugin-maker-updraft-says-you-should-update https://nakedsecurity.sophos.com/french-cybercriminals-using-sextortion-scams With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Alleged Bitcoin fraudsters busted, power company in trillion-dollar payout blunder, how a blizzard led to a telecomms revolution, and 0-day after 0-day after 0-day. https://nakedsecurity.sophos.com/self-styled-crocodile-of-wall-street-arrested https://nakedsecurity.sophos.com/power-company-pays-out-3-trillion-compensation https://nakedsecurity.sophos.com/apple-zero-day-drama-for-macs-iphones-and-ipads https://nakedsecurity.sophos.com/adobe-fixes-zero-day-exploit-in-e-commerce-code https://nakedsecurity.sophos.com/google-announces-zero-day-in-chrome-browser With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Problems with plugins. A Wormhole wormhole. Can machines think? Microsoft has a change of heart. And then another one. Why screen cleaning cloths are cool. https://nakedsecurity.sophos.com/elementor-wordpress-plugin-has-a-gaping-security-hole https://nakedsecurity.sophos.com/wormhole-cryptotrading-company-turns-over-340000000-to-criminals https://nakedsecurity.sophos.com/microsoft-blocks-web-installation-of-its-own-app-installer-files https://nakedsecurity.sophos.com/at-last-office-macros-from-the-internet-to-be-blocked-by-default With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Stealing root on Linux. Snooping on RAM with a video driver bug. Apple patches a zero-day hole. SMS scams promise home PCR machines. German court freaks out over fonts. How to be private. And a paint robot that went wild. https://nakedsecurity.sophos.com/pwnkit-security-bug-gets-you-root https://nakedsecurity.sophos.com/linux-kernel-patches-performance-can-be-harmful-bug https://nakedsecurity.sophos.com/apple-patches-safari-data-leak https://nakedsecurity.sophos.com/coronavirus-sms-scam-offers-home-pcr https://nakedsecurity.sophos.com/website-operator-fined-for-using-google-fonts https://nakedsecurity.sophos.com/happy-data-privacy-day With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Watch out for tax scams. Crooks with the motto "In Fraud We Trust". How not to write a data breach notification. Where to find the "10" key on your telephone. https://nakedsecurity.sophos.com/tax-scam-emails-are-alive-and-well-as-us-tax-season-starts https://nakedsecurity.sophos.com/alleged-carder-gang-mastermind-and-three-acolytes-under-arrest-in-russia https://nakedsecurity.sophos.com/cryptocoin-broker-crypto-com-says-2fa-bypass-led-to-35m-theft With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Russia busts Revil. Romance scammer sent to prison. Wormable Windows hole patched. Memories of the HAPPY99 virus. Linux disk encryption trouble. Apple browsers leak personal data. And how (not) to paint a computer. https://nakedsecurity.sophos.com/revil-ransomware-crew-allegedly-busted https://nakedsecurity.sophos.com/romance-scammer-who-targeted-670-women https://nakedsecurity.sophos.com/wormable-windows-http-hole https://nakedsecurity.sophos.com/serious-security-linux-full-disk-encryption-bug https://nakedsecurity.sophos.com/serious-security-apple-safari-leaks-private-data With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

A JavaScript coder sabotages his own projects. Routers with critical holes. Honda cars party like it's 2002. The FTC warns everyone to patch. And a Log4Shell-like bug in another Java library. https://nakedsecurity.sophos.com/javascript-developer-destroys-own-projects https://nakedsecurity.sophos.com/home-routers-with-netusb-support https://nakedsecurity.sophos.com/honda-cars-in-flashback-to-2002 https://nakedsecurity.sophos.com/ftc-threatens-legal-action https://nakedsecurity.sophos.com/log4shell-like-security-hole With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Log4Shell - the gift that keeps on taking. Scammers threatening your social media accounts. Apple Home has a pecuu[...]uuliar bug. And why 2FA is easier than you think. https://nakedsecurity.sophos.com/sfw-the-top-n-cybersecurity-stories https://nakedsecurity.sophos.com/log4shell-vulnerability-number-four https://nakedsecurity.sophos.com/log4shell-the-movie https://nakedsecurity.sophos.com/instagram-copyright-infringment-scams https://nakedsecurity.sophos.com/apple-home-software-bug With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Understanding Log4Shell. Fixing Log4Shell. What criminals are up to with Log4Shell. Apple's latest security fixes. And what (not to) do when your mouse gets stuck. https://nakedsecurity.sophos.com/log4shell-explained https://nakedsecurity.sophos.com/log4shell-java-vulnerability https://news.sophos.com/log4shell-hell-anatomy-of-an-exploit https://nakedsecurity.sophos.com/apple-security-updates-are-out With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Mozilla's "BigSig" buffer overflow hole. UK to put IoT vendors on notice. The Mother of All Demos. Cryptocurrency company catastrophe. Firefox gets an extra sandbox. And an access point from outer space (OK, from home). https://nakedsecurity.sophos.com/mozilla-patches-exploitable-bigsig https://nakedsecurity.sophos.com/iot-devices-must-protect-consumers https://nakedsecurity.sophos.com/cryptocurrency-startup-fails-to-subtract https://nakedsecurity.sophos.com/firefox-update-brings-a-whole-new With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Call scammers and cryptocoin treachery. Cloud insecurity and yet more cryptocoin treachery. Facial recognition creepiness. And the wannabe wizard that went to school with a trainee Sith. https://nakedsecurity.sophos.com/us-government-securities-watchdog-spoofed https://nakedsecurity.sophos.com/cloud-security-dont-wait-until-your-next-bill https://nakedsecurity.sophos.com/controversial-face-matchers-clearview-set-to-be-fined With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Cybersecurity tips for the holiday season and beyond. Exchange at risk from public exploit. GoDaddy loses passwords for 1.2m users. Longest-lived Windows version ever. Don't make your cookies public. And the day that umbrellas became an anti-DDoS tool. https://nakedsecurity.sophos.com/black-friday-and-cyber-monday-heres-what https://nakedsecurity.sophos.com/check-your-patches-public-exploit-now-out https://nakedsecurity.sophos.com/godaddy-admits-to-password-breach-check https://nakedsecurity.sophos.com/github-cookie-leakage-thousands-of-firefox-cookie-files With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

The infamous Emotet malware makes a comeback. Crooks smirk at the world with a fake FBI warning. Why tubes are also valves. Samba fixes an intriguing bug. The suitcase that needs no handle. And a virtual-versus-real monitor mixup. https://nakedsecurity.sophos.com/emotet-malware-the-report-of-my-death https://nakedsecurity.sophos.com/dhs-warning-about-hackers-in-your-network https://nakedsecurity.sophos.com/samba-update-patches-plaintext-passwork-plundering https://nakedsecurity.sophos.com/the-self-driving-smart-suitcase With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

We enjoy the Sophos 2022 Threat Report. The world's {oldest, coolest} continously maintained browser. Facebook folds up its Face Recognition feature. Crooks combine a new social engineering scam with a new way of packaging malware. Kaseya ransomware suspect busted. And how to block radio communications in a land with no hills. https://nakedsecurity.sophos.com/2022-threat-report https://nakedsecurity.sophos.com/customer-complaint-email-scam https://nakedsecurity.sophos.com/kaseya-ransomware-suspect-nabbed-in-poland https://nakedsecurity.sophos.com/facebook-to-throw-out-face-recognition With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Norbert (huzzah for Norbert!) does tech support. Europol digs into the ransomware scene. Microsoft finds a wacky bug in Apple's shell. The Morris worm turns 33. Edge on Linux phans the phlames. Ola! Gibberish peculiarity textual solvage. https://nakedsecurity.sophos.com/europol-announce-targeting-of-12-suspects https://nakedsecurity.sophos.com/microsoft-documents-shrootless-hack https://nakedsecurity.sophos.com/memories-of-the-internet-worm https://nakedsecurity.sophos.com/microsoft-edge-finally-arrives-on-linux With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Bliss is a hill in wine country. Lessons from a cryptotrading hamster. Ransomware gang hacked back. Docusign phishers go after 2FA codes. Sleep mode considered harmful. https://nakedsecurity.sophos.com/revil-ransomware-gang-allegedly-forced-offline https://nakedsecurity.sophos.com/banking-scam-uses-docusign-phish https://nakedsecurity.sophos.com/to-the-moon-cryptocurrency-hamster-mr-goxx With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got something to share? Email tips@sophos.com

Special minisode! Michelle Farenci knows her stuff, because she's a cybersecurity practitioner inside a cybersecurity company. Learn why thinking like an attacker makes you a better defender. Full transcript: https://nakedsecurity.sophos.com/listen-up-4-cybersecurity-first-purple-teaming

Special minisode! Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance. Full transcript: https://nakedsecurity.sophos.com/becybersmart-2021-cyberinsurance