Naked Security

What's the connection between coronavirus facemasks and fingerprint biometrics? Who would have expected funky job ads on the White House website? And what would you do if you ran into a deceased former colleague on your network?

With Kimberly Truong, Doug Aamoth and Paul Ducklin

Original music by Edith Mudge

***

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Apple pushed out an iOS update in a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted. And Europol reported on a successful takedown operation against the notorious Emotet malware...

We delve into Google's tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain.

With Kimberly Truong, Doug Aamoth and Paul Ducklin

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

In this special mini-episode, Paul Ducklin talks to Sophos cybersecurity expert Chester Wisniewski about bug bounty hunting.

How does bug bounty hunting work? What should you do if you get a bug report that doesn't follow established protocol? Chester tells you how to deal with so-called "beg bounties", where self-styled "experts" beg you for money or even threaten you with ill-defined "problems" they claim to have found.

https://news.sophos...

How a bug hunter snuck into the internal networks of 35 megacorporations. Why romance scams are going stronger than ever (and how to avoid them). What to do about those tempting but treacherous "tax refund" messages. And a listener tells us how he got a bit carried away while he was gardening.....

The graphics card that wants you to stick to playing games, the man that didn't weigh 100 tons after all, and the marketing gang that used a browser bug to bombard iPhone users with scammy online surveys.

With Kimberly Truong, Doug Aamoth and Paul Ducklin

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

How to stop security-conscious apps from allowing unencrypted data to escape, and how scammers put social network users under pressure in order to steal their passwords.

With Doug Aamoth and Paul Ducklin

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

Getting to grips with the HAFNIUM gang/vulnerabilities/exploits/webshells/attacks. Why it's important to think before you share those home-based selfies. What you need to know about social engineering. How (not!) to prove a point when you're a programmer.

With Kimberly Truong and Paul Ducklin

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos...

John Noble was Director of Incident Management at the UK's National Cyber Security Centre (NCSC) until his retirement in 2018. During his 40 years of Government service, John specialised in operational delivery and strategic business change. For his work in creating effective partnerships in the run up to the London Olympics, he was made a Commander of the British Empire (CBE) in 2012.

John helped to establish the NCSC and led the response to nearly 800 significant cyberincidents...

We discuss an iPhone app that allowed anyone to snoop on anyone's calls - but not in the way you might expect. We investigate a data breach where 150,000 surveillance cameras protecting hundreds or thousands of customers were apparently "secured" by a single password... that got leaked onto the internet. And we urge you as keenly as we can: "Don't spread hoaxes, folkses."

With Kimberly Truong, Doug Aamoth and Paul Ducklin...