Shared Security Podcast
Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Tackett break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.
Episodes
In this episode, Tom Eston discusses the unique challenges in the current cybersecurity job market, emphasizing the importance of networking. Tom provides practical tips on how to enhance networking skills, such as attending conferences, volunteering for open source projects, creating a blog, and seeking mentors. He also addresses misconceptions about the job shortage in cybersecurity and encourages listeners to start building thei...
Join us in the midst of the holiday shopping season as we discuss a growing privacy problem: tracking pixels embedded in marketing emails. According to Proton’s latest Spam Watch 2025 report, nearly 80% of promotional emails now contain trackers that report back your email activity. We discuss how these trackers work, why they become more aggressive during the holidays, the data being collected by marketers, and how you can p...
In this episode we discuss the rising challenge of AI-generated videos, including deepfakes and synthetic clips that can deceive even a skeptical viewer. Once the gold standard of proof, video content is now increasingly manipulated through advanced AI tools like Sora 2 and Google’s Nano Banana, making it harder to separate reality from fiction. Tom and Scott discuss the differences between malicious deepfakes and poorly-made...
In this special episode of the Shared Security Podcast, host Tom Eston reunites with former co-host and experienced fractional CISO, Chris Clymer. They reminisce about their early podcasting days and discuss the evolving role of a Chief Information Security Officer (CISO). The conversation covers the responsibilities, challenges, and skills required to be a successful CISO, including technical and soft skills, business acumen, and ...
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the details, Anthropic’s response, and the broader impact on AI in c...
In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright, and Kevin Johnson as they explore the changes, the continuity, and the significance of the update for application security. Learn about the importance of getting involved with the release candidate to provide feedback and suggestions. The conversation touches on the history of the OWASP Top 10, its release cycle, the evolution ...
The future of home robotics is here — and it’s a little awkward. Meet the NEO 1X humanoid robot, designed to help with chores but raising huge cybersecurity and privacy questions. We discuss what it can actually do, the risks of having an always-connected humanoid in your home, and why it’s definitely not the “Robot Rosie” we were promised.
** Links mentioned on the show **
NEO launched by 1X: What to know about the humanoid robot ...
In this episode, we explore OpenAI’s groundbreaking release GPT Atlas, the AI-powered browser that remembers your activities and acts on your behalf. Discover its features, implications for enterprise security, and the risks it poses to privacy. Join hosts Tom Eston and Scott Wright as they discuss everything from the browser’s memory function to vulnerabilities like indirect prompt injection. Stay informed on how AI br...
In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure’s automatic failover capabilities.
** Links mentioned on the show **
An AWS failure took dow...
OpenAI’s Sora 2 is here — and it’s not just another AI toy. This episode explores how Sora 2 works, how users can insert almost anything into generated content, and why that’s raising alarms about privacy, identity, and copyright. We walk you through the initial opt-out copyright controversy, the backlash from studios and creators, and how OpenAI is scrambling to offer more control. Tune in to understand what rights you might lose ...
In this episode, we discuss the surge of age verification laws spreading across the US, including the recent implementation in Ohio. These laws intend to shield children but come at a significant cost to privacy and cybersecurity. We’ll explore how third-party ID verification companies operate, the risks associated with these systems, and the broader definition of adult content beyond pornography. We also question the effecti...
Phishing simulations have been a cornerstone of security awareness training for years. But do they actually change user behavior, or are they just creating frustration and fatigue? In this episode, Tom Eston and Scott Wright (CEO of ClickArmor) debate whether simulated phishing attacks are still valuable in 2025. We cover the benefits, challenges, and how phishing programs might evolve — or even be replaced — in the future.
** Link...
Episode 400! In this special milestone edition of the Shared Security Podcast, we look back at 16 years of conversations on security, privacy, and technology. From our very first episodes in 2009 to today’s AI-driven threats, we cover the topics that defined each era, the surprises along the way, and the lessons that still matter. Plus, we share listener favorites, memorable moments, and predictions for the future of security and p...
Join the Shared Security Podcast for a critical discussion about situational awareness with special guest, Andy Murphy, host of the Secure Family Podcast. In a world where mass shootings and violence in public places are alarming realities, staying alert to your surroundings has never been more important. Andy shares his expertise on personal and family safety, providing practical tips for recognizing unusual behavior, planning for...
In this “best of” episode of the Shared Security Podcast, we revisit a discussion from September 2020 that’s just as relevant today as it was then. First, we cover how ransomware attacks forced several school districts—including Hartford, CT and Toledo, OH—to delay or shut down classes on the very first day of school. Then we dive into Google Chrome’s new (at the time) update designed to block resource-heavy ads, making browsing fa...
In this episode, we discuss a recent significant cyber attack where Palo Alto Networks experienced a data breach through their Salesforce environment due to a compromised SalesLoft drift integration. Throughout the discussion, we highlight why Salesforce, a crucial CRM platform for many businesses, is becoming a prime target for supply chain attackers. The hosts discuss how the breach happened, its implications, and what organizati...
In this episode, we discuss if the convenience of modern technology compromises our privacy. Inspired by a thought-provoking Reddit post, we explore how everyday actions like saving passwords, enabling location tracking, and using cloud backups put our personal data at risk. Learn about the trade-offs between convenience and privacy, and get tips on using privacy-focused tools and making informed choices. Join the conversation in t...
Public Wi-Fi has a bad reputation — but in 2025, the “you’ll get hacked instantly” fear is largely outdated. In this episode, Tom and Kevin dig into real research and modern protections that make most public Wi-Fi connections reasonably safe. We’ll explore why HTTPS, device security, and updated standards have drastically reduced the risks, what threats still exist, and when you might
In this episode we’re discussing the alarming breach of the Tea app, a platform intended for women to share dating experiences. The hack resulted in the exposure of over 13,000 government ID photos, 72,000 user images, and over a million private messages due to poor security practices. We’ll discuss the role of sloppy coding, an exposed database, and the lack of security discipline that led to this massive leak. Join us...
In this episode, we discuss a rising scam involving random smishing text messages. Learn how these messages work, why they’re effective, and what you can do to protect yourself. Discover the dangers of replying to vague text messages from unknown numbers and get practical tips on how to block and report spam texts. Stay safe by not engaging with these scams and using built-in filters and reporting options on your mobile devic...
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Football’s funniest family duo — Jason Kelce of the Philadelphia Eagles and Travis Kelce of the Kansas City Chiefs — team up to provide next-level access to life in the league as it unfolds. The two brothers and Super Bowl champions drop weekly insights about the weekly slate of games and share their INSIDE perspectives on trending NFL news and sports headlines. They also endlessly rag on each other as brothers do, chat the latest in pop culture and welcome some very popular and well-known friends to chat with them. Check out new episodes every Wednesday. Follow New Heights on the Wondery App, YouTube or wherever you get your podcasts. You can listen to new episodes early and ad-free, and get exclusive content on Wondery+. Join Wondery+ in the Wondery App, Apple Podcasts or Spotify. And join our new membership for a unique fan experience by going to the New Heights YouTube channel now!
Listen to 'The Bobby Bones Show' by downloading the daily full replay.