The Shared Security Show

The Shared Security Show

Hosted by industry professionals Tom Eston, Scott Wright and Kevin Johnson, Shared Security is a weekly cybersecurity and privacy podcast that explores the trust you put in people and technology. We bring you news, tips, advice, and interviews with cybersecurity and privacy experts to help you live more secure and private in our connected world.


February 6, 2023 21 min

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors. Not only that, a new vulnerability in the popular open-source password management software KeePass has also been reported.

Three health tracking apps available on Google Play (Lucky Step, WalkingJoy, Lucky ...

Mark as Played

A hacker discovered a copy of the US No Fly List, which contains the names of people banned from traveling in or out of the US on commercial flights, on an unsecured Jenkins server connected to a commercial airline.

Will AI-powered phishing become a threat for organizations?

Scientists from Carnegie Mellon University have developed a way to sense humans through walls using a deep neural network called DensePose that maps Wi-Fi sign...

Mark as Played

On this week’s episode, We’re excited to bring you a classic conference talk that Tom Eston gave with co-host Kevin Johnson back in 2009 at DEF CON 17 in Las Vegas. The talk is called “Social Zombies: Your Friends Want to Eat Your Brains” and it explores the various risks and concerns related to malware delivery through social networking sites.

We discuss how social networks make money and the privacy and security issues that arise...

Mark as Played

Facebook has been ordered to pay a fine of $414m by EU regulators who ruled that the company had broken EU law by forcing users to accept personalized ads. The ruling could have a major impact on Facebook’s advertising business in the EU, which is one of the company’s largest markets, if it is required to make changes to its advertising practices.

A hacker has claimed to have the personal data of 400 million Twitter users for sale ...

Mark as Played

Things get worse for LastPass as a security breach in November resulted in the theft of customer data, including encrypted password vaults and unencrypted web addresses.

Pig butchering scams, a variation of business email compromise and romance scams, are on the rise. How do they work and what do you need to know to protect yourself?

Okta, a major identity and authentication company, has suffered another security breach following t...

Mark as Played

In this episode host Tom Eston discusses one of the biggest privacy concerns people have today, online tracking by companies and advertisers. Tom will cover the following topics, tips, and new techniques to help you stop being tracked:

Why should we be concerned about online tracking?
How to enable and configure the privacy settings in your web browser
How your smartphone has privacy settings to block online tracking
Using a privac...

Mark as Played
December 26, 2022 26 min

In our last episode of the year, we discuss the year that was 2022. What did we get right? What did we get wrong? And what are our cybersecurity and privacy predictions for 2023?

Thank you to all of our listeners for a great year! We’re looking forward to bringing you more content, news, tips, and advice in 2023!

Happy New Year!

** Links mentioned on the show *

Our previous year in review episodes (have fun with these!)

Mark as Played

Apple is considering giving third-party app stores access to its iPhones and iPads in the European Union (EU) to comply with new competition law. Will the “sideloading” of apps change Apple’s walled garden of security?

Lensa the AI app that creates artistic profile pictures has gone viral. What are the privacy risks and what does their privacy policy and terms of service really say?

A group of four graduate students from Wuhan Univ...

Mark as Played

A chatbot developed by OpenAI, called ChatGPT, has gone viral and is able to mimic human language and speech styles and can interact with users in a conversational way. It can be used for a range of purposes, including writing code, talking like a “Valley girl”, and even podcast introduction scripts.

Attackers broke into a cloud storage service used by password manager LastPass to gain access to “certain elements” of customers’ inf...

Mark as Played

In this sponsored episode co-host Tom Eston discusses SASE (Secure Access Service Edge) and if its more than just the latest cybersecurity buzzword with Carlos Salas from NordLayer. Topics include:

– What is SASE (Secure Access Service Edge)?
– What’s the difference between SASE and SSE (Security Service Edge)?
– What challenges/problems do companies encounter while trying to secure cloud networks?
– Why would companies need a SASE...

Mark as Played

A recent data breach of 5.4 million Twitter users and Meta being fined $265 million dollars from a 2021 data leak, and people are fleeing Twitter because of Elon Musk. Are we finally seeing a tipping point in social media? What is the TikTok “Invisible Challenge” and how links to fake “unfilter” software is being […]

The post Is Social Media at a Tipping Point, The TikTok Invisible Challenge, San Francisco Police Can Use Killer Rob...

Mark as Played

This week we continue our series on how to break into a cybersecurity career with long time industry veteran, Rob Fuller (Mubix). Rob speaks with us about how he started his career in the Marine Corps, his time on Hak5, and more recently earning his Masters degree. Rob also talks about how these experiences has […]

The post How to Break Into a Cybersecurity Career – Rob Fuller (Mubix) appeared first on The Shared Security Show.

Mark as Played

Former Twitter users are migrating en masse to Mastodon so what is Mastodon and what do you need to know about Mastodon from a security and privacy perspective? Twitter was flooded by a wave of imposter accounts after the $8 “verification” label fiasco, and details about the largest multi-state privacy settlement in the US where […]

The post The Rise of Mastodon, Twitter in Trouble, Largest Privacy Settlement in US History appeared...

Mark as Played

Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how he got started, his advice to anyone that wants to pursue a career in DFIR, and […]

The post How to Break Into a Cybersecurity Career – Digital Forensics and Incident Respons...

Mark as Played

Katie Teitler, Senior Cybersecurity Strategist at Axonius and co-host on the popular Enterprise Security Weekly podcast, joins us to discuss the role of cybersecurity in combating midterm election disinformation. We discuss the difference is between misinformation and disinformation, how we can combat disinformation and what are some things about disinformation, private platforms, and free speech […]

The post Cybersecurity’s Role i...

Mark as Played

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. Plus, details on the recent (ISC)2 bylaw vote (why you should vote no) and a discussion about the value of cybersecurity certifications. ** Links […]

The post CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurit...

Mark as Played

Two modified wi-fi enabled drones were found on the top of a financial firm’s building and used to intercept a employee’s credentials, a fun discussion about the best way to physically destroy data on electronics that no longer work, and details about Signal removing SMS support for Android users. ** Links mentioned on the show […]

The post Attack of the Wi-Fi Spy Drones, How to Destroy Your Old Electronics, Signal Removes SMS Supp...

Mark as Played

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […]

The post Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on ...

Mark as Played

A recent survey of ethical hackers by Bishop Fox and SANS shows that once a vulnerability or weakness is found about 58% of ethical hackers can break into an environment in less than five hours, SMS phishing and text message scams appear to be changing tactics taking a more “urgent” tone, and a discussion about […]

The post Hackers Need 5 Hours or Less to Break In, SMS Phishing Tactics, Strange Ways Employees Expose Data appeared f...

Mark as Played

Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in Microsoft PowerPoint to deploy malware, and details on how the 2K Games help desk support platform was compromised to push malware through fake […]

The post What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked appeared first on T...

Mark as Played

Popular Podcasts

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    Around the NFL's "Around the NFL" crew (Gregg Rosenthal, Dan Hanzus and Marc Sessler) break down the latest football news, with a dash of mirth.

    Crime Junkie

    If you can never get enough true crime... Congratulations, you’ve found your people.

    Stuff You Should Know

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks then look no further. Josh and Chuck have you covered.


    It’s a lighthearted nightmare in here, weirdos! Morbid is a true crime, creepy history and all things spooky podcast hosted by an autopsy technician and a hairstylist. Join us for a heavy dose of research with a dash of comedy thrown in for flavor.

Advertise With Us

For You

    Music, radio and podcasts, all free. Listen online or download the iHeart App.


    © 2023 iHeartMedia, Inc.