Couverture de Shared Security Podcast

Shared Security Podcast

Shared Security Podcast

De : Tom Eston Scott Wright Kevin Tackett
Écouter gratuitement

Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Tackett break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.2026 Politique et gouvernement
Épisodes
  • Signal Phishing and Russian Intelligence Targeting Messaging Apps
    Jul 13 2026
    Russian intelligence services are targeting Signal, WhatsApp, and Telegram users — not by breaking encryption, but by stealing accounts through phishing, QR code tricks, linked-device abuse, and backup recovery key theft. Tom and Kevin break down the FBI warning, the $10 million Rewards for Justice bounty, and the practical security lesson for anyone relying on encrypted messaging: your app can be secure while your account, endpoint, or recovery path is still the weak link.They also discuss why QR-code phishing and linked-device abuse can bypass what users expect from encrypted messaging, why endpoint and account recovery hygiene matter as much as encrypted transport, what to do when "support" asks for recovery keys or codes, and Tom's personal career update joining Secure Ideas as Executive Director of Consulting.Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com.** Links mentioned on the show **FBI IC3 PSA — Russian Intelligence Services Continue to Target Commercial Messaging Applications https://www.ic3.gov/PSA/2026/PSA260626The Hacker News — FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.htmlInfosecurity Magazine — FBI Sounds Alarm Over Russian Intelligence Signal Phishing https://www.infosecurity-magazine.com/news/fbi-alarm-russian-intelligence/Rewards for Justice — UNC5792 https://rewardsforjustice.net/rewards/unc5792/SecurityWeek — US Offers $10 Million Bounty for Russian State Hackers as Messaging App Attacks Evolve https://www.securityweek.com/us-offers-10-million-bounty-for-russian-state-hackers-as-messaging-app-attacks-evolve/** Watch this episode on YouTube **https://youtu.be/fxFfY_e_MOI** Become a Shared Security Supporter **Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join** Thank you to our sponsors! **SLNTVisit https://slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code "sharedsecurity".** Subscribe and follow the podcast **Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcastFollow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.socialFollow us on Mastodon: https://infosec.exchange/@sharedsecurityJoin us on Reddit: https://www.reddit.com/r/SharedSecurityShow/Visit our website: https://sharedsecurity.netSubscribe on your favorite podcast app: https://sharedsecurity.net/subscribeSign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribeLeave us a rating and review: https://ratethispodcast.com/sharedsecurityContact us: https://sharedsecurity.net/contact
    Afficher plus Afficher moins
    16 min
  • The Supreme Court Just Put Limits on Geofence Warrants
    Jul 6 2026
    The Supreme Court says constitutional privacy protections can apply to cellphone location history and geofence warrant data. Tom Eston and Scott Wright discuss the privacy implications of geofence warrants — requests that can sweep up information about many people near a location, not just a named suspect — and why this ruling matters for anyone carrying a smartphone.They also connect the ruling to broader location privacy risks, including app permissions, weather apps, ad networks, data brokers, and the privacy dashboards offered by Google and other major platforms. The episode closes with practical advice: review location permissions, avoid “always on” access unless truly needed, delete old location history where appropriate, and understand how location data fits into your personal threat model.** Links mentioned on the show **AP News: Supreme Court / Okello Chatrie geofence warrant coveragehttps://apnews.com/article/supreme-court-okello-chatrie-geofence-warrants-a3adee8a3fd32b8ea1b42eb72cbcc35fEFF: Victory! Supreme Court Says the Constitution Protects People’s Location Datahttps://www.eff.org/deeplinks/2026/06/victory-supreme-court-says-constitution-protects-peoples-location-dataCyberScoop: Supreme Court geofence warrant rulinghttps://cyberscoop.com/supreme-court-geofence-warrant-ruling-phone-privacy-chatrie/New York Times: Supreme Court geofence warrant / cellphone location coveragehttps://www.nytimes.com/2026/06/29/us/politics/supreme-court-geofence-warrant-cell-phones.htmlPrevious Shared Security: Google Geofence Warrantshttps://sharedsecurity.net/2020/03/25/click-armor-demo-podcast-survey-results-google-geofence-warrants/Previous Shared Security: Top 3 Location Tracking Apps: Do They Sell Your Data?https://sharedsecurity.net/2022/03/21/top-3-location-tracking-apps-do-they-sell-your-data/** Watch this episode on YouTube **https://youtu.be/jCtdE72ymII** Become a Shared Security Supporter **Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join** Thank you to our sponsors! **SLNTVisit slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code "sharedsecurity".** Subscribe and follow the podcast **Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcastFollow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.socialFollow us on Mastodon: https://infosec.exchange/@sharedsecurityJoin us on Reddit: https://www.reddit.com/r/SharedSecurityShow/Visit our website: https://sharedsecurity.netSubscribe on your favorite podcast app: https://sharedsecurity.net/subscribeSign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribeLeave us a rating and review: https://ratethispodcast.com/sharedsecurityContact us: https://sharedsecurity.net/contact
    Afficher plus Afficher moins
    15 min
  • Jay Beale on Kubernetes, DEF CON, and AI Attack Paths
    Jun 29 2026

    This week on Shared Security, Tom and Kevin sit down with Jay Beale — founder of InGuardians, long-time Black Hat trainer, creator/contributor behind Kubernetes security training, and part of the team behind the DEF CON Kubernetes CTF. Jay shares stories from decades of offensive security work, including the time Tom hired him for a physical penetration test and Jay somehow ended up inside a call center instead of stuck in the lobby. The crew also digs into what makes good security training, why Kubernetes is such a natural platform for both defenders and attackers to understand deeply, and how the DEF CON Kubernetes CTF is designed to be welcoming for both competitors and learners. The episode closes with a practical look at AI infrastructure risk. Jay explains how production AI stacks running on Kubernetes can be attacked like any other cluster — and how modifying a vector database behind a RAG system can turn indirect prompt injection into a persistent, high-impact attack path.

    ** Links mentioned on the show **

    Jay's Black Hat USA Course: Agentic AI-aided Kubernetes Attack and Defense
    https://blackhat.com/us-26/training/schedule/index.html?day=4daysattue#agentic-ai-aided-kubernetes-attack-and-defense-51318

    Jay Beale on LinkedIn
    https://www.linkedin.com/in/jaybeale/

    InGuardians
    https://www.inguardians.com/

    DEF CON
    https://defcon.org/


    ** Watch this episode on YouTube **

    https://youtu.be/aMHk62dprDA

    ** Become a Shared Security Supporter **

    Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join

    ** Thank you to our sponsors! **

    SLNT

    Visit slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code "sharedsecurity".


    ** Subscribe and follow the podcast **

    Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast
    Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social
    Follow us on Mastodon: https://infosec.exchange/@sharedsecurity
    Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/
    Visit our website: https://sharedsecurity.net
    Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
    Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe
    Leave us a rating and review: https://ratethispodcast.com/sharedsecurity
    Contact us: https://sharedsecurity.net/contact

    Afficher plus Afficher moins
    38 min
adbl_web_anon_alc_button_suppression_t1
Aucun commentaire pour le moment