Security News

DOUG. Facebook scams, Log4Shell forever, and tips for a cybersafe summer. DOUG. OK, there you go you and I are in the full swings of summer, and we have some tips for the summertime coming up later in the show.

DOUG. A brief history of Office macros, a Log4Shell style bug, two OpenSSL crypto bugs, and more. DUCK. If you have a Windows network where you can use Group Policy, for example, then as an administrator you can turn this function on to say, "As a company, we just don't want macros off the internet. We're not going to even offer you a button that you can say, Why not? Why not let the macros run?".

Gaming giant SEGA Europe recently discovered that its sensitive data was being stored in an unsecured Amazon Web Services S3 bucket during a cloud-security audit, and it's sharing the story to inspire other organizations to double-check their own systems. The laundry list of SEGA's potentially exposed data is nauseating - API keys, internal messaging systems, cloud systems, user data and more.

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

DUCK. That's worrying, because when I checked my Tor browser version, it didn't have the latest NSS, but it had a more recent one than 1999, so that timestamp may be wrong. DUCK. Yes, of all the browsers that you probably want to avoid having [LAUGHS] exploitable privacy violating holes in.

Oh! No! The wannabe wizard that went to school with a trainee Sith. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

" Cybersecurity tips for the holiday season and beyond. Tech history: What do you mean, "It uses a mouse?" Don't make your cookies public! Oh! No! DDoS attack in progress - unfurl the umbrellas!

Emotet malware: "The report of my death was an exaggeration" FBI email hack spreads fake security alerts Tech history: Why tubes are valves, and valves are tubes. Samba update patches plaintext password plundering The hijackable self-driving robot suitcase Oh! No! A virtual-versus-real monitor mixup.

Crooks combine a new social engineering scam with a new way of packaging malware. Oh! No! How to block radio communications in a land with no hills.

LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.