Podcast: Play in new window | Download (Duration: 48:59 — 89.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger podcast, sponsored by our friends at CyberArk, we talk about the German government’s recent decision to declare kids smart watches “surveillance devices” and to order their destruction. Also: Adrian Shabaz of Freedom House comes in to talk to us about the latest Internet Freedom report, which finds that governments are increasingly manipulating online content to shape online discussions and even the outcome of elections at home and abroad. And finally: leaked credentials in a GitHub repository may have been behind Uber’s loss of information on some 50 million customers. In a preview of a Security Ledger spotlight podcast, we hear from Elizabeth Lawler of CyberArk about the proliferation of so-called “Dev Ops secrets” and how companies need to do a better managing the permissions assigned to applications.
In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers.
In-brief: Russia, China and North Korea are increasingly willing to use offensive cyber operations to weaken their enemies, including the United States, according to a report by the firm Flashpoint, which released its Business Risk Index report on Tuesday.
In-brief: security experts are warning about the threat posed by third-party applications that tap into prominent social media platforms like Twitter after accounts belonging to media organizations and prominent personalities were hacked and hijacked to display messages accusing Dutch and German officials of Nazi sympathies.
In-brief: the apparent leak of data on owners of CloudPets connected stuffed animals underscores lax security and privacy practices that are common among connected products firms. (Updated with comment from Troy Hunt. PFR 2/28/2017.)