Podcasts

Is there a right to hack voice assistants like Google Home? The Electronic Frontier Foundation thinks so. (Image courtesy of Google.)

Episode 84: Free Alexa! Cory Doctorow on jailbreaking Voice Assistants and hacking diversity with Rapid7’s Corey Thomas

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast (#84): The 1990s era Digital Millennium Copyright Act made it a crime to subvert copy protections in software and hardware.  We speak with Cory Doctorow of the Electronic Frontier Foundation about his group’s efforts to win an exemption from that law for voice assistants like the Amazon Echo and Google Home. Also: February is Black History Month in the United States. We interview Corey Thomas, the Chief Executive Officer of the firm Rapid 7 about what it means to be a black man in the information security industry and about his path to the field.

The Winter Olympic Games at PyeongChang South Korea have been targeted by hackers. But who is doing it, and why? (Image courtesy of International Olympic Committee.)

Episode 83: Who is hacking the Olympics? Octoly’s Influencer Breach and Google plays HTTPS Hardball

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast (#83): McAfee Chief Scientist Raj Samani talks to us about that company’s research into a string of targeted attacks on the organizers of the 2018 Winter Olympics in PyeongChang, South Korea. Also: information on 12,000 YouTube stars, Instagram power users and other online influencers was leaked online by the French firm Octoly. We interview Chris Vickery of UpGuard, who found the data trove. And: Google says it will start playing tough with web sites that haven’t made the cutover to secure HTTP come July. Jeremy Rowley of the firm DigiCert* joins us to talk about what that will mean for web sites that haven’t kicked the HTTP habit.

Autosploit simply combines two, existing hacking tools. But it does make hacking the IoT easier for low skill "script kiddies" says Brian Knopf of the firm Neustar.

Episode 82: the skinny on the Autosploit IoT hacking tool and a GDPR update from the front lines

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s episode of The Security Ledger Podcast (#82), we take a look at Autosploit, the new Internet of Things attack tool that was published on the open source code repository Github last week. Brian Knopf of the firm Neustar joins us to talk about what the new tool might mean for attacks on Internet of Things endpoints in 2018. Also: the go-live date for the EU General Data Protection Regulation is just months away, but many firms are still unaware that the regulation even exists. We’ll hear two reports from the front lines of GDPR, first from Sam Peifle of the International Association of Privacy Professionals and then by Shane Nolan of IDA, the Irish Development Authority.

The insides of a Revolar device, one of three tested by DUO Security, which found wide discrepancies in the security of the personal safety wearables. (Image courtesy of DUO Security.)

Episode 81: Hacking IoT with Physics, Poor Grades for Safety Wearables and Peak Ransomware

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report. 

In this week's podcast, we talk with three different experts about APT (advanced persistent threat) actors in Russia, North Korea and the Middle East. (Image courtesy of US Dept. of Defense)

Episode 80: APT Three Ways

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast, Episode – number 80 – we look at Advanced Persistent Threat (or APT) actors three ways with three different experts offering their take on the world’s most sophisticated hacking groups in Russia, North Korea and the Middle East.