The Shared Security Podcast Episode 62 – CloudBleed, Wifi Risks, ATM Skimmers

This is the 62nd episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded March 1, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast:

“CloudBleed” what is it and are you affected?
Internet company Cloudflare recently discovered that they were vulnerable to a rather significant memory leak in which “1 in every 3,300,000 HTTP requests through Cloudflare” was potentially exposed.  What this means is that if you were using one of the 3,400 applications that were exposed through the Cloudflare vulnerability, some sensitive information (such as passwords) could have been leaked. On the podcast we discuss that the impact to you is most likely extremely low, however, its a good reminder to periodically change your passwords especially for sites you consider high risk. You can use the search function on this site to see if any applications you use were exposed. This is also a great technical write-up if you’re interested in more details on what happened.

Hackers can access your phone via Wi-Fi – even when it’s not connected
Notorious hacker (and good guy) Jayson E. Street did a good story for a local news station in Boston about how someone could be trying to get your phone or other device to connect to their malicious wifi access point while you travel through airports and other public places. This is something to be aware of while you travel and probably a good idea to just leave your wifi and bluetooth disabled while you’re not using it. Side note: we need to get Jayson on the podcast!

ATM Skimmers in the wild
ATM skimmers are getting more sophisticated and harder to detect.  Our advice is to double check ATM’s and other credit card machines before you use them for anything unusual going on.

Frank Abagnale, world-famous con man, explains why technology won’t stop breaches
Very good read from one of the most famous social engineers in modern history. Frank explains why technology won’t stop breaches and why it really comes down to people and education.

Children’s Voice Messages Leaked in CloudPets Database Breach
Scott discusses a data breach in the “CloudPets” database that someone was able to access. Unfortunately, these types of attacks are becoming more common and are very concerning considering children’s private information is involved.

We made a list!
Looks like the podcast made a list of popular information security podcasts.  Pretty cool!  Check out the list of other great podcasts.

Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening!

Play
Facebooktwittergoogle_plusredditlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *