The Shared Security Podcast Episode 57 – Dropbox and Yahoo Breach, IoT DDoS, LinkedIn Endorsements

This is the 57th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded October 5, 2016. Below are the show notes, commentary, links to articles and news mentioned in the podcast:

Hackers Stole Account Details for Over 60 Million Dropbox Users
Have a Dropbox account? Change your password immediately!

Yahoo: The Largest Password Breach in History (and what you should do about it if you use Yahoo services)
This is another breach that happened years ago but we’re just now finding out about it. This breach in particular is the largest ever, 500 million users! Scott and Tom discuss the ramifications of this breach and what you need to do if you use Yahoo services. Also interesting to note that Yahoo was just purchased by Verizon. It will be interesting to see how this acquisition plays out given the recent breach and negative publicity.

Record-breaking DDoS reportedly delivered by >145k hacked cameras
The largest DDoS (Distributed Denial of Service) attack has also taken place! (many firsts and record breaking security news this time around). Scott and Tom discuss who was targeted and how thousands of hacked camera’s were used in the attack.

Hackers can track your keystrokes through your Wi-Fi signal
While this headline may seem scary, Scott and Tom discuss why this new threat may not be such a threat after all (at least not right now).

L0phtCrack 7 Shows Windows Passwords Easier to Crack Now Than 20 Years Ago
Password cracking programs like L0phtCrack have not evolved much over the last 20 years because unfortunately not much has changed with password security (especially with Windows systems).

Those chip and PIN cards aren’t as secure as we thought
Chip and PIN is here in the USA! Is it secure? Like anything, everything is hackable. Scott and Tom discuss some new research that was presented at the DEF CON hacking conference that sheds new light on some interesting ways to compromise Chip and PIN. (You can read that as: it’s possible but difficult to pull off).

Fun with LinkedIn Endorsements (a lesson on client side security)
Want to have fun with your LinkedIn contacts? Here’s a great story about how you can abuse LinkedIn’s “endorsement” feature. (for fun of course!)

Please send any show feedback to feedback [aT] or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening!

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Free Facebook Privacy & Security Guide!

Recently updated with the latest 2019 Facebook updates, our Facebook Privacy & Security Guide walks you through a baseline of privacy and security settings on Facebook so you can limit as much personal information as possible while still being social. In this guide you'll learn about:

  • 5 tips for using any social network
  • How to control your default privacy, timeline and tagging
  • Location and ad tracking settings
  • What information you should limit in your Facebook profile
  • How to configure two-factor authentication

You'll also receive our email newsletter with show updates, email subscriber only contests, sponsor discounts, and more! (We promise not to SPAM and you can unsubscribe at any time!)