Transatlantic Cable Podcast

In this week's episode Jeff has taken time out to recover from SAS 2019 and David has been joined by David Emm, principle security researcher at Kaspersky Lab.

During the podcast, David and David look at a new report from Bloomberg which reveals that Amazon is using auditors to listen in to Amazon Echo recordings, in order to fine-tune Alexa.

They then look at how a UK government agency forgot to use BCC and accidentally sent sensitive personal information to strangers.  

They also look at how an app, to turn your car into a 'smart-car', wasn't that smart - due to hard-coded passwords inside the app.

Tune in to find out more!

Direct download: tcp_88_final.mp3
Category:technology -- posted at: 8:41am EDT

Today, we closed out the 2019 and 11th installment of the Kaspersky Lab Security Analyst Summit. Day 2 of the conference was more hectic than day one, three separate tracks, trainings and a whole lot of walking to cover the whole event.

So in a sense, you could not simply hit up all of the talks within the way. Well, unless you had one of those time changers like Hermione Granger, but alas. What to do? The best bet, if you ask me is to check out the recap where Jay Rosenberg from GReAT joins Ahmed and me below and share with your friends who may be interested in hearing more. You can also check out #TheSAS2019 on Twitter and see all the sights.

Direct download: tcp_87_final.mp3
Category:technology -- posted at: 7:59am EDT

Today marked the first day of the Kaspersky Lab Security Analyst Summit, or SAS for short. During the course of the day, there was a lot of great research and thought-provoking content shared with the attendees.

In this podcast, Ahmed joins me from Singapore to discuss what we thought of the day and key presentations. Some topics that we will touch upon include information warfare, stalkerware, Gossip Girl and more.

Direct download: tcp_86_final.mp3
Category:technology -- posted at: 8:22am EDT

While many of us enjoyed some spring weather over the course of the past weekend, the fact of the matter is that Winter is Here. Well, not meteorically, but for fans of Game of Thrones, you all know that something big is coming.

For the 85th edition of the Kaspersky Lab Transatlantic Cable podcast, we kick things off looking at the latest victims of the LockerGoga. From there, we jump into the op-ed from Mark Zuckerberg looking to lawmakers to regulate Facebook – yes, you read this right. After Zuck’s take, we look at the recent take downs of hate speech before diving into the issues with Toyota. To wrap things up, we look at the malware targeting the torrents of popular TV shows like Game of Thrones.

Direct download: tcp_85_final.mp3
Category:technology -- posted at: 9:46am EDT

It seems like Facebook unfortunately has made it to the forefront for the 84th edition of the Kaspersky Lab Transatlantic Cable podcast. We kick-off looking at the latest in the saga between Facebook and Cambridge Analytica; according to British lawmakers, Facebook may have known about the data-scraping before previously disclosed. To continue with the bad news for the social media giant, a new report notes that the company had stored user passwords in plaintext internally.

From there, we jump over to a tale of how sensitive data from a spyware company for consumers was finally taken off the net – it was previously able to be seen by anyone on the web. After that tale, we take a look at the latest on ASUS and Operation Shadowhammer that chronicles a recent discovery by Kaspersky Lab researchers. The story on this one will continue when we kick off SAS in early April. To close out the podcast, we look at how a software glitch caused some serious headaches for travelers in the US.

Direct download: tcp_84_final.mp3
Category:technology -- posted at: 11:15am EDT

For this week’s edition of the Kaspersky Lab Transatlantic Cable podcast, Dave and I split our time between sides of the Atlantic.

To start out, we look at the latest news out of Norway on the ransomware infection that struck aluminum producer Hydro. The story still has developments to come, but the latest info is discussed. We stay in Europe to look at a piece of EU legislature that will increase the collaboration of countries when it comes to preparing for European-wide cyberattacks. We then jump over to the shores of America to tackle a tale of Sprint customers who are seeing other people’s data when they log into their accounts. To close out the podcast we jump into the world of scooter sharing and the data that the city of Los Angeles would like shared with them.

Direct download: podz_83_final.mp3
Category:technology -- posted at: 6:37am EDT

An underlying theme of this week’s podcast is cheating. Now this comes across in many ways from cheating the system to theft and online gaming.

We kick off the 82nd edition of the Kaspersky Lab Transatlantic Cable podcast with a pair of stories concerning Facebook. The first speaks in the vein of the Cambridge Analytica scandal where Facebook sued a pair of developers in the Ukraine for creating quizzes that also came with a side of malware. The second story involving the big blue network looks at Mark Zuckerberg’s pledge at increasing privacy for users, only to see the company seem to conflict this with their corporate lobbying. We get off the social network and hop to the Land Down Under where police have nabbed a guy who was selling logins for Spotify, Netflix and Hulu illegally. Following that story, we take a look at the ongoing battle between Respawn Entertainment and cheaters. To close out the week, we look at the business end of things and the current issue with improperly configured corporate Box accounts that have some sensitive files available to the public.

Direct download: podz_82.mp3
Category:technology -- posted at: 11:07am EDT

When we were looking over the stories that we would cover this week, Dave and I noticed that one theme seemed to take the lions’ share of the theme – privacy for kids online. As parents, it was something that made us talk a bit deeper on these subjects.

The 81st edition kicks off looking at the latest with Facebook. Unlike many past weeks, this is not about a privacy snafu, but rather a rumored cryptocurrency coming from the social media giant along with one from Telegram. From there we look at a story that shows a paltry number of computers being upgraded to the latest version of Windows 10. We then head into the parenting stories of the week. First we look at a fine levied on TikTok by the FTC before closing out with a story on YouTube’s comment problems.

Direct download: tcp_81_final.mp3
Category:technology -- posted at: 9:45am EDT

For the 80th edition of the Kaspersky Lab Transatlantic Cable podcast, Dave and I take look at a handful of stories that are sure to whet your appetite for this week’s security news.

First, we start off looking at the fallout from a student who caused some serious harm to his former university. What caused the damage might surprise you – hint: it can fit in the palm of your hand. From there, we look at the low percentage of Americans who take precautions to protect their identities. Following that story, we look at the latest research from Kaspersky Lab that focuses on the threats that face users of adult websites. We close out the week looking at the latest woes for Nike with their connected shoes.

Direct download: tcp-80-final.mp3
Category:technology -- posted at: 10:35am EDT

This week was semi-slow when it came to looking for articles to bring to the table for the 79th edition of the Kaspersky Lab Transatlantic Cable podcast. But in our space, a slow week can generally be seen as a good thing.

To kick things off, we look at some proposed legislation in the UK in regards to Facebook. I think it is safe to say that we all agree that the network has a way to go when it comes to handling fake news and other problematic points. However, the question becomes is it the job of one government or is this a bigger fish to fry?

From there, we stay in the UK for a crossover on the small screen for shows Holby City and Casualty which will look at a cyber attack that seems oddly similar to WannaCry. The next story stays in the EU and looks at the latest sport in France – Lightsaber Duels. Star Wars fans rejoice! To close things out, we head to the hardwood where Nike has announced their latest smart shoe complete with charging pad, IoT connectivity and self-lacing shoes.

Direct download: tcp_79_final.mp3
Category:technology -- posted at: 3:34am EDT

The 78th edition of the Kaspersky Lab Transatlantic Cable podcast comes from you live from Dubai. I am over here for a meeting with some of my team based in this corner of the world. Wait, the earth is round, let’s call it this spot on the globe (not sorry flat-earthers).

With time zones not being our friend, David has the week off and I sit down with Ahmed (Dubai), Mucahit (Istanbul) and Kseniya (Moscow) to take a look at a handful of stories and to also get a younger generation’s view on some of the technologies that Dave and I will often riff on.

We start the podcast discussing the recent news about compromised accounts at OK Cupid. There wasn’t a data breach, but this brings us to a conversation on data and concerns for our younger colleagues on data security. From there, we jump to Amazon’s recent acquisition of Eero and what this means for Smart Home devices. To wrap things up, we keep our focus on the IoT and look at industrial refrigerators and what their default passwords mean for users.

Direct download: tcp-78-final.mp3
Category:general -- posted at: 8:17am EDT

On this special episode of the Kaspersky Lab Transatlantic Cable podcast, we will continue to preview the upcoming Security Analyst Summit (#TheSAS2019). The conference will take place in Singapore on April 8-11.

Today, my guest on the show is Sergey Lozhkin. Sergey is a senior security researcher on the company’s Global Research and Analysis Team (GReAT). During the course of our chat, we discuss a wide range of topics from what he is currently working on to what he expects heading to Singapore for the first time, insecurity of hospitals and his talk at the conference. 

We also dive into his upcoming training at #TheSAS2019, entitled The God-Mode Practical Training in Static Analysis of APT Malware. This training session will cover most of the steps required to analyze a modern APT toolkit, from receiving the initial sample, all the way to producing a deep technical description with IOCs. The course material is based on many years of experience analyzing the most complex threats ever discovered in-the-wild, including: Equation, Red October, Sofacy, Turla, Duqu, Carbanak, ShadowPad, and many more. It’s time to set your static analysis game to God-Mode.

Direct download: tcp_Lozhkin_final.mp3
Category:technology -- posted at: 8:25am EDT

In the 77th edition of the Kaspersky Lab Transatlantic Cable podcast, Dave and I look at stories that impact consumers from their wrists to their pockets and inboxes. For the first story, we hit home for parents looking at a story on the insecurity and subsequent recall in the European Union of ENOX Safe-KID-One smartwatches. Then we stay on the insecurity bandwagon and discuss the lack of security in some webcam covers handed out at a conference from the NSA.

 

Afterwards, we look at an upcoming access change to the gyroscope in an upcoming iOS release. We keep on the big company bandwagon looking at a potential security issue with Gmail that can be exploited by scammers. To wrap up, we close with a post that looks at a recent takedown of DDoS for hire service in the UK as part of a global initiative by the good guys.

Direct download: tcp_77_final.mp3
Category:technology -- posted at: 10:03am EDT

The 2019 edition of the Kaspersky Lab Security Analyst Summit (#TheSAS2019), will take place in Singapore on April 8-11. As always, the conference will bring some of the brightest minds in infosec together to share knowledge at a high level.

This year marks the first year that the conference will come to Asia. To talk more about what Singapore and what people can expect while attending, we sat down with Vitaly Kamluk who leads the APAC arm of our Global Research and Analysis Team (GReAT) and resides in Singapore.

During our talk, Vitaly offers his insight into the sights that first-time visitors to Singapore should see as well as what the security scene looks like. Given his area of expertise, we couldn’t just talk travel tips. We also discuss his upcoming training at the conference, entitled Remote Forensics for the Modern Malware Hunter as well as the forensic tool that he created, Bitscout.

Direct download: kam-sas-final.mp3
Category:technology -- posted at: 9:12am EDT

The 76th edition of the Kaspersky Lab Transatlantic Cable Podcast, David and I cover a number of stories pertaining to privacy and, surprisingly browsers. To start things off, we look at the issue that Apple faced earlier in the week where a bug in FaceTime that was reported by a kid wound up in the public eye.

Following that tale, we jump into a stranger-than-fiction story about Facebook and their controversial tactic to have users install a VPN to share their data with Facebook – the kicker- is that the target audience included kids. Following Facebook, we stay on the privacy bandwagon and look at the work that Mozilla did to improve the latest version of Firefox.  We close out the podcast bidding happy trails to Internet Explorer 10.

Direct download: tcp_76_final.mp3
Category:technology -- posted at: 9:51am EDT

We kick off the podcast looking at how the Girl Scouts are rolling out a badge for Cyber Security and using eggs, not computers for their members. From there, we cover a report from California on how a family’s Nest camera sent out a warning that had North Korea firing intercontinental ballistic missiles at the USA – but was a hoax from a hacker and reused passwords.

We keep in the Google family by looking at a recent GDPR related fine levied on the search giant. The next story looks at the recently unsealed documents that were previously sealed in a Facebook lawsuit. Unfortunately, it looks like the social behemoth was profiting off of children.

Afterwards, we further discuss the fact that scams on Facebook and WhatsApp promising free airline tickets are just a scam – please do not fall for them. The podcast closes out with a new piece of mobile malware that tries to hide itself from security researchers.

Direct download: tcp-75-final-edits.mp3
Category:technology -- posted at: 9:59am EDT

Episode 74 of the Transatlantic Cable podcast sees David and Jeff being joined by a few of their colleagues from around the world as they talk about travel and cyber-security - can you keep your data and your life private whilst travelling?

Tune in!

Direct download: tcp-74-final.mp3
Category:technology -- posted at: 6:38am EDT

Happy New Year everyone and welcome to the first regular edition of Kaspersky Lab’s Transatlantic Cable Podcast. On this edition, Dave and I cover a lot of ground.

We kick off the podcast talking about CES, or more notably a pair of products that we question whether the internet is really needed – keys and a toilet. From there, we hop over to a program, Lenny, that turns the table on our favorite pains in the rear – robocalls and scammers. The next topic is a bit more serious as a hack happened to Australia’s Emergency Warning Network. If you are an online gamer and play The Town of Salem, you may want to change your password as they have suffered a data breach.

We close out the podcast looking at how data is used. This ranges from weather applications to the story of the week with how US Telcos are selling user data.

Direct download: tcp-73-final.mp3
Category:general -- posted at: 11:06am EDT

It is that time of year again, #TheSAS2019 will be here before we know it. This year’s location is in Singapore and as usual, there will be a lot of interesting research coming from the presenters. There will also be trainings where attendees can learn from our experts on GReAT across a wide variety of topics.

 In this podcast, I sit down with Brian Bartholomew who is giving a training, and to discuss what he envisions for this year’s edition of the Security Analyst Summit. His training entitled The Good and the GReAT— Stepping up your Threat Intelligence Game will be held with with Brian Candlish of Telstra Threat Labs and will focus on:

Concepts of threat intelligence

  • Intelligence life cycle
  • Defining intelligence requirements
  • Collecting and processing data
  • Maximizing data through automation
  • Open source / custom tools
  • Threat hunting in large security datasets
  • Intelligence reporting
  • Dealing with biases
  • Using estimative language
  • Each day will end with large hands-on labs

 

To sign up for Brian’s training or to buy tickets for #TheSAS2019, please click here.

Direct download: podcast02-1_mixdown.mp3
Category:general -- posted at: 9:47am EDT

1