You've Got Email...Security Vulnerabilities

37:55
 
Bagikan
 

Fetch error

Hmmm there seems to be a problem fetching this series right now. Last successful fetch was on March 20, 2022 08:55 (2M ago)

What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.

Manage episode 291139953 series 2795110
Oleh Firewalls.com ditemukan oleh Player FM dan komunitas kami — hak cipta dimiliki oleh penerbit, bukan Player FM, dan audio langsung didapatkan dari server mereka. Tekan tombol Berlangganan untuk mendapat setiap pembaharuan di Player FM, atau salin URL feed ke aplikasi podcast lainnya.

While HTML email is nothing new, a recently discovered trick means a pretty wide open security flaw has been there all along, too. Security researcher, engineer, & tech columnist Ax Sharma joins us to explain how just a bit of code in the wrong hands can manipulate the "external sender" warning on your organization's emails - to either remove it altogether or change it to trick unsuspecting users into malicious clicks. Ax also tells us what solutions are out there to cut your risk. See the full story:
Attackers can hide 'external sender' email warnings with HTML and CSS

Plus, we dive deeper into the story of Facebook and the 533 million users whose data was exposed. Ax discusses the difference between a breach and data scraping, how social media users should protect their privacy, and Facebook's responsibility in this incident.
In headlines, we talk about a ransomware attack targeting a major police department, another update on SolarWinds & Russia's role, and we hear more about the current state of the ransomware threat.
See the stories:
Hackers threaten to release DC police data in apparent ransomware attack

https://www.theverge.com/2021/4/27/22405339/washington-dc-police-hack-data-department-ransomeware-babuk
Report: Russia 'likely' kept access to US networks after SolarWinds hack

https://www.engadget.com/russia-us-network-access-after-solarwinds-hack-192305973.html
Ransomware extortion demands are growing, and so is the downtime caused by attacks

https://www.zdnet.com/article/ransomware-extortion-demands-are-growing-and-so-is-the-downtime-caused-by-attacks/

Ransomware: don’t expect a full recovery, however much you pay

https://nakedsecurity.sophos.com/2021/04/27/ransomware-dont-expect-a-full-recovery/
Get info on all things network security through our blog, https://firewalls.com/blog.

Please do rate and review us wherever you listen, and reach out, as we want to hear from you. Suggest an episode topic, ask a question, or just say hi in a review or comment, or by emailing podcast@firewalls.com. New episodes are normally released every other Wednesday, so subscribe/follow to ensure you get the latest first.

Thanks for listening!

58 episode