Simon Hall and Richard Gold join Rafael Amado to focus on the trade-offs between security and usability, as well as the practice of security layering that can often make us more insecure. The team look over security measures such as regular complex password expiry policies that create headaches for organizations and end users, why it’s not easy to make security usable, whether certain security measures such as anti-virus software actually make us more insecure, and what alternative system defences can bridge the gap between security and usability. For the NCSC blog on security and usability, visit: https://www.ncsc.gov.uk/blog-post/security-and-usability-you-can-have-it-all
Home » ShadowTalk - Threat Intelligence Podcast by Digital Shadows » Episode 42: Security Layering and Usability Trade-offs
Episode 43: Security Flaws Affect 50 Million Facebook Accounts and Equifax Fined £500,000
Rick Holland, CISO of Digital Shadows, joins Richard Gold and Michael Marriott to discuss the latest cybers...
Error - something went wrong!
Most Recent Articles
Zoom Zero-Day Vulnerabilities and Fin7 Delivering Malware Via Snail Mail
Hey all you cool cats and kittens! We’ve got a brand-new threat intel episode for you coming from our virtual podcast studio with Adam, Jamie, and Viktoria. The team chat through the latest Zoom...
Remote Worker Threat Model And Cybercrime Updates
This week the team looks at some Coronavirus threat intel updates including a Threat Model of the Remote Worker and the top businesses and industries most likely to be targeted by cyber attacks....
Slack Vulnerability, Apollon Dark Web Exit Scam, And Online Brand Protection
We’ve got Adam and Jamie joining Viktoria remotely for this week’s ShadowTalk! The London crew chats through the Slack vulnerability story, the news around the Dutch government losing hard drives...
Coronavirus: Cybercrime Reactions And CISO Advice
CISO and VP of Strategy, Rick Holland, joins Alex and Harrison for this special episode to discuss how cybercriminals are exploiting Coronavirus (COVID-19). With regards to Coronavirus, the team...
Necurs Botnet, SMB Vulnerability, Coronavirus Scams, And Dark Web Updates
Necurs Botnet, SMB Vulnerability, Coronavirus Scams, and Dark Web Updates - Hear this week's ShadowTalk episode for threat intelligence updates!
Banking Trojan Steals Google Authenticator Codes, Ransomware Attacks Epiq, And Tesco Clubcard Fraud
Lots of threat intelligence news updates in this week’s ShadowTalk episode with Jamie Collier, Adam Cook, and Viktoria Austin. Top stories this week include: - NCSC advising consumers on...
FBI Releases Its Internet Crime Complaint Center (IC3) Report 2019
Alex, Harrison, and Rick discuss this year’s FBI IC3 (Internet Crime Complaint Center) report, where cybercrime resulted in over $3.5 billion in reported losses.
Data Breaches, Stalkerware, and Dopplepaymer ransomware
3 data breaches this week, Stalkerware, and Dopplepaymer ransomware
OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research
Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first - we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex. This...
yOurMine, Equifax Indictment, and SWIFT POC attack
Roses are red, violets are blue, here’s our threat intel podcast, just for you!
Threat Report ATT&CK Mapping (TRAM) With MITRE’s Sarah Yoder And Jackie Lasky
Sarah Yoder and Jackie Lasky from MITRE join Rick Holland and Harrison Van Riper in this guest episode to talk through their tool, Threat Report ATT&CK Mapping (TRAM). Both Sarah and Jackie are...
CTI Frameworks, Wawa Breach Updates, APT34, And Coronavirus Phishing Scams
January was a looooong year. Anyone else? In this week’s episode, Jamie starts by talking about his recent blog, Cyber Threat Intelligence Frameworks, with 5 rules for integrating these frameworks...
SANS CTI Summit, Snake Ransomware, CacheOut, And Citrix Vuln Update [Podcast]
Rick Holland jumps in to kick-off this week’s episode to recap the 2020 SANS CTI Summit with Harrison. Then Harrison, Alex, Kacey, and Charles talk through other top stories of the week.
Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published
Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the company’s NetScaler ADC Application Delivery Controller and it’s Citrix...
NSA Vulnerability Disclosure, Ransomware News, And Iran Updates
Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...
Iranian Cyber Threats, Travelex Ransomware Attack, And Exploit Forum Updates
Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely.
Iranian Cyber Threats: Practical Advice From CISO Rick Holland
Rick Holland (CISO at Digital Shadows) joins Harrison to share his thoughts on the Iranian cyber threat and what it means for cyber defenders. What should security practitioners be concerned...
Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, And 2020 Predictions
CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: - Ring Doorbell security - New Orleans victim of Ryuk Ransomware -...
Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories
Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...
Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown On RAT Spyware