Grassroots Security: Cybersecurity for Everyone
36 episodes - English - Latest episode: over 3 years ago -Grassroots Security Podcast was set up for two things: Provide better awareness about security including tips that hopefully most people can understand. And talk about what's happening in the news related to security and what it could mean for you. I try to make it fun yet informational and educational. I hope you enjoy it as much as I enjoyed making it.
Homepage Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
CISA Guidance on SolarWinds, AD/M365 and Exchange Remediations | Grassroots Security (S2:E8)
March 10, 2021 06:00 - 8 minutes - 6.17 MBIt's a busy time for security. The Cybersecurity & Infrastructure Security Agency has released a number of guidance documents on SolarWinds and ActiveDirectory/M365 compromises as well as the recent Microsoft Exchange vulnerabilities that are being actively exploited. Blog Post (including Links): https://grassrootsecurity.com/2021/03/10/cisa-guidance-on-solarwinds-ad-m365-and-exchange-remediations/
Denial of Service? What is it and what to do? | Grassroots Security (S2:E7)
March 01, 2021 06:00 - 14 minutes - 9.65 MBWe've heard of a denial of service. But what is it? And what can we do? Blog Entry (With References): https://grassrootsecurity.com/2021/03/01/denial-of-service-what-is-it-and-what-to-do/
Protecting You Through Security Filtered Domain Lookups | Grassroots Security (S2:E6)
February 22, 2021 08:00 - 7 minutes - 5.13 MBProtect your computer using a security-filtered Domain Name System (DNS) server configuration. Also hear about the Center for Internet Security (CIS) offering to protect US hospitals against malware through a similar method of DNS protection. Blog Post (including references and site links): https://grassrootsecurity.com/2021/02/22/protecting-you-through-security-filtered-domain-lookups/
We Need More Cyber Women! | Grassroots Security (S2:E5)
February 15, 2021 19:00 - 15 minutes - 10.4 MBNo, I'm not talking about cyborgs here. We explore the cybersecurity workforce needs, certifications and the scholarships available especially for women. We need to improve the number of women who go into cybersecurity careers. Blog Post (including References and Links): https://grassrootsecurity.com/2021/02/15/we-need-more-cyber-women/
Safer Internet Day 2021 on Feb 9 | Grassroots Security (S2:E4)
February 10, 2021 08:00 - 9 minutes - 6.8 MBEvery February 9 is Safer Internet Day. The slogan "Together for a better internet" looks toward promoting a safe and positive use of digital technology, especially among children and young people. Reference: https://www.saferinternetday.org Blog Post: https://grassrootsecurity.com/2021/02/10/safer-internet-day-on-february-9/
Data Privacy Day and Update on Solarwinds Hack | Grassroots Security (S2:E3)
February 01, 2021 06:00 - 12 minutes - 8.34 MBJanuary 28 was Data Privacy Day and the 40th anniversary of Convention 108. Last January 11, we also got the update of the investigation on the Solarwinds Hack. Blog Post (including references): https://grassrootsecurity.com/2021/02/01/data-privacy-day-and-update-on-solarwinds-hack/ Data Privacy Logo courtesy of StaySafeOnline (https://staysafeonline.org/)
EDPB Releases Data Breach Notification Examples | Grassroots Security (S2:E2)
January 25, 2021 06:00 - 12 minutes - 8.29 MBThe European Data Protection Board (or EDPB) has released Guidelines 01/2021 on Examples regarding Data Breach Notification. It provides a number of examples across different areas from ransomware to data exfiltration. References are linked in the blog post below: https://grassrootsecurity.com/2021/01/25/edpb-releases-guidelines-data-breach-notification-examples/
New Year, Your Memory and Misinformation | Grassroots Security (S2:E1)
January 18, 2021 06:00 - 17 minutes - 12.3 MBHappy New Year! In this episode, we talk about misinformation and disinformation and how your memory may contribute to both misattribution and bias. We also talk about how to deal better with misinformation. Blog Post (including references): https://grassrootsecurity.com/2021/01/18/new-year-your-memory-and-misinformation/
Ransomware in CMA CGM, Ring Security Changes and Egypt's Data Protection | Grassroots Security (S1:E16)
September 30, 2020 06:00 - 10 minutes - 7.55 MBRansomware has hit one of the biggest shipping companies CMA CGM. Also, Ring will be updating their devices to support end-to-end encryption. And Egypt has enacted their data protection law. Brazil's version is also now in effect. Published: September 30, 2020 Blog Post (Links to References): https://grassrootsecurity.com/2020/09/30/ransomware-in-cma-cgm-ring-security-changes-and-egyptian-data-protection/
Validity of Standard Contractual Clauses and Strontium's Credential Harvesting Methods | Grassroots Security (S1:E15)
September 14, 2020 06:00 - 13 minutes - 9 MBWith Facebook's high court challenge to the Irish Data Protection Commission's suggestion that Standard Contractual Clauses (or SCCs) may not be used, it begs the question what alternatives there are for the transfer of personal data to another country. Also, with the US Elections near, what type of attacks are we seeing especially with credential harvesting? Published: September 14, 2020 Blog Post (Links to References): https://grassrootsecurity.com/2020/09/14/validity-of-sccs-and-stronti...
Governments release cybersecurity principles on space systems and IoT devices | Grassroots Security (S1:E14)
September 05, 2020 09:00 - 9 minutes - 6.43 MBThe US Government released cybersecurity principles for space systems and the Autralian Government released guidelines on IoT devices. Created: September 5, 2020 References: https://grassrootsecurity.com/2020/09/05/governments-released-cybersecurity-principles-on-space-systems-and-iot/ https://cybersecuritymonth.eu/ https://owasp.org/ https://www.whitehouse.gov/wp-content/uploads/2020/09/2020SPD5.mem_.pdf https://www.homeaffairs.gov.au/reports-and-pubs/files/code-of-practice.pdf
New Zealand Stock Exchange hit by Distributed Denial of Service | Grassroots Security (S1:E13)
September 01, 2020 07:00 - 9 minutes - 6.23 MBLast week and the beginning of this week, New Zealand's stock exchange was hit by Distributed Denial of Service attacks which impacted its service. Created: September 1, 2020 References: https://grassrootsecurity.com/2020/09/01/new-zealand-stock-exchange-hit-by-distributed-denial-of-service/ https://www.stuff.co.nz/business/industries/122611626/stockmarket-website-crashes-but-trading-continues-without-a-blip-nzx-says https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-ext...
New Zealand Stock Exchange hit by Distributed Denial of Service
September 01, 2020 07:00 - 9 minutes - 6.23 MBLast week and the beginning of this week, New Zealand's stock exchange was hit by Distributed Denial of Service attacks which impacted its service. Created: September 1, 2020 References: https://grassrootsecurity.com/2020/09/01/new-zealand-stock-exchange-hit-by-distributed-denial-of-service/ https://www.stuff.co.nz/business/industries/122611626/stockmarket-website-crashes-but-trading-continues-without-a-blip-nzx-says https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-ext...
Tesla and FBI prevents a ransomware hack at the Gigafactory | Grassroots Security (S1:E12)
August 29, 2020 09:00 - 14 minutes - 9.9 MBHear how an employee at Tesla and the FBI prevented a ransomware hack at the Gigafactory in Nevada. Created: August 29, 2020 Reference: https://grassrootsecurity.com/2020/08/29/tesla-and-fbi-prevents-a-ransomware-hack-at-the-gigafactory/ https://electrek.co/2020/08/27/tesla-fbi-prevent-ransomware-hack-gigafactory-nevada/ https://www.justice.gov/opa/press-release/file/1308766/download
Fraudster Tricks Experian Africa causing a Data Security Incident | Grassroots Security (S1:E11)
August 24, 2020 06:00 - 7 minutes - 5.21 MBLooking into the recent data incident with Experian Africa where a fraudster was successful in impersonating a legitimate customer. Created: August 24, 2020 References: https://grassrootsecurity.com/2020/08/23/fraudster-tricks-experian-africa-causing-a-data-security-incident/ https://www.reuters.com/article/safrica-experian-idUSL8N2FL548
Digital Empathy and Zero Trust in the Pandemic | Grassroots Security (S1:E10)
August 21, 2020 06:00 - 8 minutes - 6.14 MBMicrosoft's recent security blog entry talked about the acceleration of a number of digital transformation brought about by the pandemic. We talk about two of these: Digital Empathy and Zero Trust. Created: August 21, 2020 Reference: https://grassrootsecurity.com/2020/08/21/dealing-with-digital-empathy-and-zero-trust-in-the-pandemic/ https://www.microsoft.com/security/blog/2020/08/19/microsoft-shows-pandemic-accelerating-transformation-cyber-security/
Grassroots Security: Episode #9 (Redirecting Invoices as an Example of Business Email Compromise) August 19, 2020
August 19, 2020 06:00 - 6 minutes - 4.19 MBInformation on Invoice Redirection: What is it? Why does it occur? And what can you do about it? References: https://grassrootsecurity.com/2020/08/17/redirecting-invoices-is-an-example-of-a-business-email-compromise-bec/ https://www.garda.ie/en/about-us/our-departments/office-of-corporate-communications/press-releases/2020/august/gnecb-advice-on-invoice-redirect-fraud.html https://www.ic3.gov/media/2019/190910.aspx
Redirecting Invoices as an Example of Business Email Compromise | Grassroots Security (S1:E9)
August 19, 2020 06:00 - 6 minutes - 4.19 MBInformation on Invoice Redirection: What is it? Why does it occur? And what can you do about it? Created: August 19, 2020 References: https://grassrootsecurity.com/2020/08/17/redirecting-invoices-is-an-example-of-a-business-email-compromise-bec/ https://www.garda.ie/en/about-us/our-departments/office-of-corporate-communications/press-releases/2020/august/gnecb-advice-on-invoice-redirect-fraud.html https://www.ic3.gov/media/2019/190910.aspx
Update on Fake Text in Ireland and TLS 1.3 Blocking in China | Grassroots Security (S1:E8)
August 14, 2020 06:00 - 7 minutes - 4.9 MBBank of Ireland has responded and made a U-turn on their policy. The latest version of TLS 1.3 is also now being blocked in China. Created: August 14, 2020 References: https://grassrootsecurity.com/?p=592 https://www.irishtimes.com/business/financial-services/bank-of-ireland-does-u-turn-after-refusal-to-reimburse-smishing-victims-1.4326502 https://gfw.report/blog/gfw_esni_blocking/en/
Update on Fake Text and TLS 1.3 Blocking in China | Grassroots Security (S1:E8)
August 14, 2020 06:00 - 7 minutes - 4.9 MBBank of Ireland has responded and made a U-turn on their policy. The latest version of TLS 1.3 is also now being blocked in China. Created: August 14, 2020 References: https://grassrootsecurity.com/?p=592 https://www.irishtimes.com/business/financial-services/bank-of-ireland-does-u-turn-after-refusal-to-reimburse-smishing-victims-1.4326502 https://gfw.report/blog/gfw_esni_blocking/en/
Grassroots Security: Episode #8 (Update on Fake Text and TLS 1.3 Blocking in China) August 10, 2020
August 14, 2020 06:00 - 7 minutes - 4.9 MBBank of Ireland has responded and made a U-turn on their policy. The latest version of TLS 1.3 is also now being blocked in China. References: https://grassrootsecurity.com/?p=592 https://www.irishtimes.com/business/financial-services/bank-of-ireland-does-u-turn-after-refusal-to-reimburse-smishing-victims-1.4326502 https://gfw.report/blog/gfw_esni_blocking/en/
Grassroots Security: Episode #8 (Update on Fake Text and TLS 1.3 Blocking in China) August 14, 2020
August 14, 2020 06:00 - 7 minutes - 4.9 MBBank of Ireland has responded and made a U-turn on their policy. The latest version of TLS 1.3 is also now being blocked in China. References: https://grassrootsecurity.com/?p=592 https://www.irishtimes.com/business/financial-services/bank-of-ireland-does-u-turn-after-refusal-to-reimburse-smishing-victims-1.4326502 https://gfw.report/blog/gfw_esni_blocking/en/
Grassroots Security: Episode #7 (Protecting yourself from cases of fake bank text messages) August 10, 2020
August 10, 2020 04:00 - 7 minutes - 4.93 MBAttacks using fake text messages from banks like Bank of Ireland surfaced recently on LiveLine with Joe Duffy. I also provide some tips to protect yourself when you do receive these text messages. Reference: https://grassrootsecurity.com/2020/08/10/rising-cases-of-fake-bank-text-messages/ https://www.rte.ie/radio/utils/share/radio1/11222276
Protecting yourself from cases of fake bank text messages | Grassroots Security (S1:E7)
August 10, 2020 04:00 - 7 minutes - 4.93 MBAttacks using fake text messages from banks like Bank of Ireland surfaced recently on LiveLine with Joe Duffy. I also provide some tips to protect yourself when you do receive these text messages. Created: August 10, 2020 Reference: https://grassrootsecurity.com/2020/08/10/rising-cases-of-fake-bank-text-messages/ https://www.rte.ie/radio/utils/share/radio1/11222276
Charges on Twitter Hack and Canon Ransomware | Grassroots Security (S1:E6)
August 08, 2020 12:00 - 8 minutes - 5.61 MBCharges have been made to three individuals relating to the Twitter hack and also developing news on the Canon Ransomware. Tips are included in the discussion. Created: August 8, 2020 References: https://grassrootsecurity.com/2020/08/02/three-individuals-charged-for-alleged-roles-in-twitter-hack/ https://www.justice.gov/usao-ndca/pr/three-individuals-charged-alleged-roles-twitter-hack https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo
Grassroots Security: Episode #6 (Charges on Twitter Hack and Canon Ransomware) August 8, 2020
August 08, 2020 12:00 - 8 minutes - 5.61 MBCharges have been made to three individuals relating to the Twitter hack and also developing news on the Canon Ransomware. Tips are included in the discussion. References: https://grassrootsecurity.com/2020/08/02/three-individuals-charged-for-alleged-roles-in-twitter-hack/ https://www.justice.gov/usao-ndca/pr/three-individuals-charged-alleged-roles-twitter-hack https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo
Garmin Ransomware Update and Privacy Badger | Grassroots Security (S1:E5)
July 31, 2020 12:00 - 6 minutes - 4.35 MBRecent update on the Garmin Ransomware and more privacy tips including Privacy Badger. Created: July 31, 2020 References: (https://privacybadger.org/) (https://news.sky.com/story/garmin-obtains-decryption-key-after-ransomware-attack-12036761)
Grassroots Security: Episode #5 (Garmin Ransomware Update and Privacy Badger) July 31, 2020
July 31, 2020 12:00 - 6 minutes - 4.35 MBRecent update on the Garmin Ransomware and more privacy tips including Privacy Badger. References: (https://privacybadger.org/) (https://news.sky.com/story/garmin-obtains-decryption-key-after-ransomware-attack-12036761)
Grassroots Security: Episode #4 (Ransomware and #NoMoreRansom) July 28, 2020
July 28, 2020 16:00 - 6 minutes - 4.62 MBPrevalence of ransomware, backing up and the fourth year anniversary of #NoMoreRansom project. (https://www.nomoreransom.org/) (https://grassrootsecurity.com/2020/07/27/ransomware/)
Ransomware and #NoMoreRansom | Grassroots Security (S1:E4)
July 28, 2020 16:00 - 6 minutes - 4.62 MBPrevalence of ransomware, backing up and the fourth year anniversary of #NoMoreRansom project. Created: July 28, 2020 Reference: https://www.nomoreransom.org/ https://grassrootsecurity.com/2020/07/27/ransomware/
Grassroots Security: Episode #3 (Superman and Privacy) July 24, 2020
July 24, 2020 18:00 - 7 minutes - 5.3 MBHow did a recent clickbait on Superman result in me thinking about Privacy? Superman and Brainiac are trademarks of DC Comics. References: https://support.google.com/chrome/answer/7440301 https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history https://spreadprivacy.com/how-anonymous-is-duckduckgo/ https://duckduckgo.com/ https://www.startpage.com/
Superman and Privacy | Grassroots Security (S1:E3)
July 24, 2020 18:00 - 7 minutes - 5.3 MBHow did a recent clickbait on Superman result in me thinking about Privacy? Superman and Brainiac are trademarks of DC Comics. Created: July 24, 2020 References: https://support.google.com/chrome/answer/7440301 https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history https://spreadprivacy.com/how-anonymous-is-duckduckgo/ https://duckduckgo.com/ https://www.startpage.com/
Grassroots Security: Episode #2 (Ruling on EU-US Privacy Shield) July 22, 2020
July 22, 2020 06:00 - 7 minutes - 5.08 MBLet's talk about the recent EU-US Privacy Shield ruling by the European Court of Justice. I will also recall a bit of history on how it came about. References: https://curia.europa.eu/jcms/upload/docs/application/pdf/2020-07/cp200091en.pdf https://www.export.gov/safeharbor_eu https://www.privacyshield.gov/list https://www.theguardian.com/technology/2020/jul/16/tech-firms-like-facebook-must-restrict-data-sent-from-eu-to-us-court-rules https://ico.org.uk/media/for-organisations/document...
Ruling on EU-US Privacy Shield | Grassroots Security (S1:E2)
July 22, 2020 06:00 - 7 minutes - 5.08 MBLet's talk about the recent EU-US Privacy Shield ruling by the European Court of Justice. I will also recall a bit of history on how it came about. Created: July 22, 2020 References: https://curia.europa.eu/jcms/upload/docs/application/pdf/2020-07/cp200091en.pdf https://www.export.gov/safeharbor_eu https://www.privacyshield.gov/list https://www.theguardian.com/technology/2020/jul/16/tech-firms-like-facebook-must-restrict-data-sent-from-eu-to-us-court-rules https://ico.org.uk/media/for-...
Grassroots Security: Episode #1 (Recent Twitter Attack and Setting Up Two Factor) July 21, 2020
July 21, 2020 07:00 - 9 minutes - 6.27 MBFirst episode for the Grassroots Security Podcast! I set up the Grassroots Security podcast for two things: Provide better awareness about security including tips that hopefully most people can understand. Talk about what's happening in the news related to security. For this episode, we talk about: Recent Twitter hack as reported by the New York Times and Twitter themselves. Setting up two factor for your Twitter account. Enjoy and please let me know about this episode. References: ...
Recent Twitter Attack and Setting Up Two Factor | Grassroots Security (S1:E1)
July 21, 2020 07:00 - 9 minutes - 6.27 MBFirst episode for the Grassroots Security Podcast! I set up the Grassroots Security podcast for two things: Provide better awareness about security including tips that hopefully most people can understand. Talk about what's happening in the news related to security. For this episode, we talk about: Recent Twitter hack as reported by the New York Times and Twitter themselves. Setting up two factor for your Twitter account. Enjoy and please let me know about this episode. Created: July ...