Sophos experts get to grips with news, opinion, advice and research in these easily-digested, professionally-presented and informative podcasts.

  • Enjoy our weekly Chet Chat, where our resident experts take 15 minutes to give you "the news you can use," talking you through the latest issues in a way you can learn from them.
  • Learn more about specific topics in our Techknow series, where our experts explore, explain and hopefully help you to understand all sorts of security issues, from SSL to two-factor authentication.

You'll be entertained, and for that matter amused, but all our podcasts are serious at heart - we aim to help you improve your own security posture without taking up hours of your time.

Perfect listening for a coffee break or on your daily commute.

Download and listen to our experts anytime, anywhere

S2 Ep27: Bluetooth vulnerabilities, dodgy Chrome extensions and forgotten encryption passwords

This week we discuss why Google abruptly pulled over 500 Chrome extensions from its Web Store, the case of a man held in custody for refusing to decrypt two hard drives and research detailing a number of security holes in Bluetooth chips from several different vendors. Greg Iddon plays host and Producer this week and is joined by fellow Sophos experts Paul Ducklin and Peter Mackenzie. Listen now! Related articles: Google pulls 500 malicious Chrome extensions after researcher tip-off: https://nakedsecurity.sophos.com/2020/02/17/google-pulls-500-malicious-chrome-extensions-after-researcher-tip-off/ Suspect who refused to decrypt hard drives released after four years: https://nakedsecurity.sophos.com/2020/02/17/google-pulls-500-malicious-chrome-extensions-after-researcher-tip-off/ Bluetooth bugs – researchers find 10 “Sweyntooth” security holes: https://nakedsecurity.sophos.com/2020/02/14/bluetooth-bugs-researchers-find-10-sweyntooth-security-holes/

S2 Ep26: Robbin Hood ransomware, Twitter parodies and SMS 2FA WHAT?

This week we welcome back Peter who discusses RobbinHood - the ransomware that brings its own bug. Greg explains how a student's Twitter account was handed over to their college and Duck talks SMS 2FA. Host Anna Brading is joined by Sophos experts Peter Mackenzie, Paul Ducklin and Greg Iddon. Listen now! Related articles: RobbinHood – the ransomware that brings its own bug: https://nakedsecurity.sophos.com/2020/02/07/robbin-hood-the-ransomware-that-brings-its-own-bug/ Living off another land: Ransomware borrows vulnerable driver to remove security software: https://news.sophos.com/en-us/2020/02/06/living-off-another-land-ransomware-borrows-vulnerable-driver-to-remove-security-software/ Apple proposes simple security upgrade for SMS 2FA codes: https://nakedsecurity.sophos.com/2020/02/03/apple-proposes-simple-security-upgrade-for-sms-2fa-codes/ Twitter hands over student’s account to his college: https://nakedsecurity.sophos.com/2020/02/04/twitter-gave-access-to-students-account-to-his-college/ Peter's ransomware list (tweet): https://twitter.com/AltShiftPrtScn/status/1225715096124567557 Joshua Saxe AI malware detector (tweet): https://twitter.com/joshua_saxe/status/1225521199800864769 Security ML models encoded as Yara rules: https://github.com/sophos-ai/yaraml_rules

S2 Ep25: You've seen WHAT on public Trello boards?

Over the past couple of years, Sophos' Director of Security Craig Jones has discovered a worrying amount of personal data on public Trello boards. Mark says companies shouldn’t microchip their employees and Duck discusses a bug that could have blown a hole in OpenSMTPD. Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and special guest Craig Jones. Listen now! Related articles: Trello exposed! Search turns up huge trove of private data: https://nakedsecurity.sophos.com/2020/01/30/trello-exposed-search-turns-up-huge-trove-of-private-data/ Employers can’t force you to get microchipped, Indiana reps say https://nakedsecurity.sophos.com/2020/01/30/employers-cant-force-you-to-get-microchipped-indiana-reps-say/ Serious Security – How ‘special case’ code blew a hole in OpenSMTPD https://nakedsecurity.sophos.com/2020/01/31/serious-security-how-special-case-code-blew-a-hole-in-opensmtpd/