Malwarebytes
Lock and Code
Lock and Code tells the human stories within cybersecurity, privacy, and technology. Rogue robot vacuums, hacked farm tractors, and catastrophic software vulnerabilities—it’s all here.
Autor
Malwarebytes
Kategorie
Podcast-Website
Neueste Folge
28. Jun 2026
Wo hören?
Podcasts in der App Replaio Radio Bald verfügbarPodcasts kommen bald in die App. Installiere sie jetzt und erlebe als Erster einen ganz neuen Blick auf Podcasts
Folgen
Donut breach: Lessons from pen-tester Mike Miller 15.08.2022 37:12
When Mike Miller was hired by a client to run a penetration test on one of their offices, he knew exactly where to start: Krispy Kreme. Equipped with five dozen donuts (the boxes stacked just high enough to partially obscure his face, Miller said), Miller walked briskly into a side-door of his client's offices, tailing another employee and asking them to hold the door open. Once inside, he cheerfu...
Have we lost the fight for data privacy? 31.07.2022 44:08
At the end of 2021, Lock and Code invited the folks behind our news-driven cybersecurity and online privacy blog, Malwarebytes Labs, to discuss what upset them most about cybersecurity in the year prior. Today, we’re bringing those same guests back to discuss the other, biggest topic in this space and on this show: Data privacy. You see, in 2021, a lot has happened. Most recently, with the US Su...
Roe v. Wade: How the cops can use your data 17.07.2022 41:14
On June 24, that Constitutional right to choose to have an abortion was removed by the Supreme Court, and immediately, this legal story became one of data privacy. Today, countless individuals ask themselves: What surrounding activity is allowed? Should Google be used to find abortion providers out of state? Can people write on Facebook or Instagram that they will pay for people to travel to their...
When good-faith hacking gets people arrested, with Harley Geiger 04.07.2022 39:55
When Lock and Code host David Ruiz talks to hackers—especially good-faith hackers who want to dutifully report any vulnerabilities they uncover in their day-to-day work—he often hears about one specific law in hushed tones of fear: the Computer Fraud and Abuse Act. The Computer Fraud and Abuse Act, or CFAA, is a decades-old hacking law in the United States whose reputation in the hacker community...
Securing the software supply chain, with Kim Lewandowski 20.06.2022 39:53
At the start of the global coronavirus pandemic, nearly everyone was forced to learn about the "supply chain." Immediate stockpiling by an alarmed (and from a smaller share, opportunistic) public led to an almost overnight disappearance of hand sanitizer, bottled water, toilet paper, and face masks. In time, those items returned to stores. But then a big ship got stuck in the Suez, and once again,...
Tor’s (security) role in the future of the Internet, with Alec Muffett 06.06.2022 39:33
Tor, which stands for "The Onion Router," has a storied reputation in the world of online privacy, but on today's episode of Lock and Code with host David Ruiz, we speak with security researcher Alec Muffett about the often-undiscussed security benefits of so-called "onion networking." The value proposition to organizations interested in using Tor goes beyond just anonymity, Muffett explains, and...
Hunting down your data with Whitney Merrill 23.05.2022 49:32
Last year, Whitney Merrill wanted to know just how much information the company Clubhouse had on her, even though she wasn't a user. After many weeks of, at first, non-responses, she learned that her phone number had been shared with Clubhouse more than 80 times—the byproduct of her friends joining the platform. Today on Lock and Code with host David Ruiz, we speak with Merrill about why hunting...
Recovering from romance scams with Cindy Liebes 09.05.2022 48:27
Earlier this year, a flashy documentary premiered on Netflix that shed light onto on often-ignored cybercrime—a romance scam. In this documentary, called The Tinder Swindler, the central scam artist relied on modern technologies, like Tinder, and he employed an entire team, which included actors posing as his bodyguard and potentially even his separated wife. After months of getting close to sever...
Why software has so many vulnerabilities, with Tanya Janca 25.04.2022 48:39
Every few months, a basic but damaging flaw is revealed in a common piece of software, or a common tool used in many types of programs, and the public will be left asking: What is going on with how our applications are developed? Today on the Lock and Code podcast with host David Ruiz, we speak to returning guest Tanya Janca to understand the many stages of software development and how security tr...
Why data protection and privacy are not the same, and why that matters 11.04.2022 46:40
Data protection, believe it or not, is not synonymous with privacy, or even data privacy. But around the world, countless members of the public often innocently misconstrue these three topics with one another, swapping the terms and the concepts behind them. Typically, that wouldn't be a problem—not every person needs to know the minute details of every data-related concept, law, and practice. Bu...
Telling important stories securely, with Runa Sandvik 28.03.2022 33:32
In 2017, a former NSA contractor was arrested for allegedly leaking an internal report to the online news outlet The Intercept. To verify the report itself, a journalist for The Intercept sent an image of the report to the NSA, but upon further inspection, it was revealed that the image was actually a scan of a physical document. This difference—between an entirely digital, perhaps only-emailed d...
De-Googling Carey Parker’s (and your) life 14.03.2022 49:21
Three years ago, a journalist for Gizmodo removed five of the biggest tech companies from her life—restricting her from using services and hardware developed or owned by Google, Apple, Amazon, Facebook, and Microsoft. The experiment, according to the reporter, was "hell." But in 2022, cybersecurity evangelist Carey Parker, who also hosts the podcast Firewalls Don't Stop Dragons, wanted to do some...
How Crisis Text Line crossed the line in the public’s mind 28.02.2022 41:19
How would you feel if the words you wrote to someone while in a crisis—maybe you were suicidal, maybe you were newly homeless, maybe you were suffering from emotional abuse at home—were later used to train a customer support tool? Those emotions you might behaving right now were directed last month at Crisis Text Line, after the news outlet Politico reported that the nonprofit organization had be...
The world’s most coveted spyware, Pegasus 14.02.2022 45:08
Two years ago, the FBI reportedly purchased a copy of the world's most coveted spyware, a tool that can remotely and silently crack into Androids and iPhones without leaving a trace, spilling device contents onto a console possibly thousands of miles away, with little more effort than entering a phone number. This tool is Pegasus, and, though the FBI claimed it never used the spyware in investigat...
How a few PhD students revealed that phishing trainings might just not work 31.01.2022 39:46
You've likely fallen for it before—a simulated test sent by your own company to determine whether its employees are vulnerable to one of the most pernicious online threats today: Phishing. Those simulated phishing tests often come with a voluntary or mandatory training afterwards, with questions and lessons about what mistakes you made, right after you made them. But this extremely popular phishi...
Why we don’t patch, with Jess Dodson 18.01.2022 47:15
In 2017, the largest ransomware attack ever recorded hit the world, infecting more than 230,000 computers across more than 150 countries in just 24 hours. And it could have been solved with a patch that was released nearly two months prior. This was the WannaCry ransomware attack, and its final, economic impact—in ransoms paid but also in downtime and recovery efforts—has been estimated at about $...
What angered us most about cybersecurity in 2021 03.01.2022 34:28
We are only days into 2022, which means what better time for a 2021 retrospective? But rather than looking at the biggest cyberattacks of last year—which we already did—or the most surprising—like we did a couple of years ago—we wanted to offer something different for readers and listeners. On today's episode of Lock and Code, with host David Ruiz, we spoke with Malwarebytes Labs' editor-in-chief...
Everything you always wanted to know about NFTs (but were too afraid to ask) 20.12.2021 1:19:57
In August, the NFT for a cartoon rock sold for $1.3 million , and ever since then, much of the world has been asking: What the heck is going on? On today's episode of Lock and Code, with host David Ruiz, we speak with Malwarebytes' Mark Stockley, TechCrunch's Lucas Matney, and Pilot 44's Mike Maizels about the basics of NFTs and the cryptocurrency-related technology behind them, the implied value...
Why Macs are the best, according to Mac expert Thomas Reed 06.12.2021 44:49
In 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The company's Pro laptops are finally, belatedly equipped with ports that have been standard in other computers for years. The company's beleaguered "butterfly" keyboard has seemingly been erased from history. And the base model of company's powerhouse desktop tower could set you back a hefty $6,000. W...
The Internet is not safe enough for women, and Sue Krautbauer has some ideas about why 22.11.2021 42:59
Cyberstalking. Harassment. Stalkerware. Nonconsensual pornography, real and digitally altered. The Internet can be a particularly ugly place for women. On Lock and Code this week, we ask why. Join a conversation with with Digitunity's Sue Krautbauer about what has gone wrong with the Internet, and what we can do to fix it.
Why we fail at getting the cybersecurity basics right, with Jess Dodson 08.11.2021 43:04
The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by companies and organizations everywhere, right? You'd hope. But the reality is that basic cybersecurity blunders have led to easy-to-discover vulnerabilities in companies including John Deere, Clubhouse, and Kaseya VSA (which we've all talked about on this show), and at least for K...
Beyond the VPN: Ultimate online privacy, with The Tor Project’s Isabela Bagueros 25.10.2021 52:18
What does online privacy mean to you? Maybe it's securing your online messages away from prying eyes. Maybe it's keeping your browsing behavior hidden from advertisers. Or maybe it's, like for many people today, using a VPN to hide your activity from your Internet Service Provider. But because online privacy can mean so many things, that also means it includes so much more than just using a VPN. T...
ExpressVPN made a choice, and so have I 12.10.2021 39:14
On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber hacking campaign coming from the United Arab Emirates, called Project Raven, that has reportedly impacted hundreds of journalists, activists, and human rights defenders in Yemen, Iran, Turkey, and Qatar. But in a bizarre twist, this tale of surveillance abroad tapered...
Teaching cybersecurity skills to special needs children with Alana Robinson 27.09.2021 48:17
Internet safety for kids is hard enough as it is, but what about Internet safety for children with special needs? How do you teach strong password creation for children with learning disabilities? How do you teach children how to separate fact from fiction when they have a different grasp of social cues? And how do you make sure these lessons are not only remembered for years to come, but also rew...
Backups are not a simple ransomware defense, with Matt Crape 13.09.2021 40:59
A recent spate of ransomware attacks have derailed major corporations, spurring a fuel shortage on the US East Coast, shuttering grocery stores in Sweden, and sending students home from grade schools. The solution, so many cybersecurity experts say, is to implement backups. But if backups are so useful, why aren't they visibly working? Companies with backups have found them misconfigured, or they'...
Ähnliche Podcasts
Replaio ist kein Herausgeber von Podcasts; die Namen der Sendungen, Cover und Audioinhalte gehören ihren Autoren und werden über öffentliche RSS-Feeds verbreitet