We share our technical knowledge and advice in plain English without stripping out the interesting bits, with lots of laughs along the way.

The Naked Security podcast is available on all good podcast apps, or you can listen to the episodes in the current series below.

New episode every Thursday, plus bonus splinter podcasts and mini-sodes as special surprises!

S3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tips

We look at a network intrusion where the crooks tried to take over dozens of different online accounts from every user, we discuss the potential dangers of digital doorbells, and we give you some handy hints for improving your wireless security at home.

Episode date: Thursday 2020-12-03

S3 Ep8: A conversation with Katie Moussouris

How do you go from pentester to creator of Microsoft’s bug bounty program? Find out from hacker and vulnerability disclosure pioneer, Katie Moussouris, CEO of Luta Security.

Join us for a fascinating interview with Katie (@k8em0) about her journey, the bugs in bug bounty programs, and the people who inspired her along the way.

Episode date: Thursday 2020-11-26

S3 Ep7: When ransomware crooks get a big fat zero!

We say thanks to companies that refuse to pay ransomware hush money, dig into the new Sophos 2021 Threat Report, and take a quick look inside a malicious Linux kernel driver. Also, a sneak preview of our upcoming podcast interview with bug bounty pioneer Katie Moussouris.

Episode date: Thursday 2020-11-19

S3 Ep6: How not to get scammed

When payments go astray, why “just in case” cybersecurity warnings do more harm than good, how to shop safely on Black Friday and beyond, and (oh! no!) what to do when all your emails disappear.

Episode date: Thursday 2020-11-12

S3 Ep5: Chrome, Flash and malware for sale

A zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair.

Episode date: Thursday 2020-11-05

S3 Ep4.5: FBI “ransomware warning” for healthcare is a warning for everyone

Two days before we recorded this mini-sode, the FBI, CISA and HHS released an unprecedented warning of “an increased and imminent cybercrime threat to US hospitals and healthcare providers.” Chester Wisniewski, Principal Research Scientist at Sophos, discusses what the threat is, what this advisory means, and why this warning is a warning for everyone.

Episode date: Friday 2020-10-30

S3 Ep4: Now THAT’S what I call a fire alarm!

Facebook scammers trick you with fake copyright notices, voice scammers automate their attacks on the vulnerable, how to tune up your mobile privacy, and (oh! no!) the best/worst IT helpdesk call ever.

Episode date: Thursday 2020-10-29

S3 Ep3: Breaking crypto, busting hackers and pwning Chrome

The DOJ’s attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and (oh no!) why your vocabulary needs the word “restore” even more than it needs “backup”.

Episode date: Thursday 2020-10-22

S3 Ep2: Creepy smartwatches, botnets and Pings of Death

We investigate a creepy smartwatch for kids, discuss Microsoft’s short-lived takedown of Trickbot, explain how to avoid the Windows “Ping of Death” bug, and (oh no!) find the source of mysterious beeping from every computer in the office.

Episode date: Thursday 2020-10-15

S3 Ep1: Ransomware – is it really OK to pay?

We wonder whether Cybersecurity Awareness Month is a waste of time, explain the concept of “linkless phishing“, ask if it’s ever OK to pay a ransomware demand, and advise what to do when the CEO won’t stop looking at naughty sites.

Episode date: Thursday 2020-10-08

S3 Trailer: We’re back!

Get ready. A brand new series arrives Thursday, 8 October 2020.

Trailer date: Tuesday 2020-10-06

Series 3 original music by Edith Mudge (https://www.edithmudge.com)