Shared Security

In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the details, Anthropic's response, and the broader impact on AI in cybersecurity. Show notes:

Shared Security

In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright, and Kevin Johnson as they explore the changes, the continuity, and the significance of the update for application security. Learn about the importance of getting involved with the release candidate to provide feedback and suggestions. The conversation touches on the history of the OWASP Top 10, its release cycle, the evolution from specific vulnerabilities to broader categories, and the impact on vulnerability assessment and compliance. Show notes:  

Shared Security

The future of home robotics is here — and it’s a little awkward. Meet the NEO 1X humanoid robot, designed to help with chores but raising huge cybersecurity and privacy questions. We discuss what it can actually do, the risks of having an always-connected humanoid in your home, and why it’s definitely not the “Robot Rosie” we were promised. Show notes:

Shared Security

In this episode, we explore OpenAI's groundbreaking release GPT Atlas, the AI-powered browser that remembers your activities and acts on your behalf. Discover its features, implications for enterprise security, and the risks it poses to privacy. Join hosts Tom Eston and Scott Wright as they discuss everything from the browser's memory function to vulnerabilities like indirect prompt injection. Stay informed on how AI browsers could reshape web browsing and cybersecurity. Show notes:

Shared Security

In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure's automatic failover capabilities.  Show notes:

Shared Security

OpenAI’s Sora 2 is here — and it’s not just another AI toy. This episode explores how Sora 2 works, how users can insert almost anything into generated content, and why that’s raising alarms about privacy, identity, and copyright. We walk you through the initial opt-out copyright controversy, the backlash from studios and creators, and how OpenAI is scrambling to offer more control. Tune in to understand what rights you might lose — or want to protect — in this new media era. Show notes:

Shared Security

In this episode, we discuss the surge of age verification laws spreading across the US, including the recent implementation in Ohio. These laws intend to shield children but come at a significant cost to privacy and cybersecurity. We'll explore how third-party ID verification companies operate, the risks associated with these systems, and the broader definition of adult content beyond pornography. We also question the effectiveness and security of these measures as we share insights into the ease of bypassing verification systems. Are we protecting kids, or building a privacy nightmare? Show...

Shared Security

Phishing simulations have been a cornerstone of security awareness training for years. But do they actually change user behavior, or are they just creating frustration and fatigue? In this episode, Tom Eston and Scott Wright (CEO of ClickArmor) debate whether simulated phishing attacks are still valuable in 2025. We cover the benefits, challenges, and how phishing programs might evolve — or even be replaced — in the future. Show notes:

Shared Security

Episode 400! In this special milestone edition of the Shared Security Podcast, we look back at 16 years of conversations on security, privacy, and technology. From our very first episodes in 2009 to today’s AI-driven threats, we cover the topics that defined each era, the surprises along the way, and the lessons that still matter. Plus, we share listener favorites, memorable moments, and predictions for the future of security and privacy. Thank you for being part of our journey! Show notes:

Shared Security

Join the Shared Security Podcast for a critical discussion about situational awareness with special guest, Andy Murphy, host of the Secure Family Podcast. In a world where mass shootings and violence in public places are alarming realities, staying alert to your surroundings has never been more important. Andy shares his expertise on personal and family safety, providing practical tips for recognizing unusual behavior, planning for emergencies, and teaching kids safety skills. The conversation also touches upon digital security and how situational awareness applies online. Learn how to own...