Podcasts by Lock and Code

Why a ransomware gang tattled on its victim, with Allan Liska from 2023-12-03T18:00

Like the grade-school dweeb who reminds their teacher to assign tonight’s homework, or the power-tripping homeowner who threatens every neighbor with an HOA citation, the ransomware group ALPHV ...

Defeating Little Brother requires a new outlook on privacy: Lock and Code S04E23 from 2023-11-05T18:00

A worrying trend is cropping up amongst Americans, particularly within Generation Z—they're spying on each other more.

Whether reading someone's DMs, rifling through a ...

MGM attack is too late a wake-up call for businesses, says James Fair from 2023-10-22T18:00

In September, the Las Vegas casino and hotel operator MGM Resorts became a trending topic on social media... but for all the wrong reasons. A TikTok user posted a video taken from inside th...

AI sneak attacks, location spying, and definitely not malware, or, what one teenager fears online from 2023-10-08T18:00

What are you most worried about online? And what are you doing to stay safe? 

Depending on who you are, those could be very different answers, but for teenagers and members of Generat...

What does a car need to know about your sex life? from 2023-09-24T18:00

When you think of the modern tools that most invade your privacy, what do you picture?

There's the obvious answers, like social media platforms including Facebook and Instagram. There's em...

Re-air: What teenagers face growing up online from 2023-09-10T18:00

In 2022, Malwarebytes inves...

"An influx of Elons,"a hospital visit, and magic men: Becky Holmes shares more romance scams from 2023-08-27T18:00

Becky Holmes is a big deal online. 

Hugh Jackman has Listen

A new type of"freedom,"or, tracking children with AirTags, with Heather Kelly from 2023-08-13T16:00

"Freedom" is a big word, and for many parents today, it's a word that includes location tracking. 

Across America, parents are snapping up Apple AirTags, the inexpensive location...

How Apple fixed what Microsoft hasn't, with Thomas Reed from 2023-07-30T18:00

Earlier this month, a group of hackers was spotted using a set of malicious tools—that originally gained popularity with online video game cheaters—to hide their Windows-based malware from ...

Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew from 2023-07-16T18:00

The language of a data breach, no matter what company gets hit, is largely the same. There's the stolen data—be it email addresses, credit card numbers, or even medical records. There are the us...

Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia from 2023-07-02T20:00

In the United States, when the police want to conduct a search on a suspected criminal, they must first obtain a search warrant. It is one of the foundational rights given to US persons und...

Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13 from 2023-06-18T20:00

When you think about the word "cyberthreat," what first comes to mind? Is it ransomware? Is it spyware? Maybe it's any collection of the infamous viruses, worms, Trojans, and botnets t...

Trusting AI not to lie: The cost of truth from 2023-06-04T20:00

In May, a lawyer who was defending their client in a lawsuit against Columbia's biggest airline, Avianca, submitted a legal filing before a court in Manhattan, New York, that listed several...

Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett from 2023-05-21T20:00

On January 1, 2023, the Internet in Louisiana looked a little different than the Internet in Texas, Mississippi, and Arkansas—its next-door state neighbors. And on May 1, the Internet in Utah lo...

The rise of"Franken-ransomware,"with Allan Liska from 2023-05-07T20:00

Ransomware is becoming bespoke, and that could mean trouble for businesses and law enforcement investigators. 

It wasn't always like this. 

For a few years now, ransomware ...

Removing the human: When should AI be used in emotional crisis? from 2023-04-23T18:00

In January, a mental health nonprofit admitted that it had used Artificial Intelligence to help talk to people in distress. 

Prompted first by a user's longing for personal ...

How the cops buy a"God view"of your location data, with Bennett Cyphers from 2023-04-09T20:00

The list of people and organizations that are hungry for your location data—collected so routinely and packaged so conveniently that it can easily reveal where you live, where you work, where yo...

Solving the password’s hardest problem with passkeys, featuring Anna Pobletts from 2023-03-26T20:00

How many passwords do you have? If you're at all like our Lock and Code host David Ruiz, that number hovers around 200. But the important follow up question is: How many of those passwords ...

"Brad Pitt,"a still body, ketchup, and a knife, or the best trick ever played on a romance scammer, with Becky Holmes from 2023-03-12T20:00

Becky Holmes knows how to throw a romance scammer off script—simply bring up cannibalism. 

In January, Holmes shared on Twitter that an account with the name "Thomas Smith" had starte...

Fighting censorship online, or, encryption’s latest surprise use-case, with Mallory Knodel from 2023-02-26T20:00

Government threats to end-to-end encryption—the technology that secures your messages and shared photos and videos—have been around for decades, but the most recent threats to this technology ar...

What is AI ”good” at (and what the heck is it, actually), with Josh Saxe from 2023-02-12T20:00

In November of last year, the AI research and development lab OpenAI revealed its latest, most advanced language project: A tool called ChatGPT.

ChatGPT is so much more than "just" a chatb...

A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how from 2023-01-29T20:00

In 2020, a photo of a woman sitting on a toilet—her shorts pulled half-way down her thighs—was shared on Facebook, and it was shared by someone whose job it was to look at that photo and, by lab...

Fighting tech’s gender gap with TracketPacer from 2023-01-15T20:00

Last month, the TikTok user TracketPacer posted a video online called “ Listen

Chasing cryptocurrency through cyberspace, with Brian Carter from 2022-12-18T17:00

On June 7, 2021, the US Department of Justice announced a brea...

Security advisories are falling short. Here’s why, with Dustin Childs from 2022-12-04T17:00

Decades ago, patching was, to lean into a corny joke, a bit patchy. 

In the late 90s, the Microsoft operating system (OS) Windows 98 had a supportive piece of software that would find sec...

Threat hunting: How MDR secures your business from 2022-11-20T17:00

A cyberattack is not the same thing as malware—in fact, malware itself is typically the last stage of an attack, the punctuation mark that closes out months of work from cybercriminals who have ...

How student surveillance fails everyone from 2022-11-06T17:00

Last month, when Malwarebytes published joint research with 1Password about the online habits of parents and teenagers today, we multiple women reported similar crimes to the police: While working ...

Teen talk: What it’s like to grow up online, and the role of parents from 2022-10-10T03:00

Growing up is different for teens today. 

Issues with identity, self-expression, bullying, fitting in, and trusting your friends and family—while all those certainly existed decades ago, ...

Calling in the ransomware negotiator, with Kurtis Minder from 2022-09-25T18:00

Ransomware can send any company into crisis. 

Immediately following an attack, the notoriously disruptive malware can spread across networks and machines, locking up important files a...

The MSP playbook on deciphering tech promises and shaping security culture from 2022-09-11T18:00

The in-person cybersecurity conference has returned.

More than two years after Covid-19 pushed nearly every in-person event online, cybersecurity has returned to the exhibition hall. In S...

Playing Doom on a John Deere tractor with Sick Codes from 2022-08-28T20:00

In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of wea...

Donut breach: Lessons from pen-tester Mike Miller from 2022-08-14T20:00

When Mike Miller was hired by a client to run a penetration test on one of their offices, he knew exactly where to start: Krispy Kreme. Equipped with five dozen donuts (the boxes stacked just hi...

Have we lost the fight for data privacy? from 2022-07-31T15:05

At the end of 2021, Lock and Code invited the folks behind our news-driven cybersecurity and online privacy blog, Malwarebytes Labs, to discuss  Listen

Hunting down your data with Whitney Merrill from 2022-05-22T20:30

Last year, Whitney Merrill wanted to know just how much information the company Clubhouse had on her, even though she wasn't a user. After many weeks of, at first, non-responses, she learned tha...

Recovering from romance scams with Cindy Liebes from 2022-05-08T20:30

Earlier this year, a flashy documentary premiered on Netflix that shed light onto on often-ignored cybercrime—a romance scam. In this documentary, called The Tinder Swindler, the central scam ar...

Why software has so many vulnerabilities, with Tanya Janca from 2022-04-25T09:11:43

Every few months, a basic but damaging flaw is revealed in a common piece of software, or a common tool used in many types of programs, and the public will be left asking: What is going on with ...

Why data protection and privacy are not the same, and why that matters from 2022-04-10T22:05

Data protection, believe it or not, is not synonymous with privacy, or even data privacy. But around the world, countless members of the public often innocently misconstrue these three topics wi...

Telling important stories securely, with Runa Sandvik from 2022-03-28T10:30:27

In 2017, a former NSA contractor was arrested for allegedly leaking an internal report to the online news outlet The Intercept. To verify the report itself, a journalist for The Intercept sent a...

De-Googling Carey Parker’s (and your) life from 2022-03-14T15:24

Three years ago, a journalist for Gizmodo removed five of the biggest tech companies from her life—restricting her from using services and hardware developed or owned by Google, Apple, Amazon, F...

How Crisis Text Line crossed the line in the public’s mind from 2022-02-28T11:46

How would you feel if the words you wrote to someone while in a crisis—maybe you were suicidal, maybe you were newly homeless, maybe you were suffering from emotional abuse at home—were...

The world’s most coveted spyware, Pegasus from 2022-02-14T01:46:23

Two years ago, the FBI reportedly purchased a copy of the world's most coveted spyware, a tool that can remotely and silently crack into Androids and iPhones without leaving a trace, sp...

How a few PhD students revealed that phishing trainings might just not work from 2022-01-31T11:54:14

You've likely fallen for it before—a simulated test sent by your own company to determine whether its employees are vulnerable to one of the most pernicious online threats today: Phishing.

Why we don’t patch, with Jess Dodson from 2022-01-18T12:36:26

In 2017, the largest ransomware attack ever recorded hit the world, infecting more than 230,000 computers across more than 150 countries in just 24 hours. And it could have been solved ...

What angered us most about cybersecurity in 2021 from 2022-01-02T22:00

We are only days into 2022, which means what better time for a 2021 retrospective? But rather than looking at the biggest cyberattacks of last year—which we already did—or the most surprising—li...

Everything you always wanted to know about NFTs (but were too afraid to ask) from 2021-12-20T11:21:22

In August, the NFT for a cartoon rock sold for $1.3 million, and ever since...

Why Macs are the best, according to Mac expert Thomas Reed from 2021-12-06T14:05:05

In 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The company's Pro laptops are finally, belatedly equipped with ports that have been standard in o...

The Internet is not safe enough for women, and Sue Krautbauer has some ideas about why from 2021-11-21T22:00

Cyberstalking. Harassment. Stalkerware. Nonconsensual pornography, real and digitally altered. The Internet can be a particularly ugly place for women.

On Lock and Code this week, we ask...

Why we fail at getting the cybersecurity basics right, with Jess Dodson from 2021-11-08T11:37:55

The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by companies and organizations everywhere, right?

You'd hope....

Beyond the VPN: Ultimate online privacy, with The Tor Project’s Isabela Bagueros from 2021-10-25T12:20:01

What does online privacy mean to you?

Maybe it's securing your online messages away from prying eyes. Maybe it's keeping your browsing behavior hidden from advertisers. Or maybe it's, li...

Beyond the VPN: Ultimate online privacy, with The Tor Project’s Isabela Bagueros from 2021-10-25T12:20:01

What does online privacy mean to you?

Maybe it's securing your online messages away from prying eyes. Maybe it's keeping your browsing behavior hidden from advertisers. Or maybe it's, li...

ExpressVPN made a choice, and so have I from 2021-10-12T10:01:54

On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber hacking campaign coming from the United Arab Emirates, called Pr...

Teaching cybersecurity skills to special needs children with Alana Robinson from 2021-09-26T22:00

Internet safety for kids is hard enough as it is, but what about Internet safety for children with special needs?

How do you teach strong password creation for children with learning dis...

Backups are not a simple ransomware defense, with Matt Crape from 2021-09-13T09:09:03

A recent spate of ransomware attacks have derailed major corporations, spurring a fuel shortage on the US East Coast, shuttering grocery stores in Sweden, and sending students home from grade sc...

Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much about John Deere from 2021-08-29T22:00

No one ever wants a group of hackers to say about their company: “We had the keys to the kingdom.”

But that’s exactly what the hacker Sick Codes said on this week’s episode of Lock and C...

Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks from 2021-08-16T09:54:42

When Luta Security CEO and founder Katie Moussouris analyzed the popular social "listening" app Clubhouse, she found a way to eavesdrop on conversations without notifying other users. This was, ...

Disaster planning with Lesley Carhart, and the slim chance of a critical infrastructure “big one” from 2021-08-02T00:05

The 2021 attacks on two water treatment facilities in the US—combined with ransomware attacks on an oil and gas supplier and a meat and poultry distributor—could lead most people to believe that...

“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers from 2021-07-19T00:05

On April 1, a volunteer researcher for the Dutch Institute for Vulnerability Disclosure (DIVD) began poking around into Kaseya VSA, a popular software tool used to remotely manage and monitor co...

Racing against a real-life ransomware attack, with Ski Kacoroski from 2021-07-06T09:17:22

At 11:37 pm on the night of September 20, 2019, cybercriminals launched a ransomware attack against Northshore School District in Washington state. Early the next morning, Northshore systems adm...

Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan from 2021-06-21T00:05

Ransomware attacks are on a different scale this year, with major attacks not just dismantling the business and management of cybersecurity advocate and author Carey Parker about "dark patterns," which are subtle tricks online t...

Alleviating ransomware's legal headaches with Jake Bernstein from 2021-05-10T08:56:21

This week on Lock and Code, we speak to cybersecurity and privacy attorney Jake Bernstein about ransomware attacks that don't just derail a company's reputation and productivity, but also throw ...

Breaking free from the VirusTotal silo from 2021-04-26T09:42:01

This week on Lock and Code, we speak to Malwarebytes Chief Information Security Officer John Donovan about the flaws in using VirusTotal as the one source of truth when evaluating whether or not...

Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca from 2021-04-12T00:01

This week on Lock and Code, we speak to Point3 Security chief strategist Chloé Messdaghi, HaveIBeenPwned founder Troy Hunt, and We Hack Purple founder and CEO Tanya Janca about security fatigue. S...

Why you need to trust your VPN, with JP Taggart from 2021-03-29T00:01

This week on Lock and Code, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN.

You've likely heard the benefits of using ...

The Malwarebytes 2021 State of Malware report from 2021-03-15T11:37:36

This week on Lock and Code, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the glob...

Defending online anonymity and speech with Eva Galperin from 2021-03-01T00:01

Every few years, after the public learns about an ugly, online harassment campaign, a familiar response shoots forth: Change the way we talk to one another online, either by changing the law, or...

Talking Emotet's takedown with Adam Kujawa from 2021-02-15T10:34:42

On today's show, we discuss cybersecurity's public enemy number one: Emotet. This piece of malware started in 2014 as a simple banking Trojan, but it later evolved into a fully functional malwar...

Celebrating Data Privacy Day with Mozilla, DuckDuckGo, and EFF from 2021-01-27T23:45

For Data Privacy Day this year, Lock and Code returns with a special episode featuring guests from Mozilla, DuckDuckGo, and EFF in a discussion on how to protect your online privacy.

Lesson planning your school's cybersecurity with Doug Levin from 2020-12-07T00:37:11

Education faced a crisis in the US this year, as the coronavirus forced schools across the country to develop new strategies for teaching. At Malwarebytes, we wanted to discover how these shifts im...

Tracking the charities that track you online with Chris Boyd from 2020-11-23T00:43:36

Today we look at two topics that, maybe surprisingly, intersect: charity organizations and online ad tracking. Ad tracking isn't new—luxury brands used to place their advertisements specifically i...

Forecasting IoT cybersecurity with John Donovan and Adam Kujawa from 2020-11-10T12:44:07

Today, we’re offering Lock and Code listeners something different. We’re giving you a backstage pass to a training we held for employees during Cybersecurity Awareness Month. The topic? The future...

Finding consumer value in Cybersecurity Awareness Month with Jamie Court from 2020-10-26T08:19:17

Cybersecurity Awareness Month is upon us, and while the value of the once-a-year awareness campaign may be obvious to the countless employees now enrolled in cybersecurity trainings, phishing quizz...

Discussing journalism's role in cybersecurity with Seth Rosenblatt and Alfred Ng from 2020-10-11T23:59:39

We often learn about cybersecurity issues because of reporting. And as the years have progressed, the stories have only become more intertwined into our everyday lives.

Tune in to hear ...

Investigating digital vulnerabilities in our physical world with Samy Kamkar from 2020-09-28T09:45:25

A recent history of hacking shows the importance of experimentation. In 2015, security researchers hacked a Jeep Cherokee and took over its steering, transmission, and brakes. In 2019, researche...

Safely using Google Chrome Extensions with Pieter Arntz from 2020-09-14T09:46:42

The world of Google Chrome extensions—the sometimes helpful tools that can work directly with the Google Chrome browser to provide a variety of features—is enormous. So, with a marketplace of more ...

Uncovering security hubris with Adam Kujawa from 2020-08-31T10:23:35

Ask yourself, right now, on a scale from one to ten, how cybersecure are you? Are you maybe inflating that answer? Our main story today concerns “security hubris,” the simple, yet difficult-to-mea...

Monitoring the safety of parental monitoring apps with Emory Roane from 2020-08-17T08:48:04

Parental monitoring apps give parents the capabilities to spot where their kids go, read what their kids read, and prevent them from, for instance, visiting websites deemed inappropriate. But where...

Pinpointing identity and access management's future with Chuck Brooks from 2020-08-03T10:12:07

Identity and access management, or IAM, is the name we use for the set of technologies and policies that control who accesses what resources inside a system—from company files being locked away for...

Locating concerns of Bluetooth and beacon technology with Chris Boyd from 2020-07-20T09:41:44

Last month, cybersecurity experts warned the public about the data collection embedded in the Donald Trump 2020 re-election campaign’s mobile app. Once downloaded, the app requests broad access ...

Pulling apart the Internet of Things with JP Taggart from 2020-07-07T06:00

For years, Internet capabilities have crept into modern consumer products, providing sometimes convenient, sometimes extraneous Internet connectivity. This increase in IoT devices has an obvious ou...

Strengthening and forgetting passwords with Matt Davey and Kyle Swank from 2020-06-21T10:45:38

We may know it’s important to have a strong, non-guessable, lengthy password, and yet we still probably all know someone who writes their password on a post-it, which is then affixed literally onto...

Securely working from home (WFH) with John Donovan and Adam Kujawa from 2020-06-08T10:24:33

With shelter-in-place orders now in full effect to prevent the spread of coronavirus, countless businesses find themselves this year in mandatory work-from-home situations. To break down today’s en...

Sounding the trumpet on web browser privacy with Pieter Arntz from 2020-05-25T19:51:43

This week, we speak with Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy. The often neglected subcategory of data privacy deserves a closer look. Without...

Recognizing facial recognition's flaws with Chris Boyd from 2020-05-11T09:24:04

Increasingly popular for both consumer products and law enforcement agencies, facial recognition technology is facing severe pushback, with at least 40 groups demanding a moratorium in the United S...

Mythbusting and evaluating VPNs with JP Taggart from 2020-04-27T09:42:03

VPNs surged in popularity in recent years, with at least 300 free mobile VPN apps available to the average user as of 2019. For many consumers, though, the rush of options can be confusing. To help...

Coronavirus and responding to computer viruses with Akshay Bhargava from 2020-04-13T10:43:54

Coronavirus has changed the face of the world. But what we've learned from how governments and medical experts respond to the spread of the virus bears similarities to how we in the cybersecurity i...

Data privacy with Adam Kujawa from 2020-03-30T11:18:34

Today, our data can leave our hands and end up in the databases of countless companies, many of which we've never heard of, packaging and selling our data for reasons we could never imagine. To bet...

On the challenges of managed service providers from 2020-03-16T09:33:19

We talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect whose last names we are protecting to avoid a sudden i...

RSA Conference with Britta Glade from 2020-03-02T11:26:13

To help us understand RSA Conference’s theme “The Human Element,” and to dive deeper into how the conference itself takes shape, we’re talking today to our guest Britta Glade, Director of Conten...

Introducing Lock and Code, a Malwarebytes podcast on cybersecurity from 2020-02-21T13:36:55

Lock and Code is the flagship podcast from the cybersecurity experts at Malwarebytes. Hosted by online privacy advocate and senior threat content writer David Ruiz, Lock and Code not only offers...

Introducing Lock and Code, a Malwarebytes podcast on cybersecurity from 2020-02-21T13:36:55

Lock and Code is the flagship podcast from the cybersecurity experts at Malwarebytes. Hosted by online privacy advocate and senior threat content writer David Ruiz, Lock and Code not only offers...