October 9, 2020

Episode 23: Watch Your Wrist: The Fitbit Spyware Special

This episode is a little different to normal – and all because Kev went poking around in Fitbit. 

Kev, doing what Kev does, found a flaw in the Fitbit App Store that allowed him to deliver a malicious application from fitbit.com. The spyware/stalkerware was capable of stealing everything from location and personal body data to to connection got company networks for a range of malicious actions – and because it was delivered from fitbit.com, it bypassed protections and installed inside the Fitbit app as if it were legitimate. The flaw was reported to Fitbit who have since moved to mitigate it. 

In this special edition of Cyber Humanity, we join Chris Pace, Kev Breen and our guest cyber PR Svengali, Anthony D’Alton, to discuss Kev’s findings and their implications from every perspective. If you’re more of a reader than a listener, you can check out this blog post on Kev’s research. 

About Cyber Humanity

The podcast taking cybersecurity personally

There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.

These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.

Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity.

Trusted by top companies worldwide
to enhance cybersecurity

Trusted by some of the world’s biggest brands, we’re committed to taking your cybersecurity readiness to the next level - and we’re just getting started.

What Our Customers
Are Saying About Immersive

Realistic simulation of current threats is the only way to test and improve response readiness, and to ensure that the impact of a real attack is minimized. Immersive’s innovative platform, combined with Kroll’s extensive experience, provides the closest thing to replication of a real incident — all within a safe virtual environment.

Paul Jackson
Regional Managing Director, APAC Cyber Risk, Kroll

The speed at which Immersive produces technical content is hugely impressive, and this turnaround has helped get our teams ahead of the curve, giving them hands-on experience with serious vulnerabilities, in a secure environment, as soon as they emerge.

TJ Campana
Head of Global Cybersecurity Operations, HSBC

We no longer worry about managing infrastructure, leaving us free to build great courses.

Daniel Duggan
Director, Zero-Point Security

Ready to Get Started?
Get a Live Demo.

Simply complete the form to schedule time with an expert that works best for your calendar.