Weekly Roundup: Your data is being harvested right now, and here's what to do about it. Artwork

Silent Mode Cafe

Welcome to Silent Mode Cafe, the podcast where we translate the digital realm into plain English. From data privacy and basic internet security to smart home gadgets and the latest AI developments, we serve up tech insights with a side of caffeine.

All Episodes

Silent Mode Cafe

Weekly Roundup: Your data is being harvested right now, and here's what to do about it.

September 29, 2025 • Silent Mode Cafe

0:00 | 17:46

Send us Fan Mail

Salah and Vivek tackle major ransomware attacks on aviation infrastructure, critical Android security updates, and new California privacy regulations affecting how companies use AI to make decisions about you. They provide practical security advice for protecting yourself in an increasingly complex digital landscape.

• Collins Airspace hit with ransomware causing flight delays and baggage issues across European airports
• Android pushes critical September update fixing 84 vulnerabilities including two actively exploited zero-days
• "Cancel the Hate" app designed to doxx critics ironically exposed its own users' data
• California approves new rules requiring companies to disclose how they use automated decision-making technologies
• Two-factor authentication is essential for securing all your accounts
• Use a password manager to create and store strong, unique passwords
• Regularly audit your apps and revoke unnecessary permissions

Next week we'll dive into whether your private messaging is truly private, examining who might be listening - from companies to nation states. Stay caffeinated, stay private, and keep your silent mode on.

Support the show

Welcome to Silent Mode Cafe

SPEAKER_01 0:00

In this podcast, really, what Vivek and I try to talk about is what is going on in the world of security and privacy. Vivek, let me know and you're ready to go. Let's do it. All right, here we are. We're live on the podcast. Welcome to Silent Mode Cafe. Welcome back to Silent Mode Cafe, your weekly breather from the noise in cybersecurity and digital privacy. I'm Salah. I'm here with my co-pilot in cyber defense, Vivek. How are you, Vivik?

SPEAKER_00 0:31

Good. Always a pleasure. This week is packed for major infrastructure attacks, zero-day exploits, uh data leaks, and new privacy regulation in California that could change how companies use AI to make decisions about you.

SPEAKER_01 0:49

Right on. Vivek, let me see if I could get you to join here. I do want to see you on the podcast because so people could hear you talk as well. Okay. Give me a quick like here and I will add you. Yep, there you go. All right, invitation sent. There you go. Vivek is on. Excellent. All right, Tug. You don't need your camera on if you don't want, that's all good. So uh today, whether you're a frequent flyer, you use Android, or you're just trying to keep up with your personal data of shady apps, we've got something for you today. Um, let's cut through the headlines and break it all down. So, Vivek, let's kick start things off uh with some ransomware attacks that made uh the skies a little bumpier

Collins Airspace Ransomware Attack

SPEAKER_01 1:45

this past week.

SPEAKER_00 1:46

Yeah, this uh this one's big after last week's uh whole fiasco with the Dallas uh DFW airport. Uh Collins Airspace, I guess, it was a major supplier uh for aviation systems, was hit with ransomware. Uh and while consumer data wasn't directly compromised, uh, the effects were immediate. There were flight delays, uh baggage mishandling, uh, and check-in systems going offline across multiple European airports. So that was uh pretty rough.

SPEAKER_01 2:17

That is pretty rough. So if you guys are planning on flying anytime soon, matter of fact, I'm actually taking a flight to Europe soon. Um look, here's the takeaway: cyber attacks on uh things like infrastructure, like airport infrastructure, uh, don't don't need to steal your data to truly ruin your day, right? Um if you're traveling and systems go down, I think probably everyone on this um on this podcast right now has been in a situation where they have been dramatically delayed uh and they've been caught in that crossfire. Look, uh no hacking required on your end on this one.

SPEAKER_00 2:58

No, exactly. And this is a sharp reminder that supply chains and 30 and third-party providers are often the weakest links. We've seen that again and again a couple of weeks back with the whole transunion uh fiasco. Uh so airlines, hospitals, even your local pharmacy, they all rely on partners uh you've never heard of.

SPEAKER_01 3:19

Yeah. Yeah, absolutely. And those partners get hit, uh, you truly feel it. Look, um, so next time there's a delay or a tech glitch at the at the gate, um, don't assume it's just bad Wi-Fi. It's probably uh some hack event.

SPEAKER_00 3:38

Yeah, or it could be Wi-Fi. But then again, if you're using Wi-Fi at the airport, please make sure you use a VPN of sorts. Um so let's shift to mobile, our favorite other

Android Security Update Crisis

SPEAKER_00 3:48

thing. Uh Android just pushed a critical September security update uh that fixes 84 exploits of vulnerabilities, including two zero-day attacks already being exploited.

SPEAKER_01 4:01

So if you have um an Android and you're actually live with us now, this is this is a bit of an issue, isn't it? Um so you heard that right. There's an app created to publish private data. So on your Android phone, there's there are apps that are currently uh stealing your information um and delivering it via bad code. It's pretty bad.

SPEAKER_00 4:30

Yeah, and then uh the other thing you have to remember is one of the zero-day attacks allowed attackers to elevate their privileges, uh which means that they're on your device, uh, they can do more than they should, such as install spyware, run background services, or even worse.

SPEAKER_01 4:48

Yeah, so um so here's the rule. All right, folks, here's what you do with your phones right now. If an app uh model is about shaming, exposing, or targeting people, don't install it. Um it's probably uh made by bad people for bad things, right? Even if you agree with its mission, uh the risk uh to your own data is is going to skyrocket.

SPEAKER_00 5:16

So yeah. In other news, an app that exposes its own users. Uh there's something called this cancel the hate disaster that happened this week. Uh all right, here is the one that reads it's actually it reads like satire, but it's

Cancel the Hate App Backfire

SPEAKER_00 5:30

also very real. Uh there's an app called Cancel the Hate, which was built to dox uh critics of certain controversial public figure. Um ended up exposing its own users due to a security flaw.

SPEAKER_01 5:42

Oh my god. Tell me more about it. What's the app called?

SPEAKER_00 5:46

It's called Cancel the Hate. I think after the whole Charlie Kirk uh uh situation, they created that. Yeah, they created this app which was built to dox the critics of him.

SPEAKER_01 5:58

So there was an app built to dox. So just as I was saying, just even if you even if you do agree with the sentiment of the app, uh something bad is going to happen. It's harvesting your data, it's gonna collect your data, it's gonna sell your data.

SPEAKER_00 6:12

Yeah, but what happened, what happened was it got hacked. So it exposed the people who had registered on the app to dox the critics off of Charlie Kirk.

SPEAKER_01 6:23

That is horrible. Hey folks, um keep hitting some likes for us. Let's bring more attention to this podcast. Really appreciate it. Um go on to other news, Vivek. What else do we have going on in the world of privacy?

SPEAKER_00 6:37

Uh, if we talk policy, uh the CPAA, the California Privacy Protection Agency, just approved new rules, uh focused on automated decision-making technology, or ADMT, which uh sounds very similar to AI,

California's New AI Privacy Rules

SPEAKER_00 6:53

but you know.

SPEAKER_01 6:54

Yeah. Um, so what what is uh what this means, I guess, is that companies are using algorithms uh to make decisions, whether it's like your credit scoring, ad targeting, content moderation. Um look, we we will need to they'll need to conduct uh privacy audits, explain that uh they're what they're doing, and they have to give you the ability to opt out. And look, folks, this is a big topic, right? Like right now, I mean, think about the Charlie Kirk thing. People are getting kicked off national television for having an opinion that may be popular with one group or the other, or not popular with one group or the other, and the government is stepping in and trying to make decisions based on what you should and shouldn't be saying, um critiquing the government. Um, you might not agree with this government, or you might agree with this government, and you agree with them that, hey, they should block people who are critiquing the government, but you know how politics go. Next month, next year, in two years, there's going to be another government out there, and they're going to try to limit your speech, and that is not cool. So, um, so California is taking a stab at this, huh?

SPEAKER_00 8:16

Yeah, uh, I guess what they're saying is uh these rules going to affect Jan 1st, 2026.

SPEAKER_01 8:23

Okay.

SPEAKER_00 8:24

And they're bringing it up now because companies will need to start building compliance starting next year.

SPEAKER_01 8:30

No, I look, I I love the extra focus on data in this. And if you're a Californian um or you do business with a company that's in California, this is pretty interesting. You'll be able to ask the company, what data are you using to make decisions about me? Right? So they're already collecting data about you, and they think that you're a good person, a bad person, politically leaning left, politically leaning right, you're a big spender, you you don't spend whatever data they have about you, and they're making marketing decisions on that data uh or based on that data about you, you'll be able to ask and get that information, which is really cool.

SPEAKER_00 9:12

Yeah, and uh, you know, this is a great thing because you know you'll have the the new rights to challenge the process, right? Yeah so it does have ripple effects even if you're not in California. Uh companies often update nationwide to update maintaining different policies by region. So the ripple effect is that you know you're just gonna make it as a feature or a default feature of sorts.

SPEAKER_01 9:35

That's pretty cool. So um that that's one of those cases uh where policy catches up with tech, which is pretty damn cool. Um and for once that's a good thing, quite honestly. All right. Hey, Vivek, let's move

Practical Security Steps for Today

SPEAKER_01 9:50

on. Uh let's talk about for those who are on uh live with us, what could you do now, right? Um, so let's pivot from headlines to homework. So there are people that are on right now asking uh what can I do today to be safer?

SPEAKER_00 10:08

So the first thing is update your Android device, uh go to settings, software updates, and install that September patch. Uh it's 84 patches, including two very serious issues, two active zero days. Please don't wait.

SPEAKER_01 10:21

Yeah, don't wait, folks. Uh look, these apps are literally spying on you. They're harvesting your data. It could be your credit card data, it could be your bank account data tomorrow, and you're gonna find yourself without a bank account. Um, so here's another thing you can do audit all your apps. Right? Look at your app list. If there's anything that's vague, uh kill it. Delete that app. Why do you need a vague app? So get rid of that app. Um, so if there's anything uh like raiding others, exposing cheaters, or anonymous reviews, just delete the app. Right? Just delete the app. Um and if its model is revenge, then your data is what they're using as collateral. So so you know, get rid of these apps. What else do you got for us, Vic?

SPEAKER_00 11:17

Uh be a smart traveler, because we all travel. Uh cyber attacks on travel systems are becoming more common. Uh back up your boarding pass, carry both digital and printed versions. I say one in as a uh in my wallet, uh, and download uh airline apps in advance. So you can do airline apps as well as your iPhone wallet as an example. Uh that way you're not relying on one fragile link.

SPEAKER_01 11:42

So so look, folks, we're here for one reason and one reason only, um, and that's to bring some visibility in this chaotic world of cybersecurity on how it matters to you with topics like AI, with topics like weekly hacks that are happening, etc. So there are many things that you could do. Vivek, let's go ahead um and and how do I check my privacy rights, for example, if you if you don't mind talking about it.

SPEAKER_00 12:15

Sure. So let's let's look at securing the basics. How about that?

unknown 12:19

Right.

SPEAKER_00 12:19

Talk to me about that. First of all, please enable two-factor authentication. You've said this uh qu in every podcast, please make sure.

SPEAKER_01 12:28

So give me one minute overview of what is two-factor authentication.

SPEAKER_00 12:34

So two-factor authentication is uh by definition something you know and something you have. So if you log into a website today, say Gmail, uh you enter in your email address and password. That's one factor. And then the second factor, which Google has been telling, is to enable what they call as two-factor authentication. And it could be either a text message that gets sent, which only uh you know about, and you enter the text message. So that's something that you have. So in this case, it would be a text message with a uh with a number, or you can also use authenticator apps, which you have talked about, where you're able to enter a code, and that is the second factor. Um got it.

SPEAKER_01 13:21

So but explain to me like how how does that work? Like, where where have I seen this in my day-to-day life? Tell me more about two-factor.

SPEAKER_00 13:28

So if you go to your banking app, there is a high probability that you'll know your user ID and password. And then it'll also send you a text message.

SPEAKER_01 13:36

So it's that text message after I put in my username, password, is the two-factor.

SPEAKER_00 13:41

Is the second factor.

SPEAKER_01 13:42

So when you're telling everyone to turn on uh two-factor for everything, it's that enable the text me for me to prove I'm the one who's logging in. Yes. Right? Okay. That is what else could I do? So turn on two-factor.

SPEAKER_00 13:57

Turn on two-factor, uh, password manager. So turn it on for everything. Uh uh, so I'm sorry. Uh for password manager, we've always said get one password manager. Um and we have a podcast which just talks about that. Uh so please no more

Next Week's Preview and Sign-off

SPEAKER_00 14:16

reusing, you know, Star Wars 2022 everywhere or password anywhere. Uh, please get a password manager and please have long.

SPEAKER_01 14:23

Don't use the password password123 anymore. Are you telling me like I can't use password and my home address or password and my date of birth? Do you think someone will guess that?

SPEAKER_00 14:34

Yes. I think it'll be it'll be pretty fast. Uh a 10-year-old kitty script hacker will find that.

SPEAKER_01 14:43

Yeah. Um, and I think hackers, especially with AI, are getting incredibly more sophisticated. Um, so the average person who doesn't know anything about hacking can now turn into a hacker if they choose, uh, or a bad actor hacker. You can be a hacker. I think everyone should try to be a hacker. Um, so tell me, what else? So two-factor authentication, turn that on. Password manager. Which password manager do you recommend?

SPEAKER_00 15:10

You have one. Why don't you uh you can't do that?

SPEAKER_01 15:12

I I love I love one password man. I think that is one of the best password managers out there. Look, let me talk about that last one. So, right now, for those of you who have iPhones and Android, which is hopefully everyone on here, go to your device, scroll through all your apps. Why do you have all those apps? Kill all those apps. Look, each one of those apps is collecting data about you. Right? Each one of those apps probably has access to your camera, your mic, your location. Revoke all that. Like at minimum, if you want to keep your 100 apps, which I don't know why, revoke those apps. Just get rid of them. If you like that, start smashing the like button for us. We'd appreciate it. All right, Vivek, let's wrap uh wrap up the podcast. Yes. So this week on silent mode. Look, I'm gonna give Vivek one one one quick overview of silent mode. Why do we call it silent mode? I had this question um uh being asked quite a bit. I think in life, specifically digital life, it's best for you to just move digitally in a silent mode. You don't need to leave breadcrumbs behind. People don't know what you're doing, need to know what you're doing online. If you want to know how you stay silent on the internet in the digital world, please follow Silent Mode Cafe. Trust me, we give you some cool tips and tricks, um, and we talk about some great topics.

SPEAKER_00 16:46

So, what are we diving into next week? Yeah, some interesting stuff next week.

SPEAKER_01 16:52

So it's getting a bit spicy next week. Um, you know, is your private messaging really private? Um, who's listening? Is it nation states? Is it the company? Um, who is listening to you uh in these situations? Would love to hear. If you guys would love to hear um about that, please join. I would love to hear from you if you want to jump on right now um and join us and talk about this. Let me know. We will absolutely uh um bring you into the to the podcast. Vivek?

SPEAKER_00 17:30

Yeah, so until then, please do stay caffeinated.

SPEAKER_01 17:35

Stay caffeinated.

SPEAKER_00 17:36

Stay caffeinated, stay private.

SPEAKER_01 17:39

Try to stay silent, yeah.

SPEAKER_00 17:41

And keep your silent mode on.

SPEAKER_01 17:44

Love it. Until next time.