Smashing Security
A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).This podcast uses the following third-party services for analysis: O...
Wed, April 16, 2025
Hacking the hackers... with a credit card?
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Sell your forum accounts - PRODAFT. International Scammers Steal Over $1 Trillion in 12 Months in Global State of Scams Report 2024 - Gasa.org. Why Nigeria's internet scammers are 'role models' - BBC News. 28-year-old fraudster surrenders to EFCC, confesses to romance scams - Punch Newspapers. Black Box - BBC iPlayer. Black Box trailer - YouTube. Katherine Ryan Battleaxe Tour - LW Theatres. Louis Theroux Interviews - Series 1: 5. Katherine Ryan - BBC iPlayer. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan! Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. Vanta – Expand the scope of your security program with market-leading co
Wed, April 09, 2025
Signalgate sucks, and the quandary of quishing
QR codes are being weaponised by scammers — so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider. Plus! Don't miss our featured interview with Josh Donelson of Material and Tony Albano from Google, about detection and response in today's AI-driven world. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic. Here Are the Attack Plans That Trump’s Advisers Shared on Signal - The Atlantic. How the Atlantic’s Jeffrey Goldberg got added to the White House Signal group chat - The Guardian. From convenience to compromise: The rising threat of quishing scams - Fast Company. Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - Hacker News. QR Code Statistics 2024: Trends & Use Cases - QR Code. Honey Garlic Scallop Kabobs - Heinz. With QR Code Redemption Set to Surge to 5.3 Billion in 2025, Cybercriminals will Increase Their Quishing Attacks - Wealth & Finance International. Chess Masters: The End Game - BBC iPlayer. Cribbage Classic - iOS app store. <a href="https://w
Wed, April 02, 2025
The fall of Troy, and whisky barrel scammers
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don't lose your life savings in a whisky scam... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don't miss our featured interview with Alastair Paterson, CEO and co-founder of Harmonic Security, discussing how companies can adopt Generative AI without putting their sensitive data at risk. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: A Sneaky Phish Just Grabbed my Mailchimp Mailing List - Troy Hunt. Thunderbird breach notice . Opération Cactus - Le Groupement d’Intérêt Public Action contre la Cybermalveillance. Cancer patient lost life savings to whisky barrel scammers - BBC. How to spot an investment scam - Saga Money. More than £612 million was lost to investment fraud in the UK last year - City of London Police. Adolescence - Netflix. Behind the scenes of Adolescence - YouTube. Thames Water: Inside the Crisis - BBC iPlayer. Who let the BBC inside Thames Water? - The New Statesman. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Harmonic - Let your
Wed, March 26, 2025
Unleash the AI bot army against the scammers - now!
A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: O2’s AI granny Daisy unveils what she’s learnt from her time on the phone to scammers – and what you can do to ruin their day - O2. Lenny - The Telemarketing Troll . I Built a Bot Army that Scams Scammers - Kitboga on YouTube. Takeaways From Our Money Laundering Investigation - The New York Times. Infiltrating scammer networks with the world’s top fraud fighters - YouTube. Open Street Map - Open Street Map. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. 1Password Extended Access Management – Secure every sign-in for every app on every device. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser .
Wed, March 19, 2025
Peeping perverts and FBI phone calls
In episode 409 of the "Smashing Security" podcast, we uncover the curious case of the Chinese cyber-attack on Littleton's Electric Light Company, and a California landlord's hidden camera scandal. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: This is the FBI, open up. China's Volt Typhoon is on your network - The Register. Landlord recorded nude videos of woman tenant with cameras hidden in bedroom smoke detectors, lawsuit says - The Independent. Landlord arrested after tenant discovers hidden camera in rented room - PBSO. Hidden Cameras: What Travelers Need to Know - The New York Times. Shakespeare insults t-shirt - Royal Shakespeare Company. OAS Exhibitions - Oxford Art Society. Carole’s “Rusty Sage” - Bluesky. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT
Wed, March 12, 2025
A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 'We wanted to help': Students arrested after exposing FreeHour security flaw - Times of Malta. Medusa ransomware gang demands $2M from UK private health services provider - DataBreaches.net. Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - DataBreaches.net. HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply - DataBreaches.net. Security firm leaves more than five billion records exposed on unsecured database - Graham Cluley. After threatening me with legal action, Keepnet Labs finally issues statement over data breach - Graham Cluley. Sophos apologises for going legal on school techies - The Register. Mail Scam Targeting Corporate Executives Claims Ties to Ransomware - IC3. One of the nastiest ransomware groups around may have a whole new way of doing things - TechRadar.
Wed, March 05, 2025
HP's hold music, and human trafficking
Journey with us to Myanmar's shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company's mandatory hold time for tech support could lead to innocent users having their computers compromised. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Acronis CISO Gerald Beuchelt! Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: HP deliberately adds 15 minutes waiting time for telephone support calls - The Register. HP mandated 15-minute wait time for callers - why that was good news for criminals - Bob Sullivan. How vulnerable people are trafficked to fuel a global cyber scam industry - ABC News. Hundreds of foreigners freed from Myanmar's scam centres - BBC News. 'I need help': Freed from Myanmar's scam centres, thousands are now stranded - BBC News. Some foreigners pulled out of Myanmar scam centres face struggle to get home - Yahoo! News. 'Pig Butchering' Scam: How China's 'Broken Tooth' stole over $75 bn from global investors using crypto currencies - The Economic Times. Scunthorpe problem - Wikipedia. Scunthorpe Sans font . Sociopath: A Memoir by Patric Gagne - Goodreads. Smashing Security
Wed, February 26, 2025
History's biggest heist just happened, and online abuse
We explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion, and we look at what is being done to better defend women and girls' safety online. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Incident Update: Unauthorized Activity Involving ETH Cold Wallet - Bybit. Bybit Launches Recovery Bounty Program with Rewards up to 10% of Stolen Funds - Bybit. ZachXBT links Bybit hack to Lazarus Group - Twitter. Online Safety Act: explainer - GOV.UK These Are The 10 Most Complained-About TV Moments In Ofcom's History - Ofcom. Ofcom to push for better age verification, filters and 40 other checks in new online child safety code - TechCrunch. UK’s internet watchdog toughens approach to deepfake porn - TechCrunch. Girlguiding research exposes alarming online harms facing girls - Charity Today News. Ofcom's approach to implementing the Online Safety Act - Ofcom. Women's abuse online: 'I get trolled every second, every day' - BBC. Amanda’s funniest moments in Motherland - YouTube. Amandaland - BBC iP
Wed, February 19, 2025
A crypto con exchange, and soaring ticket scams
From shadowy Bitcoin exchanges to Interpol’s most wanted, Alexander Vinnik was the alleged kingpin behind BTC-e, a $4bn crypto laundering empire. Learn more about him, and how he became a geopolitical pawn between the US, France, and Russia. Plus! Hear how concert-goers are being warned about a swathe of scams hitting stadiums and arenas around the world. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. PLUS! Don't miss our featured interview with Cliff Crosland of Scanner.dev Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Russian National And Bitcoin Exchange Charged In 21-Count Indictment For Operating Alleged International Money Laundering Scheme And Allegedly Laundering Funds From Hack Of Mt. Gox - US Dept of Justice. BTC-e Operator Pleads Guilty to Money Laundering Conspiracy - US Dept of Justice. US releases Russian cybercriminal as part of exchange for teacher Marc Fogel - The Guardian. Lloyds Bank issues urgent warning over Taylor Swift ticket scams - Lloyds. Warning after more than 120k people queue for Black Sabbath Villa Park tickets as fans say 'scam' - Birmingham Live. ‘Don’t buy tickets for Beyoncé’ - Minister Gayton McKenzie warns South Africans of concert scam - Independent Online. Beyonce Cowboy Carter tour fake tickets scam: Ticketmaster warns fans - USA Today. Singapore ticket scam queen jailed for three years after conning 76 Taylor Swift fans of S$110,
Wed, February 12, 2025
Podcast not found
The story of how hackers managed to compromise the US Government's official SEC Twitter account to boost the price of Bitcoins, AI isn't helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All this and more is discussed in episode 404 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Jane Wakefield. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: SEC's Twitter account hacked to say Bitcoin ETFs approved - Hot for Security. Twitter says it’s not its fault the SEC’s account got hacked - Graham Cluley. SEC Twitter hack blamed on SIM swap attack - Hot for Security. The SEC’s X account got hacked by a 25-year-old who went by ‘AGiantSchnauzer’ and got paid in Bitcoin, feds say - Fortune. Pupils share conspiracy theories for fun, with girls ‘more susceptible’ - The Times. AI chatbots unable to accurately summarise news, BBC finds - BBC News. US-led cybersecurity coalition vows to not pay hackers' ransom demands - TechCrunch. 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments - Chain Analysis. Ransomware: proposals to increase incident reporting and reduce payments to criminals - GOV.UK. <a href="https://itwire.com/business-it-news/security/the-2024-ransomware-landscape-%E2%80%98looking-back-on-another-painful-y
Wed, February 05, 2025
Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ZachXBT’s thread - Twitter. Coinbase employee tells users not to use a VPN or ad blocker - Twitter. What PowerSchool won’t say about its data breach affecting millions of students - TechCrunch. QR code - Wikipedia. Reed–Solomon error correction - Wikipedia. Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express. Scam alert: QR code on an unexpected package - Consumer Advice New Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog. What You Must Know Before Scanning a QR Code - AARP. “More” - Niall Conlon. “Money Men” by Dan McCrum - Penguin Books. Bitter Orange Marmalade Recipe - Ballymaloe Cooking School. <a href="https://www.smashingsecurity.com/store/" rel="noopener noreferrer" tar
Wed, January 29, 2025
Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee's actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations - CloudSEK. British Museum forced to partly close after alleged IT attack by former employee - The Guardian. Chart: What Do You Want to be When You Grow Up? - Statista. Tikked off: What happens when TikTok fame fades - Vox. Influencer burnout is real - Vox. Influencer slammed for staging fake kidnapping plot because she was ‘bored’ - Mirror Online. "Mom influencer" Katie Sorensen sentenced to jail for falsely claiming couple tried to kidnap her kids at a crafts store - CBS News. Stock market influencer on the way to Coldplay concert kidnapped by data theft gang - The New Indian Express. Raycast . “Thank Goodness You
Wed, January 22, 2025
Hacks on the high seas, and how your home can be stolen under your nose
An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Avery Pennarun of Tailscale. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Report from Corriere Di Bologna newspaper . Caro Musk, assumi subito l’hacker quindicenne di Cesena – Il Foglio. 15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun – Hot for Security. 90-year-old immigrant could lose Brooklyn home after deed theft scam, family says – CBS News. Protect your home. Spot the signs of deed theft – Better Business Bureau. Woman Charged for Scheme to Defraud Elvis Presley’s Family – DOJ. Home Title Theft: How To Protect Yourself – Forbes Advisor. Here’s How Scammers in America Can Take the Title to Your Home Without You Knowing It – Moneywise. Could a Criminal Use Deed Fraud to Steal Your Entire Home? – AARP. Could Fraudsters Steal Your Home From Under Your Nose? – HomeOwners Alliance. Wizard Zines . <a href=
Wed, January 15, 2025
Hacker games, AI travel surveillance, and 25 years of IoT
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Player of Games - Grimes. ‘Path of Exile 2’ Players Call Bulls**t on Elon Musk’s Video Game Stream - Gizmodo. Elon Musk "Playing" Path of Exile 2 - YouTube. Elon Musk is Lying About Being Good at Video Games - YouTube. Elon Musk Streams His ”Totally Not Boosted” ‘Path of Exile 2’ Character, Proves He Has No Idea What He’s Doing - Vice. Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters - 404 Media. Inside the Black Box of Predictive Travel Surveillance - WIRED. Average Number of Smart Devices in a Home 2025 - Consumer Affairs. Global IoT and non-IoT connections 2010-2025 - Statista. U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review. How the Internet of Things will b
Wed, January 08, 2025
Honey in hot water, and reset your devices
Ever wonder how those "free" browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets. Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss what you should do with your old, no-longer-wanted technology. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Exposing the Honey Influencer Scam - MegaLag on YouTube. The Honey Scam: Explained - Marques Brownlee on YouTube. 14 million people don’t know how to erase their data from an old device - ICO. Electronics hoarding habit among Brits and Americans - SellCell. Practical advice for online and electronic devices - ICO. How to factory reset your Google Pixel phone - Google. How to factory reset your iPhone, iPad, or iPod touch - Apple. Reset your Android device to factory settings - Google. Erase your Mac and reset it to factory settings - Apple. Reset your PC - Microsoft. How do I perform a factory reset on my Samsung mobile device? - Samsung. Kagi search engine . <a href="https://fieldsheer.com/collections/mobile-warming-technology" rel=
Wed, December 18, 2024
Fake CAPTCHAs, Harmageddon, and Krispy Kreme
This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack. All this and more is discussed in the latest jam-packed edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of "The AI Fix" podcast . Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: CAPTCHAs from hell - Reddit. “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising - Guardio. AI Safety Clock Ticks Closer To ‘Midnight,’ Signifying Rising Risk - Forbes. Krispy Kreme admits there's a hole in its security - The Register. Nutritional and Allergen Information - Krispy Kreme. &UDM=14 . Does one line fix Google? - Tedium. ElevenLabs . The GCHQ Christmas Challenge 2024 - GCHQ. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device. BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI. <a href="https://www.smashin
Wed, December 11, 2024
Snowflake hackers, and under the influence
A Canadian man is arrested in relation to the Snowflake hacks from earlier this year - after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Accused Kitchener hacker unmasked after threatening woman online - The Waterloo Region Record. Canadian Man Arrested in Snowflake Data Extortions - Krebs on Security. Who wants to be next? - Bluesky post by Allison Nixon. Crypto Trader Kills His Mum For £500k After Going Into Debt To Maintain 'Perfect Lifestyle' - IB Times. Autopsy reveals injuries on body of Colleen Rebelo’s body after alleged murder - Australia News. Influencer Marketing Statistics 2024 - Artios. BLACKkKLANSMAN trailer - YouTube. A Soft Murmur . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device. BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI. <a href="htt
Wed, December 04, 2024
Dishy DDoS dramas, and mining our minds for data
A CEO is arrested for turning satellite receivers into DDoS attack weapons, and we journey into the world of bossware and "affective computing" and explore how AI is learning to read our emotions – is this the future of work, or a recipe for dystopia? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Korea arrests CEO for adding DDoS feature to satellite receivers - Bleeping Computer. Data on our minds: affective computing at work - IFOW. How Much Does 'Bossware' Really Curb Remote Work Slacking? - Inc. MN8 – 2 Channel EEG Headphones - Emotiv. Commercial EEG Headsets for Enterprises - Emotiv. ‘Bossware’ computer tracking devices harm workers’ wellbeing, says report - The Times. Your Company’s Bossware Could Get You in Legal Trouble - 1Password. The Abandoned, Apocalyptic Architecture of One Bold 1970s Retail Chain - Atlas Obscura. Bankrupt - BEST Products Co. - YouTube. Defunct BEST Products Store Architecture Documentary - YouTube. Play Winning Cribbage - Amazon. Cribbage Classic - iOS App Store. Smashing Security merchandise (t-shirts,
Wed, November 27, 2024
Gym hacking, disappearing DNA, and a social lockout
A Kansas City man is accused of hacking into local businesses, not to steal money, but to... get a cheaper gym membership? A DNA-testing firm has vanished, leaving customers in the dark about what's happened to their sensitive genetic data. And Australia mulls a social media ban for youngsters. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: KC Man Indicted for Computer Hacking - Department of Justice. DNA testing company vanishes along with its customers’ genetic data - Malwarebytes. DNA firm holding highly sensitive data 'vanishes' without warning - BBC News. Australia proposes 'world-leading' ban on social media for children under 16 - Reuters. The government has introduced laws for its social media ban. But key details are still missing - The Conversation. Australia's under-16 social media age ban legislation excludes messaging apps - YouTube. Australia’s plan to ban children from social media popular but problematic - PBS News. Which Countries Are Considering Social Media Bans For Teens? - Newsweek. Graham’s previous encounter with hobs with knobs - Smashing Security. “The Day of the Jackal” trailer - YouTube. <a href="https://www.youtube.com/watch?v=p1HxTmV5i7c" re
Wed, November 20, 2024
Digital arrest scams and stream-jacking
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under "digital arrest", how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 'You are under digital arrest': Inside a scam looting millions from Indians - BBC News. Digital Arrest Scam: How You Can Stay Safe - YouTube. Tamil Nadu Professor Placed Under Digital Arrest, Duped of Rs 10 Lakh - YouTube. 'Mann Ki Baat' episode 115 - India Prime Minister Narendra Modi. “My YouTube Channel Got Deleted Last Night..” - Bitz on YouTube. NCA shuts down major fraud platform responsible for 1.8 million scam calls - National Crime Agency. O2 launches free anti-scam caller identification for millions of customers - O2. AI Scambaiters: O2 creates AI Granny to waste scammers’ time - YouTube. “StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams - Guardio. Graham Cluley on Bluesky . Maria Varmazis on Bluesky . Dan Da Dan - Netflix. <a
Wed, November 13, 2024
Who needs a laptop to hack when you have a Firestick?
Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil's COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he was placed under police protection... in a Travelodge outside Oxford. Plus Bengal cat lovers in Australia should be on their guard, as your furry feline friends might be leading you into a dangerous trap., and there's yet more headaches for troubled 23andMe. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford. Plus don't miss our featured interview with Paul Fryer from BlackBerry. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: FBI issues warning as crooks ramp up emergency data request scams - The Register. Optimistic father of LAPSUS$ hacking suspect says he’s going to try to stop him using computers - Graham Cluley. LAPSUS$: GTA 6 hacker handed indefinite hospital order - BBC News. This Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him - Wall Street Journal. Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign - Sophos. Struggling DNA-testing site 23andMe to lay off 40% of its workers - BBC News. Remember That DNA You Gave 23andMe? - The Atlantic. Big Pharma Would Like Your DNA - The Atlantic. Addressing Data Security Concerns - Action Plan - 23andMe Blog. YTCH - YouTube-like
Wed, November 06, 2024
Pasta spies and private eyes, and are you applying for a ghost job?
Mamma Mia! A major hacking scandal in Italy has expanded to include alleged involvement from Israel and the Vatican, and just why are companies advertising jobs that don't exist? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Massive hack-for-hire scandal rocks Italian political elites - Politico. Dossieraggi, i contatti con il Mossad e i dati passati al Vaticano. “Aiutiamo la Chiesa contro la Russia o no?” - La Repubblica. That position you just applied for might be a 'ghost job' that'll never be filled - The Register. Ghost jobs: why do 40% of companies advertise positions that don’t exist? - The Guardian. Job boards are still rife with 'ghost jobs'. What's the point? - BBC. How To Spot Ghost Jobs And Make Your Job Search More Efficient - Forbes. What Are Ghost Jobs and How Can You Avoid Them? - Tech.co That job you applied for might not exist. Here's what's behind a boom in "ghost jobs." - CBS News. The Coming Storm - BBC Radio 4. Things fell apart - BBC Sounds. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every
Wed, October 30, 2024
The secret Strava service, deepfakes, and crocodiles
In this week's episode your hosts practice standing on one leg, Carole gives Graham a deepfake quiz, and we investigate how Strava may be exposing the movements of world leaders. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Smashing Security #063: Carole’s back . Privacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared online - We Live Security. Smashing Security #330: Deepfake Martin Lewis, and a deadly jog in the park . How Emmanuel Macron can be tracked - Le Monde. How Emmanuel Macron can be tracked - YouTube. The Pentagon Wants to Use AI to Create Deepfake Internet Users - Intercept. Is AI eroding democracy ahead of the US election? - BBC News. Fooled twice: People cannot detect deepfakes but think they can - PMC. Detect Fakes - Kellogg Northwestern. DON'T LET AI STEAL YOUR VOTE! - YouTube. Deepfakes fool more than half of Americans, UVU study shows - KLS News radio. Crocodiles Of The World . Here's How Long You Should Be Able To Stand On 1 Leg By Age - Huffington Post. <a href="https://www.smashingsecurity.com/store/" rel="noopener noreferrer" ta
Wed, October 23, 2024
When security firms get hacked, and your new North Korean remote worker
The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: SolarWinds Sunburst supply chain attack - Wikipedia. Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter. SEC Charges Four Companies With Misleading Cyber Disclosures - SEC. Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing. Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events. 67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes. A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider. US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes. Watch “Undercover: Exposing the Far Right” - Channel 4. Undercover film exposing UK far-right activists pulled from London festival - The Guardian. <a href="https://www.youtube.com/@kermodeandmayo
Wed, October 16, 2024
WordPress vs WP Engine, and the Internet Archive is down
WordPress's emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: WP Engine is not WordPress - WordPress. Secure Custom Fields - WordPress. Tweet from Advanced Custom Fields . Advisory: Advanced Custom Fields changes - Tim Nash. WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly - The Register. Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer. The Internet Archive is still down but will return in ‘days, not weeks’ - The Verge. Dimsdale podcasts - OTR radio drama comedy and more. Jeff Goldblum’s furiously fun Greek gods drama is a masterpiece - The Guardian. KAOS - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device. Vanta – Expand the scope of your securi
Wed, October 09, 2024
Vacuum cleaner voyeur, and pepperoni pact blocks payout
Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner might be spying on you, and ordering a pizza could cost you your right to sue. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: We hacked a robot vacuum — and could watch live through its camera - ABC News. Their Uber Driver Crashed. A Pizza Order Unraveled Their Injury Lawsuit - NY Times. A court blocks a couple from suing Uber over a crash, citing terms and conditions - NPR. Taken for a Ride: Parents Can't Sue Uber Over Crash After Daughter's Uber Eats Order - Law.inc New Jersey Court Bars Uber Crash Victims from Lawsuit, Citing App Agreement - The Legal Journal. Couple Seriously Injured in Uber Crash Blocked From Court by Uber Eats Terms - The Insurance Journal. Disney axes bid to stop wrongful death lawsuit over Disney+ terms - BBC. Sherwood - BBC iPlayer. Chocolate Guinness Cake - Nigella. The Best Banana Cake I've Ever Had - Sally's Baking Addiction. My Favorite Carrot Cake Recipe - Sally's Baking Addiction. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: <
Wed, October 02, 2024
Breaches in your genes, and Kaspersky switcheroo raises a red flag
From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice. Sophos punts anti-virus for Klingons - The Register. Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury. Kaspersky says Uncle Sam snubbed its verification proposal - The Register. Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV - PC Mag. Kaspersky software replaced by 'UltraAV' on some US PCs - The Register. Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky. US bans Kaspersky antivirus software for alleged Russian links - BBC News. Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security. MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database. 100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.</l
Wed, September 25, 2024
The $230 million crypto handbag heist, and misinformation on social media
Two men are accused of stealing almost a quarter of a billion dollars from one person's cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation in your most private moments... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ZachXBT’s thread on Twitter . Indictment Charges Two in $230 Million Cryptocurrency Scam - Department of Justice. Two men arrested one month after $230 million of cryptocurrency stolen from a single victim - Bitdefender. Skylar Harrison tells her handbag story - TikTok. Social media’s role in fueling extremism and misinformation in a divided political climate - PBS News. Misinformation on social media - statistics & facts - Pew Research. Social Media and News Fact Sheet, 2024 - Pew Research Center. "Hyperactive" by Lasse Gjertsen - YouTube. Cribbage JD - Play Online - Cardsjd. Paddlers Cribbage - L.L. Bean. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: SentinelOne - secure and protect every aspect of your cloud in real-time. <a
Wed, September 18, 2024
TFL security derailed, and is Trump the king of crypto?
Transport for London (TfL) suffers a cybersecurity incident and tells its 30,000 staff they will all have to their identities verified... in-person. Who might have been behind the attack and why? Meanwhile, Donald Trump's curious relationship with cryptocurrency is explored. All this and Demi Moore is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. (This episode was recorded before the former US President survived a second assassination attempt) Episode links: TFL cybersecurity incident announcement . TFL Employee Hub . DICK'S shuts down email, locks employee accounts after cyberattack - Bleeping Computer. MGM Resorts shuts down IT systems and slot machines go quiet following "cybersecurity incident" - Hot for Security. Teenage suspect in MGM Resorts hack arrested in Britain - The Record. Arrest made in NCA investigation into Transport for London cyber attack - NCA. Donald Trump Prepares to Unveil World Liberty Financial, a Cryptocurrency Business - The New York Times. Behind the Trump Crypto Project Is a Self-Described ‘Dirtbag of the Internet’ - Bloomberg. Cryptocurrency price on July 22: Bitcoin hits $68,000 level, Dogecoin, Avalanche surge up to 11% - The Economic Times. <a href="https://cointelegraph.com/news/trump-vows-us-world-capital-crypto-taps-elon-musk-task-force" rel="noopener norefe
Wed, September 11, 2024
A room with a view, AI music shenanigans, and a cocaine bear
It's a case of algorithm and blues as we look into an AI music scam, Ukraine believes it has caught a spy high in the sky, and a cocaine-fuelled bear goes on the rampage. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Ukrainian detained for allegedly installing CCTV cameras to aid Russian attacks - The Record. Russia calls for restrictions on surveillance cameras, dating apps in cities under attack from Ukraine - The Record. Christo and Jeanne-Claude art projects . North Carolina Musician Charged With Music Streaming Fraud Aided By Artificial Intelligence - United States Department of Justice. Man Arrested for Creating Fake Bands With AI, Then Making $10 Million by Listening to Their Songs With Bots - The Futurist. Kobo Clara BW ereader - Kobo. Cocaine Bear: Why? - The Atlantic. Cocaine Bear Official trailer - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device. Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving
Wed, September 04, 2024
The Godfather club, and AirTags to the rescue
There's a whole new dating scam that could mean you end up out of pocket (or beaten up) after a first date with a glamorous admirer, and a woman in Los Alamos uses an Air Tag to entrap a thief. Plus - don't miss our featured interview with Maya Levine of Sysdig. All this, and a very bad Cockney accent, in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Mail Theft Suspect Apprehended Using AirTag - Santa Barbara County Sheriff’s Office. Google and Apple deliver support for unwanted tracking alerts in Android and iOS - Google Security blog. Apple and Google deliver support for unwanted tracking alerts in iOS and Android - Apple. Barclays Scams Bulletin: Men more likely to fall victim to romance scams, while women lose more money - Barclays. 3 men trapped by same woman: Journalist on modus operandi of dating app scams - India Today. Mumbai club under fire for 'dating scam' after man gets Rs 61,000 bill - India News. Romance scams in 2024 + online dating statistics - Norton. Tips for romance scams - Better Business Bureau. What to know about romance scams - Consumer Advice. The Godfather club dating app scam in Mumbai - YouTube. <a href="https://www.nme.com/news/tv/what-accent-does-butcher-have-in-the-boys-3771902" rel="noopener noreferrer" target=
Bonus · Mon, August 05, 2024
Smashing Security presents The AI Fix: An AI cookery dumpster fire, the ARC prize, and a creepy new AI friend
While "Smashing Security" is on its summer holiday, here's a chance to listen to an episode of its sister show - "The AI Fix". In episode ten of The AI Fix, Graham attempts to say "quinoa", Mark draws a line in the amper-sand, ChatGPT becomes an expert in solar panels and bomb disposal, and our hosts watch a terrifying trailer for a creepy new AI friend. Graham discovers that the world of AI cookery is a soggy, limey mess, and learns an unusual trick for making a great mojito, while Mark pits his co-host against the cleverest AI brains in the world. Episode links: OpenAI starts rollout of Advanced Voice Mode . UK Government shelves £1.3bn UK tech and AI plans . Friend trailer . Artificial intelligence has hard time with accents . Netherlands court uses ChatGPT to decide things . Argentina will use AI to ‘predict future crimes’ but experts worry for citizens’ rights . Twitter thread on crockpot cookbook . Get ready for AI to rip off your favorite cookbooks . ‘One of the most disgusting meals I’ve ever eaten’: AI recipes tested . This cookbook author was a best-seller on Amazon — but she may not even be human . ARC Prize . ARC Prize leaderboard . On the Measure of Intelligence re
Bonus · Tue, July 30, 2024
Smashing Security presents The AI Fix
In episode nine of "The AI Fix", our hosts learn about the world's most dangerous vending machine, a cartoonist who hypnotises himself with AI, and OpenAI's plans to eat Google's lunch... Graham tells Mark about a pig-farming professor, and Mark tests Graham's tolerance with OpenAI's terrifying roadmap to Artificial General Intelligence. Episode links: Meta launches Llama 3.1 . OpenAI Unveils Cheaper, Small AI Model GPT-4o Mini. SearchGPT: OpenAI’s Prototype Aims to Challenge Google . Video Game Performers Strike Over AI . Nicolas Cage is ‘terrified’ of AI using his body and face when he’s dead . Dilbert Creator Claims He Taught ChatGPT Dangerous Hypnosis Techniques . Adult Content Creators Are Making SIX-Figure Salaries from Men Falling in Love with Subservient ‘AI Girlfriends’ . Japanese AI Dating App Lets You ‘Marry’ a Bot . GB News Radio to Introduce AI-Generated News Bulletins . AI-powered vending machines are selling bullets . How Easy Is It To Purchase Ammo with AI-Powered Retail Vending Machines? Professor Flunks All His Students After ChatGPT Falsely Claims It Wrote Their Papers . <a href="https://gizmodo.com/ai-detectors-inaccur
Wed, July 24, 2024
CrowdStrike, Dark Wire, and the Paris Olympics
Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by running a secret end-to-end encrypted messaging app! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity journalist and the author of “Dark Wire”, Joseph Cox. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: How a single IT update caused global havoc - BBC News. Anti-Virus Software Sees Self as Malware, Deletes Itself - NBC News report about Sophos snafu in 2012. Tweet about CrowdStrike outage by Kaspersky - Twitter. “Dark Wire” by Joseph Cox . Inside the Biggest FBI Sting Operation in History - WIRED. Trump shooter's online activity shows searches of rally site, use of encrypted platforms, officials say - CBS News. Mass Surveillance - Privacy International. 338 sites internet frauduleux de revente de billets recensés à quelques semaines du début de la compétition - France Info. From wiretapping to geolocation data collection: AI mass surveillance for the Paris Olympics draws privacy concerns - Fast Company. Heading to the Paris Olympics? Don't Fall for These Scams - PC Mag. <a href="https://www.scientificamerican.com/article/paris-olympics-will-be-a-training-ground-for-ai-powered-mass-surveillance/" rel="noopener noreferrer" target="_bla
Wed, July 17, 2024
Trump assassination conspiracies, Squarespace account hijacks, and the butt stops here
Social media fuels conspiracies galore after Donald Trump is shot at a rally, cryptocurrency websites are hijacked after a screw-up at Squarespace, and our guest takes a close look at bottoms on Instagram. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Killed by Google . Squarespace Enters Definitive Agreement to Acquire Google Domains Assets - Squarespace. A Squarespace Retrospective, or How to Coordinate an Industry-Wide Incident Response - Security Alliance. Trump shooting: all seven conspiracy theories examined - The Telegraph. Fact-checking the wild conspiracy theories related to the attempted Trump assassination - PBS News. We fact-checked some of the rumors spreading online about the Trump assassination attempt - Reuters. Minutes after Trump shooting, misinformation started flying. Here are the facts - AP News. Joy Reid suggests Trump couldn't 'avoid the consequences' of his own rhetoric after assassination attempt - Fox News. The Gunshots Rang Out. Then the Conspiracy Theories Erupted Online - New York Times. Trump assassination attempt – News, Research and Analysis
Wed, July 10, 2024
Teachers TikTok targeted, and fraud in the doctors’ waiting room
Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus don't miss our featured interview with Jason Meller of 1Password. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Outcome, a hot tech startup, misled advertisers with manipulated information, sources say - Wall Street Journal. Three Former Executives Sentenced for $1B Corporate Fraud Scheme - US Department of Justice. Graham dancing - TikTok. Students Target Teachers in Group TikTok Attack, Shaking Their School - The New York Times. “Thank you very much indeed” Presumed Innocent — Official Trailer - Youtube. Presumed Innocent - Apple TV+. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device. mWISE - Don't miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on <a href="https://app
Wed, July 03, 2024
Private nights, evil twins, and crypto home invasions
Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast (co-hosted with Graham!). Talk about nepotism. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Hoos Out Tonight? Dundee medical student launches new app which reveals ‘hot’ pubs - The Courier. ‘It’s completely invasive’: New app lets you spy on SF bars to see if they’re poppin’ - San Francisco Standard. Florida Man Convicted in Violent Crypto Theft Spree - Crypto Daily. Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree - Wired. Man charged over creation of ‘evil twin’ free WiFi networks to access personal data - Australian Federal Police. Police allege 'evil twin' in-flight Wi-Fi used to steal info - The Register. Australian charged for ‘Evil Twin’ WiFi attack on plane - Bleeping Computer. Suno - make a song about anything. The AI Fix podcast - hosted by Graham Cluley and Mark Stockley. Putty Pals - Nintendo Switch. Smashing Security merchandise (t-shir
Wed, June 26, 2024
Julian Assange, inside a DDoS attack, and deepfake traumas
Wikileaks's Julian Assange is a free man, deepfakes cause trouble in the playground, and we hear hot takes about ransomware and tales from inside a devastating denial-of-service attack. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Eleanor Dallaway. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Julian Assange lands in Australia a free man - BBC News. Smashing Security episode 245: The Julian Assange assassination plot, and IoT toilets . Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks - Yahoo News. Surprise! WikiLeaks won’t just hand over details of zero-day vulnerabilities to tech firms - Graham Cluley. Tubthumping (Q3 2021 Issue) - Infosecurity Magazine. Infosecurity Magazine suffering ‘significant’ DDoS attack - Cybernews. Infosecurity Magazine is Back Online! - Infosecurity Magazine. YouTube now lets you report AI deepfakes of yourself - MSN. Two private schools face police probe over claims pupils used AI to 'create deepfake porn images of up to a dozen girls' - Daily Mail. We're calling on the next government to protect women and girls from image-based abuse -
Wed, June 19, 2024
An unhealthy data dump, railway surveillance, and a cheater sues Apple
There's a wee data breach with unhealthy implications in Scotland, privacy has gone off the rails in the UK, and a cheater blames Apple for his expensive divorce. All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter of the "Compromising Positions" podcast. Plus don't miss our featured interview with Abhishek Agrawal, CEO of Material Security. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Cyber attacks update - NHS Dumfries & Galloway. J Paul Getty - Wikipedia. Cyber expert urges against 'panic' over NHS data leak - BBC News. “Don’t panic” - Corporal Jones from Dad’s Army - YouTube. All households in Scottish region to get alert about hackers publishing stolen medical data - The Record. Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers - Wired. Man ludicrously blames Apple for his wife catching him communicating with prostitutes - Apple Insider. Businessman sues Apple after wife finds ‘deleted’ iPhone messages to prostitute - LBC. ‘Tech made me do it’ is no excuse for adultery - The Times. Is it DNS? “My name is Barbra” - Amazon. ”I'm Glad My Mom Died” by Jennette McCurdy - Simon & Schuster. <a href="https://www.smash
Wed, June 12, 2024
iOS 18 for cheaters, and a model cop extortionist?
Apple announces a new privacy feature in iOS that will allow you to hide and lock away your apps - but will it be philanderers who benefit the most? And an ex-police officer is arrested for extortion. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Graham’s video thanking people for voting for “Smashing Security” - Twitter. iOS 18 makes iPhone more personal, capable, and intelligent than ever - Apple. Apple's new iOS 18 feature is being called 'a cheater's paradise' - Daily Mail. 2 Accused In Internet Extortion Scheme Against Boss - Patch. District Attorney: Ex-police officer turned model among duo arrested in Orange County - Westchester News. Former N.Y. cop, internet model Ally Thueson arrested for extortion - NY Daily News. Extortion - FindLaw. Smile politely, nod awkwardly: greeting people you barely know - University Times. How to pass people in hallway without awkwardness? - Reddit. How Long Should a Great Kiss Last? - Psychology Today. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: <a href="h
Wed, June 05, 2024
Crashing robo-taxis, and name-dropping rappers
Drones, some coloured cardboard, and a piece of tinfoil may be all the kit you need to crash a robot-driven taxi, and a rapper is accused of using Justin Bieber's name to defraud a TV company. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Riding Baidu's self-driving robo-taxi - YouTube. Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving - Research paper. Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard - The Register. Gang of Hackers Tries to Steal Baidu’s Driverless Car Secrets - Bloomberg. Rapper Sean Kingston agrees to return to Florida, where he and mother are charged with $1M in fraud - AP News. Sean Kingston Extradited From California to Florida in Fraud and Theft Case - Entertainment Tonight. Rapper Sean Kingston, his mother arrested on fraud charges after SWAT raid at his Southwest Ranches home - Sun Sentinel. What is fraudulent use of personal identification information? - Pumphrey Law. Google’s AI really is that stupid, feeds people answers from The Onion - AV Club. Some of Google’s “best” AI search results - Twitter. <a href="https://www.nytimes.com/2024/06/01/technology/google-ai-overviews-rollback.html" rel="noopener noreferrer"
Wed, May 29, 2024
Microsoft’s Recall controversy, and the North Korean insider threat
Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Microsoft's new Windows 11 Recall is a privacy nightmare - Bleeping Computer. Statement in response to Microsoft Recall feature - ICO. Arizona woman charged in North Korean IT worker scheme that raised millions - CNN. Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea - US Department of Justice. New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers - FTC website. Who’s who in scams: a spring roundup - FTC. Udio . Geoff's Labyrinth ext v2 - Graham’s AI song about Geoff White’s book “Rinsed”. “Nuclear War” by Annie Jacobsen - Amazon. The Patient - Disney+. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: <a href="https://www.vanta.com/smashing"
Wed, May 22, 2024
iPhone undeleted photos, and stealing Scarlett Johansson’s voice
iPhone photos come back from the dead! Scarlett Johansson sounds upset about GPT-4o, and there's a cockup involving celebrity fakes. All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes. Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale. The worst sales promotion in history - The Hustle. Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media. UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security. £200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley. Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired. OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. How the voices for ChatGPT were chosen - OpenAI. As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News. What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times. Scarlett Johansson’s Statement About Her Interactions With Sam Altman -
Wed, May 15, 2024
The fake deepfake, and Estate insecurity
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter's cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers' one-time-passcodes via a secretive online service. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts - TechCrunch. Cheerleader's mom created deepfake videos to allegedly harass her daughter's rivals - ABC News. Bucks County mom doctored videos to harass girls on daughter's cheerleading sqaud, prosecutors say - Philly Voice. Spone v. Reiss, Civil Action 23-0147 - Casetext. Mother 'used deepfake to frame cheerleading rivals' - BBC News. She was accused of faking an incriminating video of teenage cheerleaders. She was arrested, outcast and condemned. The problem? Nothing was fake after all - The Guardian. Parkrun - Wikipedia. Parkrun UK . Oxfordshire Artweeks 2024 - Artweeks homepage. Carole’s art website - carole.wtf Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: <a href="https://www.kiteworks.com" rel="noopener norefe
Wed, May 08, 2024
Unmasking LockBitsupp, company extortion, and a Tinder fraudster
The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster stole £80,000 from women he met on Tinder. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company - US Department of Justice. United States vs Vincent Cannady (PDF) - US Department of Justice. LockBit leader unmasked and sanctioned - NCA. Romance fraudster defrauded women of £80,000 - BBC News. 15 of the Most Trustworthy Accents in the UK Revealed - Country Living. Omoton phone car mount - Omoton. Stories are weapons by Annalee Newitz - WW Norton. All the Beauty in the World: A Museum Guard's Adventures in Life, Loss and Art by Patrick Bringley - Penguin. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kiteworks – Step into the future of secure managed file transfer with Kiteworks. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off! Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud
Wed, May 01, 2024
The closed loop conundrum, default passwords, and Baby Reindeer
The UK Government takes aim at IoT devices shipping with weak or default passwords, a man spends two years incarcerated after being mistaken for the person who stole his identity, and are you au fait with the latest scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: New laws to protect consumers from cyber criminals come into force in the UK - UK Government. Mirai - Wikipedia. Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin. Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian. 5 scams you need to know about in 2024 - Which? News. How fraudsters are getting fake articles onto Facebook - BBC News. Five Scams To Beware In 2024 - Forbes Advisor UK. Eerie ‘breathing’ mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun. How to spot fraud - UK Government. Etymology Monday: David Crystal on the word ‘gaggle’ - Literary Minded. Moon - Wikipedia. Baby Reindeer - Netflix. <a href="https://www.theguardian.com/tv-and-radio/2024/
Wed, April 24, 2024
Keeping the lights on after a ransomware attack
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: When a breach goes from 25 documents to 1.3 terabytes… - Graham Cluley. Leicester street lights stuck on all day due to cyber attack - Leicester Mercury. Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned - Washington Post. AI deepfakes threaten to upend global elections. No one can stop them - Washington Post. Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today. Why Elections Take So Long in India - The New York Times. How A.I. Tools Could Change India’s Elections - The New York Times. Bollywood deepfakes fuel AI election meddling fears in India - GG2. World Explained: How India's politicians are using AI to reach voters in the world’s most populous country - The Scotsman. 12 Angry Men - Wikipedia. VIA Rail . <a href="https://www.smashi
Wed, April 17, 2024
Gary Barlow, and a scam turns deadly
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Animal Crossing with Garry Kasparov - Smashing Security. Gary Barlow - Wikipedia. I was catfished by a fake Gary Barlow on Facebook - Daily Mail. Video shows Clark County man charged with murder confront Uber driver - Springfield News. Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail. Boxfit classes - Better. Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kiteworks – Step into the future of secure managed file transfer with Kiteworks. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off! Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on <a href="https://apple.
Wed, April 10, 2024
WhatsApp at Westminster, unhealthy AI, and Drew Barrymore
MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff - Politico. How I was targeted in the Westminster honeytrap - BBC News. The Westminster honeytrap plotter tried to catch me too - The Times. How Westminster WhatsApp ‘honey trapper’ targeted party conference season - Politico. William Wragg quits Commons roles over Westminster honeytrap - BBC News. A new prescription - The Economist. Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register. ‘The Drew Barrymore Show’ Targeted by Fraudsters in Celebrity Scamming Effort - Yahoo! News. ‘Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety. Guy Fieri Calls Drew Barrymore “Gangster” For Talking With Her “Mouth Full Of Food” On ‘The Drew Barrymore Show’ - Decider. <a href="https://malwaretips.com/blogs/drew-ba
Wed, April 03, 2024
Money-making bots, and Incognito isn’t private
Google says it is deleting your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot - 404. Biden Bans Rival Nations From Buying Sensitive US Data - Good Luck - Wired. 6 practical reasons to use Incognito mode in your browser - USA Today. Brown v. Google LLC Settlement Agreement - DocumentCloud. Google agrees to settle $5bn lawsuit claiming it secretly tracked users - The Guardian. Chrome updates Incognito warning to admit Google tracks users in “private” mode - Ars Technica. Google changes wording for Incognito browsing in Chrome - Malwarebytes. The Incognito Mode Myth Has Fully Unraveled - Wired. Google Agrees to Delete ‘Incognito’ Browsing Data to Settle Class-Action Lawsuit - TIME. Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver - Graham Cluley. <a href="https://www.le
Wed, March 27, 2024
Hacking hotels, Google’s AI goof, and cyberflashing
Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Unsaflok - Security vulnerabilities in Saflok hotel locks. 3 million doors open to uninvited guests in keycard exploit - The Register. Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - Wired. Google's new AI search results promotes sites pushing malware, scams - Bleeping Computer. Man who sent nude picture to teenage girl is jailed under new cyberflashing laws - The Independent. Cyber-flashing convict is first to be jailed under new law - BBC News. What to do if you’re a victim of cyber flashing and how to report it - Metro. The first cyberflasher has been convicted: meet the woman who made it happen - Yahoo! What is cyber flashing? 'Banter' – or a sinister breach of consent - UK News. Love Island star sent unsolicited pictures online calls for tougher cyber laws - Bristol Live. Secret Agent Shenanigans: 13 Weird Spy Weapons And Gadgets - Stay Weird.</l
Wed, March 20, 2024
Bing pop-up wars, and the British Library ransomware scandal
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Search engine market share - Oberlo. A compilation of Bing ads - YouTube. With Edge, Microsoft’s forced Windows updates just sank to a new low - The Verge. Microsoft fixes Edge browser bug that was stealing Chrome tabs and data - The Verge. Is this Microsoft Bing Popup Malware? - Reddit. Microsoft confirms Bing pop-up ads in Chrome on Windows 11 & Windows 10 - Windows Latest. ‘A 22-carat disaster’: what next for British Library staff and users after data theft? - The Guardian. LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review - British Library. The Disturbing Impact of the Cyberattack at the British Library - The New Yorker. Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them? - The Guardian. <a href="https://www.theguardian.com/commentisfree/2013/aug/13/lit
Wed, March 13, 2024
Stuck streaming sticks, TikTok conspiracies, and spying cars
Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Smashing Security episode 317 - Includes a discussion of which came first - Battle Bots or Robot Wars? “Disgraceful”: Messy ToS update allegedly locks Roku devices until users give in - Ars Technica. Dispute resolution terms - Roku. Enshittification - Wikipedia. Craig Shergold - Wikipedia. “Why TikTok Is Becoming A Conspiracy Playground” - YouTube. Dave Bittner’s AI-generated image of Graham Cluley - Twitter. Graham’s AI-generated video about pig butchering - Twitter. Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies - New York Times. Drivers concerned as automakers share driving data with insurance companies - NewsByte. Carmakers are sharing driving habits with insurance companies, unbeknownst to owners - TechSpot. Google Arts & Culture . <a href="https://www.youtube.com/watch?v=RoSYO3fApEc" rel="noopener noreferrer" target=
Wed, March 06, 2024
Ransomware fraud, pharmacy chaos, and suicide
Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Mogilevich claims it has breached Epic Games - Twitter. Fraudster’s fake data breach claims should remind media to be carefu what we report - DataBreaches.net. Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender. US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters. Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired. Vastaamo data breach - Wikipedia. The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast. Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender. Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security – Sophos. Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle. <a href="https://www.helsinkit
Wed, February 28, 2024
Wireless charging woe, AI romance apps, and ransomware revisited
Your smartphone may be toast - if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger - ArXiv. FBI offers free decryption help for LockBit ransomware victims - Paul Ducklin. LockBitsupp unmasked!!? Graham’s reaction to the FBI and NCA’s LockBit ransomware revelation - YouTube. Dating Statistics And Facts In 2024 – Forbes Health. Romantic AI Chatbots Don't Have Your Privacy at Heart - Mozilla Privacy Not Included. Promptsmart . Solving a celestial mystery: the Sun, Earth and Moon model - Museum of Natural History, Oxford. Lotus Bud . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market today Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Vanta – Expand the scope of your security program with market-leading compliance automation… while savin
Wed, February 21, 2024
LockBit locked out, and funeral Facebook scams
Heaven's above! Scammers are exploiting online funerals, and LockBit - the "Walmart of Ransomware" - is dismantled in style by cyber cops. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don't miss our featured interview with Keiron Holyome about how BlackBerry is using predictive AI to stay one step ahead against threats. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Law enforcement disrupt world’s biggest ransomware operation - Europol Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - Krebs on Security. International investigation disrupts the world’s most harmful cyber crime group - UK National Crime Agency. LockBit Victim Reporting Form - FBI. Fake Funeral Live Stream Scams Are All Over Facebook - 404 Media. Closed Captions (CC) vs Subtitles - Subly. Fingernails — Official Trailer - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market today Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners
Wed, February 14, 2024
Declaring war on ransomware gangs, mobile muddles, and AI religion
Holy mackerel! AI is jumping on the religion bandwagon, ransomware gangs target hospitals, and what's happened to your old mobile phone number? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by "Ransomware Sommelier" Allan Liska. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: I changed my number and now i can log into others accounts - Reddit. Post by Alexander Hanff - LinkedIn. Meta says risk of account theft after phone number recycling isn't its problem to solve - The Register. Things to bear in mind when you change your mobile number - T-Mobile. 20+ hospitals in Romania hit hard by ransomware attack on IT service provider - Graham Cluley. Ransomware gang claims responsibility for Christmas attack on Massachusetts hospital - The Record. Cyberattack Disrupts Operations at Chicago Children’s Hospital: An Examination of the Threat and Its Impact - Medriva. Gods in the machine? The rise of artificial intelligence may result in new religions - The Conversation. AI: a way to freely share technology and stop it being misused already exists - The Conversation. The Friar Who Became the Vatican’s Go-To Guy on AI - The New York Times.</
Wed, February 07, 2024
Hong Kong hijinks, pig butchers, and poor ransomware gangs
Is this the real life? Is this just fantasy? A company in Hong Kong suffers a sophisticated deepfake duping, be one your guard from pig butchers as Valentine's Day approaches, and spare a moment to feel sorry for poor ransomware gangs. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ‘Everyone looked real’: multinational firm’s Hong Kong office loses HK$200 million after scammers stage deepfake video meeting - South China Morning Post. Countdown’s Rachel Riley is deepfaked by HSBC - Vimeo. Scameter - Cyber Defender HK. Warning as scammers fake police Scameter app - The Standard. Ransomware payment rates drop to new low – now 'only 29% of victims' fork over cash - The Register. New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying - Coveware. Romance scam reports rose by a fifth in 2023, says Lloyds Bank - The Independent. What is a ‘pig-butchering’ scam – and why is it on the rise? - BBC. Pig butchering mining scams: What they are and how to stop them - SC Media. No love for romance scammers in 2024 - Consumer Advice. <a href="https://www.msn.
Wed, January 31, 2024
Interview with an iPhone thief, anti-AI, and have we gone too far?
The iPhone security setting that you should enable right now, the worrying way that AI is predicting what criminals look like, and we play a game of face fake or real... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Mobile phone stolen every six minutes in London, says Met Police - BBC News. iPhone Thief Explains How He Breaks Into Your Phone - YouTube. About Stolen Device Protection for iPhone - Apple. Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It - Wired. Will ChatGPT write ransomware? Yes - Malwarebytes. AI chatbots are making scams more convincing than ever, warn spy chiefs - The Telegraph. Test yourself: which faces were made by AI? - New York Times. AI vs. Human Writing: Experts Fooled Almost 62% of the Time - Neuroscience News. I know that I know nothing - Wikipedia. Yours truly, Johnny Dollar - Comic book. I Heart Umami . Libby . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kol
Wed, January 24, 2024
Big dumpers, AI defamation, and the slug that slurped
This week the podcast is more lavatorial than usual, as we explore how privacy may have gone to sh*t on Google Maps, our guest drives hands-free on Britain's motorways (and is defamed by AI), and ransomware attacks an airplane-leasing firm. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by BBC Technology Editor Zoe Kleinman. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The Great British Public Toilet Map . How one man’s pay-to-use toilet gag revealed Google Maps can be used to track people - Crikey. Please Rob Me site exposes danger of sharing too much information online - Graham Cluley. Artist creates a virtual traffic jam in Google Maps - YouTube. How to Get Google to Quit Tracking Your Location - PC Magazine. Grieving With Google Street View - Slate. Zoe describes her curious tangle with AI - Twitter. What happens when you think AI is lying about you? - BBC News. Aercap confirms cyber threat involving ransomware - Air Finance. Ransomware crims slime AerCap, claim to have stolen 1TB - The Register. AerCap discloses cybersecurity incident - Reuters. BBC staffers warned of payroll data breach. BA and Boots also affected by MOVEit vulnerability - Graham Cluley. <a hre
Wed, January 17, 2024
Fishy Rishi, 23andMe, and the labour of love
Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And Indian men have hard feelings after falling for a money-for-sex scam. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: What Rishi Sunak gets up to over Christmas… - YouTube. Boris Johnson's Love Actually parody (Conservative Party election broadcast) - YouTube. UK's Rishi Sunak becomes richest ever occupant of Number 10 - Reuters. Over 100 Deep-Faked Rishi Sunak Ads Found on Meta’s Platform - Fenimore Harper Communications. Slew of deepfake video adverts of Sunak on Facebook raises alarm over AI risk to election - The Guardian. 23andMe Blames User “Negligence” for Data Breach - Infosecurity Magazine. All India Pregnant Job service: Indian men conned by 'impregnating women' scam - BBC News. World War II: From the Frontlines - Netflix. Spintronics - Upper Story. Reacher - Amazon Prime. The Trust - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device is
Wed, January 10, 2024
Chuck Norris and the fake CEO, artificial KYC, and an Airbnb scam
Chuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb scammer. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Chief executive of collapsed crypto fund HyperVerse does not appear to exist - The Guardian. Crypto hedge fund CEO may not exist; probe finds no record of identity - Ars Technica. BUSTED: Fake HyperVerse CEO Who Stole $1.3 Billion Unmasked! - YouTube. Hyperverse’s Steven Reece Lewis outed as Steve Harrison - Behind MLM. HyperVerse crypto promoter ‘Bitcoin Rodney’ arrested and charged in US - The Guardian. GenAI could make KYC effectively useless - TechCrunch. Airbnb Grifter Busted for $7.5 Million 'Bait-and-Switch' Scam, Feds Say - The Daily Beast. I Accidentally Uncovered a Nationwide Scam Run by Fake Hosts on Airbnb - Vice. Percentage Point vs. Percent Difference - Macroption. “Is Math Real?” - Book by Eugenia Cheng. <a href="https://www.youtube.com/watch?v=s69fQRE-GaA" rel="noopener noreferrer" target
Wed, December 20, 2023
Phone hacking, Piers Morgan, and Carole’s Christmas cockup
Piers Morgan is less than happy after a judgement that there is "no doubt" he knew phone hacking was going on at the Daily Mirror, and a shopper comes a-cropper just before Christmas. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Piers Morgan denies knowing of phone hacking after judge rules he did - The Guardian. I've never told anyone to hack a phone - Piers Morgan tells Laura Kuenssberg - BBC News. Piers Morgan interviewed by BBC’s Amol Rajan about phone hacking at Daily Mirror - BBC News. Piers Morgan will find many ways to deny phone hacking – but how long before his number is up? - Archie Bland’s article in The Guardian. Piers Morgan tells Charlotte Church how to stop her mobile phone from being hacked - YouTube. I'm sorry, Macca, for introducing you to this monster - Piers Morgan describes in the Daily Mail a voicemail he heard between Paul McCartney and Heather Mills. The human cost of phone hacking - Graham Cluley. Eudesignhouse.shop Review – Unmasking the Store Closing Scam - MyAntiSpyware. Whois Domain Lookup . Myth Maker: The Lost Legacy of Donald Cotton - SoundCloud. 15 virtual Christmas party games to play this festive season - Country Living. <a href="https://teambuilding.co
Wed, December 13, 2023
For research purposes only
A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Fuzzy Duck - Wikipedia. Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit. Rule 34 - Wikipedia. We are (temporarily) offline - InflateVids on Patreon. Fast Company’s Apple News access hijacked to send an obscene push notification - The Verge. Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ - Vice. The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin. Russian influence and cyber operations adapt for long haul and exploit war fatigue - Microsoft. How Zelensky became Hollywood man of the hour - The Guardian. Nigel Farage wishes Hugh Janus a happy birthday - YouTube. Don Johnson - Cameo. Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register. <a href="https://milita
Wed, December 06, 2023
Nuclear cybersecurity, Marketplace scams, and face up to porn
Hacking fears are raised at Western Europe's most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Why Facebook Is Rebranding Itself as Meta - INSEAD. Windscale fire - Wikipedia. Sellafield nuclear site hacked by groups linked to Russia and China - The Guardian. Response to a news report on cyber security at Sellafield - UK Government. Response to Guardian news article - Office for Nuclear Regulation. Common Facebook Marketplace scams and how to avoid them - Comparitech. Advice from Google on how to remove malware and unsafe software from Android devices - Google. New Report Reveals Truths About How Teens Engage with Pornography - Common Sense Media. ‘A lot of it is actually just abuse’- Young people and pornography - Children's Commissioner for England. Implementing the Online Safety Act: Protecting children from online pornography - Ofcom. UK age assurance guidance for porn sites gives thumbs up to AI age checks, digital ID wallets and more - TechCrunch. <a href
Wed, November 29, 2023
Think before you shrink! And our guest is faked
Don't minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield. Plus - don't miss our featured interview with Push Security founder and CEO Adam Bateman. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: XtraVue Trailer demo - YouTube. Nvidia sued after video call mistake showed 'stolen' data - BBC News. Valeo v. Nvidia complaint - DocumentCloud. Fake BBC news article using Jane Wakefield’s name - Twitter. Report a fraudulent webpage to Google Safe Browsing - Google. Meta's EU ad-free subscription faces early privacy challenge - Yahoo! Meta to offer ad-free subscription in Europe in bid to keep tracking other users - TechCrunch. Meta’s EU ad-free subscription faces early privacy challenge - TechCrunch. Facebook and Instagram to Offer Subscription for No Ads in Europe - Facebook. noyb files GDPR complaint against Meta over “Pay or Okay” - NOYB. Big Mac index 2023 - Statista. Euro aea wages 2023 - Take-profit.org. <a href="https://www.theguardian.com/tv-and-radio
Wed, November 22, 2023
Ransomware gang reports its own crime, and what happened at OpenAI?
Who gets to decide who should be CEO of OpenAI? ChatGPT or the board? Plus a ransomware gang goes a step further than most, reporting one of its own data breaches to the US Securities and Exchange Commission. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims - 404. AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC - DataBreaches.net. SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies - US Securities and Exchange Committee. OpenAI announces leadership transition - OpenAI. The Fear and Tension That Led to Sam Altman’s Ouster at OpenAI - The New York Times. Emergency Pod: Sam Altman is Out at Open AI - The New York Times. What We Know About Sam Altman’s Ouster From OpenAI - The New York Times. Ousted OpenAI C.E.O. Makes Plans for New Artificial Intelligence Company - The New York Times. Microsoft Hires Sam Altman Hours After OpenAI Rejects His Return - The New York Times. In the battle to bring ousted founder Sam Altman back to OpenAI, Microsoft and Satya Nadella hold the trump cards - Fortune. Rate your res
Wed, November 15, 2023
Hacking for chimp change, and AI chatbot birthday
Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Bored Ape NFT Partygoers Blame UV Lights For Burned Eyes And Skin - Kotaku. Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked - The Register. Raft Suffers $3.3M Exploit That Drove Down Stablecoin 50%, but Hacker Likely Lost Money on Attack - CoinDesk. Leaderboard Comparing LLM Performance at Producing Hallucinations when Summarizing Short Documents - Github. Cut the Bull…. Detecting Hallucinations in Large Language Models - Vectara. Chatbots May ‘Hallucinate’ More Often Than Many Realize - The New York Times. Bing's ChatGPT-Powered Search Has a Misinformation Problem - Vice. ChatGPT gets code questions wrong 52% of the time - The Register. FreeTube . The Wonderful Story of Henry Sugar - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! <a hre
Wed, November 08, 2023
Trolls, military data, and the hitman and her
A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Plus don’t miss our featured interview with Jason Meller of Kolide. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI - The Register. Zandra Ellis criminal complaint (PDF) . Rent-A-Hitman: Your Point & Click Solution! - YouTube. It’s shockingly easy to buy sensitive data about US military personnel - MIT Technology Review. This Guy Trolls His TikTok Haters By Getting Tattoos of Them - Vice. Man Gets Back at Trolls Online With Revenge Tattoos - MSN. The Beatles - “Now and Then” music video - YouTube. “The Last of Us” piano scene, episode 3 - YouTube. Celeritas podcast . Pick of the week archive - Smashing Security. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! <a href="https://www.vanta
Wed, November 01, 2023
How hackers are breaching Booking.com, and the untrustworthy reviews
Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Art Musings - Gratuitous plug for Carole’s new podcast with Sally Anne-Stewart. Smashing Security #344: What’s cooking at Booking.com? And a podcast built by AI - Smashing Security. Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley. Scammers try to trick Graham again via Booking.com - Twitter. 'Thieves used fake Booking.com emails to steal £1,000 from me before my wedding' - The Mirror. Includes gratuitous mention of Graham’s hunt for aubergines. Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests - Akamai. Did AI Write Product Reviews? Gannett Says No - The New York Times. Is my co-worker AI? Bizarre product reviews leave Gannett staff wondering - The Verge. How to spot a fake review - Which? Lonely Water - Public information film from 1973. Scarred for Life Volume 1: The 1970s - Lulu. <a href="https://www.lulu.com/shop/dave-lawrence-and-stephen-brotherstone/scarred-for-life-volume-two-television-in-the-1980s/pap
Wed, October 25, 2023
Cyber sloppiness, and why does Google really want to hide your IP address?
Ahoy! There's trouble in the South China Seas as Filipino organisations fail to secure their systems, we take a close look at Google IP protection, and we take a look at just how so much genetic profile data leaked out of 23andMe. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Philippines’ cybersecurity failures exposed as hackers leak state secrets, people’s data - South China Morning Post. IT admins are just as culpable for weak password use - Outpost24. Google Chrome wants to hide your IP address - MalwareBytes. The 23andMe data breach reveals the vulnerabilities of our interconnected data - The Conversation. 23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews - Wired. Worried about the 23andMe hack? Here's what you can do - Washington Post. Paris Police 1905 - BBC iPlayer. British Hen Welfare Trust . Art Musings - Art Musings podcast. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Vanta – Expand the scope of your security program
Wed, October 18, 2023
What’s cooking at Booking.com? And a podcast built by AI
How hunting for an aubergine could be all it takes for you to hand your credit card details over to a scammer, and just how good is a podcast entirely built by AI? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Support Alie Hothersall’s fundraising for Mind - JustGiving. Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley. Security.txt - A proposed standard which allows websites to define security policies. Develop AI launches a completely synthetic podcast - Develop AI. Develop AI podcast . Is It Legal To Pay - The err.. https version of a map of which countries allow you to pay ransom demands. Licorice Pizza - BBC iPlayer. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more! Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get 10% off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/sma
Wed, October 11, 2023
Four-legged girlfriends, LoveGPT, and a military intelligence failure
Dream girlfriends, AI love scams, and an alleged spy who is said to have made a series of blunders. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Former Soldier Indicted for Attempting to Pass National Defense Information to People’s Republic of China - US Department of Justice. ‘Dream’ AI Girlfriend Randomly Turns Into Nude Jennifer Lopez, Has Four Legs - 404 Media. LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT - Avast Threat Labs. 5 Signs Your Tinder Match Is a Scam Bot - LifeWire. Support Alie Hothersall’s fundraising for Mind - JustGiving. “The Last Action Heroes” by Nick de Semlyen - Pan Macmillan. Life Kit - NPR. Tom Hanks has made a complaint - Twitter. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more! Moonlock — cybersec
Wed, October 04, 2023
Royal family attacked, keyless car theft, and a deepfake Tom Hanks
Is a deepfake Tom Hanks better than the real thing? Who has been attacking the British Royal Family's website, and why? And how can you protect your vehicle from the spate of keyless car thefts? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. Plus don't miss our featured interview with Devo CISO Kayla Williams. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The disturbing uncanny valley of Robert Zemeckis film 'Polar Express' - Far Out magazine. Tom Hanks warns of deepfake video promoting dental plan - Instagram. Fuming Tom Hanks says he had nothing to do with that AI dental ad clone of him - The Register. Tom Hanks warns dental plan ad image is AI fake - BBC News. Robin Williams’ Daughter Zelda Criticizes Use of AI to Re-create His Voice: “I Find It Personally Disturbing” - Hollywood Reporter. Bruce Willis denies selling rights to his face - BBC News. Deepfake Bruce Willis in Russian telecoms advert - YouTube. Could you get "carhacked"? The growing risk of keyless vehicle thefts and how to protect yourself - CBS News. Keyless car theft: What is a relay attack, how can you prevent it, and will your car insurance cover it? - Leasing.com. Testing Phone-Sized Faraday Bags - Matt Blaze. Famous DDoS attacks - Cloudflare. <a href="https://www.dailymail.co.uk/news/article-12583569/Russian-hackers-responsible-buckingham-palace-website-attacked-nhs
Wed, September 27, 2023
Another T-Mobile breach, ThemeBleed, and farewell Naked Security
Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: T-Mobile customer reports privacy breach - Twitter. T-Mobile US exposes some customer data – but don't call it a breach - The Register. T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer. Connectivity Source - Despite appearances, don’t confuse it with T-Mobile. ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes. If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times. They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone. The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media. Egg crack challenge,the last baby is so cute - YouTube. Trailer for “The Deepest Breath” - YouTube. “The Deepest Breath” - Netflix. Nitpick: Meaningless communications. Naked Security . <a href="https://www.smashingsecurity.com/store/
Wed, September 20, 2023
Heated seats, car privacy, and Graham’s porn video
Do you know what data your car is collecting about you? Do you think it's right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês. Plus don't miss our featured interview with Gigamon's Mark Jow. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Yikes! My sex video has been uploaded to YouPorn, apparently - Graham Cluley. 1 million YouPorn users exposed; data breach required no security penetration - Computer World article from 2012. The YouPorn Sextortion Email Spam Campaign Explained - MalwareTips. BMW deems drivers worthy of warmth, ends heated car seat subscription - The Register. Hackers crack Tesla software to get free features - The Independent. It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy - Mozilla Foundation. Car Companies: Stop Your Huge Data Collection Programs - Mozilla Foundation. Programming language inventor or serial killer? - Vole.wtf. Rask - AI video localisation. Verbalate - Video translation and lip sync software. The Following Events Are Based on a Pack of Lies review<
Wed, September 13, 2023
Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?
Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865. Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...) All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Tweet by Jameson Lopp . Bitcoin user’s costly error leads to record transaction fee of $510,000 - Cryptoslate. Root Admin User: When Do Common Usernames Pose a Threat? - GovInfoSecurity. Dave’s conversation with Crosstalk’s Chris Sherwood - Hacking Humans podcast. Passkey authentication - Wikipedia. Passkeys: Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins - FIDO Alliance. Test your mental image ability - Aphantasia. How to create your own personal deepfake - Axios. Deepfakes are being used for good – here’s how - Connecting Research - University of Reading. Six things you need to know about deepfakes - BBC Radio 4. Mitigating Aphantasia with Generative Reality - Medium. Ethical Deepfake Maker - Synthesia. HeyGen deepfakes</a
Wed, September 06, 2023
Catfishing services, bad sports, and another cockup
AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Plus don't miss our featured interview with Alex Lawrence, principal security architect at Sysdig. Warning: This podcast may contain nuts, adult themes, and rude language. May? Who are we kidding... Episode links: 199: A few tech cock-ups, and one cock lock-up - Smashing Security. Smart male chastity lock cock-up - Pen Test Partners. “My sexual urges are so out of control I’m considering buying a chastity cage” - Dear Deidre, The Sun. Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed - TechCrunch. Dispatch pauses AI sports writing program - Axios. Would Your Partner Cheat? These ‘Testers’ Will Give You an Answer - The New York Times. Loyalty Test . Nitpick: Why don’t induction hobs have knobs? Longevity… simplified - book by Dr Howard J Luks. Oxford Art Society Open Exhibition 2023 . Carole Theriault art website . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! <a href="https://www.sysdig
Wed, August 30, 2023
The DEA’s crypto calamity, and scammers’ blue tick bonanza
Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich's head, and how Graham is refusing to call Twitter "X". All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer - Forbes. Stranger sent dick pics so I convinced him he was dying - YouTube. Creeps Airdropping Dick Pics Is the Latest Air Travel Nightmare - Vice. Airdrop scam tokens - Trezor. Brother of Criminal Bitcoin Mixing CEO Pleads Guilty to Stealing 712 Bitcoins From IRS - CoinDesk. Blue-tick scammers target consumers who complain on X - The Guardian. Infinite Mac . Classic Mac OS - Wikipedia. Perplexity AI - chatbot. CrazyGames . Braingle . 40 Weirdest Things on Amazon That People Actually Love to Buy - Good Housekeeping. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your dev
Wed, August 23, 2023
Pizza pests, and securing your wearables
Surely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: One in three young people falling prey to ‘text pests’ as ICO calls for victims to come forward - ICO. My pizza order turned into a terrifying ordeal after creepy delivery driver stole my data & I was sent sinister messages - The Sun. Share your experience of unwanted contact after giving your personal information to a business for a legitimate reason - ICO. IoT, wearables and the new health insurance paradigm - IT-Online. Top 10 Innovative Wearable IoT Devices - IOT Design Pro. Explosive Growth Forecasted: IoT in Healthcare Market Set to Reach US$ 952.3 Billion by 2032 with a Remarkable CAGR of 18.0% - PharmiWeb. Sweat it out: Novel wearable biosensor for monitoring sweat electrolytes for use in healthcare and sports -Science Daily. New Apple Watch X Leaked: MAJOR Redesign & Magnetic Band System! -YouTube. Wearables | Privacy & security guide - Mozilla Foundation. 5 trending wearables in 2023 to look out for - Ignitec. <a href="http://healthleadersmedia.com/pharma/internet-things-becomes-greater-focus-pharma" rel="noopener noreferrer" t
Wed, August 16, 2023
AI chat wars, and hacker passwords exposed
AI chatbots are under fire in Las Vegas, the secrets of hackers' passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 100,000 Hackers Exposed from Top Cybercrime Forums - Hudson Rock. Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer - Hudson Rock. People coaxed AI into saying 9+10=21 and giving instructions for spying — it shows how these systems are prone to flaws and bias - Business Insider. These Women Tried to Warn Us About AI - Rolling Stone. Chatbots: Why does White House want hackers to trick AI? - BBC News. I, Claudius - BBC iPlayer. Drama Connections: I, Claudius - BBC documentary from 2005, on YouTube. 'Painkiller' Review: Netflix Series Fails To Capture Opioid Crisis - Variety. ”Painkiller” trailer - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! Sysdig – Is your cloud secure? Not without runtime insi
Wed, August 09, 2023
Acoustic attacks, and the tears of a crypto rapper
Razzlekhan, the self-proclaimed Crocodile of Wall Street, pleads guilty to the biggest crypto laundering scheme in history, and just how safe are you typing while on a Zoom call? Meanwhile, Graham rants about public EV chargers. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: With Nvidia Eye Contact, you’ll never look away from a camera again - Ars Technica. “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” - Technical paper (PDF). New acoustic attack steals data from keystrokes with 95% accuracy - Bleeping Computer. Bitfinex users to share 36% of bitcoin losses after hack - BBC News. Bitfinex’s Latest News & Updates - BitFinex blog. Heather R. Morgan - Wikipedia. Razzlekhan and husband guilty of $4.5bn Bitcoin launder - BBC News. Record-high seizure of $4bn in stolen Bitcoin - BBC News. ‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan - The Guardian. ”Versace Bedouin” music video by Razzlekhan - YouTube. “Pho King Badd Bhech” music video by Razzlekhan - YouTube. SWARCO - Nit Pick of the Week. Esim Holafly - Holafly. <a href="https://www.smashingsecurity.com/store/" rel="noo
Wed, August 02, 2023
Barbie and the stalking spouse
Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: SpyHide couldn’t hide forever - Maia arson crimew. Spyhide stalkerware is spying on tens of thousands of phones - TechCrunch. Coalition against Stalkerware . Use Google Play Protect to help keep your apps safe and your data private - Google. Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News. A Complete History of the Barbie Movie - Vanity Fair. 20 Things You Probably Didn't Know About Barbie - Readers Digest. Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek. How scammers are using ‘Barbie’ craze to steal personal information - The Hill. ‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter. Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee. History vs Hollywood . <a href="https://www.history
Wed, July 26, 2023
Nudes leak at the plastic surgery, Mali mail mix-up, and WormGPT
Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 90210 plastic surgeon Dr Gary Motykie . Dr Gary Motykie videos - YouTube. More plastic surgery patients have their nude photos and information leaked - DataBreaches.net. Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register. Hundreds of thousands of US military e-mails wind up in Mali - Le Monde. Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times. WormGPT: a generative AI tool to compromise business emails - CSO Online. WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext. “Who shat on the floor at my wedding?” Futurama - Wikipedia. Radiooooo . Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Spon
Wed, July 19, 2023
Boris Johnson’s WhatsApps, and sextorting party girls
Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The UK Covid-19 Inquiry . Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian. Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian. The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph. Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice. Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times. Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal. Musicless music video of Lionel Richie’s “Hello” - YouTube. Musicless music video of Rolling Stones performing live in 1964 - YouTube. Intrigue: Burning Sun - BBC podcast. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: <a href="https://www.kolide.com/smashing
Wed, July 12, 2023
Deepfake Martin Lewis, and a deadly jog in the park
Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Russian commander shot dead after posting runs on Strava running app - Kyiv Post. Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News. How synthetic media, or deepfakes, could soon change our world eing deepfake scam ad on Facebook - 60 Minutes on YouTube. Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer. Fears grow of deepfake ID scams following Progress hack - Ars Technica. “ Deep Fake Neighbour Wars”: ITV’s comedy shows how AI can transform popular culture -The Conversation. ”My Old School ” - BBC Scotland. ”My Old School” trailer - YouTube. MP doesn’t know whether she attended Downing St Party - YouTube. ”Non-Censored” with Rosie Holt podcast - Audioboom. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide - Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today! <a href="https://www.sysdig.com/smashing" rel="n
Wed, July 05, 2023
Pornhub, Barbie dolls, and can you trust a free TV?
Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly? Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny". All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Pornhub Is Being Accused of Illegal Data Collection - Wired. StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn. The Password Game - Neal.fun. The True Cost of a Free TV - Wired. Telly dual-screen TV first look: it’s free and may be the future - The Verge. Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger. How rampant abuse by fintech fueled covid relief fraud - The Washington Post. 'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News. "We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News. ‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes. <a href="https://en.wikipedia.org/wiki/Jury_Duty_(2023_TV_series)" rel="noopener noreferrer" target="_bl
Wed, June 28, 2023
UPS smishing, ChatGPT 101, and storing secret files
UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer. Example of UPS SMS phishing message related to Lego order - Twitter. Another example of a Lego-related UPS phishing message - Twitter. Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice. How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley. Bad adverts leave people scratching their heads - MSN. How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro. Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist. Unraveling an AI Scam with AI - Imperva. 100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread. 97+ ChatGPT Statistics & User Numbers In Jun
Wed, June 21, 2023
Mark’s metaverse for minors, and getting down to business
There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Google sues alleged scammer over fake business and review scheme - The Verge. Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times. Introducing New Parent-Managed Meta Accounts for Families - Meta Blog. Keep Connected - ages 10–14 - Keep Connected. The Metaverse Police: A VR content moderator shares his insights - Mixed News. “Untold: The Girlfriend Who Didn't Exist” - Netflix. Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing. Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today! Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have imple
Wed, June 14, 2023
Right Royal security threats and MOVEit mayhem
There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro. Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express. The US Is Openly Stockpiling Dirt on All Its Citizens - Wired. I don’t care about cookies browser plugin . MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News. BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News. Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch. BBC and British Airways affected by data breach at payroll company Zellis - The Record. BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian. Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant. MOVEit Transfer and MOVEit Cloud Vulnerability - Progress. <a href="https://therecord.media/moveit-announces-new-vulnerability-minnesota-breached" rel="noopener noreferrer" target="
Wed, June 07, 2023
Rick Astley and the little birdie scam
Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Max Power of Bitwarden. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register. “Breaking the code: Cyber Secrets Revealed” - ABC. Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News. Toll-free Hijack Alert (misdial scam) - AT&T. “Connected: the hidden science of everything” - Netflix. “Connections” with James Burke - YouTube. “I wanna marry Harry” reality show - Wikipedia. “Space cadets” reality show - Wikipedia. Unreal: A Critical History of Reality TV - Apple Podcasts. Famous Studios - Famous Studios website. Unreal: A Critical History of Reality TV - BBC Sounds. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager tru
Wed, May 31, 2023
.ZIP domains, AI lies, and did social media inflame a riot?
ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Plus don't miss our featured interview with David Ahn of Centripetal. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 8 new top-level domains for dads, grads and techies - Google. Tweet by Citizen Lab’s John Scott-Railton - Twitter. File Archiver in the browser - mr.d0x. A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason. Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online. Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News. Two boys killed in Cardiff crash which was followed by riot are named - Sky News. Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian. Black Butterflies - Netflix. Black Butterflies trailer - YouTube. <a href="https://www.amazon.co.uk/End-World-Just-Beginning-Globalization/dp/006323047X" rel
Wed, May 24, 2023
Botched Bitcoin blackmail, iSpoof, and Meta’s billion dollar data bungle
13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Man convicted of blackmail and other offences - SEROCU. EU hits Meta with record €1.2B privacy fine - Politico. Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News. iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News. Fraudster pleads guilty to £100m iSpoof scam - BBC News. 300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security. "John Was Trying to Contact Aliens" - Netflix. Sleep mask - Amazon. Blackout blind with suction cups - Amazon. Jewish Matchmaking - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing. Kolide – Kolide ensures that if your de
Wed, May 17, 2023
When you buy a criminal’s phone, and paying for social media scams
Personal information is going for a song, and the banks want social media sites to pay when their users get scammed. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Vote for "Smashing Security" in the European Security Blogger Awards. Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security. Fraud Strategy: stopping scams and protecting the public - UK Gov. Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News. Social media firms should reimburse online fraud victims, say UK bankers - The Guardian. How Many People Use Social Media in 2023? - Oberlo. Scam social media quizzes dupes people into revealing personal details - ITV News. Where are you most likely to be scammed: phone, text or social media? - This is Money. Major bank calls out Meta for huge rise in scams on its platforms - This is Money. The Legend of Zelda: Tears of the Kingdom - Nintendo. ScanSnap SV600 - Fujitsu. Sma
Wed, May 10, 2023
Eurovision, acts of war, and Twitter circles
Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden. Plus don't miss our featured interview with Outpost24's John Stock. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Introducing Twitter Circle, a new way to Tweet to a smaller crowd - Twitter. Twitter Circles Is Broken, Revealing Nudes Not Meant For The General Public - Buzzfeed News. Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout - The Register. What is Hostile or Warlike?: An in-depth look at the Merck war exclusion decision and its shortfalls - Kennedys Law. Eurovision voting scandal: Six juries cheated and voted for each other - EuroVision World. Eurovision: MP seeks assurances contest voting will be protected from Russian threats - Sky News. Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week - Daily Mail. Cyber security experts hope to protect Eurovision voting from possible Russian threat - ITV News. The tec
Wed, May 03, 2023
City Jerks, AI animals, and is the BBC hacking again?
Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Hackers steal emails, private messages from hookup websites - TechCrunch. Scam Interceptors - BBC. ‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammers - The Guardian. Did BBC break the law by using a botnet to send spam? - Naked Security. How a horse whisperer can help engineers build better robots - Science Daily. How Scientists Are Using AI to Talk to Animals - Scientific American. “I don’t know”, sung by 76-year-old Paul McCartney - YouTube. “I don’t know”, sung by AI Paul McCartney - YouTube. AI makes Paul McCartney’s voice youthful - The Daily Beatle. “New”, sung by the AI Beatles - YouTube. AI Freddie Mercury sings “Yesterday” - YouTube. The Evaporated - Campside Media. Tetris - Apple TV+. Smashing Secur
Wed, April 26, 2023
The CEO who also ran IT, Strava strife, and TikTok tall tales
A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats - Graham Cluley. Lizard Squad Member: Why I Took Down Xbox and PlayStation - Sky News on YouTube. Hacker Charged With Extorting Online Psychotherapy Service - Krebs on Security. Finland’s Most-Wanted Hacker Nabbed in France - Krebs on Security. Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender. Hackers can find your home on Strava even if you use privacy settings, researchers find - Yahoo Sports. Iron Bianca hashtag on TikTok - TIkTok. Investigators warn of fake suicide scams on social media platforms - MSN News. How did Iron Bianca die? Tribute Pours In As Tiktok Star Passed Away - PBK News. Spill-the-Tea-007 TikTok Channel - TikTok. Mike Bolhius Private Investigator - Mike Bolhius homepage. <a href="https://www.youtube.com/watch?v=K9TX-6HyuOc" rel="noopener nore
Wed, April 19, 2023
Tesla workers spy on drivers, and Operation Fox Hunt scams
Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. (Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!) Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Countering Threats Posed by the Chinese Government Inside the US - Speech by the FBI’s Christopher Wray. Criminals Pose as Chinese Authorities to Target US-based Chinese Community - FBI. FBI: How fake Xi cops prey on Chinese nationals in the US - The Register. Special Report: Tesla workers shared sensitive images recorded by customer cars - Reuters. 303: Secret Roomba snaps, Christmas cab scams, and the future of AI - Smashing Security. Lawsuit: Tesla must be punished for “tasteless” sharing of car-camera images - Ars Technica. Customer Privacy Notice - Tesla. Tesla hit with class action lawsuit over alleged privacy intrusion - Reuters. Tesla About Autopilot - Tesla. “Wet Nellie” - Wikipedia. Device Orchestra - YouTube. <a href="https://www.youtube.com/watch?v=N16Fdx9Z9Ik" rel="noopener nor
Wed, April 12, 2023
Another Uber SNAFU, an AI chatbot quiz, and is juice-jacking genuine?
Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Uber driver info stolen yet again: This time from law firm - The Register. Letter from law firm Genova Burns to impacted Uber drivers (PDF) Tweet by FBI Denver - Twitter. FBI warns against using public phone charging stations - CNBC. 'Juice Jacking': The Dangers of Public USB Charging Stations - FCC. Stop! Don’t charge your phone this way - Seattle Times. This Seemingly Normal Lightning Cable Will Leak Everything You Type - Vice. Cybersecurity Myths You Might Still Believe – Debunked! - CXO Today. China to require 'security assessment' for new AI products - France24. Cybercrime: be careful what you tell your chatbot helper… - The Guardian. 12 Jobs that AI will never replace - In Hunt World. <a href="https://www.republicworld.com/technology-news/other-tech-news/chatgpt-fabricates-sexual-harassment-scandal-
Wed, April 05, 2023
Of Musk and Afroman
An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: These Men's Rights Activists Literally Worship Elon Musk - Buzzfeed News. Florida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed' - WESH. Florida principal resigns after sending $100K to scammer posing as Elon Musk - NY Post. Afroman - Will You Help Me Repair My Door - YouTube. Official Music Video for Because I Got High performed by Afroman - YouTube. Police sue rapper Afroman for using footage of home raid in his music videos - The Guardian. Afroman Complaint - Adams County Court. Afroman Got Raided by Cops, So He Put Them in His Music Video - Vice. Afroman - Wikipedia. Afroman sued by seven officers who raided his home - NME. Afroman Isn’t Worried About a Police Lawsuit Over His Music Videos - Rolling Stone. Afroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!! - TMZ. <a href="https://www.tmz.com/2022/11/30/afroman-cops-stole-missing-money-poli
Wed, March 29, 2023
Crypto hacker hijinks, government spyware, and Utah social media shocker
A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Tweet by Euler Finance confirming security breach - Twitter. Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk. Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian. Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk. President Biden kind of mostly bans commercial spyware from US govt - The Register. Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times. Utah’s social media for kids law could be coming to a state near you - Vox. Utah Governor Spencer Cox signs a landmark social media bill - YouTube. RRR - Netflix. RRR trailer - YouTube. RRR Naatu Naatu dance scene - YouTube. Best films of 2022 in the UK, No 7: RRR - The Guardian. <a href="http
Wed, March 22, 2023
Photo cropping bombshell, TikTok debates, and real estate scams
It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security. Google Pixel exploit reverses edited parts of screenshots - The Verge. Tweet by researcher Simon Aarons - Twitter. aCropalypse demo . Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors. Android phones can be hacked just by someone knowing your phone number - Graham Cluley. BBC advises staff to delete TikTok from work phones - BBC News. TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News. TikTok banned from official Welsh government phones - BBC News. Danish public broadcaster advises staff against using TikTok - BBC News. Canada bans TikTok on government devices - BBC News. European Commission bans TikTok on staff devices - BBC News. New bill would ban TikTok in the US but it faces long odds - B
Wed, March 15, 2023
Tesla twins and deepfake dramas
The twisted tale of the two Teslas, and a deepfake sandwich. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News. A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone. Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag. Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN. Spot the Deepfake - Microsoft. Sholay trailer - YouTube. Sholay: Review of the monumental Indian epic - YouTube. Rent or buy Sholay - YouTube Movies. Jazz Pianist Brad Mehldau Plays The Beatles - NPR. Brad Mehldau - Brad Mehldau website. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing. <a href="https://www.kolide.com/smashing" rel="noopener noreferrer" target="_blank
Wed, March 08, 2023
Super grannies, bar trolls, and US Marshals
Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading. Plus don’t miss our featured interview with Jason Meller of Kolide. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC. Canada grandma helps stop fraud scheme targeting senior citizens - BBC News. A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal. Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN. Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR. 9 millionaires and billionaires with the most bizarre spending habits - Business Insider. Phishing still the leading way attackers breach security controls: IBM - IT World Canada. New White House cyber strategy picks a fight with ransomware - AXIOS. Happy Valley - BBC. My 80s TV . Everything Everywhere All at Once - IMDB. <a href="https://www.smashingsecu
Wed, March 01, 2023
TikTok, wiretapping, and your deepfake voice is your password
Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Wiretapping Italian police tune in to hear their secrets being sold - The Times. Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian. Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube. Protests grow in Italy over the wiretapping of journalists - Independent. How I Broke Into a Bank Account With an AI-Generated Voice - Vice. TikTok under investigation by Canadian privacy authorities - BBC. The UN's cyber crime treaty could be a privacy disaster - IT Pro. TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News. “Check It Out” episode about nuclear war from July 1980 - YouTube. The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads. <a href="https://www.theguardian.com/tv-and-radio/2023/feb/22/fleishman-is-in-trouble-review-jesse-eisenberg-divorce-drama-disney" rel="noopener noreferrer" target="_bl
Wed, February 22, 2023
Verified blue ticks and horny AI chatbots
Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans... All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Testing Meta Verified to Help Creators Establish Their Presence - Meta. As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley. A pre-match message from Will Ferrell - QPR Twitter account. BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline. Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice. ‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice. Replika homepage - Replika. Click and Drag - xkcd. 1110: Click and Drag - Explain xkcd. xkcd 1110: Click and Drag map - Zoomable map of “Click and drag” Only Murders in the Building - Disney Plus. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, team
Wed, February 15, 2023
Synthetic voices, ChatGPT reflections, and social skirmishes
AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice. AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice. Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice. ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice. My Strange Day With Bing’s New AI Chatbot - Wired. We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company. How social media affects teen mental health: a missing link - Nature. California bill to let parents sue social media gets second try - Bloomberg. How to protect children from big tech companies - Wall Street Journal. Three out of four parents say social media is a major distraction for students, according to new study - Phys.org. <a href="https://www.whitehouse.gov/briefing-room/speeches-remarks/2023/02/07/remarks-of-president-joe-biden-state-of-the-union-address-as-prepared
Wed, February 08, 2023
Jail after VPN fail, criminal messaging apps, and wolf-crying watches
When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Plus don't miss our featured interview with SecurEnvoy's Chris Martin. Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored by: Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free. SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now. Episode links: Ubiquiti tells customers to change passwords after security breach - ZD Net. “No way out” trailer - YouTube. Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica. Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender. Final Thoughts on Ubiquiti - Krebs on Security. Former Employee Of Technology Comp
Wed, February 01, 2023
ChatGPT and the Minister for Foreign Affairs
Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Artis Pabriks . ‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World. 'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News. Amazon Warns Employees to Beware of ChatGPT - Gizmodo. ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. ChatGPT raises red flags by acing MBA exam . ChatGPT passes exams from law and business schools - CNN. I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. Real estate agents say they can’t imagine working without ChatGPT now - CNN. Science journals ban listing o
Wed, January 25, 2023
No Fly lists, cell phones, and the end of ransomware riches?
What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored by: Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all. NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free. Episode links: The Complete Idiot's Guide to Writing Erotic Romance - Amazon. The Many Ingenious Ways People in Prison Use (Forbidden) Cell Phone - The Marshall Project. How Did They Run an Elaborate “Sextortion” Scam From Prison? Cellphones - The Marshall Project. Alarm Over Death Row Cell Phone Threats - CBS News. How to completely own an airline in 3 easy steps - Maia arson crimew. U.S. airline accidentally exposes ‘No Fly List’ on unsecured server -
Wed, January 18, 2023
Norton unlocked, and police leaks
Carole is in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information. Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Operation Protect the Innocent - LA Police Department. A Police App Exposed Secret Details About Raids and Suspects - Wired. ODIN Intelligence website is defaced as hackers claim breach - TechCrunch. Norton LifeLock says thousands of customer accounts breached - TechCrunch. Ugh! Norton LifeLock password manager accounts accessed by hackers - Graham Cluley. Reports: Twitter’s sudden third-party client lockouts were intentional - Ars Technica. Spring app - Twitter. Spring app - Mac App Store. Mona app - Mastodon. Tulsa King trailer - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360
Wed, January 11, 2023
Oxford's dating disaster, cheap security robots, and faking a suicide
Someone called OxShagger thinks he has come up with the perfect Valentine's surprise for Oxford students, but is the way he has gone about "bookworms with benefits" really a good idea? Robot security guards are trundling the streets of - you guessed it - America. And a writer of paranormal bully romances (no, we don't know what that means either) returns from the grave... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Andrew Agnês. Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored by: Bitwarden - Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 - A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all. NordLayer - NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free. Episode links: Dating site for horny Oxford students slammed for privacy violations - Cherwell. OxShag will not be running this term as creator says they ‘made some poor choices’ - The Oxford Tab. Dysfunctional: OxShag to shut down amid controversy - Cherwell. Oxford University dating website for staff and st
Wed, December 21, 2022
Secret Roomba snaps, Christmas cab scams, and the future of AI
Beware your Roomba's roving eye, the Finns warn of AI threats around the corner, and watch out when hailing a taxi cab in Dublin... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Register's Iain Thomson. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? - MIT Technology Review. Building Smart Robots Requires Responsible Development - Roomba CEO Colin Angle on LinkedIn. OpenAI predicts biz can break a billion in revs by 2024 - The Register. The security threat of AI-enabled cyberattacks (PDF) - The Finnish Transport and Communications Agency, Traficom. Ireland Christmas weather ‘roller-coaster’ amid new ‘Beast from the East’ threat - Irish Mirror. Christmas revellers warned about sophisticated taxi scam as €300,000 is stolen from victims - MSN. Taxi cab scam has cleaned out €300,000 from bank accounts of victims - Irish Independent. “La Cabina” - YouTube. “Last and First Men” by Olaf Stapledon - Wikipedia. <a href="https://www.panmacmillan.com/authors/adam-hamdy/the-other-side-of-night/9781529088137" rel="noopener no
Wed, December 14, 2022
Lensa AI, and a dog called Bob
Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Plus - don't miss our featured interview with Rico Acosta, IT manager at Bitwarden. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Smashing Security 229: Dating leaks, right to repair, and a stinky bishop - Smashing Security. Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall - The Register. Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickers - NCA. What does the Lensa AI app do with my self-portraits and why has it gone viral? - The Guardian. Lensa, the AI portrait app, has soared in popularity. But many artists question the ethics of AI art - NBC News. I Uploaded Photos of Myself to the New Lensa A.I. Portrait Generator. The Results Were Stunning, Strange… and Super Creepy - Artnet. People keep sharing their AI-generated portraits: What to know about Lensa, and why some push back on it - USA Today. How Is Everyone Making Those A.I. Selfies? - New York Times. Lensa AI: Security conc
Wed, December 07, 2022
AI chatbot or the start of Skynet? Eufy privacy, and hot desks
An AI chatbot is causing a stir - both impressing and terrifying users in equal measure. A security researcher discovers that a "smart" cam that doesn't use the internet is err.. using the internet. And university students revolt over under-the-belt surveillance. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: While anticipation builds for GPT-4, OpenAI quietly releases GPT-3.5 - TechCrunch. OpenAI upgrades GPT-3, stunning with rhyming poetry and lyrics - Ars Technica. GPT-3.5 finds a security vulnerability - Twitter. Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - YouTube. OpenAI's new ChatGPT bot: 10 dangerous things it's capable of - Bleeping Computer. What GPT-3.5 really thinks about us humans - Twitter. We asked GPT-3.5 to write a story about the “Smashing Security” hosts - Twitter. GPT-Chat - OpenAI. Researcher Paul Moore questions Eufy about its privacy - Twitter. Eufy’s “local storage” cameras can be streamed from anywhere, unencrypted - Ars Technica. <a href="https://us.eufy.com/pages/privacy-commitment" rel="noopener noreferrer" target="_blank
Wed, November 30, 2022
Interplanetary file systems, iSpoof, and don't delete Twitter
Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems). All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by original show co-host Vanja Švajcer. What an amazing 6 years of bickering it has been… thanks to all of you who have tuned in, appeared on the show, or supported us! 🙏 Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Smashing Security #001: “One cup, two hotel guests” - YouTube. Whoopi Goldberg Quitting Twitter: “As Of Tonight I’m Done” - Deadline. Stephen Fry Joins Celebrity Twitter Exodus, Says “Goodbye” With Scrabble Message - Deadline. Twitter Users Warned Not To Delete Their Accounts - Here’s Why - Forbes How to deactivate your account - Twitter. InterPlanetary File System - Wikipedia. Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns - Cisco Talos. Decentralized IPFS networks forming the 'hotbed of phishing' - The Register. UK police arrest 120 in largest-ever cyber fraud crackdown - Computer Weekly. Grote spoofingdien
Wed, November 23, 2022
EV charging risks, FTX, and an ancient apocalypse
Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes of AMTSO. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Larry David promotes FTX in Superbowl ad - YouTube. Crypto giant FTX collapses into bankruptcy - BBC News. FTX's new CEO: "Never in my career have I seen such a complete failure" - CBS News. Tom Brady, Giselle Bündchen, Larry David & Steph Curry Caught In FTX Crypto Fallout With Class Action Suit - Deadline. Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 milion - Reuters. Tweet showing Sam Bankman-Fried deepfake scam - Twitter. FTX Founder Deepfake Offers Refund to Victims in Verified Twitter Account Scam - Vice. Crypto.com CEO admits company accidentally sent 320,000 ETH ($416 million) to another crypto exchange a few weeks prior - Web3 is going great. Sandia studies vulnerabilities of electric vehicle charging infrastructure - Sandia Labs. Review of Electric Vehicle Charg
Wed, November 16, 2022
Housing market scams, Twitter 2FA, and the fesshole
Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Plus don't miss our featured interview with Pentera's Shakel Ahmed talking about automating continuous cyber defence validation. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Graham offers Dave Bittner some advice on “Welcome Datacomp”... in 1995! - Usenet. Elon Musk apologises to users for Twitter being slow - Twitter. Former Twitter employee doesn’t think Elon Musk knows what he’s talking about - Twitter. Eric Frohnhoefer says Elon Musk is wrong - Twitter. Twitter engineer calls out Elon Musk for technical BS in unusual career move - The Register. Elon Musk says that he is turning off microservices “bloatware” - Twitter. Twitter’s SMS Two-Factor Authentication Is Melting Down - Wired. Elon only trusts Elon - Platformer. Elon’s paranoid purge - Platformer. Google to pay nearly $400 million over deceptive location tracking practices - The Record. Follow Smashing Security on Mastodon . <a hr
Wed, November 09, 2022
Mastodon 101, and the Hushpuppi saga
Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who aren't joined by a guest this week. Warning: This podcast may contain nuts, adult themes, some snorting, and rude language. Episode links: Mastodon: What you need to know for your security and privacy - Graham Cluley. Follow Graham Cluley on Mastodon . Hushpuppi: Notorious Nigerian fraudster jailed for 11 years in US - BBC. Influencer involved in $1.1 million Qatar school financing scam jailed - Alarabiya. Influencer ‘Ray Hushpuppi’ jailed over plan to launder $300m - The Guardian. Hushpuppi’s wife, Imams write judge as US court sentences fraudster today - Premium Times. Living trailer - YouTube. Kleo - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Bitwarden – Password security you can trust. Bitwarde
Wed, November 02, 2022
Twitter turmoil, AI animal chatters, and metaverse at work
Twitter has a new chief twit in the form of Elon Musk and he's causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Warning: This podcast may contain nuts, adult themes, dolphin noises, and rude language. Episode links: Twitter employees are sleeping on the office floor to meet Elon Musk’s deadlines - The Verge. Elon Musk shows what being Chief Twit is all about across weird weekend - The Register. Pranksters pretending to be laid-off Twitter employees leave San Francisco HQ - YouTube. Twitter Limits Content-Enforcement Work as US Election Looms - Bloomberg. Twitter’s Yoel Roth comments on the firm’s trust and safety staff having their access to moderation and enforcement tools frozen - Twitter. Paul Pelosi Conspiracy Theory Trends on Twitter After Elon Musk Pushes It - Rolling Stone. Yoel Roth describes how Twitter will warn users of misleading information - Twitter. Yoel Roth describes “surge in hateful conduct on Twitter” - Twitter. The Demise of Digg: How an Online Giant Lost Control of the Digital Crowd - Harvard. <a href="https://mastodon.green/@gcluley" rel="noopener noreferrer" target="_b
Wed, October 26, 2022
Slushygate, sextortion, and nano-targeting
What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails? And what the flip is nano-targeting? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by fan favourite Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. No contortionists were hurt during the making of this episode. Episode links: Memorandum of sentencing of Bryan Wilson - United States District Court Western District Court of Kentucky at Louisville. Accurint for Law Enforcement - LexisNexis. LexisNexis illegally collected and sold people's personal data, lawsuit alleges - CBS News. Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos - Bitdefender. Congress should consider enhancing protections around scores used to rank consumers (PDF) - Government Accountability Office. Online Shoppers Beware: Scammers Most Likely to Impersonate DHL - Check Point. Why Am I Seeing That Political Ad? Check Your ‘Trump Resistance’ Score - New York Times. I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too - New York Times. Mixed Idioms . Apollo Remaster
Wed, October 19, 2022
The Virgin trains swindler, cyber clowns, and AirTag election debacle
Someone's election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by runZero's Chris Kitsch. Plus don't miss our featured interview with Akamai's Patrick Sullivan talking about how retailers can better thwart bots this holiday season. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The rundown on becoming runZero: What I learned rebranding a company - Chris Kirsch on the runZero blog. Tweet by Melissa Shusterman - Twitter. Apple AirTag Used To Find Over 100 Stolen Democratic Campaign Signs, Police Say - Forbes. Wie eine russische Firma ungestört Deutschland hackt - ZDF Magazin Royale on YouTube. German cybersecurity chief investigated over Russia ties - AP News. German cybersecurity chief sacked following reports of Russia ties - The Guardian. Fraudster swindled Virgin Trains out of £116,000 in 'sophisticated' scam - MSN. Virgin Trains worker, 37, swindled rail firm out of £116,000 in 'delay and repay' compensation scam by photoshopping tickets to exploit flaw in system - Daily Mail. Train delays:How to claim if it's late
Wed, October 12, 2022
Massive crypto bungle, and the slave scammers
A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit pig-butchering scams. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are flying solo again this week. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC. Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter. Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian. Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News. Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian. ZÈRTZ game . ZÈRTZ - Wikipedia. GIPF project - Wikipedia. The Capture - BBC iPlayer. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – the SaaS app that sends employees important, timel
Wed, October 05, 2022
Trussterflucks and eBay stalking
Has new UK prime minister Liz Truss been careless with her mobile phone, and hear the most extraordinary story of corporate cyberstalking. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by nobody for reasons that will become obvious. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths - Graham Cluley. Two Former eBay Executives Sentenced to Prison for Cyberstalking - US Department of Justice. Jonathan Pie: Welcome to Britain. Everything is Terrible - NYT Opinion. UK Supermarket’s Loans-for-Groceries Offer Attracts Huge Take Up - Bloomberg. Liz Truss' mobile number is being sold online for £6.49 - Daily Mail. How to Cook a Soft Boiled Egg Perfectly Every Time - YouTube. 11 Best Twitter Bots to Follow to Boost Productivity - Gadgetshouse. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Bitwarden – Password security you can trust. Bitwarden
Wed, September 28, 2022
Deepfake dangers, AI image opt out, and controlling your urges
Anti-porn "shameware" apps take a privacy pounding, is your image already being used by AI, and deepfake danger continues to deepen. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps - WIRED. Covenant Eyes . Sick and tired of trying to quit porn? You’re not alone - Covenant Eyes promotional video. Fortify . AI Is Probably Using Your Images and It's Not Easy to Opt Out - Vice. ISIS Executions and Non-Consensual Porn Are Powering AI Art - Vice. Have I been trained? The Deepfake Danger: When It Wasn’t You On That Zoom Call - CSO Online. Deepfake Audio Has A Tell – Researchers Use Fluid Dynamics To Spot Artificial Imposter Voices - The Conversation. Deephy: On Deepfake Phylogeny - Cornell University. On The Horizon: Interactive And Compositional Deepfakes - Microsoft. Detect DeepFakes: How to counteract misinformation created by AI - MIT University. <a href="http
Wed, September 21, 2022
Uber, Rockstar, and crystal balls
Researchers reveal how your eyeglasses could be leaking secrets when you're on video conferencing calls, we take a look at the recent data breaches involving Uber and Grand Theft Auto 6, and we cast an eye at what threats may be around the corner... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Register's Iain Thomson. Plus - don't miss our featured interview with Sal Aurigemma, the faculty director of the Master of Science in Cyber Security program at the University of Tulsa. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: “Iain Exotic”, Iain Thomson’s dress-up homage to Joe Exotic, the Tiger King - Twitter. “Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing” - Research paper by Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, and Kevin Fu. “We saved you a seat in chat” - Rather large text on the Twitch website. Stalker zoomed in on Japanese idol’s eyes to find out where she lived - Graham Cluley. Uber is looking for more security staff - Twitter. Uber explains how it was pwned this month, points finger at Lapsus$ gang - The Register. Uber’s hacker *irritated* his way into its network, stole internal documents - Graham Cluley. Security update - Uber. Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist - The Register. <a href="https://www.cisa.gov/cybersecurity-awareness-month" rel="noopener noreferrer" target="
Wed, September 14, 2022
Printer peeves, health data hangups, and Twitter tussles - with Rory Cellan-Jones
How could your inkjet printer finally help you make some money, why is it so hard to share our health data even if we want to, and what result do you want to see from the Elon Musk vs Twitter bunfight? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Rory Cellan-Jones. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Dynamic Cartridge Security - disable please - Angry customers complain on HP support forum. Update now! Many HP printers affected by three critical security vulnerabilities - MalwareBytes. HP will pay customers for blocking non-HP ink cartridges in EU - Bleeping Computer. HP and Euroconsumers settle on Dynamic Security - Euroconsumers. Ink cartridges are a scam - YouTube. Why printer ink is so expensive - Insider. Trying to print something - YouTube. UK Biobank - why won't GPs share data? - Rory’s Always On Newsletter. Another data sharing fiasco - Rory's Always On Newsletter. Tweet by Kate Bingham - Twitter. The Twitter Whistleb
Wed, September 07, 2022
Chiquita banana, dumb criminals, and detecting ring binders
Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ‘The least safe day’: rollout of gun-detecting AI scanners in schools has been a ‘cluster,’ emails show - Motherboard. Gun detection AI the latest tech to make schools less safe - TechDirt. The unproven, invasive surveillance technology schools are using to monitor students - ProPublica. NYC Mayor considering a subway security system that can’t differentiate between a laptop and a handgun - Motherboard. Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire - Brian Krebs. USA vs Patrick McGovern-Allen (PDF) - Court Listener. Reports of romance scams hit record highs in 2021 - FTC. Meeting you was a fake: Investigating the increase in romance fraud during COVID-19 - Academic Research. <a href="https://techcrunch.com/2022/08/31/filter-off-scam-fighters/" rel="noopener noreferrer" target="_
Wed, August 31, 2022
Lost in translation, spiders, and slapping tortillas - with Mikko Hyppönen
We're back from our summer break as we ask how did a cryptomining campaign stay unspotted for years, quiz special guest and infosec rockstar Mikko Hyppönen about his book, and ponder what spiders teach us about misinformation. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The 20 Funniest Finnish Expressions (and How To Use Them) - Matador Network. Sophos punts anti-virus for Klingon - The Register. Helsinki named Klingon-speaking capital of the world – Naked Security. Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications - Check Point Research. If It's Smart It's Vulnerable - Book by Mikko Hyppönen. Psychological inoculation improves resilience against misinformation on social media -Science Advances. Let’s flatten the infodemic curve - WHO. The global spread of misinformation on spiders - Current Biology. A Journey Into Misinformation on Social Media - The New York Times. Google Looks to Vaccination to Combat Misinformation In Searches - The New York Times. <a href="https://www.nytimes.com/2022/08/25/science/spiders-misinforma
Wed, August 03, 2022
Hackers doxxed, Pornhub probs, and Co-op security measures
Pornhub has a problem, the UK's Co-op supermarket is accused of big brother tactics, and we take a look at a security researcher's attempt to reveal the true identify of hackers. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: On security researcher's newsletter, exposing cybercriminals behind ransomware — CyberScoop. ‘Imma Make U Dig Ur Own Grave’: He Doxes Ransomware Hackers and Gets Death Threats in Return — Vice. Intrusion Truth - Five Years of Naming and Shaming China’s Spies — Kim Zetter. Who Is 'Intrusion Truth,' Group Exposing Alleged Chinese Hackers? — Daily Dot. The Leopards Eating People's Faces Party meme — Know Your Meme. Tweet by Bill Ackman. Judge Refuses Visa’s Request to Escape Pornhub-Related Lawsuit — The New York Times. How to Prevent and Handle Robberies and Theft in Retail — Vend Retail Blog. Abuse of shopworkers is on the rise – coronavirus brought it to our attention and now we need to act — The Conversation. <a href="https://www.retail-week.com/people/tackling-violence-and-abuse-in-retail-must-be-one-of-the-industrys-highest-priorities/7040200.article?aut
Wed, August 03, 2022
286: Hackers doxxed, Pornhub probs, and Co-op security measures
Pornhub has a problem, the UK's Co-op supermarket is accused of big brother tactics, and we take a look at a security researcher's attempt to reveal the true identify of hackers. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/286 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Gigamon : Gigamon's latest report into the state of ransomware reveals how insider threats are evolving, what impact cyber insurance and the ‘blame culture’ are having on the cybersecurity industry, and why deep observability is the new frontier for tackling the ransomware crisis. Download it at gigamon.com/smashing Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all. Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today. Support Smashing Security Links: On security researcher's newsletter, exposing cybercriminals behind ransomware</
Wed, July 27, 2022
285: Uber's hidden hack, tips for travel, and AI accent fixes
Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Paul Ducklin. Plus don't miss our featured interview with Ian Farquhar of Gigamon. Visit https://www.smashingsecurity.com/285 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Ian Farquhar and Paul Ducklin. Sponsored By: Gigamon : Gigamon's latest report into the state of ransomware reveals how insider threats are evolving, what impact cyber insurance and the ‘blame culture’ are having on the cybersecurity industry, and why deep observability is the new frontier for tackling the ransomware crisis. Download it at gigamon.com/smashing SolCyber : If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less than Fortune 500 level security? SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. When you’re being targeted by the same bad guys, nothing else will do. A curated stack of leading technologies and around-the-clock SOC support, all simply priced per user. Let SolCyber do the heavy lifting. Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team me
Wed, July 27, 2022
Uber's hidden hack, tips for travel, and AI accent fixes
Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Naked Security's Paul Ducklin. Plus don't miss our featured interview with Ian Farquhar of Gigamon. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: Uber Enters Non-Prosecution Agreement Related to 2016 Data Breach — US Department of Justice. Former Uber Security Chief Joe Sullivan Must Face Driver Fraud Charges — Bloomberg. Uber to pay $148 million in data breach settlement — TechCrunch. Uber paid hackers $100,000 to keep data breach quiet — Graham Cluley. Uber CISO's trial underscores the importance of truth, transparency, and trust — CSO Online. 7 cybersecurity tips for your summer vacation! — Naked Security. Sanas demo. Sanas Raises $32M for Breakthrough AI Technology for Real-Time Accent Translation — Sanas press release. This 6-Million-Dollar AI Changes Accents as You Speak — IEEE Spectrum. <a href="https://www.newsci
Wed, July 20, 2022
284: The Most Wanted Missing CryptoQueen
In this special edition of the "Smashing Security" podcast, computer security veterans Graham Cluley and Carole Theriault welcome back author and journalist Jamie Bartlett - host of "The Missing CryptoQueen" podcast. Jamie tells us about his new book, which shares more details about the disappearance of cryptocurrency scammer Dr Ruja Ignatova, and the subsequent hunt by law enforcement. Visit https://www.smashingsecurity.com/284 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jamie Bartlett. Sponsored By: Cyber Security Inside podcast : The Cyber Security Inside podcast brings you the most important and timely security topics as well as other industry experts for insightful conversations. It breaks down complicated tech talk into plain english, helping listeners keep up to speed on topics like cybernetics, intelligent systems, NFTs, and federated learning, in ways we can all understand. Listen now at cybersecurityinside.com/smashing Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all. Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today. Drata : Is your organization finding it difficult to achieve compliance and scale its security posture
Wed, July 20, 2022
The Most Wanted Missing CryptoQueen
In this special edition of the "Smashing Security" podcast, computer security veterans Graham Cluley and Carole Theriault welcome back author and journalist Jamie Bartlett - host of "The Missing CryptoQueen" podcast. Jamie tells us about his new book, which shares more details about the disappearance of cryptocurrency scammer Dr Ruja Ignatova, and the subsequent hunt by law enforcement. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: The Missing CryptoQueen podcast — BBC. The Missing CryptoQueen book — Penguin. Missing Cryptoqueen: FBI adds Ruja Ignatova to top ten most wanted — BBC News. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing. Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance. Cyber Security Inside podcast -bringing you the most important and timely security topics as well as other industry experts for insightful conversations. Support the show: You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser . Become a Patreon supporter for ad-free episodes and our early-release feed! Follow us: Follow the show on Twitter at @SmashinSecurity , or on t
Wed, July 13, 2022
Disney's social dumpster fire, Anom phones, and TikTok tragedies
A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Anna Brading. Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: Official Disneyland Instagram Account Hacked This Morning! — The Disney blog. Disneyland social media accounts hacked, offensive messages posted — Hot for Security. We Got the Phone the FBI Secretly Sold to Criminals — Vice. Parents Sue TikTok, Saying Children Died After Viewing ‘Blackout Challenge’ — The New York Times. Lawmakers Want Social Media Companies to Stop Getting Kids Hooked — Wired. How Social Media Tricks Us Into Thinking We Are Paying Attention — Forbes. Facebook could be sued for addicting children under California bill — Ars Technica. Kids Are Using Social Media More Than Ever, Study Finds — New York Times. 2021 Facebook leak — Wikipedia. <
Wed, July 13, 2022
283: Disney's social dumpster fire, Anom phones, and TikTok tragedies
A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Anna Brading. Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services. Visit https://www.smashingsecurity.com/284 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Anna Brading and Scott McCrady. Sponsored By: Snyk : The Secure Developer is a conversational and insightful podcast, that bridges the gap between dev and sec. Hosted by Guy Podjarny, one of the guys behind Snyk, it's a security podcast that developers will enjoy listening to and learning from. They have already released over 100 episodes, and I think many of you would get a lot from listening to it too. Check out The Secure Developer podcast at smashingsecurity.com/thesecuredeveloper SolCyber : If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less than Fortune 500 level security? SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. When you’re being targeted by the same bad guys, nothing else will do. A curated stack of leading technologies and around-the-clock SOC support, all simply priced per user. Let SolCyber do the heavy lifting. Bitwarden : A password manager is an important tool for generating and saving secure cred
Wed, July 06, 2022
282: Raising money through ransomware, China's mega-leak, and hackers for hire
A hacked university might have made a profit after paying a cryptocurrency ransom, China suffers possibly the biggest data breach in history, and Reuters investigates digital mercenaries. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/282 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all. Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today. Support Smashing Security Links: Dutch university paid $220,000 ransom to hackers after Christmas attack — Graham Cluley. Remarkable development in investigation into Maastricht University cyberattack — Maastricht University. <a href="https://www.theregister.com/2022/07/05/maastricht_university_ransom_return
Wed, July 06, 2022
Raising money through ransomware, China's mega-leak, and hackers for hire
A hacked university might have made a profit after paying a cryptocurrency ransom, China suffers possibly the biggest data breach in history, and Reuters investigates digital mercenaries. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: Dutch university paid $220,000 ransom to hackers after Christmas attack — Graham Cluley. Remarkable development in investigation into Maastricht University cyberattack — Maastricht University. Dutch University profits from returned ransomware payment — The Register. Favorable exchange rate on a fake cryptoexchange — Kaspersky. Tweet from @cz_binance about mega-leak. Vast Cache of Chinese Police Files Offered for Sale in Alleged Hack — Wall Street Journal. How mercenary hackers sway litigation battles — Reuters. Countering hack-for-hire groups — Google. The business of hackers-for-hire threat actors — TechRepublic. Fransdita Muafidin on Instagram. <a href="https://www.geeksaresexy.net/2018/09/21/giant-cats-disturbing-civilization-pics/" rel="noopener noreferrer" target=
Wed, June 29, 2022
281: Debug ransomware and win $1,000,000, period-tracking apps, and AI gets emotional
A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft's facial recognition tech no longer wants to know how you're feeling. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford from The Host Unknown podcast. Plus don't miss our featured interview with Bitwarden founder and CTO Kyle Spearrin. Visit https://www.smashingsecurity.com/281 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Kyle Spearrin and Thom Langford. Sponsored By: Kolide : At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated. Try Kolide Free for 14 Days; no credit card required. Snyk : Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit. Get started right now, with a free forever account, at snyk.co/smashing <a href="https://www.bitwarden.com/smashing
Wed, June 29, 2022
Debug ransomware and win $1,000,000, period-tracking apps, and AI gets emotional
A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft's facial recognition tech no longer wants to know how you're feeling. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford from The Host Unknown podcast. Plus don't miss our featured interview with Bitwarden founder and CTO Kyle Spearrin. Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: LockBit 3.0 introduces the first ransomware bug bounty program — Bleeping Computer. Fake copyright infringement emails install LockBit ransomware — Bleeping Computer. Why US women are deleting their period tracking apps — The Guardian. Privacy not included — Mozilla Foundation. The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant — Vice. Microsoft is removing emotion recognition features from its facial recognition tech — NBC News. Top 10 Emotional AI Examples in 2022 & Reasons for Success — AI Multiple. Analysis of Speech Features for Emotion Detection: A Review — IEEE Xplore. <a href="https://blogs.microsoft.com/on-the-issues/2022/06/21/microsofts-framework-for-building-ai-systems-responsibly/" rel="noopener noreferrer" target="_
Wed, June 22, 2022
280: Hot tub hijinx, and a sentient AI
Internet-connected jacuzzis find themselves in hot water, and a Google engineer claims that their AI has developed feelings. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/280 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all. Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today. Drata : Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streaml
Wed, June 22, 2022
Hot tub hijinx, and a sentient AI
Internet-connected jacuzzis find themselves in hot water, and a Google engineer claims that their AI has developed feelings. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Episode links: Hot Tub Time Machine trailer — YouTube. Hacking into the worldwide Jacuzzi SmartTub network — Eaton Works. SmartTub — Apple iOS App Store. SmartTub — Google Play store. Hot tub hack reveals washed-up security protection — BBC News. Google engineer Blake Lemoine thinks its LaMDA AI has come to life — The Washington Post. Google engineer put on leave after saying AI chatbot has become sentient — The Guardian. AI's most convincing conversations are not what they seem — The Register. Blake Lemoine's blog. Van Gogh Bristol Exhibition: The Immersive Experience. Van Gogh: The Immersive Experience — YouTube. The Inquiry — BBC World Service. Smashing Security mercha
Wed, June 15, 2022
Encrypted notes, and a deadly case of AirTag spying
How did a saxophonist sneak sensitive information in and out of the Soviet Union? How might an Apple AirTag have led to murder? And isn't the world of cryptocurrency and blockchain doing just great? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/279 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members an
Wed, June 08, 2022
Tim Hortons, avoiding sanctions, and good faith security research
Trouble brews with the Tim Hortons app, Mandiant gets in a tussle with a Russian ransomware gang, and should good faith security researchers be at risk of prosecution? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Lazarus Heist's Geoff White. Visit https://www.smashingsecurity.com/278 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: Snyk : Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit. Get started right now, with a free forever account, at snyk.co/smashing Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to
Wed, June 01, 2022
Bad bots, cheeky ransoms, and good deepfakes
Ransom acts of kindness are top of our mind, as we also explore how bad bots are hogging more and more of the internet's activity, and look at how deepfakes could be a good thing after all. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ray [REDACTED]. Visit https://www.smashingsecurity.com/277 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ray [REDACTED]. Sponsored By: Bitwarden : A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all. Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today. Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
Wed, May 25, 2022
Webcam extortion, Michael Fish, and food foul-ups
A browser extension bug let malicious websites spy on webcams, hackers threaten the global food supply chain, and Michael Fish (not that one...) hacked into his female classmates' online accounts, hunting for nude photos and videos. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/276 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: GoodAccess : GoodAccess - Free Business Cloud VPN for up to 100 Users. Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever. Kolide : At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks
Wed, May 18, 2022
Jail for Bing, and mental health apps may not be good for you
A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up to? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Dr Jessica Barker. Plus don't miss our featured interview with Rumble's Chris Kirsch. Visit https://www.smashingsecurity.com/275 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Chris Kirsch and Jessica Barker. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. GoodAccess : <a href="https://www.smashingsecurity.com/goodaccess" rel="noopener noreferrer" target="_bla
Wed, May 11, 2022
Hands off my biometrics, and a wormhole squirmish
Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . And don't miss our featured interview with Artur Kane of GoodAccess. Visit https://www.smashingsecurity.com/274 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Artur Kane. Sponsored By: GoodAccess : GoodAccess - Free Business Cloud VPN for up to 100 Users. Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever. Rumble : Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems. It can even tell you which machines are missing endpoint protection, from your local network to the cloud. Sign up for a free trial and build your asset inventory in minute
Wed, May 04, 2022
Password blips, and who's calling the airport?
We find out why calls to Dublin airport's noise complaints line have soared, and Carole quizzes Graham to celebrate World Password Day. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . And don't miss our special featured interview with Clint Dovholuk of NetFoundry. Visit https://www.smashingsecurity.com/273 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Clint Dovholuk. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. NetFoundry : NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networkin
Wed, April 27, 2022
Going ape over the Kardashians, and the face of romance scams
Members of The Bored Ape Yacht Club get that sinking feeling, a face unwittingly launches hundreds of romance scams, and is an as-yet unseen Kim Kardashian sex tape a load of old Roblox? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by the BBC's cyber correspondent Joe Tidy. Visit https://www.smashingsecurity.com/272 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Joe Tidy. Sponsored By: Kolide : At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated. Try Kolide Free for 14 Days; no credit card required. NetFoundry : NetFoundry's OpenZiti is an open source, free and ea
Wed, April 20, 2022
Crypto break-in, Google blurring, and mics not muting
A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia... or has it? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/271 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: NetFoundry : NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything. Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud. No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more. Learn more and try it for yourself at netfoundry.io/smashingsecurity/ Kolide : At
Wed, April 13, 2022
Bearded Barbie, EDR scams, and hobbyist crime detectives
Pulchritudinous women with glossy long hair are targeting Israeli officials via Facebook - but why? Scammers have found a new way to gain access to your most sensitive information - but how? And armchair detectives are helping investigating cold cases involving DNA - but should they? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/270 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Keeper Security : <a href="https://www.keepersecurity.com/smashing" rel="noopener noreferrer" target="_blank"
Wed, April 06, 2022
Trezor Deep Throat, a CCTV stalker, and Amazon's list of banned words
There's monkey business involving cryptocurrency thieves and MailChimp, a stalker exploits his ex-partner's CCTV cameras, and what are the naughty words Amazon doesn't want its staff using? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Zoë Rose. Visit https://www.smashingsecurity.com/269 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoë Rose. Sponsored By: Keeper Security : Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization. Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashing Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditi
Wed, March 30, 2022
LinkedIn deepfakes, doxxing Russian spies, and a false alarm
Strange goings-on on LinkedIn, Ukraine publishes a list of alleged Russian FSB agents, and police in Pittsburgh investigate an odd report of an active shooter. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Lazarus Heist's Geoff White. Visit https://www.smashingsecurity.com/268 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: Keeper Security : Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization. Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashing Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional
Wed, March 23, 2022
Virtual kidnapping, two helipads, and a naughty Apple employee
A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid being virtually kidnapped. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Anna Brading. Visit https://www.smashingsecurity.com/267 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Anna Brading. Sponsored By: Kolide : At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated. Try Kolide Free for 14 Days; no credit card required. Drata : Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest
Wed, March 16, 2022
Cyberflashing, Kaspersky, and secret spies
Germany tells consumers to stop using Kaspersky anti-virus products, OSINT reveals a secret government department (with help from an Apple AirTag), and the UK says it's taking a hard line on cyberflashing. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Chris Kirsch. Visit https://www.smashingsecurity.com/266 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Chris Kirsch. Sponsored By: Drata : Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it too Countless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process. Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drata <a href="https://l.kolide.co/3uSdmVj" rel
Wed, March 09, 2022
The Nigerian supercop and Alexa vs. Alexa
The most famous policeman in Nigeria is in hot water over his links to Hushpuppi, has your Amazon Echo been talking to itself, and can an AI girlfriend save your marriage? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Plus don't miss our featured interview with Jason Meller of Kolide. Visit https://www.smashingsecurity.com/265 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jason Meller. Sponsored By: Drata : Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it too Countless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process. Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drata <a href="https://l.kolide.co/3HMcG
Wed, March 02, 2022
Hacked car chargers, Telegram sextortionists, and secret bossware
Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jessica Barker. Visit https://www.smashingsecurity.com/264 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jessica Barker. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Support Smashing Security Links: Thre
Wed, February 23, 2022
Problèmes de Weefeee, AI artists, and Web 3.0
Ooh la la! Horreur Wi-Fi en France! Some folks have experienced the drawbacks of Web 3.0 as their NFTs are stolen, and should computers own the copyright over the art they produce? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. And don't miss our featured interview with Sean Herbert of baramundi. Visit https://www.smashingsecurity.com/263 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Mark Stockley and Sean Herbert. Sponsored By: Kolide : At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated. Try Kolide Free for 14 Days; no credit card required. baramundi : <a href="https://www.baramundi.com/smashingsecurity" rel="noope
Wed, February 16, 2022
Macro progress, eyeball-tracking ads, and encryption backdoors
How does Microsoft hope to defeat the macro terror? How is the UK Government trying to influence the public's opinion on end-to-end encryption? And what is MoviePass hoping to do with your eyeballs? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford. Visit https://www.smashingsecurity.com/262 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Thom Langford. Sponsored By: Kolide : Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security. You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. baramundi : Optimize your IT processes with the baramundi Management Suite and make optimal use of r
Wed, February 09, 2022
North Korea hacked, DEA cosplay, and Horizon Worlds drama
Who's wearing the pyjamas while they take down North Korea's internet? Is it a case of cop or cosplay in Oregon? And what's to fear about the metaverse? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/261 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: 1Password : 1Password Families makes sharing passwords, logins, credit cards and more a (romantic) walk in the park. From now until February 28th, when you sign up for - or upgrade your individual account to - a 1Password Families membership, you’ll get $20 off the entire year! Learn more at smashingsecurity.com/love1password baramundi : Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks. Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can b
Wed, February 02, 2022
New hire mystery, hacktivist ransomware, and digi-dating
Who's that new guy working at your company, and why don't you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/260 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : Secure online payments and grow your business with Brex and 1Password. Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks. 1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States. Learn more at smashingsecurity.com/brex Uptycs : Uptycs is a cloud-native security analytics platform built to protect the modern attac
Wed, January 26, 2022
Techquilibrium and mediocre linguistic escapades
Wordle - good or bad for the world? Whatever your opinion, at least someone wants to spoil players' fun. Meanwhile, we take a look at the threat mobile phones can pose to your mental health. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/259 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: 1Password : Secure online payments and grow your business with Brex and 1Password. Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks. 1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States. Learn more at smashingsecurity.com/brex Thinkst : Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect
Wed, January 19, 2022
Tesla remote hijacks and revolting YouTubers
Carole's still on jury service, but the show must go on! We take a look at how some Tesla owners are at risk of having their expensive cars remotely hijacked, and why YouTubers are up in arms over NFTs. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/258 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Uptycs : Uptycs is a cloud-native security analytics platform built to protect the modern attack surface. Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem. Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping. Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform. Find out more and try it for free at uptycs.com <a href="https://www.smashingsecuri
Wed, January 12, 2022
Pokemon-hunting cops and the Spine Collector scammer
Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors? Which pot contains an elephant? And why has Graham been listening to podcasts about pest control marketing? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/257 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Uptycs : Uptycs is a cloud-native security analytics platform built to protect the modern attack surface. Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem. Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping. Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform. Find out more and try it f
Wed, December 15, 2021
Virgin Media just won't take no for an answer, NFT apes, and bad optics
After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your sleeping girlfriend's facial recognition. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined by Mark Stockley for our last episode of the year! Visit https://www.smashingsecurity.com/256 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: 1Password : The first annual 1Password “State of Access” benchmark study illuminates the grave dangers unwittingly posed by checked-out, apathetic employees — including security professionals. Burned-out employees are 3 times more likely to say security rules and policies “aren’t worth the hassle,” and nearly half of burned-out security professionals say it’s unrealistic for companies to be aware of and manage all apps and devices that employees use. Read the report and find out what you can do at 1password.com/resources. Uptycs : Uptycs is a cloud-native security analytics platform bui
Wed, December 08, 2021
Revolting receipts, a Twitter fandango, and shopkeeper cyber tips
"Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Dinah Davis. Visit https://www.smashingsecurity.com/255 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dinah Davis. Sponsored By: Uptycs : Uptycs is a cloud-native security analytics platform built to protect the modern attack surface. Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem. Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping. Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform. Find out more and try it for free at uptycs.com <a href="https://www
Wed, December 01, 2021
A dead hamster, a brass pen, and The Beatles
Cryptocurrency traders suffer a hamster-related loss, beware of charity scammers this holiday season, and do you have the patience to sit through Peter Jackson's eight-hour Beatles documentary? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are flying solo this week. Visit https://www.smashingsecurity.com/254 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Uptycs : Uptycs is a cloud-native security analytics platform built to protect the modern attack surface. Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem. Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping. Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform. Find out more and try it for free at uptycs.com <a href="https://www.1pa
Wed, November 24, 2021
Cybercrime unicorns, HVAC hacks, and NFT piracy - with Mikko Hyppönen
Heating systems are left vulnerable to attack in the high courts, cybercrime unicorns have become a reality (but what are they?), over 15 Terabytes of NFTs are made available for anyone to download ... and Carole reveals her Pick of the Year. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mikko Hyppönen. Visit https://www.smashingsecurity.com/253 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mikko Hyppönen. Sponsored By: Thinkst : Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents... Listeners who mail in referencing Smashing Security get a 10% discount on their order! Perimeter 81 : Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility. Perimeter 81 allows organizations o
Wed, November 17, 2021
Hotel hacks, workplace spies, and the FBI
Booking.com got hacked five years ago, and didn't tell its customers... but now we know who might have been behind it. Bossware rears its ugly head again in the workplace, spying on employees. And did you receive a warning email from the FBI? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Brian Klaas of the "Power Corrupts" podcast. Plus we have a featured interview with Perimeter 81 co-founder and CEO Amit Bareket. Visit https://www.smashingsecurity.com/252 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Amit Bareket and Brian Klaas. Sponsored By: Perimeter 81 : Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility. Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform. Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more. <a href="https://www.perimeter81.com" rel="noopener noreferrer" target="_blan
Wed, November 10, 2021
PrawnHub, Tesla recall, and IoT luggage
Fishing fanatics find themselves in deep water, Teslas go haywire after an update, and is there actually some good news about IoT? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ken Munro. Visit https://www.smashingsecurity.com/251 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ken Munro. Sponsored By: 1Password : From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better. Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password. Work securely from home or in the office. 1Password allows secure access to logins and important resources anywhere you work. Instantly deploy, grant and revoke access to shared vaults. You can securely add new team members and recover locked-out user accounts. Find out more and try 1Password free for 14 d
Wed, November 03, 2021
Yes, you heard that correctly. Two hundred and fifty
A game about Squid Game pulls the rug from under cryptocurrency investors in what appears to be a scam, PayPal hackers use a devious trick to break into 2FA-protected accounts, and have you received a job offer that's too good to be true? All this and much much more is discussed in this celebratory edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Dr Jessica Barker. Plus don't miss our featured interview with the CEO and president of Qualys, Sumedh Thakar. Oh, and huge thanks to Darknet Diaries' Jack Rhysider, F-Secure's Mikko Hyppönen, The Cyberwire's Dave Bittner, and Host Unknown's Andrew Agnês, Thom Langford, and Javvad Malik for their special contributions to this episode. Visit https://www.smashingsecurity.com/250 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Andrew Agnês, Dave Bittner, Jack Rhysider, Javvad Malik, Jessica Barker, Mikko Hyppönen, Sumedh Thakar, and Thom Langford. Sponsored By: Qualys : Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online. Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career. <a href="ht
Wed, October 27, 2021
Devious licks, Netflix, and sensitive hackers
Ransomware attackers have got hurt feelings, what does Netflix know about you, and why are schoolkids stealing lavatory seats? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by 1Password's Matt Davey from the "Random but Memorable" podcast. Visit https://www.smashingsecurity.com/249 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Matt Davey. Sponsored By: Thinkst : Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents... Listeners who mail in referencing Smashing Security get a 10% discount on their order! 1Password : 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels. <a href="https://www.smashingsecurity.com/university" rel="noopener nor
Wed, October 20, 2021
Press F12 to hack
A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place for facial recognition? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/248 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: 1Password : 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels. Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet. Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you. <a href="https://www.smashingsecurity.com/university" rel="n
Wed, October 13, 2021
Rickrolling submarine secrets
A married couple are accused of selling nuclear sub secrets, Facebook continues to make young lives a misery, and a school hacker lets loose one heck of a prank. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/247 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Support Smashing Security Links: Maryland Nuclear Engineer and Spouse Arrested on Espionage-Related Charges — US Department of Justice. Couple charged with leaking US nuclear sub designs — The Register. Facebook will add new safety features, notably for teens, after whistlebl
Wed, October 06, 2021
Facebook has fallen
Facebook suffers a massive (and very public) failure, Britain announces plans for counter-attacking nation states in cyberspace, and there's a tragic story related to ransomware. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Chris Kirsch. And don't miss our featured interview with Attivo Network's Carolyn Crandall. Visit https://www.smashingsecurity.com/246 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Carolyn Crandall and Chris Kirsch. Sponsored By: 1Password : 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels. Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet. Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you. <a href="https://www.smashi
Wed, September 29, 2021
The Julian Assange assassination plot, and IoT toilets
While Julian Assange was killing time in the Ecuador's embassy in London, the CIA were trying to dream up ways to kill him, and urine trouble if you put your trust in an IoT lavatory. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by nobody at all. Visit https://www.smashingsecurity.com/245 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com Support Smashing Securi
Wed, September 22, 2021
Facebook Ray-Bans, VPN spies, and AI camouflage
How much do you trust the people who work at your VPN provider? How are folks fighting facial recognition? And what on earth is Ray-Ban thinking getting into bed with Facebook? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/244 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"
Wed, September 15, 2021
Breaking news, Apple zero-clicks, and bad blood
A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Thom Langford. Visit https://www.smashingsecurity.com/243 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Thom Langford. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com <a href="https://ww
Wed, September 08, 2021
ProtonMail privacy questioned, and Banksy blunder
ProtonMail finds itself in a privacy pickle, the big problem with Facebook's algorithmic amplification, and strange things are happening on Banksy's website. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/242 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com Privac
Wed, September 01, 2021
Flipping dating apps, and crypto rewards for criminals
How to find your match on the Bumble dating app, convicted criminals make money out of cryptocurrency, and there are concerns about data in Afghanistan. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/241 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work. Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now. Privacy.com : Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identit
Wed, August 25, 2021
3D printer hijacks, crypto fails, and a tech billionaire’s revenge
A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer. All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC cybersecurity correspondent Joe Tidy. Visit https://www.smashingsecurity.com/240 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Joe Tidy. Sponsored By: 1Password : Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work. Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now. Attivo Networks : It’s time to get serious about preventing and detecting credential abuse, privileg
Wed, August 18, 2021
TikTok vigilantes, sloppy IoT, and Wikipedia woe
The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes (who has a very controversial Pick of the Week...) Visit https://www.smashingsecurity.com/239 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Hawes. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com <a href
Wed, July 28, 2021
Fashion captain, fraud family, and DEF CON. D'oh!
Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Naked Security's Paul Ducklin. Visit https://www.smashingsecurity.com/238 to check out this episode’s show notes and episode links. We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Paul Ducklin. Sponsored By: 1Password : Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work. Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now. Offensive Security : With the skills
Wed, July 21, 2021
NuNa, NuNu, NaNa
Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a "Freedom Phone" be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford. Visit https://www.smashingsecurity.com/237 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Thom Langford. Sponsored By: KnowBe4 : Did you know that 91% of successful data breaches started with a spear phishing attack? Find out what percentage of your employees are at risk with KnowBe4's free phishing security test. Plus, see how you stack up against your peers with the new phishing industry benchmarks. Find out more at knowbe4.com/freetest Offensive Security : With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive
Wed, July 14, 2021
Stingrays, soccer, and smart homes
How did investigators ask a romance scammer out on a date, smart homes continue to play dumb, and is it time for social media sites to do more about racist football fans? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology reporter Zoe Kleinman. Visit https://www.smashingsecurity.com/236 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoe Kleinman. Sponsored By: Offensive Security : With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP. Visit smashingsecurity.com/offsec to learn more! Privacy.com : Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now. 1Password : <a href="http
Wed, July 07, 2021
REvil returns, TikTok grows, and Gettr defaced
A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist and author Chris Stokel-Walker. Visit https://www.smashingsecurity.com/235 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Chris Stokel-Walker. Sponsored By: Privacy.com : Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now. 1Password : Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers? 1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (
Wed, June 30, 2021
Cozy Bear, dildo scams, and robo hires and fires
Microsoft warns about a hacking gang that is far from cuddly, algorithms rather than managers are firing people, and our guest receives a surprising email from "Amazon"... And you will NOT want to miss checking out a very special "Pick of the week"! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by David Bisson. Visit https://www.smashingsecurity.com/234 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David Bisson. Sponsored By: 1Password : Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers? 1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (mis)management is the next big cybersecurity threat. Learn more by reading the full report at 1password.com/resources Support Smashing Security Links: Cozy Bear — W
Wed, June 23, 2021
Peloton problems, romance regret, and Weiner woes
We take a look at why Peloton is being accused of ransomware-like behaviour, how one man lost $250,000 in a romance scam, and how a chap called Weiner has found himself in a political pickle. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Andrew Agnês. Plus we have a featured interview with KnowBe4 expert Roger Grimes. Don't miss it! Visit https://www.smashingsecurity.com/233 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Andrew Agnês and Roger A Grimes. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more an
Wed, June 16, 2021
Zoomolympics and language matters
Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/232 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com <a href="https://www.deep-secure.com/smashingsecurity" rel="noopener noreferrer
Wed, June 09, 2021
Sexy snaps and encrypted chat traps
Criminals are caught in a encrypted chat trap, should you trust Apple's repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. And don't miss our featured interview with Dr Simon Wiseman, the CTO of Deep Secure. Visit https://www.smashingsecurity.com/231 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Dave Bittner and Simon Wiseman. Sponsored By: KnowBe4 : Did you know that 91% of successful data breaches started with a spear phishing attack? Find out what percentage of your employees are at risk with KnowBe4's free phishing security test. Plus, see how you stack up against your peers with the new phishing industry benchmarks. Find out more at knowbe4.com/freetest Deep Secure : Deep Secure Threat Removal takes incoming poisoned Word doc
Wed, June 02, 2021
Flash card f-up and energy pipe pilfering
The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by "Lola." Visit https://www.smashingsecurity.com/230 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: 1Password : Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are. 1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security. Find out more and try 1Password free for 14 days at 1Password.com JumpCloud : <a href="https://www.smashingsecurity.com/jumpcloud" rel="noopener noreferrer" targe
Wed, May 26, 2021
Dating leaks, right to repair, and a stinky bishop
A big cheese ends up in jail, a Japanese dating site spills the dirt after a hack, and we learn all about the right to repair. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Paul Roberts from The Security Ledger. Plus don't miss our featured interview with Javvad Malik from KnowBe4. Visit https://www.smashingsecurity.com/229 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Javvad Malik and Paul F Roberts. Sponsored By: KnowBe4 : Did you know that 91% of successful data breaches started with a spear phishing attack? Find out what percentage of your employees are at risk with KnowBe4's free phishing security test. Plus, see how you stack up against your peers with the new phishing industry benchmarks. Find out more at knowbe4.com/freetest OneLogin : According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic. As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies. OneLogin's message? You're not alone. Attend their live event on Weds May 26, "Keeping the Mind Clear and the Compa
Wed, May 19, 2021
Pipeline pickle, Blockchain bollocks, and Eufy SNAFU - with Rory Cellan-Jones
The Colonial Pipeline attack has shone light on the activities of the Darkside ransomware gang, we take a skeptical look at cryptocurrencies and the blockchain, and Eufy security cameras suffer an embarrassing security failure. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology correspondent Rory Cellan-Jones. Plus don't miss our featured interview with Vanessa Pegueros of OneLogin. Visit https://www.smashingsecurity.com/228 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Rory Cellan-Jones and Vanessa Pegueros. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Skiff : We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately? Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even
Wed, May 12, 2021
Phishing foul-up, Twitter tip jars, and Facebook's Apple fury
Facebook says it's sticking up for the little guys as it picks a fight with Apple, there are testing times on the trains, and Twitter takes a tip. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ray [REDACTED]. Visit https://www.smashingsecurity.com/227 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ray [REDACTED]. Sponsored By: 1Password : Introduce your family to better online security and safer browsing habits with 1Password. Share more than passwords — save logins, documents, credit cards, and more, accessible on all your devices. Sharing is made simple. Keep personal logins private, and easily share access to what they need. Recover 1Password access for family members so they never get locked out. Find out more and try 1Password free for 14 days at 1Password.com OneLogin : According to the OneLogin IAMokay Mental Health Sur
Wed, May 05, 2021
Cryptocrazies and NFTs
How did the SCAM cryptocurrency become a success? Why is Google allowing government rip-off ads to still appear on search results? And why on earth is everyone suddenly spending millions of dollars on NFTs? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by David McClelland. Visit https://www.smashingsecurity.com/226 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: Skiff : We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately? Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even Skiff - can see what you've created. Skiff is offering listeners of Smashing Security early access. Sign up now: skiff.org/smashing KnowBe4 : Did you know that 91% of successful data breaches started with a spear phishing attack? <a href="https:/
Wed, April 28, 2021
Master of your domain, gripe sites, and John Deere Farmergeddon
Google loses its domain in Argentina, how do gripe sites make their dough, and has John Deere solved the cybersecurity problem? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/225 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: 1Password : The 1Password you know and love, now for all your company secrets 1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed. Visit 1password.com/secrets/ to learn more. Support Smashing Security Links: Smashing Security Christmas LIVE STREAM — Including Mark Stockley and his chickens. How a WhatsApp status loophole is aiding cyberstalkers
Wed, April 21, 2021
The Lazarus Heist, Facebook faux pas, and no-cost security
Facebook has managed to do the seemingly impossible - and had a data breach about its handling of a data breach. Meanwhile, we chat to the host of the brand new podcast about North Korea's hackers targeting the rest of the world, and discuss if an intern can be trusted to monitor your security. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Geoff White of "The Lazarus Heist" podcast. Plus! Don't miss our featured interview with Duo's Helen Patton. Visit https://www.smashingsecurity.com/224 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Geoff White and Helen Patton. Sponsored By: 1Password : The 1Password you know and love, now for all your company secrets 1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed. Visit 1password.com/secrets/ to learn more. Duo : While remote work has been on the rise for years now, the recent rapid expansion of work-from-hom
Wed, April 14, 2021
Booze, nudes, and insurance dudes
Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/223 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Duo : While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best. Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that onl
Wed, April 07, 2021
Facebook, deepfakes, and April Fools scandals - with Nina Schick
Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook's latest data fiasco, and some less-than-brilliant April Fool's tricks. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/222 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Nina Schick. Sponsored By: Duo : While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best. Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial. 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. <
Wed, March 31, 2021
God bless his hairy palms
FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house... virtually. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Thom Langford. Visit https://www.smashingsecurity.com/221 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Thom Langford. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Support Smashing Security Links: FatFace would like everyone to keep its data breach “strictly private and confidential” — Graham Cluley. Retailer FatFace pays $2m ransom to Conti cyber criminals — Computer Weekly. Streisand effect — Wikipedia. <a
Wed, March 24, 2021
Ransoms, scandals, and glitter bombs
PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London's police not happy about Sci Hub? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Alex Eckelberry. Visit https://www.smashingsecurity.com/220 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Alex Eckelberry. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Sailpoint : SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less. Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services. <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"
Wed, March 17, 2021
Cheerleaders, dating apps, and crisis PR
How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Yvonne Eskenzi. Visit https://www.smashingsecurity.com/219 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Yvonne Eskenzi. Sponsored By: CrowdSec : CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer. Sailpoint : SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less. Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services. <a href="https://randombutmemorable.simplecast.com/" rel="noopener noreferrer" targe
Wed, March 10, 2021
Microsoft, McAfee, and mayhem
Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/218 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Follow us on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: Sailpoint : SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less. Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services. 1Password : Check out 1Password's podcast "Random but Memorable" for lighthearted security advice and banter with hosts Matt, Anna, and Michael. Listen to the "Random but Memo
Wed, March 03, 2021
Would you cuddle this revolting robot? - with Robert Llewellyn
Actor, presenter and writer Robert Llewellyn, famous for playing the part of Kryten in the science-fiction comedy "Red Dwarf," joins us as we discuss robots gone rogue, electric vehicle nightmares, and creepy companions. All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Robert Llewellyn - famous for "Fully Charged," "Scrapheap Challenge," and as Kryten on "Red Dwarf." Visit https://www.smashingsecurity.com/217 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Robert Llewellyn. Sponsored By: 1Password : 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it. Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household. For more details visit www.1password.com/switch50 Support Smashing Security Links: <a href="https://www.bbc.co.uk/news/technology-56239454" rel="noopen
Wed, February 24, 2021
Playboy, prison, and digital ploys - with Garry Kasparov
World-chess-champion-turned-activist Garry Kasparov returns to the show as we discuss a romance scammer with plenty of time on his hands, the surge in sextortion, and how social media is being swamped with claims of fake snow. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Garry Kasparov. Visit https://www.smashingsecurity.com/216 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Garry Kasparov. Sponsored By: 1Password : 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it. Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household. For more details visit www.1password.com/switch50 Support Smashing Security Links: Dating apps scam committed by criminal
Wed, February 17, 2021
Sexy cows banned on Facebook
The FBI is hoping that its hunt for Capitol rioters will go viral, a cryptocurrency con lets its perpetrator live the high life... for a while, and just what does Facebook have against cows and a team of cricketers? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology correspondent Zoe Kleinman. Visit https://www.smashingsecurity.com/215 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoe Kleinman. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Recorded Future : Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligence They share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversaries Whether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security In
Wed, February 10, 2021
Lockdown love scams, SolarWinds, and a data deletion bungle
Fingerprints and DNA records have been deleted from the UK's police database, the SolarWinds hack continues to wreak havoc and raise questions, and we have some advice for how to fall in love safely under lockdown... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Professor Alan Woodward. Visit https://www.smashingsecurity.com/214 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Alan Woodward. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Support Smashing Security Links: Police probes compromised after computer records deleted — BBC News. Home Office admits 15,000 people deleted from police records — The Guardian. Home Office admits 'coding error' wiped 15,000 police r
Wed, February 03, 2021
No security smarts at Mensa, long-term identity theft, and GameStop's share frenzy
Mensa - the social club for people with high IQs - is accused of not being so smart about security, an Indian TV journalist gets an unbelievable job offer from Harvard, and we take a look at what's being going on with GameStop short selling. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/213 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: Recorded Future : Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligence They share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversaries Whether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security Intelligence gives you a fresh take from a variety of industry experts CrowdSec : CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user
Wed, January 27, 2021
Dutch leaks, Peeping Toms, and researchers under fire
Google warns security researchers that North Korean hackers are pretending to be their buddies, sensitive information connected to Coronavirus testing is available for sale in the Netherlands, and is a Peeping Tom at your home security provider spying on you through CCTV? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/212 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Support Smashing Security Links: Illegale handel in privégegevens miljoenen Nederlanders uit coronasystemen GGD — RTL News. Video conference of EU Defence Ministers where a Dutch journalist gatecrashed the system — YouTube. John van den He
Wed, January 20, 2021
Fleeking, COVID-19 hacking, and Bitcoin balls-ups
Your privacy may be at risk if you're on Fleek, hackers not only steal COVID-19 vaccine data but then tamper with it to spread mistrust, and the Bitcoin bungles keep on coming... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ron Eddings from the Hacker Valley Studio podcast. Visit https://www.smashingsecurity.com/211 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ron Eddings. Sponsored By: 1Password : 1Password for Families is the safest way to share logins, passwords, credit cards and other important information with the people who matter most. Use 1Password everywhere, from your Chromebook to your Apple Watch. Until March 31, if you purchase a $50 gift card you’ll get $10 towards any YubiKey 5 Series by Yubico – the security key that provides strong two-factor authentication with a simple touch. Find out more at https://1password.com/giftcards Recorded Future : Recorded Future empowers your organization, revealing unknown threats before they impact your business, and
Wed, January 13, 2021
DC rioters ID'd, Energydots, and ransomware gets you in a pickle
Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. And don't miss our featured interview with CrowdSec's Philippe Humeau. Visit https://www.smashingsecurity.com/210 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Dave Bittner and Philippe Humeau. Sponsored By: CrowdSec : CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer. 1Password : With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now. Support Smashing Security Links: Smashing Security's Christmas live stream — YouTube. <a href="https://www.smashingsecurity.com/199" rel="noopener noreferrer" target="_blan
Wed, December 16, 2020
Vengeful ex-staff, bad Santas, and iOS app nutrition facts
Watch out for Santas wearing hoodies! A rogue employee takes down WebEx for thousands of people, and Apple forces apps to show a privacy health warning. All this and much much more is discussed in the final episode of the "Smashing Security" podcast for 2020, with computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. And don't miss our special featured interview with Kroll's Mari DeGrazia. Visit https://www.smashingsecurity.com/209 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Mari DeGrazia. Sponsored By: Kroll : Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security. See how Responder works at smashingsecurity.com/kroll LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastpas
Wed, December 09, 2020
Hidden treasure, COVID tracker trauma, and happy holidays with IoT
Was hidden treasure found with help from a hack? What security lessons can be learnt from a controversial police raid in Florida? And are you ready for safer online get-togethers this Christmas? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Anna Brading. And don't miss our special featured interview with Mimecast's Max Linscott. Visit https://www.smashingsecurity.com/208 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Anna Brading and Max Linscott. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. CultureAI : CultureAI isn't just another security awareness training provider. It helps you measure an
Wed, December 02, 2020
Cyber biowarfare, giant ladybugs, and strippers
Fears are raised about cyber bioterrorists, there's a widespread blackout for IoT devices caused by a cloud cock-up, and what role do strippers play in a revamp of the United States's computer crime laws? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. And don't miss our featured interview with Steve Salinas of Deep Instinct, discussing ransomware. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Mark Stockley and Steve Salinas. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. CultureAI : CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams. Learn more and try it for yourself at culture.ai/smashing Deep Instinct : Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place! Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct </a
Wed, November 25, 2020
Robo dogs, deepfakes and dirty deceptions - with Tim Harford
Author and broadcaster Tim Harford joins us as we discuss the merits of robotic canine security guards, deepfakes, and the curious tale of an art forgery. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . And don't miss our special featured interview with James Moore from CultureAI. Visit https://www.smashingsecurity.com/206 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: James Moore and Tim Harford. Sponsored By: CultureAI : CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams. Learn more and try it for yourself at culture.ai/smashing LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a hr
Wed, November 18, 2020
Zoom password pinching and Parler problems
Watch out for a whole different type of shoulder-surfing, researchers uncover the CostaRicto hackers-for-hire gang, and we take a peek at who is behind Parler. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Chris Cochran from the Hacker Valley Studio podcast. Visit https://www.smashingsecurity.com/205 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Chris Cochran. Sponsored By: Recorded Future : Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources. For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express. Get it now at smashingsecurity.com/recordedfuture LastPass : LastPass Enterprise simplifies password management for
Wed, November 11, 2020
Green buttons, Olympic attacks, and... an apology
Darknet Diaries host Jack Rhysider joins us to discuss a cybersecurity goof in the wake of the US presidential elections, the US finally fingering the hackers responsible for disrupting the Winter Olympics in South Korea, and to take a long hard look at long hard legal mumbojumbo... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jack Rhysider from Darknet Diaries. Plus don't miss our featured interview with Mimecast's Danielle Papadakis. Visit https://www.smashingsecurity.com/204 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Danielle Papadakis and Jack Rhysider. Sponsored By: Mimecast : Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation). Grab your copy at smashingsecurity.com/mimecasthub LastPass : LastPass Enterprise simplifies password management for companies
Wed, November 04, 2020
Testing times, naming names, and the bald truth about AI
Students are being spied on as they do online exams, how did a televised football match reveal the truth about artificial intelligence, and what on earth is the Canny Lumpsucker vulnerability? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford from The Host Unknown podcast. Plus don't miss the second part of our featured interview with LastPass's Dalia Hamzeh. Visit https://www.smashingsecurity.com/203 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Dalia Hamzeh and Thom Langford. Sponsored By: Kroll : Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security. See how Responder works at smashingsecurity.com/kroll Mimecast : Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email
Wed, October 28, 2020
The Wu-Tang Clan are Among Us
Voting machines are under the microscope, scammers are posing as rap stars, and American politician AOC isn't the only one who's been getting into the Among Us game. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by James Thomson. Plus don't miss the first part of our featured interview with LastPass's Dalia Hamzeh. Visit https://www.smashingsecurity.com/202 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Dalia Hamzeh and James Thomson. Sponsored By: Recorded Future : Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources. For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express. Get it now at smashingsecurity.com/recordedfuture Immersive Labs : <a href="https://www.immersivelabs.com/
Wed, October 21, 2020
Robin Hood, Flippy, and the web ad bubble
The Darkside ransomware gang thinks it's a modern-day Robin Hood when it donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Tim Hwang. Plus don't miss our featured interview with Recorded Future's Levi Gundert. Visit https://www.smashingsecurity.com/201 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Levi Gundert and Tim Hwang. Sponsored By: Recorded Future : Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources. For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express. Get it now at smashingsecurity.com/recordedfuture LastPass : <a href="https://www.la
Wed, October 14, 2020
Two flipping hundred
We're in celebratory mood as we celebrate our 200th episode, but there's still time to discuss Fatima the ballerina who the UK government wants to become a cybersecurity expert, why women are quitting the tech industry, and a smartwatch which might be putting your kids at risk. Plus don't miss our featured interview with Mimecast's Michael Madon. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/200 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Michael Madon. Sponsored By: Mimecast : Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation). Grab your copy at smashingsecurity.com/mimecasthub LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tool
Wed, October 07, 2020
A few tech cock-ups, and one cock lock-up
An internet-connected adult toy could leave its users encaged, the official NHS COVID-19 contact-tracing app alarms users, and would you be happy if a robot interviewed you for a job? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology correspondent Zoe Kleinman. Visit https://www.smashingsecurity.com/199 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoe Kleinman. Sponsored By: Immersive Labs : Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats. Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses. Go to immersivelabs.com/smashing LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastp
Wed, September 30, 2020
Chucky the coffee maker
Coffee machines catching ransomware, Blacklight shines a torch on website tracking, and a woman is freaked out that a complete stranger can turn off her home's security system. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. And don't miss our featured interview with Greg Jensen from Oracle, who talks all about five free reports he has put together for listeners about cloud security. Visit https://www.smashingsecurity.com/198 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Dave Bittner and Greg Jensen. Sponsored By: Oracle : Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business. Read the free reports at smashingsecurity.com/oraclereport LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://w
Wed, September 23, 2020
Greedy bosses, game cheats, and virtual beheadings
Why are Zoom and Twitter making some people disappear? How are Counter-Strike: Global Offensive cheats getting their just desserts? And the founder of a anti cyber-fraud firm is charged with fraud. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/197 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: Immersive Labs : Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats. Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses. Go to immersivelabs.com/smashing LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastpass.com/smash
Wed, September 16, 2020
Smart guns, smart cars, and smart street lights - oh my!
Kalashnikov unveils its "smart" shotgun, San Diego struggles with its street lights, and a researcher reveals how he found a way to hack every Tesla on the planet. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by David McClelland. Visit https://www.smashingsecurity.com/196 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Immersive Labs : Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats. <a href="https://www.immersivelabs.com/smashing" rel="
Wed, September 09, 2020
Selene Delgado Lopez is not your friend - with Jon Bentley
The Gadget Show's Jon Bentley joins us to discuss the mystery of a Facebook friend you never requested, software updates for the Mercedes S-Class, and risks in the online classroom. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jon Bentley. Visit https://www.smashingsecurity.com/195 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jon Bentley. Sponsored By: Immersive Labs : Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats. Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses. Go to immersivelabs.com/smashing Deep Instinct : Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place! <a href="https://www.smashingsecurity.com/deepinstinct" rel="noopener noreferrer
Wed, September 02, 2020
Carry on droning
A Bitcoin bungle causes one user to lose millions, hackers attempt to bribe a Tesla employee into infecting the company's network, and are we ready for a sky full of drones? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jessica Barker. Visit https://www.smashingsecurity.com/194 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jessica Barker. Sponsored By: Immersive Labs : Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats. Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses. Go to immersivelabs.com/smashing LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastpass.com/smashing" rel="noopener nor
Wed, August 26, 2020
Hacking the CIA, Bridgefy, and college lockdowns
Whatever happened to Crackas with Attitude, perfidious Albion College's approach to locking down Coronavirus, and the Bridgefy mesh messaging app falls down when it comes to security. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Anna Brading. Visit https://www.smashingsecurity.com/193 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Anna Brading. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: CIA boss has his personal email account hacked… and yes, it’s on AOL — Graham Cluley. <a href="https:
Wed, August 19, 2020
Ritz and robocalls - with Rory Cellan-Jones
A scam involving restaurant bookings at The Ritz is suitably sophisticated, the second wave of UK coronavirus testing apps, and we take a look at one of the biggest studies ever into the scourge of robocalls. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology correspondent Rory Cellan-Jones. Visit https://www.smashingsecurity.com/192 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Rory Cellan-Jones. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Tech Tent podcast — BBC World Service. <a href="ht
Wed, August 12, 2020
We are on the bird
Can a video game help your company's staff choose stronger passwords? Why might satellite-based internet communications be bad for security? And what are the alternatives to TikTok? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/191 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Passworld: A Serious Game to Promote Password Awareness and Diversity in an Enterprise — USENIX.</l
Wed, August 05, 2020
Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition
Special guest Geoff White can't resist using the podcast to promote his new book, "Crime Dot Com", but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don't give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes - the technology fighting back at facial recognition. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by "Crime Dot Com" author Geoff White. Visit https://www.smashingsecurity.com/190 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: <
Wed, July 29, 2020
DNA cock-up, Garmin hack, and virtual kidnappings
Why are students faking their own kidnappings? What's the story behind Garmin's ransomware attack? And a genetic genealogy website suffers a hack or two. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ray [REDACTED]. Warning: This podcast may contain nuts, adult themes, and rude language. Links: Tribe of Hackers Podcast. Golden State Killer pleads guilty to 13 murders — BBC News. Joseph James DeAngelo — Wikipedia. Hackers Attacked Two Leading Genetic Genealogy Websites — Buzzfeed News. GEDmatch confirms data breach after users’ DNA profile data made available to police — TechCrunch. Garmin outage caused by confirmed WastedLocker ransomware attack — Bleeping Computer. Charges Announced in Malware Conspiracy — FBI. Garmin staggers back online after ransomware attack — Graham Cluley. Coronavirus: China warns students over 'risks' of studying in Australia — BBC News. Chinese students in Australia targeted in virtual kidnapping scam — BBC News. Chinese students in Australia are being targeted in kidnapping scams, police warn — South China Morning Post. <a href="https://w
Wed, July 22, 2020
Dinner with Elon Musk and Kris Jenner
Who stopped Twitter's hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Lisa Forte. Visit https://www.smashingsecurity.com/188 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Lisa Forte. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: The Twitter
Wed, July 15, 2020
Huawei ban, MGM hack, and a contact-tracing cock-up
Login chaos for England's contact tracing service, our drill-down on the Britain's Huawei 5G ban, MGM's blockbuster breach, and how to pronounce "Gigabyte." All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Plus we have a bonus featured interview with Scott Petry, the co-founder of Authentic8, all about how you can browse the internet safely, securely, and anonymously when conducting research, collecting sensitive evidence, and analyzing data. Visit https://www.smashingsecurity.com/187 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Scott Petry. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Authentic8 : <a href="https://www.smashingse
Wed, July 08, 2020
This one's for all the Karens!
A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by investigative journalist Michelle Madsen (or is it Michelle Damsen? Hmm...). Visit https://www.smashingsecurity.com/186 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Michelle Madsen. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Authentic8 : Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that ena
Wed, July 01, 2020
Bieber fever, Roblox, and ransomware
Who's been dressing Robox players up in red baseball caps? Which ransomware victim's negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes. Visit https://www.smashingsecurity.com/185 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Hawes. Sponsored By: Authentic8 : Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web. To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8 LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. </li
Wed, June 24, 2020
Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy
A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades' worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BBC technology reporter Zoe Kleinman. Visit https://www.smashingsecurity.com/184 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoe Kleinman. Sponsored By: MetaCompliance : Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberaware LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manage
Wed, June 17, 2020
MAMILs, gameshows, and a surprise from eBay
A TV gameshow with cash prizes if you're obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/183 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: MetaCompliance : Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberaware LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand business
Wed, June 10, 2020
Space Force, credit card fraud, and beep-ti-beep
Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Host Unknown's Thom Langford. And don't miss our featured interview with Robbie O'Brien of MetaCompliance, all about the new book he's written - Cyber Security Awareness for Dummies. Visit https://www.smashingsecurity.com/182 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Robert O'Brien and Thom Langford. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. MetaCompliance : <a href="https://
Wed, June 03, 2020
Anti-cybercrime ads, tricky tracing, and a 5G Bioshield
Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/181 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: Deep Instinct : Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place! Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented. Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct LastPass : <a href="https://www.lastpass.com/smashing" rel="
Wed, May 27, 2020
Taking care of Clare
On this special splinter episode of the podcast, we're joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter. Hear what happens in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Carole's cousin (!) Clare Blackwood. Visit https://www.smashingsecurity.com/180 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Clare Blackwood. Sponsored By: Immersive Labs : Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats. Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week. LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https://www.last
Wed, May 20, 2020
Deepfake Jay-Z, and beer apps spilling your data
Apps that belch out sensitive military information, what could the world learn from South Korea's digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump... and why? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Brian Klaas of the "Power Corrupts" podcast. Plus we have a bonus feature interview with Rachael Stockton from Logmein, the folks behind LastPass, all about their report into the psychology of passwords. Visit https://www.smashingsecurity.com/179 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Brian Klaas and Rachael Stockton. Sponsored By: LastPass : LastPass's "Psychology of Passwords" report surveyed over 3,000 people around the world to highlight the current state of online security behaviors – and the results are alarming. Download it now at smashingsecurity.com/passwordreport Immersive Labs : Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats. <a href="https://www.i
Wed, May 13, 2020
Office pranks, meat dresses, and robocop dogs
Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Lisa Forte. Visit https://www.smashingsecurity.com/178 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Lisa Forte. Sponsored By: Immersive Labs : Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats. Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week. Oracle : Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business. Read the free reports at smashingsecu
Wed, May 06, 2020
Elon Musk, Roblox, and Love Bug author found
What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down the man behind one of history's biggest virus outbreaks in Manila? And what on earth is a hacker doing breaching Roblox security? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist Geoff White. Visit https://www.smashingsecurity.com/177 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: DomainTools : Join our friends at DomainTools for a webinar as they walk you through the process of identifying a nefarious domain, mapping connected infrastructure, and reverse-engineering a ransomware attack which used a Coronavirus disguise. Learn more about how DomainTools helps security analysts turn threat data into threat intelligence and watch the webinar at domaintools.com/smashing Oracle : Build, test, and deploy applications on Oracle Cloud - for free. Sign up at smashingsecurity.com/oracle and you'll soon be building, testing and depl
Wed, April 29, 2020
Hacking hacks and university attacks
Journalists spying on their rivals, the NHS rejects Apple and Google's approach to Coronavirus-tracing, and universities are hit by an old-fashioned sexy lady attack. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Rik Ferguson. Visit https://www.smashingsecurity.com/176 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Rik Ferguson. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Vote for Smashing Security in the EU Security Blogger Awards! <a href="https://www.independent.co.uk/news/media/mark-di-stefano-financial-t
Wed, April 22, 2020
Zoom deepfakes, Zardoz, and 'Rona tracing
Will deepfake disguises hit a video conference near you, can Coronavirus-tracing apps be trusted, and should Facebook shut down anti-quarantine events? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/175 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfe
Wed, April 15, 2020
Animal Crossing with Garry Kasparov
World-chess-champion-turned-activist Garry Kasparov joins us as we discuss celebrity lookalikes, smartphone fleeceware, the impact Coronavirus is having on security, and how a popular new video game is being used for political ends. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Garry Kasparov. Yes, the Garry Kasparov. Graham was pretty excited too. Visit https://www.smashingsecurity.com/174 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Garry Kasparov. Sponsored By: Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor Support Smashing Security Links: <a href="https://news.sophos.com/en-us/2020/04/08/iphone-fl
Wed, April 08, 2020
5G fiascos, Zoom gloom, and butt biometrics
We take a look at the stinky backside of surveillance, gas about the latest video-conferencing threats, and jump into the murky world of 5G conspiracy theories. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology broadcaster David McClelland and featuring an interview with LastPass's Barry McMahon. Visit https://www.smashingsecurity.com/173 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Barry McMahon and David McClelland. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Engineers unleash car-seat identifier that rea
Wed, April 01, 2020
UncleF***Face - with Mikko Hyppönen
Carole details how companies are spying on their stay-at-home workers, Mikko Hyppönen discusses the trustworthiness of video chat apps, and Graham gets embarrassed when he admits he's bought a Facebook Portal for his in-laws. All this and much much more is discussed in the latest edition of the award-winning "Smashing Security" podcast with Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/172 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mikko Hyppönen. Sponsored By: DomainTools : DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks. Learn more about their products at domaintools.com, or visit domaintools.com/smashing to enter their Capture The Flag competition and be in with a chance to win a $100 gift card. LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterpris
Wed, March 25, 2020
WhatsApp hoaxes, Zoombombs, and 8-bit love
Blackmailers are threatening to infect your family with Coronavirus, trolls are making Zoom an unsafe place for those of a sensitive disposition, and what is the mysterious Dr Negrin audio message spreading on WhatsApp? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist Geoff White. Visit https://www.smashingsecurity.com/171 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: "Stay home and help flatten the curve!" — Tweet by Pornhub. <a h
Wed, March 18, 2020
PornHub, Coronavirus apps, and remote working
It's a self-isolated Coronavirus special as we discuss with our quarantined special guest how COVID-19 is making itself felt in the world of cybersecurity, and we offer tips on how to better protect yourself if you're unexpectedly working from home. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Malicious Life's Ran Levi from his attic. Visit https://www.smashingsecurity.com/170 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ran Levi. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. DomainTools : DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizati
Wed, March 11, 2020
Burglaries, breaches, and bidets
How one guy's exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/169 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Leave Smashing Security a voicemail! <a href="https://www.nbcnews.com/news/us-news/google-tracked-his-
Wed, March 04, 2020
The Bitcoin fraud factory
Fraudsters steal millions from those hoping to jump on the Bitcoin bandwagon, Twitter verifies a fake US politician, and it's another face palm for facial recognition. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/168 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. DomainTools : DomainTools turns threat data into threat intelligence, giving organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks. <l
Wed, February 26, 2020
Coronavirus scams and an exaggerated lion
Scammers from Africa are preying on US businesses, a drug dealer makes a mistake when hiding his Bitcoin fortune, and the Coronavirus pandemic is causing scams to soar and raising questions about facial recognition. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Naked Security's Anna Brading. Visit https://www.smashingsecurity.com/167 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Anna Brading. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Business Email Compromise (BEC) and G Suite: How
Wed, February 19, 2020
What the Dickens! Ad ban thank you scam
How to stop dick pics on Twitter, and a new way bad guys are extorting money from websites earning cash from Google ads. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/166 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. DomainTools : DomainTools turns threat data into threat intelligence, giving organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks. Read a free report into how autom
Wed, February 12, 2020
Cheapfakes, deepfakes, and Ashley Madison
Wi-Fi hopping malware, the return of Ashley Madison extortion scams, and should social media be doing anything about cheapfakes? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jessica Barker. Visit https://www.smashingsecurity.com/165 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jessica Barker. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Smashing Security #162: Robocalls, health hacks, and facial recognition fears — Carole talks about the activities of Clearview AI. <a href="https://podcasts.apple.com/us/podcast/the-end-of-
Wed, February 05, 2020
A bitter pill to swallow
A gallery is tricked into giving millions to a fraudster, software tells doctors to push opioids onto patients, and an artist finds a novel way to trick Google Maps into thinking there's a traffic jam. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who ended up recording without a guest this week. Visit https://www.smashingsecurity.com/164 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Castbox , Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: <a href="https://www.bloomberg.com/news/articles/2020-01-30/fraudsters-posing-as-art-dealer-got-gallery-to-transfer-millions" rel=
Wed, January 29, 2020
Russian heists and Ring wrongs
Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Lisa Forte. And don't miss our special featured interview with Adrian Sanabria, all about Thinkst Canary. Visit https://www.smashingsecurity.com/163 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Castbox , Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Adrian Sanabria and Lisa Forte. Sponsored By: Thinkst : Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents... Listeners who mail in referencing Smashing Security get a 10% discount on their order! LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centra
Wed, January 22, 2020
Robocalls, health hacks, and facial recognition fears
A hospital gets hacked because of an ex-employee's grudge, robocalls are on the rise, and we share a scary story about the future of facial recognition. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Michael Hucks. Visit https://www.smashingsecurity.com/162 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Castbox , Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Michael Hucks. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. DomainTools : DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to
Wed, January 15, 2020
Love, lucky dips, and 23andMe
The man who hacked the UK National Lottery didn't end up a winner, Japanese Love hotel booking tool suffers a data breach, and just what is 23andMe planning to do with your DNA? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Thom Langford. Visit https://www.smashingsecurity.com/161 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Thom Langford. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Cyber criminal jailed over National Lottery hack — National Crime Agency. <a href="https://hotforsecu
Wed, January 08, 2020
SNAFUs! MS Word, Amazon Ring, and TikTok
We discuss how Microsoft Word helped trap a multi-million dollar fraudster, how Amazon Ring may be recording more than you're comfortable with, and how teens are flocking to TikTok (and why that might be a problem). All this and much much more is covered in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/160 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Senior Manager Of Global Internet Company Pleads Gui
Wed, December 18, 2019
Rap, robbery, and IoT holiday hell
A rapping bank worker is accused of stealing from the vault, the devices that can hide your car's true mileage, and why it may be a case of "No No No" rather than "Ho Ho Ho" when it comes to IoT toys this Christmas. And as Carole sups the mulled wine, Graham has problems with his internet connection... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/159 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: <a href="https://cointelegraph.com/news/no-chance-john-mcafee-halts-crypto-promo-as-us
Wed, December 11, 2019
The man behind The Missing Cryptoqueen
We're joined by special guest Jamie Bartlett, of the chart-topping "The Missing Cryptoqueen" podcast, in this bumper episode where we discuss his investigation into the OneCoin cryptocurrency scam, the Russian cybercriminals behind Evil Corp, and the mysterious leaks about the NHS that have turned oh-so-political... All this and much much more can be found in the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/158 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jamie Bartlett. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Russian hacking group "Evil Corp"
Wed, December 04, 2019
A biometric knuckle duster
What is Kaspersky's ugly ring for? Is there something suspicious about how NordVPN lets you stream Disney+? And why did a hacker impersonate a music producer? Plus we have a bonus feature interview with Rachael Stockton from Logmein, the folks behind LastPass, all about behavioral biometrics! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/157 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Rachael Stockton. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: <a href="https://www.smashingsecurity.com/012-eau-de-eugene-kaspersky" rel="noopener
Wed, November 27, 2019
Better safe than Sony
In this clip from a special bonus episode produced for our Patreon supporters, Graham Cluley and Carole Theriault discuss the 2014 hack of Sony Pictures - reportedly carried out by North Korea for the very oddest of reasons... Visit https://www.smashingsecurity.com/156 to check out this episode’s show notes and episode links, and become one of our "bonus content" Patreon supporters to hear the full episode in all its glory, get early access to future episodes, occasional bonus content, and even receive stickers! Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening and Happy Thanksgiving! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Support Smashing Security Links: Hackers leak Hollywood salaries, embarrassing emails - PBS Newshour — YouTube. Did North Korea hack Sony? It seems hard to believe — Graham Cluley. Poor passwords at Sony, WikiLeaks shows with archive of hacked documents — Graham Cluley. The Interview Trailer (2014) — YouTube. U.S. Said to Find North Korea Ordered Cyberattack on Sony — The New York Times. <a href="https://hotforsecurity.bitde
Wed, November 20, 2019
Juice jacking, YouTube hacking, password slacking
A bank has some of the worst password advice ever, travellers are told to be wary when USB charging their smartphones and laptops, and a gamer has his YouTube account hacked. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Geoff White. Visit https://www.smashingsecurity.com/155 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Giorgio Bonfiglio tweets about Fineco's bizarre attitude to passwords — Twitter. <a href="https://www.vice.com/en_us/article/kz
Wed, November 13, 2019
A buttock of biometrics
The UK's Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple's credit card is accused of being sexist, and what is Google up to with Project Nightingale? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes. Visit https://www.smashingsecurity.com/154 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Hawes. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: That "sophisticated" Labour cyber-attack - don't panic — Graham Cluley.</l
Wed, November 06, 2019
Cybercrime doesn’t pay (but Uber does)
The cybercrime lovebirds who hijacked Washington DC's CCTV cameras in the run-up to Donald Trump's inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Lisa Forte. Visit https://www.smashingsecurity.com/153 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Lisa Forte. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Ransomware attac
Wed, October 30, 2019
Cats, hoodies, and rent
What's the problem with IoT-enabled pet feeders? Can hacking ever be illustrated without a hoodie? And just how are landlords using smart home technology to snoop upon their residents? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist and broadcaster David McClelland. Visit https://www.smashingsecurity.com/152 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs. Code42 : Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave. To learn more about how to protect your company’s data from insider threats v
Wed, October 23, 2019
Frankly, sometimes paying the ransom is a good idea
Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn't the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , with a featured interview with Rachael Stockton from Logmein. Visit https://www.smashingsecurity.com/151 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Rachael Stockton. Sponsored By: Code42 : Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave. To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashing Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. <a href="https://immer
Wed, October 16, 2019
Liverpool WAGs, Facebook politics, and a selfie stalker
Footballers' wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it's in a political ad), and things take a horrific turn in Japan, as a stalker uses a scary technique to find out where his pop idol lives. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/150 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: Code42 : Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave. To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashing Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. Try it for free at immersivelabs.com/lite/ and drive d
Wed, October 09, 2019
Falling in love with fraudsters
We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting Match.com's profits. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Ran Levi of the "Malicious Life" podcast. Visit https://www.smashingsecurity.com/149 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ran Levi. Sponsored By: Code42 : Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave. To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashing Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. Try it for free at immersivelabs.com/lite/ and
Wed, October 02, 2019
Billboard boobs, face forensics, and Alexa gets way too personal
Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has... uh... deepened, and Carole is less than happy about Amazon's announcement about new Alexa integrations. All this, an annoying goose, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/148 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs. LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https://www.lastpass.com/smashing" rel=
Wed, September 25, 2019
Don't Snapchat and drive
How is private medical data leaking onto the streets of Milton Keynes, what is widening the cybersecurity skills gap, and how is Australia controversially tackling the problem of drivers using their mobile phones? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University. Visit https://www.smashingsecurity.com/147 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Joe Carrigan. Sponsored By: Detectify : Detectify will run over 1500 security tests against your website, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 handpicked ethical hackers. Go hack yourself! Take a 14-day free trial at smashingsecurity.com/detectify LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, i
Wed, September 18, 2019
Password secrets and baking brownies
In the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault , Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils of passwords, and Rachael Stockton from LastPass drops by for a chat. Visit https://www.smashingsecurity.com/146 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Rachael Stockton and Vanja Švajcer. Sponsored By: Detectify : Detectify will run over 1500 security tests against your website, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 handpicked ethical hackers. Go hack yourself! Take a 14-day free trial at smashingsecurity.com/detectify LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https://www.lastpass.com/smashing" rel="noopener noreferrer"
Wed, September 11, 2019
Apple and Google willy wave while home assistants spy - DoH!
Apple is furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by web security journalist John Leyden. Visit https://www.smashingsecurity.com/145 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Leyden. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally
Wed, September 04, 2019
Google helps the FBI, Twitter Jack’s hijack, and car data woes
Should Google really be helping the FBI with a bank robbery? What's the story behind the Twitter CEO claiming there's a bomb in their offices? And how much does your car really know about you? And we mourn the loss of Doctor Who legend Terrance Dicks... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist Geoff White. Visit https://www.smashingsecurity.com/144 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Detectify : Detectify will run over 1500 security tests against your website, identifying real
Wed, August 28, 2019
Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians
Was a cybercrime committed on the International Space Station? What on earth were Ukrainian scientists thinking when they plugged a nuclear power station into the internet? And someone has cloned Canadian clinical psychologist Jordan Peterson's voice... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/143 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally
Wed, August 21, 2019
Mercedes secret sensors, smart cities, and ransomware runs riot
Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the security threats impacting smart cities, and a new feature coming to your Facebook app. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Visit https://www.smashingsecurity.com/142 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jack Rhysider. Sponsored By: Immersive Labs : Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform. Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs. LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https:
Wed, August 14, 2019
Black Hat and Bridezillas
Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you're about to plug into your MacBook? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Visit https://www.smashingsecurity.com/141 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Wed, August 07, 2019
Love, PINs, and 8chan
Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/140 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. <a hr
Wed, July 31, 2019
Capital One hacked, iMessage flaws, and anonymity my ass!
Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to... Penelope? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole 'Penelope' Theriault , joined this week by technology broadcaster David McClelland. Visit https://www.smashingsecurity.com/139 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. MetaCompliance : People are the key to minimizing
Wed, July 24, 2019
Logic bombs, brain data exploitation, and Digga D tweets
Logic bombs in Excel spreadsheets, how should we protect our brain data from big companies, and how did bizarre messages about Drill rap end up on the Metropolitan Police's Twitter account and website? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by BJ Mendelson. Visit https://www.smashingsecurity.com/138 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: B J Mendelson. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Tinley Consulting's website. T
Wed, July 17, 2019
Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED
Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody's account. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/137 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, Las
Wed, July 10, 2019
Oops, we created Iran's hacking exploit
Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Charl van der Walt. Visit https://www.smashingsecurity.com/136 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Charl van der Walt. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bri
Wed, July 03, 2019
Zombie grannies and unintended leaks
We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Oli Skertchly. Visit https://www.smashingsecurity.com/135 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Oli Skertchly. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a h
Wed, June 26, 2019
Sextortion, silicone face masks, and a DDoS doofus
Scammers steal millions by impersonating a French politician, we offer fashion tips for DDoS attackers, and hear how a small town fought a sextortionist preying on young women. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jessica Barker. Visit https://www.smashingsecurity.com/134 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jessica Barker. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Edgewise Networks : Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise'
Wed, June 19, 2019
Cookie cock-ups, Hong Kong protests, and smart TV virus scans
We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won't believe whose website is not GDPR-compliant. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by James Thomson. Visit https://www.smashingsecurity.com/133 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. "Chickens!" Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: James Thomson. Sponsored By: Edgewise Networks : Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise's data-centric approach makes micro-segmentation simpler and more secure. Learn more and get a free trial at edgewise.net. MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. <a href="https://www.smashingsecurity.com/metacompliance" rel="noo
Wed, June 12, 2019
CBP cyber attack, an iPhone privacy boost, and Twitter list abuse
United States Customs and Border Protection had sensitive data stolen, but the hackers didn't have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims. All this and much much more is discussed in the latest edition of the MULTI-AWARD-WINNING "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. Visit https://www.smashingsecurity.com/132 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Edgewise Networks : Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise's data-centric approach makes micro-segmentation simpler and more secure. Learn more and get a free trial at edgewise.net. LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises,
Wed, June 05, 2019
Zap yourself from the net, and patch now against BlueKeep
Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who aren't joined by a special guest this week. Visit https://www.smashingsecurity.com/131 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident
Thu, May 30, 2019
Doctored videos, Bcc blunders, and a diva
You won't believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware... and how Carole gets her diva on. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who aren't joined by a guest this week. Visit https://www.smashingsecurity.com/130 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of
Wed, May 22, 2019
Too Long; Didn't Listen
Don't hire a hacker, they might scam you! What works and what doesn't when it comes to protecting your email account? And China's controversial social credit system comes under the microscope. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Visit https://www.smashingsecurity.com/129 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single user
Wed, May 15, 2019
Shackled ankles, photo scrapes, and SIM card swaps
A bad software update causes big headaches for Dutch police, but brings temporary freedom to criminals. SIM swaps are in the news again as fraudsters steal millions. And does your cloud photo storage service have a dirty little secret? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Rip Off Britain's David McClelland. Visit https://www.smashingsecurity.com/128 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: Gartner : Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unbiased research and advice on cyber attacks, and emerging technologies including AI, blockchain, machine-learning and more. Visit smashingsecurity.com/gartner to find out more. Smashing Security listeners can save $350 off the standard registration rate by using the code "SMASHING". Promo Code: SMASHING Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the b
Wed, May 08, 2019
I do love the Dutch
Israel strikes back at Hamas's hacking HQ, a new sextortion email comes with a twist, and Carole saves the world with some help from hacked Roomba vacuum cleaners. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Malicious Life's Ran Levi. Visit https://www.smashingsecurity.com/127 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , or on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Ran Levi. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Gartner : Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unb
Wed, May 01, 2019
Zombie chickens and fast-food victims
What's the worst that can happen if you join a Hollywood hard man's Facebook page? What drove a man to hijack a website's name at gunpoint? And can you solve the mystery of the Canadian Hamburglar? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Naked Security's Mark Stockley. Visit https://www.smashingsecurity.com/126 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: Gartner : Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unbiased research and advice on cyber attacks, and emerging technologies including AI, blockchain, machine-learning and more. Visit smashingsecurity.com/gartner to find out more. Smashing Security listeners can save $350 off the standard registration rate by using the code "SMASHING". Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
Wed, April 24, 2019
Pick of the thief!
WannaCry's "accidental hero" pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Hawes. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to
Wed, April 17, 2019
Poisoned porn ads, the A word, and why why why Wipro?
The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Brian Honan. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Brian Honan. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read gu
Wed, April 10, 2019
Backups - a necessary evil? (replay)
With Graham incapacitated, we drag an episode out from the archives. In this special "splinter" episode of the "Smashing Security" podcast from September 2017 we tackle the tricky subject of backups - When did you last backup your data? How and what should you backup? And where should you store them? Lots of questions and Graham gets to do his Tina Turner impression. All this and more is discussed in this edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybe
Wed, April 03, 2019
The big fat con at Office Depot
Office Depot and OfficeMax are fined millions for tricking customers into thinking their computers were infected with malware, car alarms can make your vehicle less secure, and facial recognition in apartment blocks comes under the microscope. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastpass.com/smashing" rel="noopener noreferrer" target="_bl
Wed, March 27, 2019
Hijacked motel rooms, ASUS PCs, and leaky apps
An app leaking private conversations and intimate photographs is ignoring requests to fix the problem, hackers poison a security update sent to ASUS PCs, and how to protect your privacy in motel rooms. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , on the Smashing Security subreddit , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Mimecast : Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions. Get your free kit at smashingsecurity.com/mimecast Support Smashing Security Links: Varmazis.gr - The hot sauce factory. This Spyware Data Leak Is So Bad We Can't Even Tell You About It — Motherboard. A family tracking app was leaking real-time location data — TechCrunch. <a href="https://hotforsecurity.bitdefender.com/blog/popular-family-tracking-app-exposed-re
Wed, March 20, 2019
Silk Road with Deliveroo
Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Paul Ducklin. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Paul Ducklin. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence Support Smashing Security Links: 'It's like Uber, but for weed': Meet the man who revolutionized Israel's pot trade — Haaretz. Israel Police arrest top members of Telegrass online d
Wed, March 13, 2019
Hijacked homes, porn passports, and ransomware regret
A $150 million mansion is hijacked online, Brits will soon have to scan their passport to watch internet porn, and are organisations right to pay up when hit by ransomware? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology broadcaster David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Mimecast : Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions. Get your free kit at smashingsecurity.com/mimecast <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer" target="_bla
Wed, March 06, 2019
The 's' in IoT stands for security
Twerking robot assistants, an app from Saudi Arabia that lets men track women, and a gnarly skiing security snarl-up! Oh, and find out how a didgeridoo could change your life and that of your loved ones. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist Geoff White. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a
Wed, February 27, 2019
SWATs on a plane
Why is Tampa's mayor tweeting about blowing up the airport? Are hackers trying to connect with you via LinkedIn? And has Maria succeeded in her attempt to survive February without Facebook? All this and much much more in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Plus, after last week's discussion about the legal battle between Mondelez and Zurich Insurance, we have a chat with security veteran Martin Overton to take a deeper look into cyberinsurance. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Martin Overton. Sponsored By: Mimecast : Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions. Get your free kit at smashingsecurity.com/mimecast LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashin
Wed, February 20, 2019
Stalking debtors, Facebook farce, and a cyber insurance snag
How would you track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , Castbox , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Joe Carrigan. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. <a href="https://www.lastpass.com/smashing" rel
Wed, February 13, 2019
Love, Nests, and is 2FA destroying the world?
Is two factor authentication such a pain in the rear end that it's costing the economy millions? Do you feel safe having a Google Nest in your home? And don't get caught by a catfisher this Valentine's Day. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by B J Mendelson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , Castbox , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: B J Mendelson. Sponsored By: Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for
Wed, February 06, 2019
Darknet Diaries, death, and beauty apps
Jack Rhysider from the "Darknet Diaries" podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how 'beauty camera' apps are redirecting users to phishing websites and stealing their selfies. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jack Rhysider of the "Darknet Diaries" podcast. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jack Rhysider. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally
Wed, January 30, 2019
FaceTime, Facebook, faceplant
A FaceTime bug allows callers to see and hear you before you answer the phone, Facebook's Nick Clegg tries to convince us the social network is changing its ways, and IoT hacking is big in Japan. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes from AMTSO. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: John Hawes. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. <a href="https://www.smashingsecurity.com/boxcryptor" rel="noopener noref
Wed, January 23, 2019
Payroll scams, gold coin heists, web giants spanked
Business email compromise evolves to target your company's payroll, how the world's largest gold coin was stolen from a Berlin museum, and are internet giants feeling the heat yet over data security? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by people hacker Jenny Radcliffe. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jenny Radcliffe. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attac
Wed, January 16, 2019
When rivals hack, and "extreme" baby monitors
Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Zoë Rose. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoë Rose. Sponsored By: Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https://www.lastpass.com/smashing" rel="noo
Wed, January 09, 2019
What? You can get paid to leave Facebook?
Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: Recorded Future : For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks. Download it for free at smashingsecurity.com/intelligence LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. <a href="https://www.lastp
Wed, December 19, 2018
Grinches target Amazon and Reddit, stealing Christmas from the poor
Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Dave Bittner from The Cyberwire. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: Smashing Security : We're sponsoring ourselves this week! Get in touch at studio@smashingsecurity.com if you're interested in partnering with us for a future episode of the show. Support Smashing Security Links: PewDiePie printer hackers strike again — BBC News. ASCII art attack — Smashing Security episode 007. TheHackerGiraffe — Patreon. Buying PewDiePie a $1M Billboard in Times Square! — YouTube. I Bought Every Billboard In My City For This — YouTube. PewDiePie Billboards in INDIA | T-Series vs PewDiePie — YouTube. <a href="https:/
Wed, December 12, 2018
Hoaxes, Huawei and chatbots - with Mikko Hyppönen
The curious case of George Duke-Cohan, Huawei's CFO finds herself in hot water, and the crazy world of mobile phone mental health apps. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mikko Hyppönen. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Three years in jail for teenager who spammed out school bomb threats, and made hoax call about hijacked plane — Graham Cluley. Schools bomb hoaxes: Bodycam shows George Duke-Cohan arrest — BBC News. <a href
Wed, December 05, 2018
Sextorting the US army, and a Touch ID scam
Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won't believe who was behind a sextortion scam that targeted over 400 members of the US military. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by ferret-loving ethical hacker Zoë Rose. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Zoë Rose. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Military criminal investigative organizations crack down on sextortion ring targeting service members — NCIS. Scam iOS apps promise fitness, steal money instead — WeLIveSecurity. <a href="https://n
Wed, November 28, 2018
Google Maps, Fed phishing, and Grinch bots
How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. And don't miss our special bonus interview about passwords with Rachael Stockton of LastPass , sponsors of this week's show. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guests: Maria Varmazis and Rachael Stockton. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: A new bank scam using Google Maps loophole — The Hindu. <a href="https://www.washingtonpost.com/news/the-switch/wp/2015/04/24/googles-sorry-t
Wed, November 21, 2018
Facebook, Nietzsche, Tesla, and Nicole
Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Jessica Barker. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Jessica Barker. Sponsored By: Smashing Security : We're sponsoring ourselves this week! Get in touch at studio@smashingsecurity.com if you're interested in partnering with us for a future episode of the show. Support Smashing Security Links: How I Went From Tesla Delivery Hell To Tesla Giving Me Control Of Their Site Forums With Over 1.5 Million Tesla Account Contacts — DansDeals.com. Customer Complains About Tesla Forums, Tesla Accidentally Gives Him Control Over Them — Motherboard. A Guy Emailed 246 Nicoles Trying To Find The One He Met At A Bar And Now They're All Friends — Buzzfeed News. <a href="https://www.cnbc.com/2018/09/05/facebook-exodus-44-percent-of-americans-age-18-29-have-deleted-app.html" rel="noopener noreferrer" targ
Wed, November 14, 2018
The world's most evil phishing test, and cyborgs in the workplace
Does your employer want to turn you into a cyborg? Was this phishing test devised by an evil genius? And how did a cinema chain get scammed out of millions, time and time again...? Oh, and the subject of erasable pens comes up again. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Scott Helme. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Scott Helme. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Cinema Chain Sees Bad Movie Script Play Out As It Loses Millions In Email Scam — Martijn Grooten writes on Forbes. Internet con men ripp
Wed, November 07, 2018
An Instagram nightmare, crazy iPhone deaths, and election hack claims
One travel blogger finds you don't have to be Kylie Jenner to be targeted by an Instagram hacker. When 40 iPhones at a hospital mysteriously die, what could be the explanation? And, surprise surprise, political parties in the USA are throwing around hacking accusations. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Naked Security's Mark Stockley. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Mark Stockley. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
Wed, October 31, 2018
Ethical dilemmas, Girl Scouts, and porn-loving US officials
Who deserves to die in a driverless car crash? Who has been sniffing around the Girl Scouts' email account? And just how long would it take for a geologist to visit 9,000 adult web pages? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by journalist and "Friends" fan Dan Raywood. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dan Raywood. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Self-Driving Cars: The Ethical Dilemma — YouTube. Moral Machine — A platform for gathering a human perspective on moral decisions made by machine intelligence, such as self-driving cars. Moral Machine - Human Perspectives on Machine Ethics —
Wed, October 24, 2018
Rule 34, Twitter scams, and Facebook fails
A Facebook friend request leads to arrest, Twitter scams ride again via promoted ads, and adult websites expose their members. Oh, and Graham finds out what Rule 34 is. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support
Wed, October 17, 2018
IoT failures, and Donald Trump dating disaster
Yes, Smashing Security has reached its 100th episode! Despite our celebratory mood, we don't forget to take a look at the security stories of the last week - including an alarming IoT failure and a dating app disaster for Donald Trump devotees. All this and much more is discussed in this very special 100th edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 4
Wed, October 10, 2018
099: Passwords - A Smashing Security splinter (replay)
With Carole in the wilds of Canada, and Graham knee-deep in a security conference in Glasgow, we drag an episode out from the archives of February 2017 - looking at the thorny subject of passwords. Join computer security veterans Graham Cluley , Carole Theriault , and Vanja Švajcer as they offer some advice and tips for computer users. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Vanja Švajcer. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Smashing Security merchandise (t-shirts, mugs, stickers and stuff) This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Wed, October 03, 2018
098: A Facebook omnishambles
Millions of Facebook user accounts put at risk after hack! The UK Conservative party's conference app causes a privacy omnishambles! And Facebook (again) has been doing something naughty with the phone numbers you give it for security reasons! Oh, and Maria gets very excited about something to do with Star Trek. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor Support Smashing Security Links: Our Podcast Awards trophy acceptance video — Even though we didn't actually win, we still thought you might like to see it. <a href="https://
Wed, September 26, 2018
097: Dash cam surveillance, robocall plague, and Zoho woe
Why was Zoho's website taken offline by its own domain registrar? How are dash cams making you less secure? And why are robocalls on the rise in the United States? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Cyberwire's Dave Bittner. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Dave Bittner. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Update on Zoho Services Disruption - Zoho Blog Zoho CEO Sridhar Vembu asks for help on Twitter Whoa – oh no, Zoho: Domain name no-show deals CRM biz, 40m punters a crushing blow Domain registrar oversteps taking down Zoho domain, impacts over 30Mil users Blackvue Dash-Cams Broadcasting Live Video and GPS of Your Car PUB
Wed, September 19, 2018
096: Bribing Amazon staff, and blinking deepfakes
Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee's bitcoin bet, and our guest gets a shock... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week (for a while at least) by David Bisson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David Bisson. Sponsored By: Boxcryptor : Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor Support Smashing Security Links: 'Pull your finger out' - the phrase's meaning and origin Amazon Investigates Employees Leaking Data for Bribes - WSJ Amazon staff said to be taking bribes to leak data Crooked firms bribe customers with free gifts to leave fa
Wed, September 12, 2018
095: British Airways hack, Mac apps steal browser history, and one person has 285,000 texts leaked
Malicious script is being blamed for the British Airways hack, Trend Micro's apps are booted out of the Mac App Store for snaffling private data, and Paul Manafort's daughter wants Twitter to remove a link. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by David Emm of Kaspersky Lab. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David Emm. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: A Deceitful 'Doctor' in the Mac App Store Alert: Adware Doctor stealing your files - YouTube video Apps that steal users' browser histories kicked out of the Mac App store Trend Micro apologises after Mac apps found scooping up users' browser history <a href="https://www.grahamcluley.com/british-airways-hacked-customer-data-and-details-of-380000-card-payments-stolen/" title="British Airways hacked - customer data and details of 380,000 card payments s
Wed, September 05, 2018
094: Rogue browser extensions, Twitter presence, and how to cheat in exams
What's the danger when browser extensions go bad? Is Twitter sharing your online status a boon for stalkers? And which of the show's hosts is going to admit to cheating in their exams? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by technology journalist David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David McClelland. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: MEGA.nz Chrome extension caught stealing passwords, cryptocurrency private keys Security warnings for MEGA Chrome extension users Twitter t
Wed, August 29, 2018
093: Abandoned domains and dating app dangers
How do fraudsters exploit abandoned domains to steal your company's secrets? How can you better protect your privacy when looking for love online? And who has the longest arms in the animal kingdom? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who were joined briefly by a man in a wind tunnel for this episode. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: What do the drsolomon.com and sands.co.uk domains look like now? Hacking law firms with abandoned domain names <a href="https://www.bleepingcomputer.com/news/security/fraudsters-can-access-sensitive-information-from-abandoned-domains/" title="Fraudsters Can Access Sensitive Information from Abandoned Domains" rel="nofoll
Wed, August 22, 2018
092: Hacky sack hack hack
Is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm's files? And why on earth would a firm of lawyers start producing pornographic videos? You'll be surprised by the answers! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Paul Ducklin. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Paul Ducklin. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound The hidden data danger of the ‘Connected’ car Your BMW or Merc may also be at risk of being hacked, because of
Wed, August 15, 2018
091: Sextortion, Las Vegas hotels, and Alex Jones
Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they won't be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banned from Twitter? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: The Podcast Awards - The People's Choice Sex extortion emails now quoting part of their victim's phone number <a href="https://isc.sans.edu/forums/diary/New+Extortion+Tricks+Now+Including+Your+Partial+Phone+Number/23982/" title="New Extortion Tricks: Now Including Your (Partial) Phone Number!
Wed, August 08, 2018
090: Fortnite for Android, and the FCC's DDoS BS
Fortnite players are told they'll have to disable a security setting on Android, the FCC finally admits that it wasn't hit by a DDoS attack, and Verizon's VPN smallprint raises privacy concerns. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by David Bisson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: David Bisson. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: You'll have to disable a recommended Android security setting to install Fortnite Fortnite is putting users at risk, to prove a point about Google's Android monopoly Introducing Android 9 Pie Safe-WiFi Wireless Private Network - Verizon Wireless <a href="https://motherboard.vice.com/en_us/article/a3q4gz/verizon-didnt-bother-to-write-a-privacy-policy-for-safe-wi-fi-privacy-p
Wed, August 01, 2018
089: Data breaches, ransomware, Bitcoin robberies, and typewriters
Ransomware rears its head again, Dixons Carphone reveals its data breach was almost 1000% worse than they previously thought, a man is accused of stealing five million dollars worth of cryptocurrency through hijacking mobile phones, and a Canadian guy called Norman is rushing to get the typewriters out of storage. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by journalist Geoff White. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Geoff White. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Shipping company’s networks in the Americas crippled by ransomware attack Yahoo addresses used by Cosco following ransomware attack <
Wed, July 25, 2018
088: PayPal’s Venmo app even makes your drug purchases public
Websites still using HTTP are marked as "not secure" by Chrome, 85,000 Google employees haven't been phished for a year, and if you're buying drugs via PayPal’s Venmo app you should say goodbye to privacy. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Scott Helme. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Special Guest: Scott Helme. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Vote for Smashing Security in the podcast awards! Smashing Security 039: Woah - are we talking to a cyborg? Google: Security Keys Neutralized Employee Phishing Yubico Less than 10% of Gmail users have enabled two-factor authentication <a href="https://landing.google.com/advancedprotection/" title="Google's Advanced Protection Program" rel="nofollow"
Wed, July 18, 2018
087: How Russia hacked the US election
Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier things being done in the name of surveillance. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault . Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Vote for Smashing Security in the podcast awards! Scammers strike as Elon Musk retracts vile Twitter accusation against cave rescuer Donald Trump 'encourages Russia to hack Clinton emails' - YouTube <a href="https://www.justice.gov/file/1080281/download" title="Indictment against
Wed, July 11, 2018
086: Elon Musk submarine scams and 2FA bypass
The world has been gripped with the story of that soccer team, those poor boys... but enough about England's World Cup hopes being dashed, it's time for another episode of "Smashing Security". Crypto scamming Thai cave rescue scoundrels! $25 million to make anti-fake news videos! TimeHop data breach! Phone number port out scams! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by the author of "Social media is bullshit", B J Mendelson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: B J Mendelson. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Vote for "Smashing Security" in the Podcast Awards Thai Cave rescue scammers pose as Elon Musk Why was Elon Musk at the Thai cave rescue? The full story of Thailand’s extraordinary cave rescue Bad Checks: Twitter's Identity Crisis Is Costing Users More T
Wed, July 04, 2018
085: Doctor Who, Facebook patents, and Bob's Burgers
Doctor Who's TARDIS has sprung a data leak, Facebook's creepy patents are unmasked, and an app to keep women safe on dates has surprising origins. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Maria Varmazis . Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: BBC Goes to Court to Identify 'Doctor Who' Leaker Doctor Who episodes leak online - should you download them? Reality Winner pleads guilty after being unmasked by microdots
Wed, June 27, 2018
084: No! My voice is not my password
Who's been collecting the voice prints of millions of people saying "My voice is my password"? Why has it become tougher for law enforcement to scoop up cellphone data? And who's been turning up your central heating? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by John Hawes of AMTSO. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: VirusTotal : VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks. Find out more at https://www.virustotal.com/learn Support Smashing Security Links: Voice ID showcases latest digital development for HMRC customers HMRC takes 5 million taxpayers’ Voice IDs without consent – Big Brother Watch UK taxman has amassed voice profiles of 5.1 million taxpayers BBC fools HSBC voice recognition security system Knock down ginger — What Graham meant to say when he referred to "Postman's knock" <a href="https://www.eff.org/deeplinks/2018/06/victory-supreme-court-says-fourth-amendment-applies-cell-phone-tracking" title="Victory!
Wed, June 20, 2018
083: Fake email derails clarinetist's dream
Hell hath no fury like a jealous clarinetist's girlfriend! Your Google ChromeCast could be letting stalkers find out where you live! And why on earth is Graham recommending people write their passwords down in a book!? Join computer security veterans Graham Cluley and Carole Theriault on a shorter episode of the "Smashing Security" podcast than normal, as they're awfully busy touring up and down the country doing things in front of live audiences. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: View from Carole's hotel room in Manchester Eric Abramovitz plays the clarinet - YouTube McGill music student awarded $350,000 after girlfriend stalls career Eric Abramovitz vs Jennifer (Jooyeon) Lee - Court documents Google’s Newest Feature: Find My Home <a href="https://www.pcper.com/reviews/General-Tech/Steve-Gibsons-Three-Rou
Wed, June 13, 2018
082: World Cup cybersecurity, crypto crashes, and a bang of a password fail
Coinrail cryptocurrency exchange goes offline after hack, Russia appears to be 'live testing' cyber attacks, and Florida stopped running background checks on gun buyers because of forgotten password. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by The Register's football-mad John Leyden. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Leyden. Sponsored By: VirusTotal : VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks. Find out more at https://www.virustotal.com/learn Support Smashing Security Links: Bitcoin price takes a dive after another cryptocurrency exchange hack Mikko Hypponen on Twitter explains why cryptocurrency exchanges get hacked $1m by 2020: John McAfee will still ‘eat his own d*ck’ if he’s wrong about Bitcoin 2018 FIFA World Cup Russia <a href="https://www.theregister.co.uk/2018/06/08/gchq_f
Wed, June 06, 2018
081: Hacker no-hopers, Wessex Water has a word, and we win an award
The mastermind behind the Owari botnet doesn't seem to have learnt anything from his victims, and someone at Wessex Water forgets to remove an embarrassing sentence from a letter sent to customers... All this and much much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who recorded a shorter podcast than normal this week as they were far too busy recovering from receiving the best security podcast award! Follow the award-winning show on Twitter at @SmashinSecurity , or visit our website for more award-winning episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the award-winning episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: We did it! Smashing Security’s Carole celebrates with the best security podcast award!… Full results from the Infosec18 European Blogger Awards Hacker Fail: IoT botnet command and control server accessible via default credentials Pwn goal: Hackers used the usern
Wed, May 30, 2018
080: Country bans Facebook, eavesdropping Alexa, and PornHub VPN
The country of Papua New Guinea is planning a month-long nationwide ban of Facebook, PornHub wants to keep your online activities more private, and Amazon Alexa forwards a married couple's private conversation to a random contact. All this and much much more is discussed in the latest 100% GDPR-compliant edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by ESET's Tommi Uhlemann. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Tommi Uhlemann. Sponsored By: VirusTotal : VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks. Find out more at https://www.virustotal.com/learn Support Smashing Security Links: Papua New Guinea to ban Facebook for a month Shutting down facebook in PNG is a reality Pornhub launches VPNhub, a VPN service with free, unlimited bandwidth Pornhub hack: Hackers hijacked ads with malware in year-long attack Be cautious, free VPNs are selling your data to 3rd parties <a href="https://www.theverge.com/2018/5/28/17402154/how-to-see-amazon-ech
Wed, May 23, 2018
079: Mugshots, mobile mania, and backend gurus
A website which demands money if you want your police mugshot removed, could "sharenting" lead to a rise in fraud and identity theft, and how could the FBI have overcounted encrypted phones so badly? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Vote for Smashing Security! Smashing Security LIVE on Tour! Court documents about Mugshots.com case All of Mugshots.com’s alleged co-owners arrested on extortion charges 'Sharenting' puts young at risk of online fraud Pare
Wed, May 16, 2018
078: Hounds hunt hackers, too-human Google AI, and ethnic recognition tech - WTF?
Dogs are trained to sniff out hackers' hard drives, facial recognition takes an ugly turn, and do you trust Google to book your hair appointment? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by investigative journalist Geoff White. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Geoff White. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Vote for Smashing Security in the European Security Blogger Awards! See Smashing Security LIVE! K-9 Helps Concord Cops Nab Student Hacker Who Upped Grades Ferris Bueller's Day Off - hacking the computer -YouTube Police Use Dog To Find Memory And Hard Drives In Search Dog Can Sniff Out Hidden Cellpho
Wed, May 09, 2018
077: Why Paris Hilton doesn’t use iCloud, lottery hacking, and Facebook dating
The tricky-to-pronounce Paytsar Bkhchadzhyan is jailed for hacking Paris Hilton, we hear the story of the man who hacked the lottery and almost got away with $16.5 million, and Facebook thinks it is the perfect partner to find you a date. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by the CyberWire's Dave Bittner. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Dave Bittner. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Paris Hilton's hacker sentenced to 57 months in prison FBI wasn't able to unlock iPhone, even with a 'fingerprint unlock warrant' Paris Hilton Comes Face to Face With Her Hacker in Court - YouTube Tweet by Paris Hilton: "Karma has no menu. You get served what you deserve..." Paris Hilton: Hacked or Not? <a hre
Wed, May 02, 2018
076: Spying phones, hacked ski lifts, and World Password Day
Cheap Android smartphones sold on Amazon have been sending customers' full text messages to a Chinese server, ski lifts are found to be the latest devices left open to abuse by hackers, and we remind you why password managers are a good idea on World Password Day. Oh, and our guest serenades us with a hit from the 1980s! All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by journalist and broadcaster David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David McClelland. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: See Smashing Security LIVE! Mobile Phone Maker BLU Reaches Settlement with FTC over Deceptive Privacy and Data Security Claims Phone maker settles charges it let partner collect customers’ text messages Backdoor in some Android phones caught secretly sending data to China <a href="https://twitter.com/markhood/status/986556993421836288?s=20" title="U
Wed, April 25, 2018
075: Quitting Facebook
Should you quit Facebook? How do you delete your Facebook account? What do you need to consider before leaving Facebook for good? And what's the easiest way to successfully go cold turkey on Facebook? Find out in this special splinter episode of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: How do I download a copy of my information on Facebook? Facebook retracted Zuckerberg’s messages from recipients’ inboxes How do I turn off Facebook's integration with apps, games and websites? How to use "Turn Platform Off" on Facebook for privacy How do I deactivate my Facebook account? <a href="https://www.facebook.com/help/messenger-app/931186400288334?helpref=faq_c
Wed, April 18, 2018
074: Smashing Security isn't bullsh*t
Crime forums on Facebook, fraudsters pose as anti-fraud hotlines, and how big advertising companies are in bed with the rampant data collection of internet giants. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest B J Mendelson, author of "Social media is bullsh*t." Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: B J Mendelson. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Oh look "security expert" Rudy Giuliani shows you how to do a special "dark web scan", courtesy of Experian... Nobody seems to know what Rudy Giuliani's cybersecurity firm actually does Deleted Facebook Cybercrime Groups Had 300,000 Members How to Report Abuse on Facebook Martin Sorrell Resigns as Chief of WPP Advertising Agency <a href="https://www.cnbc.com/2017/01/2
Wed, April 11, 2018
073: Rick Astley: Never gonna hack you up...
Politician admits to hacking a rival's website, T-Mobile Austria ends up in a Twitter security storm, and siren systems are hit by a Rick Astley attack. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Spoof blogger attacks Harman site Harman hack horror has blog backing Boris Harriet Harman resigns! Boris Johnson left hanging on zip wire during Olympic event How to Hack Harriet Harman Top Conservative MP tipped as
Wed, April 04, 2018
072: Why are firms so cr*p with our private data?
Grindr, MyFitnessPal, and Panera Bread. They've all had data breach scares of varying degrees this week. Some handled the security breaches well, some didn't. We took a look at how well different firms are respecting your data privacy. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who don't have a special guest this week. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Grindr Is Letting Other Companies See User HIV Status And Location Data Grindr Will Now Remind You To Get Tested For HIV Grindr to stop sharing HIV status with third parties Hackers steal data of 150 million MyFitnessPal app users MyFitnessPal Security Issue FAQ <a href="https://www.smashingsecurity.com/passwords" title="Smashing Security: Passwords
Wed, March 28, 2018
071: Pony-tailed pundit ponders privacy problems - with Mikko Hyppönen
Endangering your friends online, the fibs told by VPN vendors, developments from the world of cryptomining, and Carole shares an animated GIF with Mikko and Graham. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , joined this week by Mikko Hyppönen from F-Secure. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Mikko Hyppönen. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: Mikko's adventure game "Paha Juttu" at the Finnish Game Museum Download the Paha Juttu Commodore 64 floppy image file (d64) Commodore 64 online emulator (load a d64 file into this) Mat Johnson's tweet about Facebook logging his phone calls and texts Fact Chec
Wed, March 21, 2018
070: Facebook and Cambridge Diabolica
It’s not fair to describe what happened at Facebook and Cambridge Analytica as a data breach - it’s much worse than that. An autonomous Uber vehicle kills a pedestrian. And sextortion continues to be a serious problem. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are joined this week by researcher Scott Helme. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Scott Helme. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach Revealed: Trump’s election consultants filmed saying they use bribes and sex workers to entrap politicians Cambridge Analytica's grab of 50 million Facebook users' data Cambridge Analytica controversy: Was there a Facebook data breach?
Wed, March 14, 2018
069: Cryptomining, China, and Bob Ross
How come Apple's Mac App Store authorised a buggy app that mined for cryptocurrency in the background? How can a Mosquito attack steal data from an air-gapped computer? And is China keeping score on its social media-loving citizens? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are joined this week by special guest John Hawes. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: There’s a currency miner in the Mac App Store, and Apple seems OK with it A Surreptitious Cryptocurrency Miner in the Mac App Store? MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data MOSQUITO earbuds: Jumping air-gaps via speaker-to-speaker communication - YouTube <a href="http://www.bbc.co.uk/news/business-43335813" title="Would you choose a partner based on their 'citizen score'?" re
Wed, March 07, 2018
068: Malware from outer space!
If aliens did contact us would it be safe to open the email? Why would MoviePass track film lovers after they leave the cinema? Would you know how to get around Malaysia when your car rental website lets you down? And will Graham please stop talking about text adventure games? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are joined this week by journalist (and possible spy) James Thomson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: James Thomson. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: Eurozine discusses disinformation and democracy Malware from Space Interstellar communication. IX. Message contamination is impossible (PDF) MoviePass CEO proudly says the app tracks your location before and after movies CEO Mitch Lowe Says MoviePass Will Reach 5 Million Subs by End of Year </l
Thu, March 01, 2018
067: Cyber stalking and gun control
Incognito mode on your browser not as private as you think, consumer spyware companies get hacked, Graham is accused of "multitasking" in his hotel room, and Carole champions the students of Parkland, Florida. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who recorded without a special guest this week. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Support Smashing Security Links: How to go 'Incognito' on your web browser, and what it means Your private browsing isn’t as incognito as you want it to be Veil is private browsing for the ultra-paranoid Hacker Strikes ‘Stalkerware’ Companies, Stealing Alleged Texts and GPS Locations of Customers <a href="https://web.archive.org/web/20180220162944/https://www.spymasterpro.com/blog/spy-on-your-partners-phone-this-valentine/" title="Spy on Your Valentine Using Spy Software" rel="n
Wed, February 21, 2018
066: Passwords, pirates, and postcards
Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault , who are joined this week by special guest The CyberWire's Dave Bittner. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Dave Bittner. Sponsored By: Rapid7 : InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Support Smashing Security Links: FSLabs' A320 installer seems to include a Chrome password extraction tool Flight Simulator Add-On Tried to Catch Pirates By Installing Password-Stealing Malware on Their Computers A320-X DRM clarification - Flight Sim Labs Forums <a href="https://medium.com/@lukegorman97/flightsimlabs-alleged-malware-analysis-1427c4d23368" title="FlightSimLabs Alleged
Thu, February 15, 2018
065: Cryptominomania, Poppy, and your Amazon Alexa
Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. Rapid7 : InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr Support Smashing Security Links: Government websites hijacked by cryptomining plugin Russian nuclear scientists arrested for allegedly hijacking supercomputer to mine Bitcoins Now that's taking the p... Sewage plant 'hacked' to craft crypto-coins <a href="https://www.grahamcluley.com/salon-website-gives-choice-turn-off-ad-blocker-let-us-mine-cryptocurrencies/" title="Salon website gives you a choice: turn off your ad blocker or let us mine cryptocurrencies" rel
Wed, February 07, 2018
064: So just a "teeny tiny" security issue then?
A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest HaveIBeenPwned's Troy Hunt. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Troy Hunt. Sponsored By: MetaCompliance : People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management. Go to smashingsecurity.com/metacompliance Promo Code: SMASHING Rapid7 : InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr Support Smashing Security Links: Namecheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-Domains That’s not how security works, security is not obscurity Update on Recent Hosting Breach - Namecheap Blog Have I been pwned? Pwned Passwords <a href="https://www.troyhunt.com/how-long-is-long-enough-minimum-password-lengths-by-the-worlds-top-sites/" title="How Long is Long Enough? Minimum Password L
Thu, February 01, 2018
063: Carole's back!
Fitness trackers breaching your privacy, how anyone can create convincing celebrity porn, and how ransomware authors are getting ripped off by scammers. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: Chess CyberSecurity : Chess CyberSecurity is taking the pulse of the IT nation. Complete their three-minute quiz and you could win amazing prizes - including limited edition t-shirts, wireless headphones, an iPad Pro and a Sony PS4. Support Smashing Security Links: Strava's Global Heatmap Nathan Ruser tweets about Strava's global heatmap Privacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared online Thar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombs Advanced Deanonymization through Strava Fake celebrity porn is blowing up on Reddit, thanks to artific
Wed, January 24, 2018
062: Tinder spying, Amazon shoplifting, and petrol pump malware
Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money. With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more with special guests David McClelland and Vanja Švajcer. Follow the "Smashing Security" podcast on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guests: David McClelland and Vanja Švajcer. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. CloudBerry Lab : Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private. Support Smashing Security Links: Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes Tinder drift demo - YouTube Using public Wi-Fi - a Smashing Security splinter Watchdog Wednesday: WiFi hackers - BBC <a href="https://www.theregister.co.uk/2016/12/23/apple_drops_requirement_for_apps_to_use_https_by_2017/" title="Apple drops requirement for apps to use HTTPS by 2017" rel="nofoll
Wed, January 17, 2018
061: Fallout over Hawaii missile false alarm
User interfaces and poor procedures lead to pandemonium in Hawaii, hackers are attempting to trick victims into opening cryptocurrency-related email attachments, and yet more pox-ridden apps are found in Android's Google Play store. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Paul Ducklin. Sponsored By: LastPass : LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses. CloudBerry Lab : Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private. Support Smashing Security Links: Hawaii's ballistic missile false alarm and a user interface failure Hawaii missile alert: How one employee ‘pushed the wrong button’ and caused a wave of panic What Hawaii Was Like After the False Nuclear Alarm <a href="https://nakedsecurity.sophos.com/2018/01/12
Wed, January 10, 2018
060: Meltdown, Spectre, and personal devices in the White House
The chips are down, as tech companies struggle to protect against the Meltdown and Spectre flaws. The White House is getting tough on leakers by banning personal devices from the West Wing. And someone has been embedding a Bitcoin wallet into their hand... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David McClelland. Sponsored By: CloudBerry Lab : Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private. Support Smashing Security Links: Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads Spectre? Meltdown? F*CKWIT? Calm down and make yourself some tea Until your anti-virus adds this Registry key, you aren't getting any more Windows security updates Important information about Microsoft Meltdown CPU security fixes, antivirus vendors and you Ouch! Microsoft's Meltdown and Spectre security update bricks some AMD-powered PCs</
Wed, January 03, 2018
059: An intro to Bitcoin and Blockchain
In this special "splinter" episode of the "Smashing Security" podcast we take a look at Bitcoin and Blockchain. What's all the fuss about cryptocurrencies? How can you protect your Bitcoin wallet? And how does the Blockchain work? Lots of questions, and Graham offers to sell his family. Listen to the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Peter Ullrich of the "Explain Blockchain" podcast. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Peter Ullrich. Support Smashing Security Links: Bitcoin Resources from Jameson Lopp Mastering Bitcoin book by Andreas Antonopoulos Explain Bitcoin Like I’m Five Bitcoin Exchanges Silk Road's Ross Ulbricht sentenced to life in prison, without parole Bitcoin Energy Consumption Index Jaxx mobile cryptocurrency wallet Trezor hardware Bitcoin wallet "Explain Blockchain" podcast Smashing Security on Facebook Smashing Security merchandise (t-shirts, mugs, stickers and stuff) This podcast uses the following third-party servi
Wed, December 20, 2017
058: Face ID, Firefox, and Windows SNAFUs, plus Bitcoin FOMO
Is Face ID racist? Has Mr Robot infected your Firefox browser? Has Microsoft pushed a buggy password manager onto your Windows PC? All this and much much more is discussed in the special first birthday edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original co-host Vanja Švajcer. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Vanja Švajcer. Sponsored By: OneLogin : OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation. Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/onelogin Support Smashing Security Links: Smashing Security #001: "One cup, two hotel guests" - YouTube Mozilla Slipped a ‘Mr. Robot’-Promo Plugin into Firefox and Users Are Pissed This Looking Glass/Mr Robot sh*t really p*sses me off - Reddit <a href="https://support.mozilla.org/en-US/questions/1194583" title="Unknown Mozilla dev addon "Looking Glass 1.0.3" on browser... or is it just malware?
Wed, December 13, 2017
057: Mikko Hyppönen - live from the sauna - talks Bitcoin security
How to protect yourself from Bitcoin hackers, why you should think twice before giving Amazon the keys to your house, and how a private investigator tried to hack Donald Trump's tax returns. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen from F-Secure. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Mikko Hyppönen. Sponsored By: OneLogin : OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation. Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/onelogin NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: Mikko Hypponen has his ponytail hair cut. - YouTube <a href="https://www.f-secure.com/en/web/business_global/our-approach/cyber-security-sauna" title="Cyber Secur
Wed, December 06, 2017
056: Peeping Toms, prison hacks, and parliamentary passwords
Why you should check your Airbnb for hidden cameras, a hacker attempts a different kind of jailbreak, and British MPs prove that they really are clueless when it comes to cybersecurity. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Ian Whalley. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Ian Whalley. Sponsored By: OneLogin : OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation. Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/onelogin NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: The lax computer security of British MPs - as detailed in their own tweets <a href="https://twitter.com/Na
Thu, November 30, 2017
055: Uber, net neutrality, and website hacks
Uber covers up a data breach, the noose tightens on net neutrality, and Bulletproof's website spills the data beans. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by umm.. nobody because they didn't arrange a special guest. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: Uber paid hackers $100,000 to keep data breach quiet Bulletproof breach notification letter to customers (PDF) Bulletproof Coffee lacks bulletproof security: Nerd brain juice biz hacked, cards gulped Net Neutrality: What You Need to Know Now Racist, threatening attacks on FCC Chair Ajit Pai won't save net neutrality <a href="https://www.theverge.com/2017/11/23/16694128/net-neutrality-protests-fcc-ajit
Wed, November 29, 2017
054: A great big fat macOS bug
Yes, you can log into macOS High Sierra's root account with no password. In this special "emergency" edition of the podcast computer security veterans Graham Cluley and Carole Theriault discuss the breaking news of a serious Apple macOS bug that allows anyone to log into your Mac with root admin rights, without having to enter a password. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Support Smashing Security Links: Tweet by Lemi Ergin Huge MacOS bug lets anyone login as root without a password: what you need to know How to enable the root user on your Mac or change your root password - Apple Support Smashing Security on Facebook Smashing Security merchandise (t-shirts, mugs, stickers and stuff) This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Wed, November 22, 2017
053: Game of Thrones, a major Amazon cloud leak, and web tracking gone crazy
The FBI think they've identified the HBO hacker, the US military have been caught with a leaky bucket, and web tracking has just got scarier than ever. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Iain Thomson. Support Smashing Security Links: Uber paid hackers $100,000 to keep data breach quiet HBO offered its hackers $250,000 after attack, leaked email claims Game of Thrones stars’ personal phone numbers leaked, as HBO hackers attempt to extort ransom Smashing Security 037: Boobs, dragons and data breaches Iranian ‘Game of Thrones’ Hacker Demanded $6 Million Bitcoin Ransom From HBO, Feds Say Sealed Indictment Over 400 of the World's Most Popular Websites Record Your Every Keystroke, Princeton Researchers Find <a href="https://freedom-to-tinker.com/2017/11/15/no-boundaries-ex
Wed, November 15, 2017
052: Facebook tackles vengeful scumbags, and a sex toy privacy boob
Is your dildo listening to you? Do you trust Facebook with your most intimate photos? And just how did a vengeful DDoSer come up with that nickname? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest John Hawes. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: Give Facebook your nude pics to tackle revenge porn The Facts: Non-Consensual Intimate Image Pilot Using Technology to Protect Intimate Images and Help Build a Safe Community Sex toy company admits to recording users' remote sex sessions, calls it a 'minor bug' PSA: Lovense remote control vibrator app recording "private" sessions without express permission </l
Thu, November 09, 2017
051: Robots, romance, passwords, and CrunchyRoll
Passwords are under the microscope again, CrunchyRoll leads anime fans to malware, a sexy robot gains Saudi citizenship, and Carole begins her career as an agony aunt. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: LastPass reveals the threats posed by passwords in the workplace One in five security professionals still uses paper to manage privileged passwords Passwords - a Smashing Security splinter PSA : Don't enter crunchyroll.com at the moment, it seems they've been hacked Blaze's Security Blog: CrunchyRoll hack delivers malware Crunchyroll
Thu, November 02, 2017
050: MailChimp, Piers Morgan, and The Dark Overlord
There's little time to celebrate our 50th episode, because there are rants to be had about MailChimp's switch to single opt-in, Graham upsets Piers Morgan on Twitter, and the Dark Overlord hacking gang are up to some pretty horrid tricks. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who didn't bother to organise a special guest this week. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Enterskekt : Entersekt develops authentication and mobile security solutions that make the internet a safer place to bank and shop. Join Entersekt's webinar which promises to tell you EVERYTHING you need to know about "The secret key to PSD2 compliance" by visiting https://www.smashingsecurity.com/entersekt Support Smashing Security Links: Graham declines to appear on Good Morning Britain Piers Morgan responds to Graham Piers Morgan tells Leveson: Daily Mirror did not hack phones Piers Morgan told me how to hack a phone, says Jeremy Paxman <a href="https://www.theguardian.com/media
Wed, October 25, 2017
049: Hacking funeral homes, crypto mining websites, and careful with that hairspray
Scammers show a lack of imagination after hacking a funeral home, more websites are secretly stealing visitors' resources to mine for cryptocurrency, and everyone is very confused about the USA's airline laptop ban. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's John Leyden. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Leyden. Sponsored By: Enterskekt : Entersekt develops authentication and mobile security solutions that make the internet a safer place to bank and shop. Join Entersekt's webinar which promises to tell you EVERYTHING you need to know about "The secret key to PSD2 compliance" by visiting https://www.smashingsecurity.com/entersekt NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: Local funeral home gets hacked in the middle of the night leaving employees without access Local business' Yahoo! account hacked Smashing Security: 014: Protecting webmail <a href="https://www.theregister.co.uk/2017/10/19/mal
Wed, October 18, 2017
048: KRACK, North Korea, and an 18th century cyber attack
KRACK! Has the Wi-Fi vulnerability got you worried? Did North Korea hack a British TV company to prevent a "slanderous farce" from being made? And what have Dutch police learnt from Pokémon? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Virus Bulletin's Martijn Grooten. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Martijn Grooten. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: UK TV drama about North Korea hit by cyber-attack - BBC News The World Once Laughed at North Korean Cyberpower. No More. - The New York Times Naked Attraction: Channel 4 show returns and viewers observe 'missing detail' on female contestants | The Independent 'Krack' wi-fi breach means every modern network and device is vulnerable to hac
Wed, October 11, 2017
047: Kaspersky, AI, and a well-handled data breach
America turns the heat up on Kaspersky anti-virus, Disqus announces a data breach, Elon Musk plans a bolthole on Mars to escape our robot overlords, and Graham gets to play chess with Garry Kasparov. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David McClelland. Sponsored By: NetSparker : NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them. If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker. Download a free demo now. Support Smashing Security Links: Altered Images - Happy Birthday Graham met Garry Kasparov Graham about to lose a game of chess to Garry Kasparov Sign in Office Depot store (via @gadievron on Twitter) Kaspersky accused of close ties to sauna-loving Russian spies Russian Hackers Stole NSA Data on U.S. Cyber Defense - WSJ <a href="http://www.zdnet.com/article/what-role-did-kaspersky-play-in-nsa-data-theft/" t
Wed, October 04, 2017
046: Good beard bad beard
Bearded man entangled in dark web drugs market bust, Google researches how to make browser security warnings less confusing, and (ahem) "bedroom entertainment systems" probed for security holes. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Rich Baldry. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Rich Baldry. Support Smashing Security Links: Feds catch a lord of the 'dark web' suspected of drug deals - Miami Herald Trip to world beard competition ends in arrest for alleged dark web drug dealer - The Guardian Austin Facial Hair Club The World Beard and Moustache Championships Glorious Portraits from the 2017 World Beard And Mustache Championship Where the wild warnings are: Root causes of Chrome HTTPS certificate errors [PDF] Screwdriving. Locating and exploiting smart adult toys - Pen Test Partners <a href="https://forums.theregister.co.uk/forum/1/2017/04/04/intimate_adult_toy_fails_penetration_test/" title="Wi-Fi sex toy with built-in camera fails penetration test - The Registe
Wed, September 27, 2017
045: Deloitte fail, CCleaner, and dotards on Twitter
Deloitte suffers an embarrassing hack, CCleaner spreads malware, and Twitter explains why it isn't planning to ban Donald Trump from Twitter anytime soon. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Phil Wood of Cisco. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Phil Wood. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: Graham Cluley on Twitter: "Turns out I slept in a cheesegrater last night" Deloitte hit by cyber-attack revealing clients’ secret emails - The Guardian Source: Deloitte Breach Affected All Company Email, Admin Accounts — Krebs on Security Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked' • The Register CCleanup: A Vast Number of Machines at Risk - Talos Intelligence blog <a href="http://blog
Mon, September 25, 2017
044: Bonus behind the scenes - shower time
Carole wants to know why Graham keeps FaceTiming her from the shower. Can you help solve the mystery? ("Bonus" behind-the-scenes content.) Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Wed, September 20, 2017
043: Backups - a necessary evil?
In this special "splinter" episode of the "Smashing Security" podcast we tackle the tricky subject of backups - when did you last backup your data? how and what should you backup? and where should you store them? Lots of questions and Graham gets to do his Tina Turner impression. Listen to the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: Tina Turner - Private Dancer - YouTube The Ed Sullivan Show - 'Baranton Sisters' - “Foot Jugglers” (Aired February 2, 1969) - YouTube How to create a robust data backup plan (and make sure it works) How to back up your iPhone, iPad, and iPod touch - Apple Support How to back up your Android phone or tablet: The ultimate guide Crashplan stops offering its consumer backup solution <a href="https://www.car
Wed, September 13, 2017
042: Equifax, BlueBorne, and the iPhone X
Equifax's shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple's iPhone X comes with Face ID. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik of AlienVault. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Javvad Malik. Sponsored By: Rapid7 : Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now. Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now. Support Smashing Security Links: We tested Equifax's data breach checker — and it's basically useless | ZDNet Equifax hack: 44 million Britons' personal details feared stolen in major US data breach "The front page of Equifax's UK website. They don't seem to have room to mention the data breach affecting up to 44 million Brits." - Twitter Chatbot lets you sue Equifax for up to $25,000 without a lawyer - The Verge How to protect yourself in the wake of the Equifax data breach <a href="https://krebsonsecurity.com/2017/
Thu, September 07, 2017
041: Hacking Instagram, facial failures, and spying bosses
It's easy to phone up a celebrity on Instagram following security breach, facial recognition at Notting Hill Carnival can't tell the girls from the boys, and companies are spying on their workers' activities. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest David Bisson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David Bisson. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: "Who Is Marcus Hutchins?" — Krebs on Security Ahem, Kim Kardashian Is Naked Up A Tree - Huffington Post Hackers Claim Apparent Instagram Fightback Will Not Stop Them From Selling Stolen ‘Doxagram’ Data - The Daily Beast A Note on Security from Instagram’s CTO - Instagram Blog London police’s use of facial recognition falls flat on its face – Naked Security <a href="https://www.liberty-human-rights.o
Wed, August 30, 2017
040: The show that cost Troy Hunt 14 dollars
Are public figures lying about being hacked? What were online criminals doing with 711 million email addresses? And how could scammers profit from Hurricane Harvey? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Troy Hunt. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Troy Hunt. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: Trump appointee says for the 'past several years' he has been the victim of 'multiple cyber attacks' — Graham Cluley. Trump appointee: Comment calling Obama's mother a 'w@!re' result of 'Internet crimes' against me — CNN. Inside the Massive 711 Million Record Onliner Spambot Dump — Troy Hunt. Have I been pwned? — Check if your email has been compromised in a data breach Harvey Hoax: There are no sharks on Houston's flooded freeways — WCVB 5. <a href="http://www.dailymail.co.uk/news/article-4830676/Photo-planes-flooded-Houstin-
Thu, August 24, 2017
039: Woah - are we talking to a cyborg?
Hackers could change emails in your inbox after they are delivered, the web is getting more and more encrypted, and hacked robots can be commanded to umm... stab you. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by researcher Scott Helme. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Scott Helme. Sponsored By: Rapid7 : Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now. Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now. Support Smashing Security Links: Introducing the ROPEMAKER Email Exploit — Mimecast. Did ROPEMAKER just unravel email security? Nah, it's likely a feature — The Register. Measuring HTTPS adoption on the web [USENIX 17] — Research presented by Adrienne Porter Felt (Google) and April King (Mozilla). Alexa Top 1 Million Analysis - August 2017 — Scott Helme's report. ALPHA 2, The World's First Humanoid Robot for the Family — YouTube. UBTech Alpha 2 turns Chucky — YouTube <a href="http://www.itpro.co.uk/security/29275/researchers-warn-against-hackable-robots" title="Researchers warn against 'hackable' robots " rel="
Thu, August 17, 2017
038: Gents! Stop airdropping your pics!
WannaCry hero Marcus Hutchins (aka MalwareTech) pleads not guilty to malware charges, the Scottish parliament is hit by a brute force attack, IoT smart locks aren't so smart, and.. ahem.. someone is sending intimate pics via AirDrop to unsuspecting commuters. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Geoff White. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: "The Secret Life of Your Mobile Phone" — Geoff White's show at the Edinburgh Festival Fringe MalwareTech is back online, as he pleads not guilty to Kronos malware charges — Graham Cluley. Scottish parliament hit by cyber-attack similar to Westminster assault — The Guardian. Hackers try to break into Scottish parliament email accounts weeks after Westminster attack — Graham Cluley. Blocking
Wed, August 09, 2017
037: Boobs, dragons and data breaches
Hackers are holding HBO to ransom after a massive data breach, and have leaked the phone numbers and email addresses of "Game of Thrones" cast members. Has security firm Carbon Black been leaking customers's sensitive files while trying to scan them? And Disney's mobile apps are accused of spying on kids... All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: FBI arrests WannaCry's 'accidental hero' in connection with Kronos banking trojan HBO hack ransom note: Watch the video, set to Game of Thrones music Game of Thrones stars' personal phone numbers leaked, as HBO hackers attempt to extort ransom Markus Ueberall's tweet Movie studio tells all about Dark Overlord's leak of 'Orange Is the New Black' </l
Thu, August 03, 2017
036: Flash? Clunk flush... and hacking security researchers
A security threat researcher is badly hacked in a revenge attack. Some people want to save Adobe Flash, but is that wise? And a poorly-secured electronic billboard starts displaying offensive images... All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Maria Varmazis. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: Hackers Leak Data From Mandiant Security Researcher in Operation #LeakTheAnalyst — Bleeping Computer. Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm — The Next Web LinkedIn profile of a Mandiant employee — Warning - contains image of hairy bottom. This is really here just for Maria. How to choose a strong password - simple tips for better security — YouTube video from 2009, featuring Graham (and filmed by Carole). So, who remembered correctly what we actually said in the video? <a href="http://www.smashingsecurity.com/014-protecting-webmail-a-smashing-security-splinter" title="Smashing Security podcast: Prote
Wed, July 26, 2017
035: Up the Roomba with mandatory Chinese spyware
China is forcing people to install smartphone spyware, young cyberoffenders are offered rehab, and robot vacuum cleaners want to sell maps of the inside of your house to tech firms. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dan Ring. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Dan Ring. Sponsored By: Rapid7 : Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now. Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now. Support Smashing Security Links: Xinjiang Users Arrested over State Spyware Usage — Infosecurity Magazine China crams spyware on phones in Muslim-majority province — The Register. Rehab camp aims to put young cyber-crooks on right track — BBC News. Roomba vacuum maker iRobot betting big on the 'smart' home — Reuters. iRobot Wants to Sell Mapping Data Collected by Roomba Vacuums to a Tech Company Like Apple — Mac Rumors. Griffin BreakSafe Magnetic USB C Charging Cable — To make your upgraded MacBook Pro a little less of a downgrade. <a href=
Thu, July 20, 2017
034: The pen is mightier than the password
The UK government wants you to give your credit card details to porn sites, Ashley Madison offers compensation to the people whose lives it ruined, and an adult website wants you to pass its unorthodox and below-the-belt biometric identity check... gulp! All this and Myspace, Google Glass, Fleabag, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David McClelland. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: BBC One - X-Ray, Summer Specials, Photography Special — Watch David McClelland on iPlayer if you're in the UK. There may also be ways of watching this outside the UK. We couldn't possibly comment... Vladimir Putin Cut From Two Upcoming Hollywood Movies — Hollywood Reporter It's not Yourspace, it's Myspace — Leigh-Anne Galloway shares her research on Myspace's diabolical security. Myspace fixes account security hole - but delete your account anyway The UK will block online porn f
Thu, July 13, 2017
033: 1Password, net neutrality, and spatchcock chicken
Is password manager 1Password treating its customers unfairly? Are autonomous cars driving us around the bend? And what is this Net Neutrality thing anyway? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks from PC Pitstop. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Michael Hucks. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: sweetsweet — Michael's band. Why Security Experts Are Pissed That ‘1Password’ Is Pushing Users to the Cloud — Motherboard report. 1Password irks security experts in push toward cloud-based vaults — AppleInsider report. Are local vaults going to exist for the foreseeable future? — AgileBits Support Forum — 1Password's support forum. 1Password wants you to sync via the cloud, but won't force you <a href="https://www.theverge.com/2017/7/11/15952510/audi-a8-level-3-autonomous-driving-self-parking" title="The new Audi A8
Thu, July 06, 2017
032: The iPhone 8, a data breach at the AA, and a mystery no show
The iPhone 8 is on its way and may use 3D facial recognition rather than a fingerprint sensor to lock out intruders, and the UK's Automobile Association claims it hasn't leaked any credit card data, so why is it getting so upset about security researchers publishing screenshots of leaked data? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by umm.. nobody. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security Links: Yes - despite what it says - AA customer credit card data was exposed Apple Readies iPhone Overhaul for Smartphone’s 10th Anniversary - Bloomberg The World's Blackest Material - An Inside Look At Vantablack — YouTube video. About Touch ID advanced security technology - Apple Support He thought a book would stop a bullet and make him a YouTube star. Now he’s dead. - T
Thu, June 29, 2017
031: Petya (don't know the name of this ransomware)
Another major ransomware outbreak rattles the world - but no-one can decide what it's called, the danger posed to driverless cars by kangaroos, and do you really want an Amazon Echo Show? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest David Bisson. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: David Bisson. Sponsored By: Rapid7 : Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now. Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now. Support Smashing Security Links: Martijn Grooten on Twitter: "Seriously injured man lies next to tree..." — Martijn seems to be suggesting the infosecurity industry might have the wrong priorities. Global ransomware outbreak hits organisations hard Cybereason discovers NotPetya kill switch — You might want to create a file called "perfc" in your Windows folder. Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday — Don't pay the ransom folks... Driverless cars: Kangaroos throwing off animal detection software — Cripes! <a href=
Thu, June 22, 2017
030: GDPR - The good and the bad
In this special "splinter" episode, regular hosts Graham Cluley and Carole Theriault are joined by special guest Kevin Gorsline to discuss the European Union's General Data Protection Regulation (GDPR), and what it means for your business even if you're not based in Europe. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Kevin Gorsline. Support Smashing Security Links: The EU's GDPR legislation — A gentle read before bedtime... EU data protection rules affect everyone, say legal experts — The EU's new data protection rules will impact every entity that holds or uses European personal data both inside and outside of Europe, according to legal experts. Preparing for GDPR - 12 steps to take now (PDF) — Advice from the UK's Information Commissioner's Office. EU GDPR demystified: a straight-forward guide for US firms (Part I) – — Our own Carole Theriault writes about GDPR on the TBG Security blog. EU GDPR demystified: a straightforward reference guide for US firms (Part II) — More from Carole Theriault on the TBG Security blog. This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Thu, June 15, 2017
029: Exploits to get your English teeth into
Microsoft gives us a Patch Tuesday shock, malware grows up for the Mac, and your mouse movements might reveal if you're an identity thief. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik of AlienVault. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Javvad Malik. Sponsored By: Foursys : IT security professionals! Register for your free place at SecureTour17, being held at Manchester United's Old Trafford stadium on July 6 2017, and hear security experts (and Graham) talk about threats and the latest technology to fight them. Support Smashing Security Links: June 2017 security update release — Microsoft reveals it is releasing security updates for older versions of Windows that are no longer officially supported. Microsoft security advisory — Guidance related to June 2017 security update release. Microsoft security advisory - guidance for older platforms MacSpy: OS X RAT as a Service — Information from experts at AlienVault on the MacOS malware-as-a-service threat. MacRansom: Offered as Ransomware as a Service — Fortinet's analysis of MacRansom. <a href="https://qz.com/1003221/identity-theft-can-be-thwarted-by-artificial-intelligence-analysis-of-a-users-mouse-movements/" title="Identity theft can be thwarted by artificial intelligence analysis of a user's mouse movem
Wed, June 07, 2017
024: Reality Winner, Gordon Ramsay and a leaky bucket
Evidence of Russia hacking the US election leaks from the NSA and Reality is not a winner, confidential data is accidentally exposed in the cloud by a defence contractor, and Gordon Ramsay has a few choice words for his hacking father-in-law. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Ian Whalley. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Ian Whalley. Sponsored By: iovation : iovation is offering Smashing Security listeners a free demonstration of its mobile multifactor solution product, LaunchKey, which can be built into your mobile apps, websites and online services to provide a simple, streamlined remote login function. Support Smashing Security Links: The classic era Smashing Security team... reunited at Infosec — Graham and Carole bumped into someone called Vanja Svajcer at the Infosec show in London, and couldn't resist getting a selfie. Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election — The Intercept report which kicked everything off. Affidavit in support of application for Reality Winner's arrest warrant — Read the PDF for yourself. How The Intercept might have helped unmasked Reality Winner to the NSA — David Bisson writes on grahamcluley.com. How The Interce
Wed, May 31, 2017
023: Covfefe
Hackers are blackmailing cosmetic surgery patients, and threatening to release their naked photos. A British Airways IT snafu causes travel chaos for thousands. And Germany is threatening to throw hefty fines at Facebook if it can't police its content properly. All this and "Covfefe" is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest John Hawes. Show notes: Cosmetic surgery hacked. Nude photos and data exposed on the dark web, as hackers blackmail patients - Bitdefender. Lithuanian cosmetic surgery firm's website - Grožio Chirurgija. British Airways: Chaos continues at Heathrow - BBC News. What went wrong at BA? - BBC News. Delta finally explained how one power outage grounded an entire airline - BGR. Facebook said Germany's plan to tackle fake news would make social media companies delete legal content - Business Insider. Sgt. Pepper's Lonely Hearts Club Band - The Beatles. Spanish art restorer, 82, who turned Jesus into a 'hairy monkey' in clumsy restoration of famous work signs merchandising deal as image gets imprinted on T-shirts - Daily Mail. Clash of Clans - Supercell. This is what Candy Crush does to your brain - The Guardian. Sweet Sweet - Reverb Nation. Help Sweet Sweet - Bonnaroo Bound! - GoFundMe. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on <a href= "https://www.grahamclule
Wed, May 24, 2017
022: Walk this way... to defeat biometrics
The Samsung Galaxy S8 claims that its iris recognition technology provides "airtight security", but the Chaos Computer Club knows better and shows how it can be easily bypassed. Australian researchers create a wearable gizmo that authenticates you through your walk, but is it ever going to be practical? Mac malware reportedly wastes no time stealing information from a software developer. And the boss of the Bank of England is smart enough not to fall for an email prankster. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul "Duck" Ducklin. Show notes: Chaos Computer Clubs breaks iris recognition system of the Samsung Galaxy S8 - Chaos Computer Club. Breaking the iris scanner locking Samsung’s Galaxy S8 is laughably easy - Ars Technica. New technology uses the way you walk as a password - CNet. Hofmeister - follow the bear TV advert - YouTube. Monty Python's Flying Circus's Ministry of Silly Walks sketch - YouTube. Source Code for Several Panic Apps Stolen via HandBrake Malware Attack - MacRumors. Bank of England accused of airbrushing Jane Austen on the new £10 note - Liverpool Echo. Bank of England governor falls for email prank but maintains his composure - The Guardian. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Paul Ducklin. Sponsored By: iovation : iovation is offering Smashing Security listeners a free demonstration of its mobile multifactor solution product, LaunchKey, which can be built i
Thu, May 18, 2017
021: WannaCry - Who's to blame?
The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturing the keystrokes of its laptop users. Then we briefly discuss what might be the worst cinema date in history, before rounding things off with a discussion of hackers extorting money out of movie studios. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul "Pob" Baccas. Show notes: Hello to Jason Isaacs - Witterpedia. Unintended/Covert Storage Channel for sensitive data in Conexant HD Audio Driver Package - modzero Security Advisory. Keylogger Found in Audio Driver of HP Laptops - Bleeping Computer. HP responds to laptop keylogger fiasco, promises ‘fix shortly' - Trusted Reviews. Tweet from @ ths - Twitter. Backin Up Song - YouTube. The Sobig Worm - Wikipedia. Customer Guidance for WannaCrypt attacks - Microsoft. Microsoft Security Bulletin MS17-010 - Microsoft. Microsoft: WannaCry outbreak reveals why governments shouldn't hoard vulnerabilities - Graham Cluley. ‘THIS IS CRAZY’: Austin man sues date for texting during movie - Statesman. Hackers Seem to Dump Pirates of the Caribbean on Torrent Sites Ahead of Premiere - Softpedia. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your fav
Wed, May 10, 2017
020: Phishing for Donald Trump
Gizmodo's attempt to reveal Donald Trump's administration ineptitude when it comes to cybersecurity fails to impress. Mac users are warned that the HandBrake DVD-ripping app has been compromised by malware. And will the US Army insist IT security professionals spend months ironing their bedsheets..? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin from Sophos. Show notes: Here's How Easy It Is to Get Trump Officials to Click on a Fake Link in Email - Gizmodo. Opinion: Some thoughts about Gizmodo's Phishing story - CSO Online. Mac video app HandBrake – now with free spyware - Naked Security. OS X malware spread via signed Transmission app... again - Graham Cluley. DOD’s new Internet strategy boosts role in defending “US interests” - Ars Technica. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Paul Ducklin. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Wed, May 03, 2017
019: The Love Bug virus
On May 4th 2000, the Love Bug virus (also known as ILOVEYOU or LoveLetter) rapidly spread around the world, clogging up email systems. Computer security veterans Graham Cluley and Carole Theriault are joined this week by special guest John Hawes for a trip down memory lane. Show notes: Memories of the Love Bug worm - Naked Security "Subject: I Love You" movie trailer - YouTube Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Thu, April 27, 2017
018: Windows is a virus. True or False?
Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers' PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Michael Hucks from PC Matic. Show notes: Webroot antivirus goes bananas, starts trashing Windows system files - The Register. Webroot causes massive headaches after falsely flagging Windows files as malicious - Graham Cluley. Tweet by Webroot user Bob Ripley - @M5_Driver. W32.Trojan.Gen false positive - advice for home users - Webroot. W32.Trojan.Gen false positive - advice for business users - Webroot. Most millennials regularly stream pirated content, survey finds - Torrent Freak. Malware, data theft, and scams: researchers expose risks of free livestreaming websites - Ku Leuven. File sharer hit with $675,000 fine - Digital Trends. Ashley Madison blackmail roars back to life - ZDNet. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Michael Hucks. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations
Thu, April 20, 2017
017: Data breaches, zero day exploits, and toenail clippings
Hotel malware has been stealing guests' payment card details... again, should businesses relay delay rolling out vulnerability patches, and Burger King's Whopper TV ad campaign tries to take advantage of viewers' Google Home devices with predictable results. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin. Show notes: InterContinental Hotels Group (IHG) Notifies Guests of Payment Card Incident at IHG-Branded Franchise Hotel Locations in the Americas Region - IHG. Affected hotel look-up tool - IHG. Been to one of these 1170 IHG hotels? Your credit card details may have been stolen by malware - Bitdefender. Microsoft patches Word zero-day booby-trap exploit - Naked Security. Microsoft zero-day vulnerability was being exploited for cyber-espionage - Graham Cluley. The Shadow Brokers - Wikipedia. Burger King's 'OK Google' sad ad saga somehow gets worse - The Register. Burger King Connected Whopper ad - YouTube. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Paul Ducklin. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel <a href="https
Thu, April 13, 2017
016: Wonga wronga!
Spyware companies are filmed plotting to break global sanctions to ship surveillance and spying equipment to dodgy authoritarian regimes, an unsecured database exposed diabetics’ sensitive data, and a massive data breach leaves hundreds of thousands of current and former Wonga customers at risk. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Lisa Vaas. Show notes: Spyware firms in breach of global sanctions - Al Jazeera. Al Jazeera Investigations - Spy Merchants - YouTube. Mounties admit to using cellphone-snooping ‘stingrays’ - Sophos Naked Security. A huge trove of patient data leaks, thanks to telemarketers' bad security - ZDNet. Leak of diabetic patients’ data highlights risks of giving info to telemarketers - DataBreaches.net. Unsecured database exposed diabetics’ sensitive data - Sophos Naked Security. Fraudsters Target People With Diabetes - AARP. Wonga.com TV advert - YouTube. Wonga security incident FAQ - Wonga.com. Wonga data breach puts up to 245,000 UK current and former customers at risk - Graham Cluley. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Lisa Vaas. Sponsored By: Recorded Future : Recorded Future is the real-time threat intel
Wed, April 05, 2017
015: Bad vibrations
Don't let an internet-enabled sex toy make your most private moments oh-so-public. Samsung's wannabe-Android-killer is found lacking. And did you hear about the firm that is micro-chipping its employees? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest John Hawes. Show notes: Vulnerable Wi-Fi dildo camera endoscope. Yes really - Pen Test Partners Samsung's Android Replacement Is a Hacker's Dream - Motherboard Companies start implanting microchips into workers' bodies - LA Times This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: John Hawes. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Thu, March 30, 2017
014: Protecting webmail - a Smashing Security splinter
What can you do to better protect your online email accounts? In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin tips on how to defend your Gmail/Yahoo/Hotmail/Outlook/etc account. SHOW NOTES: Passwords - a Smashing Security splinter How to better protect your Google account with two-step verification and Google Authenticator - Graham Cluley How to protect your Yahoo account with two-step verification (2SV) - Graham Cluley NIST declares the age of SMS-based 2-factor authentication over - TechCrunch The lesson we all must learn from the Celebgate nude photo hack - Graham Cluley Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Paul Ducklin. Sponsored By: Recorded Future : Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy
Thu, March 23, 2017
013: Assault with a deadly tweet
Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Alex Eckelberry. SHOW NOTES: Sorry for the Nazi spam from my Twitter account - Graham Cluley Newsweek reporter Kurt Eichenwald on Fox News, 15 December 2016 - YouTube Maryland man arrested for cyberstalking - US Dept of Justice US man held for sending flashing tweet to epileptic writer - BBC News Epilepsy site hacked with seizure images - CBS News How to really pronounce GIF - howtoreallypronouncegif.com Gif's inventor says ignore dictionaries and say 'Jif' - BBC News How to disable animated GIFs in different web browsers - The Windows Club How to disable autoplaying videos on Twitter - Twitter This is the email that hacked Hillary Clinton’s campaign chief - Bitdefender Hot for Security Fry all the things! USB Kill zaps tons of computing devices - Graham Cluley UK flight ban on electronic devices announced - BBC News Electronics banned from cabins on some Middle Eastern and African flights to U.S. - CNN Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Alex Eckelberry. Sponsored By: <a href
Thu, March 16, 2017
012: Eau de Eugene Kaspersky
Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Graham Cluley, Carole Theriault and special guest Nick FitzGerald discuss the latest news from the world of computer security. SHOW NOTES: Preinstalled Malware Targeting Mobile Users - CheckPoint Chinese Android smartphone comes with malware pre-installed - Graham Cluley WikiLeaks says it will work with software vendors to fix CIA zero-day exploits... but when? - Graham Cluley Kaspersky launches a range of perfumes to, er, defend your odour - The Register Toilet hackers could snoop on your poop, steal data of a "personal nature" - Graham Cluley Beauty blogger Scarlett London launches Threat de Toilette in bid to stop youngsters oversharing online - The Sun Jackie Chan and Eugene Kaspersky - YouTube Packin' the K music video - YouTube This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Thanks to Recorded Future for their support. Follow the show on Twitter at @SmashinSecurity , or visit our website for more episodes. Remember: Subscribe on Apple Podcasts , or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening! Warning: This podcast may contain nuts, adult themes, and rude language. Special Guest: Nick FitzGerald. Support Smashing Security This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privac
Thu, March 09, 2017
011: WikiLeaks and the CIA
Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control? Computer security veterans Graham Cluley, Carole Theriault and special guest Paul Ducklin discuss. SHOW NOTES: Nintendo Classic Mini WikiLeaks says it releases files on CIA cyber spying tools The CIA didn't break Signal or WhatsApp, despite what you've heard After NSA hacking exposé, CIA staffers asked where Equation Group went wrong Apple, Samsung Respond To Wikileaks Claims Of CIA Hacking Programs Twitter reactions to the WikiLeaks CIA data dump Is the CIA's Weeping Angel spying on TV viewers? Satan ransomware: old name, new business model 3 (free) things that journalists can do right now to protect their data and their sources at the border The US Gov Can Download the Entire Contents of Your Computer at Border Crossings What Are Your Rights if Border Agents Want to Search Your Phone? Stop Fabricating Travel Security Advice This episode of Smashing Security is sponsored by Foursys - check out their free end-user cybersecurity training kit - it's everything you need to roll out infosecurity best practice training (right from your desk). Grab it now from https://www.foursys.co.uk/toolkit </p
loading...