A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley (https://www.smashingsecurity.com/hosts/graham-cluley) and Carole Theriault (https://www.smashingsecurity.com/hosts/carole-theriault) chat with guests (https://www.smashingsecurity.com/guests) about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over seven million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @SmashinSecurity (https://twitter.com/SmashinSecurity), and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).
When security firms get hacked, and your new North Korean remote worker
The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SolarWinds Sunburst supply chain attack - Wikipedia.Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.Watch “Undercover: Exposing the Far Right” - Channel 4.Undercover film exposing UK far-right activists pulled from London festival - The Guardian.Kermode and Mayo’s Take - YouTube.The Fear of God: 25 Years of the Exorcist – BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000...
10/23/2024 • 30 minutes, 38 seconds
WordPress vs WP Engine, and the Internet Archive is down
WordPress's emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:WP Engine is not WordPress - WordPress.Secure Custom Fields - WordPress.Tweet from Advanced Custom Fields.Advisory: Advanced Custom Fields changes - Tim Nash.WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly - The Register.Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer.The Internet Archive is still down but will return in ‘days, not weeks’ - The Verge.Dimsdale podcasts - OTR radio drama comedy and more.Jeff Goldblum’s furiously fun Greek gods drama is a masterpiece - The Guardian.KAOS - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Flashpoint - Access the industry’s best threat data and intelligence.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on
10/16/2024 • 37 minutes, 58 seconds
Vacuum cleaner voyeur, and pepperoni pact blocks payout
Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner might be spying on you, and ordering a pizza could cost you your right to sue.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:We hacked a robot vacuum — and could watch live through its camera - ABC News.Their Uber Driver Crashed. A Pizza Order Unraveled Their Injury Lawsuit - NY Times.A court blocks a couple from suing Uber over a crash, citing terms and conditions - NPR.Taken for a Ride: Parents Can't Sue Uber Over Crash After Daughter's Uber Eats Order - Law.incNew Jersey Court Bars Uber Crash Victims from Lawsuit, Citing App Agreement - The Legal Journal.Couple Seriously Injured in Uber Crash Blocked From Court by Uber Eats Terms - The Insurance Journal.Disney axes bid to stop wrongful death lawsuit over Disney+ terms - BBC.Sherwood - BBC iPlayer.Chocolate Guinness Cake - Nigella.The Best Banana Cake I've Ever Had - Sally's Baking Addiction.My Favorite Carrot Cake Recipe - Sally's Baking Addiction.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener noreferrer"...
10/9/2024 • 39 minutes, 51 seconds
Breaches in your genes, and Kaspersky switcheroo raises a red flag
From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice.Sophos punts anti-virus for Klingons - The Register.Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury.Kaspersky says Uncle Sam snubbed its verification proposal - The Register.Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV - PC Mag. Kaspersky software replaced by 'UltraAV' on some US PCs - The Register.Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky.US bans Kaspersky antivirus software for alleged Russian links - BBC News.Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security.MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database.100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing
10/2/2024 • 33 minutes, 24 seconds
The $230 million crypto handbag heist, and misinformation on social media
Two men are accused of stealing almost a quarter of a billion dollars from one person's cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation in your most private moments...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:ZachXBT’s thread on Twitter.Indictment Charges Two in $230 Million Cryptocurrency Scam - Department of Justice.Two men arrested one month after $230 million of cryptocurrency stolen from a single victim - Bitdefender.Skylar Harrison tells her handbag story - TikTok.Social media’s role in fueling extremism and misinformation in a divided political climate - PBS News.Misinformation on social media - statistics & facts - Pew Research.Social Media and News Fact Sheet, 2024 - Pew Research Center.Cribbage JD - Play Online - Cardsjd.Paddlers Cribbage - L.L. Bean.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!...
9/25/2024 • 35 minutes, 36 seconds
TFL security derailed, and is Trump the king of crypto?
Transport for London (TfL) suffers a cybersecurity incident and tells its 30,000 staff they will all have to their identities verified... in-person. Who might have been behind the attack and why? Meanwhile, Donald Trump's curious relationship with cryptocurrency is explored.All this and Demi Moore is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.(This episode was recorded before the former US President survived a second assassination attempt)Episode links:TFL cybersecurity incident announcement.TFL Employee Hub.DICK'S shuts down email, locks employee accounts after cyberattack - Bleeping Computer.MGM Resorts shuts down IT systems and slot machines go quiet following "cybersecurity incident" - Hot for Security.Teenage suspect in MGM Resorts hack arrested in Britain - The Record.Arrest made in NCA investigation into Transport for London cyber attack - NCA.Donald Trump Prepares to Unveil World Liberty Financial, a Cryptocurrency Business - The New York Times.Behind the Trump Crypto Project Is a Self-Described ‘Dirtbag of the Internet’ - Bloomberg. Cryptocurrency price on July 22: Bitcoin hits $68,000 level, Dogecoin, Avalanche surge up to 11% - The Economic Times.Trump vows to make US ‘world capital of crypto,’ taps Musk for new task force - CoinTelegraph.What bankers need to know about Trump's World Liberty Financial - Yahoo! Finance. Bitcoin soars to two-week high after Trump attack - Reuters.Trump pitches himself as 'crypto president' at San Francisco tech fundraiser - Reuters.Aave fork on...
9/18/2024 • 37 minutes, 57 seconds
A room with a view, AI music shenanigans, and a cocaine bear
It's a case of algorithm and blues as we look into an AI music scam, Ukraine believes it has caught a spy high in the sky, and a cocaine-fuelled bear goes on the rampage.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Ukrainian detained for allegedly installing CCTV cameras to aid Russian attacks - The Record.Russia calls for restrictions on surveillance cameras, dating apps in cities under attack from Ukraine - The Record.Christo and Jeanne-Claude art projects.North Carolina Musician Charged With Music Streaming Fraud Aided By Artificial Intelligence - United States Department of Justice.Man Arrested for Creating Fake Bands With AI, Then Making $10 Million by Listening to Their Songs With Bots - The Futurist.Kobo Clara BW ereader - Kobo.Cocaine Bear: Why? - The Atlantic.Cocaine Bear Official trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or <a href="https://www.smashingsecurity.com/mastodon" rel="noopener noreferrer"...
9/11/2024 • 33 minutes, 40 seconds
The Godfather club, and AirTags to the rescue
There's a whole new dating scam that could mean you end up out of pocket (or beaten up) after a first date with a glamorous admirer, and a woman in Los Alamos uses an Air Tag to entrap a thief.Plus - don't miss our featured interview with Maya Levine of Sysdig.All this, and a very bad Cockney accent, in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mail Theft Suspect Apprehended Using AirTag - Santa Barbara County Sheriff’s Office.Google and Apple deliver support for unwanted tracking alerts in Android and iOS - Google Security blog.Apple and Google deliver support for unwanted tracking alerts in iOS and Android - Apple.Barclays Scams Bulletin: Men more likely to fall victim to romance scams, while women lose more money - Barclays.3 men trapped by same woman: Journalist on modus operandi of dating app scams - India Today. Mumbai club under fire for 'dating scam' after man gets Rs 61,000 bill - India News.Romance scams in 2024 + online dating statistics - Norton.Tips for romance scams - Better Business Bureau.What to know about romance scams - Consumer Advice.The Godfather club dating app scam in Mumbai - YouTube.What accent does Butcher have in ‘The Boys’? - NME.Shokz bone conduction headphones - Shokz.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management - Secure every sign-in for every app on every device.Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.Material Security – email security that covers the full threat landscape –
9/4/2024 • 54 minutes, 16 seconds
Smashing Security presents The AI Fix
In episode nine of "The AI Fix", our hosts learn about the world's most dangerous vending machine, a cartoonist who hypnotises himself with AI, and OpenAI's plans to eat Google's lunch.Graham tells Mark about a pig-farming professor, and Mark tests Graham's tolerance with OpenAI's terrifying roadmap to Artificial General Intelligence.Episode links:Meta launches Llama 3.1.OpenAI Unveils Cheaper, Small AI Model GPT-4o Mini.SearchGPT: OpenAI’s Prototype Aims to Challenge Google.Video Game Performers Strike Over AI.Nicolas Cage is ‘terrified’ of AI using his body and face when he’s dead.Dilbert Creator Claims He Taught ChatGPT Dangerous Hypnosis Techniques.Adult Content Creators Are Making SIX-Figure Salaries from Men Falling in Love with Subservient ‘AI Girlfriends’.Japanese AI Dating App Lets You ‘Marry’ a Bot.GB News Radio to Introduce AI-Generated News Bulletins.AI-powered vending machines are selling bullets.How Easy Is It To Purchase Ammo with AI-Powered Retail Vending Machines?Professor Flunks All His Students After ChatGPT Falsely Claims It Wrote Their Papers.AI Detectors Get It Wrong. Writers Are Being Fired Anyway.OpenAI Scale Ranks Progress Toward ‘Human-Level’ Problem Solving.The AI FixThe AI Fix podcast is presented by Graham Cluley and Mark Stockley.Learn more about the podcast at theaifix.show, and follow us on Twitter at @TheAIFix.Never miss another episode by...
7/30/2024 • 45 minutes, 48 seconds
CrowdStrike, Dark Wire, and the Paris Olympics
Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by running a secret end-to-end encrypted messaging app!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity journalist and the author of “Dark Wire”, Joseph Cox.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:How a single IT update caused global havoc - BBC News.Anti-Virus Software Sees Self as Malware, Deletes Itself - NBC News report about Sophos snafu in 2012.Tweet about CrowdStrike outage by Kaspersky - Twitter.“Dark Wire” by Joseph Cox.Inside the Biggest FBI Sting Operation in History - WIRED.Trump shooter's online activity shows searches of rally site, use of encrypted platforms, officials say - CBS News.Mass Surveillance - Privacy International.338 sites internet frauduleux de revente de billets recensés à quelques semaines du début de la compétition - France Info.From wiretapping to geolocation data collection: AI mass surveillance for the Paris Olympics draws privacy concerns - Fast Company.Heading to the Paris Olympics? Don't Fall for These Scams - PC Mag.AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - Scientific American.AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - The Conversation.Paris 2024: Medal table predictions, facts, opening day schedule and records that could be broken - Euronews.Paris Olympics 2024: Your ultimate guide - The Telegraph.<a...
7/24/2024 • 54 minutes, 2 seconds
Trump assassination conspiracies, Squarespace account hijacks, and the butt stops here
Social media fuels conspiracies galore after Donald Trump is shot at a rally, cryptocurrency websites are hijacked after a screw-up at Squarespace, and our guest takes a close look at bottoms on Instagram.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Killed by Google.Squarespace Enters Definitive Agreement to Acquire Google Domains Assets - Squarespace.A Squarespace Retrospective, or How to Coordinate an Industry-Wide Incident Response - Security Alliance.Trump shooting: all seven conspiracy theories examined - The Telegraph.Fact-checking the wild conspiracy theories related to the attempted Trump assassination - PBS News.We fact-checked some of the rumors spreading online about the Trump assassination attempt - Reuters.Minutes after Trump shooting, misinformation started flying. Here are the facts - AP News.Joy Reid suggests Trump couldn't 'avoid the consequences' of his own rhetoric after assassination attempt - Fox News.The Gunshots Rang Out. Then the Conspiracy Theories Erupted Online - New York Times.Trump assassination attempt – News, Research and Analysis - The Conversation.Douglas is Cancelled - ITV.Douglas Is Cancelled review – you might hate this show for daring to exist - The Guardian.Klappbollerwagen 'Cruiser' - PinoLino.Videos for Cats to Watch - YouTube.Cat TV for Cats to Watch - YouTube.<a href="https://www.youtube.com/watch?v=INaB_kXHqd0" rel="noopener...
7/17/2024 • 55 minutes, 2 seconds
Teachers TikTok targeted, and fraud in the doctors’ waiting room
Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with Jason Mellor of 1Password.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Outcome, a hot tech startup, misled advertisers with manipulated information, sources say - Wall Street Journal.Three Former Executives Sentenced for $1B Corporate Fraud Scheme - US Department of Justice.Graham dancing - TikTok.Students Target Teachers in Group TikTok Attack, Shaking Their School - The New York Times.“Thank you very much indeed”Presumed Innocent — Official Trailer - Youtube.Presumed Innocent - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.mWISE - Don't miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and <a href="https://www.smashingsecurity.com/" rel="noopener noreferrer"...
7/10/2024 • 48 minutes, 33 seconds
Private nights, evil twins, and crypto home invasions
Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast (co-hosted with Graham!).Talk about nepotism.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hoos Out Tonight? Dundee medical student launches new app which reveals ‘hot’ pubs - The Courier.‘It’s completely invasive’: New app lets you spy on SF bars to see if they’re poppin’ - San Francisco Standard.Florida Man Convicted in Violent Crypto Theft Spree - Crypto Daily.Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree - Wired.Man charged over creation of ‘evil twin’ free WiFi networks to access personal data - Australian Federal Police.Police allege 'evil twin' in-flight Wi-Fi used to steal info - The Register.Australian charged for ‘Evil Twin’ WiFi attack on plane - Bleeping Computer.Suno - make a song about anything.The AI Fix podcast - hosted by Graham Cluley and Mark Stockley.Putty Pals - Nintendo Switch.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at...
7/3/2024 • 48 minutes, 33 seconds
Julian Assange, inside a DDoS attack, and deepfake traumas
Wikileaks's Julian Assange is a free man, deepfakes cause trouble in the playground, and we hear hot takes about ransomware and tales from inside a devastating denial-of-service attack.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Eleanor Dallaway.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Julian Assange lands in Australia a free man - BBC News.Smashing Security episode 245: The Julian Assange assassination plot, and IoT toilets.Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks - Yahoo News.Surprise! WikiLeaks won’t just hand over details of zero-day vulnerabilities to tech firms - Graham Cluley.YouTube now lets you report AI deepfakes of yourself - MSN.Two private schools face police probe over claims pupils used AI to 'create deepfake porn images of up to a dozen girls' - Daily Mail. We're calling on the next government to protect women and girls from image-based abuse - Glamour Magazine. Deepfakes as a Security Issue: Why Gender Matters - WiisGlobal.AI poses disproportionate risks to women - Brookings.'Violating and dehumanising': How AI deepfakes are being used to target women - Euronews.Snapshot Paper - Deepfakes and Audiovisual Disinformation - GOV.UK.Government cracks down on ‘deepfakes’ creation - GOV.UK.Je chie dans la seine.Paris Olympics Poop Protest Postponed After French Officials Refuse To Swim In Sewage Water - Brobible.<a...
6/26/2024 • 48 minutes, 12 seconds
An unhealthy data dump, railway surveillance, and a cheater sues Apple
There's a wee data breach with unhealthy implications in Scotland, privacy has gone off the rails in the UK, and a cheater blames Apple for his expensive divorce.All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter of the "Compromising Positions" podcast.Plus don't miss our featured interview with Abhishek Agrawal, CEO of Material Security.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Cyber attacks update - NHS Dumfries & Galloway.J Paul Getty - Wikipedia.Cyber expert urges against 'panic' over NHS data leak - BBC News.“Don’t panic” - Corporal Jones from Dad’s Army - YouTube.All households in Scottish region to get alert about hackers publishing stolen medical data - The Record.Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers - Wired.Man ludicrously blames Apple for his wife catching him communicating with prostitutes - Apple Insider.Businessman sues Apple after wife finds ‘deleted’ iPhone messages to prostitute - LBC.‘Tech made me do it’ is no excuse for adultery - The Times.Is it DNS?“My name is Barbra” - Amazon.”I'm Glad My Mom Died” by Jennette McCurdy - Simon & Schuster.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Material Security – email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.SUPPORT...
6/19/2024 • 1 hour, 10 seconds
iOS 18 for cheaters, and a model cop extortionist?
Apple announces a new privacy feature in iOS that will allow you to hide and lock away your apps - but will be philanderers who benefit the most? And an ex-police officer is arrested for extortion.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by...Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Graham’s video thanking people for voting for “Smashing Security” - Twitter.iOS 18 makes iPhone more personal, capable, and intelligent than ever - Apple.Apple's new iOS 18 feature is being called 'a cheater's paradise' - Daily Mail.2 Accused In Internet Extortion Scheme Against Boss - Patch.District Attorney: Ex-police officer turned model among duo arrested in Orange County - Westchester News.Former N.Y. cop, internet model Ally Thueson arrested for extortion - NY Daily News. Extortion - FindLaw.Smile politely, nod awkwardly: greeting people you barely know - University Times.How to pass people in hallway without awkwardness? - Reddit.How Long Should a Great Kiss Last? - Psychology Today.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management: Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or <a...
6/12/2024 • 32 minutes, 27 seconds
Crashing robo-taxis, and name-dropping rappers
Drones, some coloured cardboard, and a piece of tinfoil may be all the kit you need to crash a robot-driven taxi, and a rapper is accused of using Justin Bieber's name to defraud a TV company.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Riding Baidu's self-driving robo-taxi - YouTube.Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving - Research paper.Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard - The Register.Gang of Hackers Tries to Steal Baidu’s Driverless Car Secrets - Bloomberg.Rapper Sean Kingston agrees to return to Florida, where he and mother are charged with $1M in fraud - AP News.Sean Kingston Extradited From California to Florida in Fraud and Theft Case - Entertainment Tonight.Rapper Sean Kingston, his mother arrested on fraud charges after SWAT raid at his Southwest Ranches home - Sun Sentinel.What is fraudulent use of personal identification information? - Pumphrey Law.Google’s AI really is that stupid, feeds people answers from The Onion - AV Club.Some of Google’s “best” AI search results - Twitter.Google Rolls Back A.I. Search Feature After Flubs and Flaws - NY Times.Sure, Google’s AI overviews could be useful – if you like eating rocks - The Guardian.Citymapper.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!<a...
6/5/2024 • 36 minutes, 28 seconds
Microsoft’s Recall controversy, and the North Korean insider threat
Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and has your company hiring North Korean IT workers?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Microsoft's new Windows 11 Recall is a privacy nightmare - Bleeping Computer.Statement in response to Microsoft Recall feature - ICO.Arizona woman charged in North Korean IT worker scheme that raised millions - CNN.Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea - US Department of Justice.New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers - FTC website.Who’s who in scams: a spring roundup - FTC.Udio.Geoff's Labyrinth ext v2 - Graham’s AI song about Geoff White’s book “Rinsed”.“Nuclear War” by Annie Jacobsen - Amazon.The Patient - Disney+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Kiteworks – Step into the future of secure managed file transfer with Kiteworks.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener noreferrer"...
5/29/2024 • 52 minutes, 49 seconds
iPhone undeleted photos, and stealing Scarlett Johansson’s voice
iPhone photos come back from the dead! Scarlett Johansson sounds upset about GPT-4o, and there's a cockup involving celebrity fakes.All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes.Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale.The worst sales promotion in history - The Hustle.Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media.UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security.£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley.Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired.OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. How the voices for ChatGPT were chosen - OpenAI.As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News.What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times.Scarlett Johansson’s Statement About Her Interactions With Sam Altman - The New York Times.Kin TV series - Wikipedia.Portal connecting Dublin and New York 'reawakens' under new restrictions after 'inappropriate behaviour' - Sky News.How to cook the perfect chicken rendang – recipe - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:<a...
5/22/2024 • 55 minutes, 46 seconds
The fake deepfake, and Estate insecurity
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter's cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers' one-time-passcodes via a secretive online service.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts - TechCrunch.Cheerleader's mom created deepfake videos to allegedly harass her daughter's rivals - ABC News.Bucks County mom doctored videos to harass girls on daughter's cheerleading sqaud, prosecutors say - Philly Voice.Spone v. Reiss, Civil Action 23-0147 - Casetext.Mother 'used deepfake to frame cheerleading rivals' - BBC News.She was accused of faking an incriminating video of teenage cheerleaders. She was arrested, outcast and condemned. The problem? Nothing was fake after all - The Guardian.Parkrun - Wikipedia.Parkrun UK.Oxfordshire Artweeks 2024 - Artweeks homepage. Carole’s art website - carole.wtfSmashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a...
5/15/2024 • 40 minutes, 7 seconds
Unmasking LockBitsupp, company extortion, and a Tinder fraudster
The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster defrauded women he met on Tinder of £80,000.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company - US Department of Justice.United States vs Vincent Cannady (PDF) - US Department of Justice.LockBit leader unmasked and sanctioned - NCA.Romance fraudster defrauded women of £80,000 - BBC News.15 of the Most Trustworthy Accents in the UK Revealed - Country Living.Omoton phone car mount - Omoton.Stories are weapons by Annalee Newitz - WW Norton.All the Beauty in the World: A Museum Guard's Adventures in Life, Loss and Art by Patrick Bringley - Penguin.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or <a href="https://www.smashingsecurity.com/mastodon" rel="noopener noreferrer"...
5/8/2024 • 51 minutes, 11 seconds
The closed loop conundrum, default passwords, and Baby Reindeer
The UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken for the person who stole his name, and are you au fait with the latest scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:New laws to protect consumers from cyber criminals come into force in the UK - UK Government.Mirai - Wikipedia.Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.5 scams you need to know about in 2024 - Which? News.How fraudsters are getting fake articles onto Facebook - BBC News.Five Scams To Beware In 2024 - Forbes Advisor UK.Eerie ‘breathing’ mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun.How to spot fraud - UK Government.Etymology Monday: David Crystal on the word ‘gaggle’ - Literary Minded.Moon - Wikipedia.Baby Reindeer - Netflix.Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Sonrai’s Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!<a href="https://www.kolide.com/smashing" rel="noopener...
5/1/2024 • 54 minutes, 3 seconds
Keeping the lights on after a ransomware attack
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:When a breach goes from 25 documents to 1.3 terabytes… - Graham Cluley.Leicester street lights stuck on all day due to cyber attack - Leicester Mercury.Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned - Washington Post.AI deepfakes threaten to upend global elections. No one can stop them - Washington Post.Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today.Why Elections Take So Long in India - The New York Times.How A.I. Tools Could Change India’s Elections - The New York Times.Bollywood deepfakes fuel AI election meddling fears in India - GG2.World Explained: How India's politicians are using AI to reach voters in the world’s most populous country - The Scotsman.VIA Rail.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Sonrai's Cloud Permissions Firewall - A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on <a href="https://apple.co/2J1YMCu" rel="noopener noreferrer"...
4/24/2024 • 42 minutes, 47 seconds
Gary Barlow, and a scam turns deadly
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Animal Crossing with Garry Kasparov - Smashing Security.Gary Barlow - Wikipedia.I was catfished by a fake Gary Barlow on Facebook - Daily Mail.Video shows Clark County man charged with murder confront Uber driver - Springfield News.Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail.Boxfit classes - Better.Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and <a href="https://www.smashingsecurity.com/" rel="noopener noreferrer"...
4/17/2024 • 37 minutes, 22 seconds
WhatsApp at Westminster, unhealthy AI, and Drew Barrymore
MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff - Politico.How I was targeted in the Westminster honeytrap - BBC News.The Westminster honeytrap plotter tried to catch me too - The Times.How Westminster WhatsApp ‘honey trapper’ targeted party conference season - Politico.William Wragg quits Commons roles over Westminster honeytrap - BBC News.A new prescription - The Economist.Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register.‘The Drew Barrymore Show’ Targeted by Fraudsters in Celebrity Scamming Effort - Yahoo! News.‘Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety.Guy Fieri Calls Drew Barrymore “Gangster” For Talking With Her “Mouth Full Of Food” On ‘The Drew Barrymore Show’ - Decider. Beware The Fake Drew Barrymore Le Creuset Cookware Giveaway Scam - Malware Tips.Carmen - Royal Opera House.Mandy - BBC iPlayer.Anita de Monte Laughs Last - Bloomsbury.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step
4/10/2024 • 52 minutes, 27 seconds
Money-making bots, and Incognito isn’t private
Google says it is deleting the your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot - 404.Biden Bans Rival Nations From Buying Sensitive US Data - Good Luck - Wired.6 practical reasons to use Incognito mode in your browser - USA Today.Brown v. Google LLC Settlement Agreement - DocumentCloud.Google agrees to settle $5bn lawsuit claiming it secretly tracked users - The Guardian.Chrome updates Incognito warning to admit Google tracks users in “private” mode - Ars Technica.Google changes wording for Incognito browsing in Chrome - Malwarebytes.The Incognito Mode Myth Has Fully Unraveled - Wired.Google Agrees to Delete ‘Incognito’ Browsing Data to Settle Class-Action Lawsuit - TIME.Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver - Graham Cluley.Concorde - Lego.Cover song: samsung dryer no. 2 - YouTube.Play Drums on Samsung Washing Machine Song - YouTube.With samsung washing machine violinist - YouTube.Samsung Washing Machine Song with Piano [Franz Schubert's "Die Forelle"] - YouTube.Duet for harp and dryer - YouTube.<a href="https://www.youtube.com/watch?v=fYS0XenM19I" rel="noopener...
4/3/2024 • 51 minutes, 22 seconds
Hacking hotels, Google’s AI goof, and cyberflashing
Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Unsaflok - Security vulnerabilities in Saflok hotel locks.3 million doors open to uninvited guests in keycard exploit - The Register.Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - Wired.Google's new AI search results promotes sites pushing malware, scams - Bleeping Computer.Man who sent nude picture to teenage girl is jailed under new cyberflashing laws - The Independent.Cyber-flashing convict is first to be jailed under new law - BBC News.What to do if you’re a victim of cyber flashing and how to report it - Metro.The first cyberflasher has been convicted: meet the woman who made it happen - Yahoo!What is cyber flashing? 'Banter' – or a sinister breach of consent - UK News.Love Island star sent unsolicited pictures online calls for tougher cyber laws - Bristol Live.Secret Agent Shenanigans: 13 Weird Spy Weapons And Gadgets - Stay Weird.Baldur’s Gate 3.Merlin Bird ID - Conell Labs.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide
3/28/2024 • 53 minutes, 52 seconds
Bing pop-up wars, and the British Library ransomware scandal
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Search engine market share - Oberlo.A compilation of Bing ads - YouTube.With Edge, Microsoft’s forced Windows updates just sank to a new low - The Verge.Microsoft fixes Edge browser bug that was stealing Chrome tabs and data - The Verge.Is this Microsoft Bing Popup Malware? - Reddit.Microsoft confirms Bing pop-up ads in Chrome on Windows 11 & Windows 10 - Windows Latest.‘A 22-carat disaster’: what next for British Library staff and users after data theft? - The Guardian.LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review - British Library.The Disturbing Impact of the Cyberattack at the British Library - The New Yorker.Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them? - The Guardian.Have we literally broken the English language? - The Guardian.According to the dictionary, "literally" now also means "figuratively" - Salon.Good Morning, Monster: A Therapist Shares Five Heroic Stories of Emotional Recovery - Amazon.Good Morning, Monster - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and...
3/21/2024 • 51 minutes, 30 seconds
Stuck streaming sticks, TikTok conspiracies, and spying cars
Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security episode 317 - Includes a discussion of which came first - Battle Bots or Robot Wars?“Disgraceful”: Messy ToS update allegedly locks Roku devices until users give in - Ars Technica.Dispute resolution terms - Roku.Enshittification - Wikipedia.Craig Shergold - Wikipedia.“Why TikTok Is Becoming A Conspiracy Playground” - YouTube.Dave Bittner’s AI-generated image of Graham Cluley - Twitter.Graham’s AI-generated video about pig butchering - Twitter.Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies - New York Times.Drivers concerned as automakers share driving data with insurance companies - NewsByte.Carmakers are sharing driving habits with insurance companies, unbeknownst to owners - TechSpot.Google Arts & Culture.WELI - Kangaroo Time (Club Edit) (From Dance Your PhD 2024 - OVERALL WINNER) - YouTube.Dance Your Ph.D. - Wikipedia.Animal DNA Run - CrazyGames.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money....
3/14/2024 • 51 minutes, 11 seconds
Ransomware fraud, pharmacy chaos, and suicide
Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mogilevich claims it has breached Epic Games - Twitter.Fraudster’s fake data breach claims should remind media to be carefu what we report - DataBreaches.net.Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender.US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters.Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired.Vastaamo data breach - Wikipedia.The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security – Sophos.Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle.Prosecutors call for maximum penalty over Vastaamo hacking - Helsinki Times.Self-pay gas station pumps break across NZ as software can’t handle Leap Day - Ars Technica.Citrix, Sophos software impacted by 2024 leap year bugs - Bleeping Computer.Resident Alien trailer - YouTube.<a href="https://www.netflix.com/title/81405070" rel="noopener noreferrer"...
3/7/2024 • 50 minutes, 21 seconds
Wireless charging woe, AI romance apps, and ransomware revisited
Your smartphone may be toast - if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger - ArXiv.FBI offers free decryption help for LockBit ransomware victims - Paul Ducklin.LockBitsupp unmasked!!? Graham’s reaction to the FBI and NCA’s LockBit ransomware revelation - YouTube.Dating Statistics And Facts In 2024 – Forbes Health.Romantic AI Chatbots Don't Have Your Privacy at Heart - Mozilla Privacy Not Included.Promptsmart.Solving a celestial mystery: the Sun, Earth and Moon model - Museum of Natural History, Oxford.Lotus Bud.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market todayKolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or <a href="https://www.smashingsecurity.com/mastodon" rel="noopener noreferrer"...
2/29/2024 • 53 minutes, 46 seconds
Lockbit locked out, and funeral Facebook scams
Heaven's above! Scammers are exploiting online funerals, and Lockbit - the "Walmart of Ransomware" - is dismantled in style by cyber cops.All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Law enforcement disrupt world’s biggest ransomware operation - EuropolFeds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - Krebs on Security.International investigation disrupts the world’s most harmful cyber crime group - UK National Crime Agency.LockBit Victim Reporting Form - FBI.Fake Funeral Live Stream Scams Are All Over Facebook - 404 Media.Closed Captions (CC) vs Subtitles - Subly.Fingernails — Official Trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in themarket todayKolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and <a href="https://www.smashingsecurity.com/" rel="noopener
2/22/2024 • 52 minutes, 43 seconds
Declaring war on ransomware gangs, mobile muddles, and AI religion
Holy mackerel! AI is jumping on the religion bandwagon, ransomware gangs target hospitals, and what's happened to your old mobile phone number?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by "Ransomware Sommelier" Allan Liska.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:I changed my number and now i can log into others accounts - Reddit.Post by Alexander Hanff - LinkedIn.Meta says risk of account theft after phone number recycling isn't its problem to solve - The Register.Things to bear in mind when you change your mobile number - T-Mobile.20+ hospitals in Romania hit hard by ransomware attack on IT service provider - Graham Cluley.Ransomware gang claims responsibility for Christmas attack on Massachusetts hospital - The Record.Cyberattack Disrupts Operations at Chicago Children’s Hospital: An Examination of the Threat and Its Impact - Medriva.Gods in the machine? The rise of artificial intelligence may result in new religions - The Conversation.AI: a way to freely share technology and stop it being misused already exists - The Conversation.The Friar Who Became the Vatican’s Go-To Guy on AI - The New York Times.How AI could change our relationship with religion - The Conversation.Meet the Vatican’s AI mentor – POLITICO.Focus Areas - AI and Faith - Rome Call.Are chatbots changing the face of religion? Three faith leaders on grappling with AI - The Guardian.“One Day” - Netflix.[Clicks...
2/15/2024 • 51 minutes, 9 seconds
Hong Kong hijinks, pig butchers, and poor ransomware gangs
Is this the real life? Is this just fantasy? A company in Hong Kong suffers a sophisticated deepfake duping, be one your guard from pig butchers as Valentine's Day approaches, and spare a moment to feel sorry for poor ransomware gangs.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Everyone looked real’: multinational firm’s Hong Kong office loses HK$200 million after scammers stage deepfake video meeting - South China Morning Post.Countdown’s Rache Riley is deepfaked by HSBC - Vimeo.Scameter - Cyber Defender HK.Warning as scammers fake police Scameter app - The Standard.Ransomware payment rates drop to new low – now 'only 29% of victims' fork over cash - The Register.New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying - Coveware.Romance scam reports rose by a fifth in 2023, says Lloyds Bank - The Independent. What is a ‘pig-butchering’ scam – and why is it on the rise? - BBC. Pig butchering mining scams: What they are and how to stop them - SC Media.No love for romance scammers in 2024 - Consumer Advice.Romance scammer reveals how he tricks women after failing to fool Go Public reporter - CBC.Sudoku Exchange.Learn Improv at Laugh at Leeds.Mr Mercedes - Disney+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if
2/8/2024 • 51 minutes, 10 seconds
Interview with an iPhone thief, anti-AI, and have we gone too far?
The iPhone security setting that you should enable right now, the worrying way that AI is predicting what criminals look like, and we play a game of face fake or real...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mobile phone stolen every six minutes in London, says Met Police - BBC News.iPhone Thief Explains How He Breaks Into Your Phone - YouTube.About Stolen Device Protection for iPhone - Apple.Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It - Wired.Will ChatGPT write ransomware? Yes - Malwarebytes.AI chatbots are making scams more convincing than ever, warn spy chiefs - The Telegraph.Test yourself: which faces were made by AI? - New York Times.AI vs. Human Writing: Experts Fooled Almost 62% of the Time- Neuroscience News.I know that I know nothing - Wikipedia.Yours truly, Johnny Dollar - Comic book.I Heart Umami.Libby.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for...
2/1/2024 • 58 minutes, 57 seconds
Big dumpers, AI defamation, and the slug that slurped
This week the podcast is more lavatorial than usual, as we explore how privacy may have gone to sh*t on Google Maps, our guest drives hands-free on Britain's motorways (and is defamed by AI), and ransomware attacks an airplane-leasing firm.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by BBC Technology Editor Zoe Kleinman.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The Great British Public Toilet Map.How one man’s pay-to-use toilet gag revealed Google Maps can be used to track people - Crikey.Please Rob Me site exposes danger of sharing too much information online - Graham Cluley.Artist creates a virtual traffic jam in Google Maps - YouTube.How to Get Google to Quit Tracking Your Location - PC Magazine.Grieving With Google Street View - Slate.Zoe describes her curious tangle with AI - Twitter.What happens when you think AI is lying about you? - BBC News.Aercap confirms cyber threat involving ransomware - Air Finance.Ransomware crims slime AerCap, claim to have stolen 1TB - The Register.AerCap discloses cybersecurity incident - Reuters.BBC staffers warned of payroll data breach. BA and Boots also affected by MOVEit vulnerability - Graham Cluley.Randy Rainbow - YouTube.Donald in the John With Boxes - A Randy Rainbow Song Parody - YouTube.Zoe drives hands-free on a British motorway - Twitter.How to Play Taco Cat Goat Cheese Pizza - Wikihow.Asmodee Taco Cat Card Game - John Lewis.Smashing Security merchandise (t-shirts, mugs, stickers and...
1/25/2024 • 46 minutes, 3 seconds
Fishy Rishi, 23andMe, and the labour of love
Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And Indian men have hard feelings after falling for a money-for-sex scam.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:What Rishi Sunak gets up to over Christmas… - YouTube.Boris Johnson's Love Actually parody (Conservative Party election broadcast) - YouTube.UK's Rishi Sunak becomes richest ever occupant of Number 10 - Reuters.Over 100 Deep-Faked Rishi Sunak Ads Found on Meta’s Platform - Fenimore Harper Communications.Slew of deepfake video adverts of Sunak on Facebook raises alarm over AI risk to election - The Guardian.23andMe Blames User “Negligence” for Data Breach - Infosecurity Magazine.All India Pregnant Job service: Indian men conned by 'impregnating women' scam - BBC News.World War II: From the Frontlines - Netflix.Spintronics - Upper Story.Reacher - Amazon Prime.The Trust - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...
1/18/2024 • 47 minutes, 5 seconds
Chuck Norris and the fake CEO, artificial KYC, and an Airbnb scam
Chuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb scammer.All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Chief executive of collapsed crypto fund HyperVerse does not appear to exist - The Guardian.Crypto hedge fund CEO may not exist; probe finds no record of identity - Ars Technica.BUSTED: Fake HyperVerse CEO Who Stole $1.3 Billion Unmasked! - YouTube.Hyperverse’s Steven Reece Lewis outed as Steve Harrison - Behind MLM.HyperVerse crypto promoter ‘Bitcoin Rodney’ arrested and charged in US - The Guardian.GenAI could make KYC effectively useless - TechCrunch.Airbnb Grifter Busted for $7.5 Million 'Bait-and-Switch' Scam, Feds Say - The Daily Beast.I Accidentally Uncovered a Nationwide Scam Run by Fake Hosts on Airbnb - Vice.Percentage Point vs. Percent Difference - Macroption.“Is Math Real?” - Book by Eugenia Cheng.“Julia” trailer - YouTube.Watch Before We Die - Channel 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your...
1/11/2024 • 48 minutes, 40 seconds
Phone hacking, Piers Morgan, and Carole’s Christmas cockup
Piers Morgan is less than happy after a judgement that there is "no doubt" he knew phone hacking was going on at the Daily Mirror, and a shopper comes a-cropper just before Christmas.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Piers Morgan denies knowing of phone hacking after judge rules he did - The Guardian.I've never told anyone to hack a phone - Piers Morgan tells Laura Kuenssberg - BBC News.Piers Morgan interviewed by BBC’s Amol Rajan about phone hacking at Daily Mirror - BBC News.Piers Morgan will find many ways to deny phone hacking – but how long before his number is up? - Archie Bland’s article in The Guardian.Piers Morgan tells Charlotte Church how to stop her mobile phone from being hacked - YouTube.I'm sorry, Macca, for introducing you to this monster - Piers Morgan describes in the Daily Mail a voicemail he heard between Paul McCartney and Heather Mills.The human cost of phone hacking - Graham Cluley.Eudesignhouse.shop Review – Unmasking the Store Closing Scam - MyAntiSpyware.Whois Domain Lookup.Myth Maker: The Lost Legacy of Donald Cotton - SoundCloud.15 virtual Christmas party games to play this festive season - Country Living.21 Virtual Christmas Games To Play On Zoom With Adults - Team Building.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing...
12/21/2023 • 44 minutes, 39 seconds
For research purposes only
A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Fuzzy Duck - Wikipedia.Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit.Rule 34 - Wikipedia.We are (temporarily) offline - InflateVids on Patreon.Fast Company’s Apple News access hijacked to send an obscene push notification - The Verge.Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ - Vice.The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin.Russian influence and cyber operations adapt for long haul and exploit war fatigue - Microsoft.How Zelensky became Hollywood man of the hour - The Guardian.Nigel Farage wishes Hugh Janus a happy birthday - YouTube.Don Johnson - Cameo.Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register.Winning hearts and minds - Military Wiki.AdGuard Home - GitHub.Garmin Edge 130 Plus - Garmin.Garmin Connect IQ - Garmin.The Thermapen.Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool - Amazon.<a href="https://www.amazon.co.uk/Silicone-Spatulas-Resistant-Harmless-Non-Stick/dp/B08R3866P6" rel="noopener noreferrer"...
12/14/2023 • 56 minutes, 51 seconds
Nuclear cybersecurity, Marketplace scams, and face up to porn
Hacking fears are raised at Western Europe's most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Why Facebook Is Rebranding Itself as Meta - INSEAD.Windscale fire - Wikipedia.Sellafield nuclear site hacked by groups linked to Russia and China - The Guardian.Response to a news report on cyber security at Sellafield - UK Government.Response to Guardian news article - Office for Nuclear Regulation.Common Facebook Marketplace scams and how to avoid them - Comparitech.Advice from Google on how to remove malware and unsafe software from Android devices - Google.New Report Reveals Truths About How Teens Engage with Pornography - Common Sense Media.‘A lot of it is actually just abuse’- Young people and pornography - Children's Commissioner for England.Implementing the Online Safety Act: Protecting children from online pornography - Ofcom.UK age assurance guidance for porn sites gives thumbs up to AI age checks, digital ID wallets and more - TechCrunch.Meet Your Second Wife - Saturday Night Live sketch, YouTube.‘Modern Love Podcast’: Our 34-Year Age Gap Didn’t Matter, Until It Did - New York Times.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Push Security – Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.<a href="https://www.kolide.com/smashing"
12/7/2023 • 59 minutes, 4 seconds
Think before you shrink! And our guest is faked
Don't minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield.Plus - don't miss our featured interview with Push Security founder and CEO Adam Bateman.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:XtraVue Trailer demo - YouTube.Nvidia sued after video call mistake showed 'stolen' data - BBC News.Valeo v. Nvidia complaint - DocumentCloud.Fake BBC news article using Jane Wakefield’s name - Twitter.Report a fraudulent webpage to Google Safe Browsing - Google.Meta's EU ad-free subscription faces early privacy challenge - Yahoo!Meta to offer ad-free subscription in Europe in bid to keep tracking other users - TechCrunch.Meta’s EU ad-free subscription faces early privacy challenge - TechCrunch.Facebook and Instagram to Offer Subscription for No Ads in Europe - Facebook. noyb files GDPR complaint against Meta over “Pay or Okay” - NOYB. Big Mac index 2023 - Statista.Euro aea wages 2023 - Take-profit.org.Boat Story review - The Guardian.GlasgowGPT - the world's first Scottish artificial intelligence chatbot.Gergely Orosz uncovers fake female speakers at a tech conference - Twitter. Eliza-May Austin shares her experiences of being invited to speak at tech conferences - LinkedIn. <a href="https://www.bbc.co.uk/iplayer/episodes/p0glbknc/boat-story" rel="noopener noreferrer"...
11/30/2023 • 1 hour, 4 minutes, 3 seconds
Ransomware gang reports its own crime, and what happened at OpenAI?
Who gets to decide who should be CEO of OpenAI? ChatGPT or the board? Plus a ransomware gang goes a step further than most, reporting one of its own data breaches to the US Securities and Exchange Commission.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims - 404.AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC - DataBreaches.net.SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies - US Securities and Exchange Committee.OpenAI announces leadership transition - OpenAI.The Fear and Tension That Led to Sam Altman’s Ouster at OpenAI - The New York Times.Emergency Pod: Sam Altman is Out at Open AI - The New York Times.What We Know About Sam Altman’s Ouster From OpenAI - The New York Times.Ousted OpenAI C.E.O. Makes Plans for New Artificial Intelligence Company - The New York Times.Microsoft Hires Sam Altman Hours After OpenAI Rejects His Return - The New York Times.In the battle to bring ousted founder Sam Altman back to OpenAI, Microsoft and Satya Nadella hold the trump cards - Fortune.Rate your resignation letter - Twitter account.Suella Braverman’s resignation letter - Twitter.Analysis of letter by Dame Andrea Jenkyns - Twitter.Thread about letter from Dame Andrea Jenkyns - Twitter.The Future by Naomi Alderman review - The Guardian.The Future by Naomi Alderman - Harper Collins.<a...
11/23/2023 • 43 minutes, 26 seconds
Hacking for chimp change, and AI chatbot birthday
Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Bored Ape NFT Partygoers Blame UV Lights For Burned Eyes And Skin - Kotaku.Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked - The Register.Raft Suffers $3.3M Exploit That Drove Down Stablecoin 50%, but Hacker Likely Lost Money on Attack - CoinDesk.Leaderboard Comparing LLM Performance at Producing Hallucinations when Summarizing Short Documents - Github.Cut the Bull…. Detecting Hallucinations in Large Language Models - Vectara.Chatbots May ‘Hallucinate’ More Often Than Many Realize - The New York Times.Bing's ChatGPT-Powered Search Has a Misinformation Problem - Vice.ChatGPT gets code questions wrong 52% of the time - The Register.FreeTube.The Wonderful Story of Henry Sugar - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
11/16/2023 • 36 minutes, 8 seconds
Trolls, military data, and the hitman and her
A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI - The Register.Zandra Ellis criminal complaint (PDF).Rent-A-Hitman: Your Point & Click Solution! - YouTube.It’s shockingly easy to buy sensitive data about US military personnel - MIT Technology Review.This Guy Trolls His TikTok Haters By Getting Tattoos of Them - Vice.Man Gets Back at Trolls Online With Revenge Tattoos - MSN.The Beatles - “Now and Then” music video - YouTube.“The Last of Us” piano scene, episode 3 - YouTube.Celeritas podcast.Pick of the week archive - Smashing Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
11/9/2023 • 1 hour, 4 minutes, 59 seconds
How hackers are breaching Booking.com, and the untrustworthy reviews
Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Art Musings - Gratuitous plug for Carole’s new podcast with Sally Anne-Stewart.Smashing Security #344: What’s cooking at Booking.com? And a podcast built by AI - Smashing Security.Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley.Scammers try to trick Graham again via Booking.com - Twitter.'Thieves used fake Booking.com emails to steal £1,000 from me before my wedding' - The Mirror. Includes gratuitous mention of Graham’s hunt for aubergines.Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests - Akamai.Did AI Write Product Reviews? Gannett Says No - The New York Times.Is my co-worker AI? Bizarre product reviews leave Gannett staff wondering - The Verge.How to spot a fake review - Which?Lonely Water - Public information film from 1973.Scarred for Life Volume 1: The 1970s - Lulu.Scarred for Life Volume 2: Television in the 1980s - Lulu.Scarred for Life Twitter account.Say More with Dr? Sheila - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!<a href="https://www.vanta.com/smashing" rel="noopener noreferrer"...
11/2/2023 • 41 minutes, 40 seconds
Cyber sloppiness, and why does Google really want to hide your IP address?
Ahoy! There's trouble in the South China Seas as Filipino organisations fail to secure their systems, we take a close look at Google IP protection, and we take a look at just how so much genetic profile data leaked out of 23andMe.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Philippines’ cybersecurity failures exposed as hackers leak state secrets, people’s data - South China Morning Post.IT admins are just as culpable for weak password use - Outpost24.Google Chrome wants to hide your IP address - MalwareBytes.The 23andMe data breach reveals the vulnerabilities of our interconnected data - The Conversation.23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews - Wired.Worried about the 23andMe hack? Here's what you can do - Washington Post.Paris Police 1905 - BBC iPlayer.British Hen Welfare Trust.Art Musings - Art Musings podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or <a...
10/25/2023 • 54 minutes, 35 seconds
What’s cooking at Booking.com? And a podcast built by AI
How hunting for an aubergine could be all it takes for you to hand your credit card details over to a scammer, and just how good is a podcast entirely built by AI?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Support Alie Hothersall’s fundraising for Mind - JustGiving.Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley.Security.txt - A proposed standard which allows websites to define security policies.Develop AI launches a completely synthetic podcast - Develop AI. Develop AI podcast.Is It Legal To Pay - The err.. https version of a map of which countries allow you to pay ransom demands.Licorice Pizza - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more!Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories"
10/18/2023 • 44 minutes, 40 seconds
Four-legged girlfriends, LoveGPT, and a military intelligence failure
Dream girlfriends, AI love scams, and an alleged spy who is said to have made a series of blunders.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Former Soldier Indicted for Attempting to Pass National Defense Information to People’s Republic of China - US Department of Justice.‘Dream’ AI Girlfriend Randomly Turns Into Nude Jennifer Lopez, Has Four Legs - 404 Media.LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT - Avast Threat Labs.5 Signs Your Tinder Match Is a Scam Bot - LifeWire.Support Alie Hothersall’s fundraising for Mind - JustGiving.“The Last Action Heroes” by Nick de Semlyen - Pan Macmillan.Life Kit - NPR.Tom Hanks has made a complaint - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more!Moonlock — cybersecurity wing of MacPaw. Developers of the antimalware tech in CleanMyMac X — Moonlock Engine.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or <a href="https://www.smashingsecurity.com/mastodon" rel="noopener...
10/11/2023 • 48 minutes, 24 seconds
Royal family attacked, keyless car theft, and a deepfake Tom Hanks
Is a deepfake Tom Hanks better than the real thing? Who has been attacking the British Royal Family's website, and why? And how can you protect your vehicle from the spate of keyless car thefts?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Plus don't miss our featured interview with Devo CISO Kayla Williams.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The disturbing uncanny valley of Robert Zemeckis film 'Polar Express' - Far Out magazine.Tom Hanks warns of deepfake video promoting dental plan - Instagram.Fuming Tom Hanks says he had nothing to do with that AI dental ad clone of him - The Register.Tom Hanks warns dental plan ad image is AI fake - BBC News.Robin Williams’ Daughter Zelda Criticizes Use of AI to Re-create His Voice: “I Find It Personally Disturbing” - Hollywood Reporter.Bruce Willis denies selling rights to his face - BBC News.Deepfake Bruce Willis in Russian telecoms advert - YouTube.Could you get "carhacked"? The growing risk of keyless vehicle thefts and how to protect yourself - CBS News.Keyless car theft: What is a relay attack, how can you prevent it, and will your car insurance cover it? - Leasing.com.Testing Phone-Sized Faraday Bags - Matt Blaze.Famous DDoS attacks - Cloudflare.The sinister Russian hackers who've claimed responsibility for crashing Buckingham Palace website - Daily Mail.King Charles rebukes Russia's 'horrifying' invasion of Ukraine in unprecedented speech - Express.Visually, how much paper would a GB and a TB of data fill in terms of physical size? - Quora.“The shop around the corner” - Wikipedia.<a href="https://evandesigns.com/" rel="noopener noreferrer"...
10/4/2023 • 1 hour, 8 minutes, 8 seconds
Another T-Mobile breach, ThemeBleed, and farewell Naked Security
Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:T-Mobile customer reports privacy breach - Twitter.T-Mobile US exposes some customer data – but don't call it a breach - The Register.T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer.Connectivity Source - Despite appearances, don’t confuse it with T-Mobile.ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes.If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times.They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone.The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media.Egg crack challenge,the last baby is so cute - YouTube.Trailer for “The Deepest Breath” - YouTube.“The Deepest Breath” - Netflix.Naked Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE...
9/27/2023 • 58 minutes, 15 seconds
Heated seats, car privacy, and Graham’s porn video
Do you know what data your car is collecting about you? Do you think it's right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Plus don't miss our featured interview with Gigamon's Mark Jow.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Yikes! My sex video has been uploaded to YouPorn, apparently - Graham Cluley.1 million YouPorn users exposed; data breach required no security penetration - Computer World article from 2012.The YouPorn Sextortion Email Spam Campaign Explained - MalwareTips.BMW deems drivers worthy of warmth, ends heated car seat subscription - The Register.Hackers crack Tesla software to get free features - The Independent.It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy - Mozilla Foundation.Car Companies: Stop Your Huge Data Collection Programs - Mozilla Foundation.Programming language inventor or serial killer? - Vole.wtf.Rask - AI video localisation.Verbalate - Video translation and lip sync software.The Following Events Are Based on a Pack of Lies review - The Guardian.The Following Events Are Based on a Pack of Lies - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14...
9/20/2023 • 1 hour, 3 minutes, 13 seconds
Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?
Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865.Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...)All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Tweet by Jameson Lopp.Bitcoin user’s costly error leads to record transaction fee of $510,000 - Cryptoslate.Root Admin User: When Do Common Usernames Pose a Threat? - GovInfoSecurity.Dave’s conversation with Crosstalk’s Chris Sherwood - Hacking Humans podcast.Passkey authentication - Wikipedia.Passkeys: Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins - FIDO Alliance.Test your mental image ability - Aphantasia.How to create your own personal deepfake - Axios.Deepfakes are being used for good – here’s how - Connecting Research - University of Reading.Six things you need to know about deepfakes - BBC Radio 4.Mitigating Aphantasia with Generative Reality - Medium.Ethical Deepfake Maker - Synthesia.HeyGen deepfakes - HeyGen.Deepfakes are being used for good – here's how - The Conversation.Search engines required to stamp out AI-generated images of child abuse under Australia’s new code - The Guardian.Induction Hob with Rotary Controls - Cookology.Top 10 WTF Mr Blobby Moments - YouTube.<a...
9/13/2023 • 51 minutes, 44 seconds
Catfishing services, bad sports, and another cockup
AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with Alex Lawrence, principal security architect at Sysdig.Warning: This podcast may contain nuts, adult themes, and rude language. May? Who are we kidding...Episode links:199: A few tech cock-ups, and one cock lock-up - Smashing Security.Smart male chastity lock cock-up - Pen Test Partners.“My sexual urges are so out of control I’m considering buying a chastity cage” - Dear Deidre, The Sun.Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed - TechCrunch.Dispatch pauses AI sports writing program - Axios.Would Your Partner Cheat? These ‘Testers’ Will Give You an Answer - The New York Times.Loyalty Test.Nitpick: Why don’t induction hobs have knobs?Longevity… simplified - book by Dr Howard J Luks.Oxford Art Society Open Exhibition 2023.Carole Theriault art website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a...
9/6/2023 • 1 hour, 7 minutes, 19 seconds
The DEA’s crypto calamity, and scammers’ blue tick bonanza
Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich's head, and how Graham is refusing to call Twitter "X".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer - Forbes.Stranger sent dick pics so I convinced him he was dying - YouTube.Creeps Airdropping Dick Pics Is the Latest Air Travel Nightmare - Vice.Airdrop scam tokens - Trezor.Brother of Criminal Bitcoin Mixing CEO Pleads Guilty to Stealing 712 Bitcoins From IRS - CoinDesk.Blue-tick scammers target consumers who complain on X - The Guardian.Infinite Mac.Classic Mac OS - Wikipedia.Perplexity AI - chatbot.CrazyGames.Braingle. 40 Weirdest Things on Amazon That People Actually Love to Buy - Good Housekeeping.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Beyond Identity – Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or <a href="https://apple.co/2J1YMCu" rel="noopener noreferrer"...
8/30/2023 • 37 minutes, 59 seconds
Pizza pests, and securing your wearables
Surely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:One in three young people falling prey to ‘text pests’ as ICO calls for victims to come forward - ICO.My pizza order turned into a terrifying ordeal after creepy delivery driver stole my data & I was sent sinister messages - The Sun.Share your experience of unwanted contact after giving your personal information to a business for a legitimate reason - ICO.IoT, wearables and the new health insurance paradigm - IT-Online.Top 10 Innovative Wearable IoT Devices - IOT Design Pro.Explosive Growth Forecasted: IoT in Healthcare Market Set to Reach US$ 952.3 Billion by 2032 with a Remarkable CAGR of 18.0% - PharmiWeb.Sweat it out: Novel wearable biosensor for monitoring sweat electrolytes for use in healthcare and sports -Science Daily.New Apple Watch X Leaked: MAJOR Redesign & Magnetic Band System! -YouTube.Wearables | Privacy & security guide - Mozilla Foundation.5 trending wearables in 2023 to look out for - Ignitec.Internet of Things Becomes Greater Focus for Pharma -Health Leaders media.Hospitals are selling treasure troves of medical data — what could go wrong? - The Verge.Opt out of sharing your health records - NHS.Legal lullabies - Drift asleep listening to Instagram's terms of service.The Sound: Mystery of Havana Syndrome.Smashing Security merchandise (t-shirts, mugs,...
8/23/2023 • 38 minutes, 45 seconds
AI chat wars, and hacker passwords exposed
AI chatbots are under fire in Las Vegas, the secrets of hackers' passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:100,000 Hackers Exposed from Top Cybercrime Forums - Hudson Rock.Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer - Hudson Rock.People coaxed AI into saying 9+10=21 and giving instructions for spying — it shows how these systems are prone to flaws and bias - Business Insider.These Women Tried to Warn Us About AI - Rolling Stone.Chatbots: Why does White House want hackers to trick AI? - BBC News.I, Claudius - BBC iPlayer.Drama Connections: I, Claudius - BBC documentary from 2005, on YouTube.'Painkiller' Review: Netflix Series Fails To Capture Opioid Crisis - Variety.”Painkiller” trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Beyond Identity - Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener noreferrer"
8/16/2023 • 34 minutes, 18 seconds
Acoustic attacks, and the tears of a crypto rapper
Razzlekhan, the self-proclaimed Crocodile of Wall Street, pleads guilty to the biggest crypto laundering scheme in history, and just how safe are you typing while on a Zoom call?Meanwhile, Graham rants about public EV chargers.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:With Nvidia Eye Contact, you’ll never look away from a camera again - Ars Technica.“A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” - Technical paper (PDF).New acoustic attack steals data from keystrokes with 95% accuracy - Bleeping Computer.Bitfinex users to share 36% of bitcoin losses after hack - BBC News.Bitfinex’s Latest News & Updates - BitFinex blog.Heather R. Morgan - Wikipedia.Razzlekhan and husband guilty of $4.5bn Bitcoin launder - BBC News.Record-high seizure of $4bn in stolen Bitcoin - BBC News.‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan - The Guardian.”Versace Bedouin” music video by Razzlekhan - YouTube.“Pho King Badd Bhech” music video by Razzlekhan - YouTube.SWARCO - Nit Pick of the Week.Esim Holafly - Holafly.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener...
8/9/2023 • 44 minutes
Barbie and the stalking spouse
Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SpyHide couldn’t hide forever - Maia arson crimew.Spyhide stalkerware is spying on tens of thousands of phones - .TechCrunch.Use Google Play Protect to help keep your apps safe and your data private - Google.Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News. A Complete History of the Barbie Movie - Vanity Fair.20 Things You Probably Didn't Know About Barbie - Readers Digest.Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek.How scammers are using ‘Barbie’ craze to steal personal information - The Hill.‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter.Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee.History vs Hollywood.Weird: The Al Yankovic story - History vs Hollywood.The News Meeting - Tortoise podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Hunters – A SOC platform, built to empower your security team to reduce risk, complexity and costs.Moonlock - The cybersecurity wing of MacPaw. Developers of CleanMyMac X antimalware tech, Moonlock Engine.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing...
8/2/2023 • 37 minutes, 52 seconds
Nudes leak at the plastic surgery, Mali mail mix-up, and WormGPT
Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:90210 plastic surgeon Dr Gary Motykie.Dr Gary Motykie videos - YouTube.More plastic surgery patients have their nude photos and information leaked - DataBreaches.net.Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register.Hundreds of thousands of US military e-mails wind up in Mali - Le Monde.Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times.WormGPT: a generative AI tool to compromise business emails - CSO Online.WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext.“Who shat on the floor at my wedding?”Futurama - Wikipedia.Radiooooo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN - Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
7/26/2023 • 51 minutes, 54 seconds
Boris Johnson’s WhatsApps, and sextorting party girls
Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie’s “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a...
7/19/2023 • 36 minutes, 4 seconds
Deepfake Martin Lewis, and a deadly jog in the park
Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Russian commander shot dead after posting runs on Strava running app - Kyiv Post.Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News.How synthetic media, or deepfakes, could soon change our worldeing deepfake scam ad on Facebook - 60 Minutes on YouTube.Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer.Fears grow of deepfake ID scams following Progress hack - Ars Technica.“Deep Fake Neighbour Wars”: ITV’s comedy shows how AI can transform popular culture -The Conversation.”My Old School” - BBC Scotland.”My Old School” trailer - YouTube.MP doesn’t know whether she attended Downing St Party - YouTube.”Non-Censored” with Rosie Holt podcast - AudioboomSmashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide - Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig - Is your cloud secure? Not without runtime insights! Sysdig delivers the industry's ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) - powered by runtime insights - to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on <a...
7/12/2023 • 39 minutes, 51 seconds
Pornhub, Barbie dolls, and can you trust a free TV?
Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly?Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Pornhub Is Being Accused of Illegal Data Collection - Wired.StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn.The Password Game - Neal.fun.The True Cost of a Free TV - Wired.Telly dual-screen TV first look: it’s free and may be the future - The Verge.Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger.How rampant abuse by fintech fueled covid relief fraud - The Washington Post.'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News."We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News.‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes.“Jury Duty” TV series - Wikipedia.“Jury Duty” trailer - YouTube.Spray Cork: What Is It? - Build with Rise.CorkSol.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!<a href="https://www.nordlayer.com/smashing" rel="noopener noreferrer"...
7/5/2023 • 47 minutes, 17 seconds
UPS smishing, ChatGPT 101, and storing secret files
UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer.Example of UPS SMS phishing message related to Lego order - Twitter.Another example of a Lego-related UPS phishing message - Twitter.Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice.How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley.Bad adverts leave people scratching their heads - MSN.How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro.Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist.Unraveling an AI Scam with AI - Imperva.100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread.97+ ChatGPT Statistics & User Numbers In June 2023 (New Data) - Nerdy Nav.“Speed Cubers” - Netflix.Trailer for “Speed Cubers” - YouTube.KBDcraft.”How to Win Friends and Disappear People” - Qcode Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source...
6/28/2023 • 56 minutes, 1 second
Mark’s metaverse for minors, and getting down to business
There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Google sues alleged scammer over fake business and review scheme - The Verge.Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.Keep Connected - ages 10–14 - Keep Connected.The Metaverse Police: A VR content moderator shares his insights - Mixed News.“Untold: The Girlfriend Who Didn't Exist” - Netflix.Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the <a...
6/21/2023 • 37 minutes, 10 seconds
Right Royal security threats and MOVEit mayhem
There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro.Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express.The US Is Openly Stockpiling Dirt on All Its Citizens - Wired.I don’t care about cookies browser plugin.MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News.BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News.Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch.BBC and British Airways affected by data breach at payroll company Zellis - The Record.BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian.Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant.MOVEit Transfer and MOVEit Cloud Vulnerability - Progress.MOVEit announces second vulnerability; Minnesota schools agency breached with original bug - The Record.An Update on the Steps We are Taking to Protect MOVEit Customers - Ipswitch.Spider-Man: Across the Spider-Verse - IMDB.Spider-Man: Across the Spider-Verse trailer - YouTube.The Muppets Mayhem - Disney+.The Muppets Mayhem trailer - YouTube.<a...
6/14/2023 • 54 minutes, 32 seconds
Rick Astley and the little birdie scam
Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Max Power of Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register.“Breaking the code: Cyber Secrets Revealed” - ABC.Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News.Toll-free Hijack Alert (misdial scam) - AT&T.“Connected: the hidden science of everything” - Netflix.“Connections” with James Burke - YouTube.“I wanna marry Harry” reality show - Wikipedia.“Space cadets” reality show - Wikipedia.Unreal: A Critical History of Reality TV - Apple Podcasts.Famous Studios - Famous Studios website.Unreal: A Critical History of Reality TV - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter
6/7/2023 • 59 minutes, 41 seconds
.ZIP domains, AI lies, and did social media inflame a riot?
ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with David Ahn of Centripetal.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:8 new top-level domains for dads, grads and techies - Google.Tweet by Citizen Lab’s John Scott-Railton - Twitter.File Archiver in the browser - mr.d0x.A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.Two boys killed in Cardiff crash which was followed by riot are named - Sky News.Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.Black Butterflies - Netflix.Black Butterflies trailer - YouTube.“The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.Science Vs - Gimlet Media Podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud...
5/31/2023 • 1 hour, 16 minutes, 32 seconds
Botched Bitcoin blackmail, iSpoof, and Meta’s billion dollar data bungle
13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Man convicted of blackmail and other offences - SEROCU.EU hits Meta with record €1.2B privacy fine - Politico.Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.Fraudster pleads guilty to £100m iSpoof scam - BBC News.300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security."John Was Trying to Contact Aliens" - Netflix.Sleep mask - Amazon.Blackout blind with suction cups - Amazon.Jewish Matchmaking - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...
5/24/2023 • 49 minutes, 46 seconds
When you buy a criminal’s phone, and paying for social media scams
Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Vote for "Smashing Security" in the European Security Blogger Awards.Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.Fraud Strategy: stopping scams and protecting the public - UK Gov.Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.How Many People Use Social Media in 2023? - Oberlo.Scam social media quizzes dupes people into revealing personal details - ITV News.Where are you most likely to be scammed: phone, text or social media? - This is Money.Where are you most likely to be scammed: phone, text or social media? - This is Money.Major bank calls out Meta for huge rise in scams on its platforms - This is Money.The Legend of Zelda: Tears of the Kingdom - Nintendo.ScanSnap SV600 - Fujitsu.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!<a href="https://www.smashingsecurity.com/outpost24" rel="noopener...
5/17/2023 • 43 minutes, 13 seconds
Eurovision, acts of war, and Twitter circles
Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden.Plus don't miss our featured interview with Outpost24's John Stock.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Introducing Twitter Circle, a new way to Tweet to a smaller crowd - Twitter.Twitter Circles Is Broken, Revealing Nudes Not Meant For The General Public - Buzzfeed News.Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout - The Register.What is Hostile or Warlike?: An in-depth look at the Merck war exclusion decision and its shortfalls - Kennedys Law.Eurovision voting scandal: Six juries cheated and voted for each other - EuroVision World.Eurovision: MP seeks assurances contest voting will be protected from Russian threats - Sky News.Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week - Daily Mail.Cyber security experts hope to protect Eurovision voting from possible Russian threat - ITV News.The technology of the Eurovision Song Contest - Technology and Engineering.Cyber security experts hope to protect Eurovision voting from possible Russian threat - Eurovision News.Eurovision voting scandal: Six juries cheated and voted for each other - Eurovision News.Eurovision 2023: Tickets for Liverpool sell out after huge demand - BBC News.Eurovision 2023: Hotel...
5/10/2023 • 1 hour, 6 minutes, 44 seconds
City Jerks, AI animals, and is the BBC hacking again?
Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hackers steal emails, private messages from hookup websites - TechCrunch.Scam Interceptors - BBC.‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammers - The Guardian.Did BBC break the law by using a botnet to send spam? - Naked Security.How a horse whisperer can help engineers build better robots - Science Daily.How Scientists Are Using AI to Talk to Animals - Scientific American.“I don’t know”, sung by 76-year-old Paul McCartney - YouTube.“I don’t know”, sung by AI Paul McCartney - YouTube.AI makes Paul McCartney’s voice youthful - The Daily Beatle.“New”, sung by the AI Beatles - YouTube.AI Freddie Mercury sings “Yesterday” - YouTube.The Evaporated - Campside Media.Tetris - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 - Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on <a...
5/3/2023 • 48 minutes, 42 seconds
The CEO who also ran IT, Strava strife, and TikTok tall tales
A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats - Graham Cluley.Lizard Squad Member: Why I Took Down Xbox and PlayStation - Sky News on YouTube.Hacker Charged With Extorting Online Psychotherapy Service - Krebs on Security.Finland’s Most-Wanted Hacker Nabbed in France - Krebs on Security.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Hackers can find your home on Strava even if you use privacy settings, researchers find - Yahoo Sports.Iron Bianca hashtag on TikTok - TIkTok.Investigators warn of fake suicide scams on social media platforms - MSN News.How did Iron Bianca die? Tribute Pours In As Tiktok Star Passed Away - PBK News.Spill-the-Tea-007 TikTok Channel - TikTok.Mike Bolhius Private Investigator - Mike Bolhius homepage.Paint trailer - YouTube.Bob Ross: Happy Accidents, Betrayal & Greed - Netflix.Star Trek: Picard - Paramount Plus.The Diplomat - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure...
4/26/2023 • 56 minutes, 12 seconds
Tesla workers spy on drivers, and Operation Fox Hunt scams
Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.(Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!)Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Countering Threats Posed by the Chinese Government Inside the US - Speech by the FBI’s Christopher Wray.Criminals Pose as Chinese Authorities to Target US-based Chinese Community - FBI.FBI: How fake Xi cops prey on Chinese nationals in the US - The Register.Special Report: Tesla workers shared sensitive images recorded by customer cars - Reuters.303: Secret Roomba snaps, Christmas cab scams, and the future of AI - Smashing Security.Lawsuit: Tesla must be punished for “tasteless” sharing of car-camera images - Ars Technica.Customer Privacy Notice - Tesla.Tesla hit with class action lawsuit over alleged privacy intrusion - Reuters.Tesla About Autopilot - Tesla.“Wet Nellie” - Wikipedia.Device Orchestra - YouTube.“Smoke on the Water”, as performed by Device Orchestra - YouTube.“Eye of the Tiger”, as performed by Device Orchestra - YouTube.Cabin Camera - Tesla.Colin from Accounts - Amazon Prime.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust....
4/19/2023 • 36 minutes, 58 seconds
Another Uber SNAFU, an AI chatbot quiz, and is juice-jacking genuine?
Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Uber driver info stolen yet again: This time from law firm - The Register.Letter from law firm Genova Burns to impacted Uber drivers (PDF)Tweet by FBI Denver - Twitter.FBI warns against using public phone charging stations - CNBC.'Juice Jacking': The Dangers of Public USB Charging Stations - FCC.Stop! Don’t charge your phone this way - Seattle Times.This Seemingly Normal Lightning Cable Will Leak Everything You Type - Vice.Cybersecurity Myths You Might Still Believe – Debunked! - CXO Today.China to require 'security assessment' for new AI products - France24.Cybercrime: be careful what you tell your chatbot helper…- The Guardian.12 Jobs that AI will never replace - In Hunt World.ChatGPT Fabricates Sexual Harassment Scandal, Names Real US Law Professor As Accused - Republic World.Insurable cyberattacks? - Caveat podcast.UBI board game - Board Game Geek.The Eye, The Pyramid, The Map: The Psychogeography of ‘The World According to Ubi’ - We Are The Mutants.They Finally Let Me Into Abbey Road Studios! - Rick Beato, YouTube.<a...
4/12/2023 • 50 minutes, 38 seconds
Of Musk and Afroman
An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:These Men's Rights Activists Literally Worship Elon Musk - Buzzfeed News.Florida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed' - WESH.Florida principal resigns after sending $100K to scammer posing as Elon Musk - NY Post.Afroman - Will You Help Me Repair My Door - YouTube.Official Music Video for Because I Got High performed by Afroman - YouTube. Police sue rapper Afroman for using footage of home raid in his music videos - The Guardian.Afroman Complaint - Adams County Court.Afroman Got Raided by Cops, So He Put Them in His Music Video - Vice.Afroman - Wikipedia.Afroman sued by seven officers who raided his home - NME.Afroman Isn’t Worried About a Police Lawsuit Over His Music Videos - Rolling Stone.Afroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!! - TMZ.Afroman I'm Missin' $400 In Cash After Raid... Thinks Cops Swiped It - TMZ.Atlas Obscura.Oak Beams, New College Oxford - Atlas Obscura. BeyerDynamic DT 770 PRO Headphones - BeyerDynamic. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password...
4/5/2023 • 42 minutes, 3 seconds
Crypto hacker hijinks, government spyware, and Utah social media shocker
A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Tweet by Euler Finance confirming security breach - Twitter.Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk.Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian.Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk.President Biden kind of mostly bans commercial spyware from US govt - The Register.Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times. Utah’s social media for kids law could be coming to a state near you - Vox.Utah Governor Spencer Cox signs a landmark social media bill - YouTube.RRR - Netflix.RRR trailer - YouTube.RRR Naatu Naatu dance scene - YouTube.Best films of 2022 in the UK, No 7: RRR - The Guardian.He Died with a Felafel in His Hand - Wikipedia.Swarm - Amazon Prime.Night of the Lepus - Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.<a...
3/29/2023 • 47 minutes, 33 seconds
Photo cropping bombshell, TikTok debates, and real estate scams
It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security.Google Pixel exploit reverses edited parts of screenshots - The Verge.Tweet by researcher Simon Aarons - Twitter.aCropalypse demo.Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors.Android phones can be hacked just by someone knowing your phone number - Graham Cluley.BBC advises staff to delete TikTok from work phones - BBC News.TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News.TikTok banned from official Welsh government phones - BBC News.Danish public broadcaster advises staff against using TikTok - BBC News.Canada bans TikTok on government devices - BBC News.European Commission bans TikTok on staff devices - BBC News.New bill would ban TikTok in the US but it faces long odds - BBC News.A Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless' - Entrepreneur.Retired Colorado teacher left homeless and broke after scammers hijack house sale - MSN.Homebuyers scammed out of nearly $200,000 - YouTube.Stolen life savings Vickie and Sarah Ragle - Go Fund Me.<a href="http://theplaythatgoeswrong.com/"...
3/22/2023 • 47 minutes, 53 seconds
Tesla twins and deepfake dramas
The twisted tale of the two Teslas, and a deepfake sandwich.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News.A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone.Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag.Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN.Spot the Deepfake - Microsoft.Sholay trailer - YouTube.Sholay: Review of the monumental Indian epic - YouTube.Rent or buy Sholay - YouTube Movies.Jazz Pianist Brad Mehldau Plays The Beatles - NPR.Brad Mehldau - Brad Mehldau website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
3/15/2023 • 37 minutes, 30 seconds
Super grannies, bar trolls, and US Marshals
Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC.Canada grandma helps stop fraud scheme targeting senior citizens - BBC News.A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal.Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN.Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR.9 millionaires and billionaires with the most bizarre spending habits - Business Insider.Phishing still the leading way attackers breach security controls: IBM - IT World Canada.New White House cyber strategy picks a fight with ransomware - AXIOS. Happy Valley - BBC.My 80s TV.Everything Everywhere All at Once - IMDB.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a...
3/8/2023 • 1 hour, 2 minutes, 8 seconds
TikTok, wiretapping, and your deepfake voice is your password
Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Wiretapping Italian police tune in to hear their secrets being sold - The Times.Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.Protests grow in Italy over the wiretapping of journalists - Independent.How I Broke Into a Bank Account With an AI-Generated Voice - Vice.TikTok under investigation by Canadian privacy authorities - BBC.The UN's cyber crime treaty could be a privacy disaster - IT Pro.TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.“Check It Out” episode about nuclear war from July 1980 - YouTube.The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.Fleishman is in Trouble - Disney+Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your...
3/1/2023 • 48 minutes, 53 seconds
Verified blue ticks and horny AI chatbots
Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Testing Meta Verified to Help Creators Establish Their Presence - Meta.As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.A pre-match message from Will Ferrell - QPR Twitter account.BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.Replika homepage - Replika.Click and Drag - xkcd.1110: Click and Drag - Explain xkcd.xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”Only Murders in the Building - Disney Plus.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener noreferrer"...
2/22/2023 • 44 minutes, 9 seconds
Synthetic voices, ChatGPT reflections, and social skirmishes
AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice.AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice.Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice.ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice.My Strange Day With Bing’s New AI Chatbot - Wired.We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company.How social media affects teen mental health: a missing link - Nature.California bill to let parents sue social media gets second try - Bloomberg.How to protect children from big tech companies - Wall Street Journal.Three out of four parents say social media is a major distraction for students, according to new study - Phys.org.Remarks of President Joe Biden – State of the Union address as prepared for delivery - The White House.Why the past 10 years of American life have been uniquely stupid - The Atlantic.Now Mesa public schools are also declaring that they have failed in educating their children by suing social media - Techdirt.Seattle school...
2/15/2023 • 50 minutes, 26 seconds
Jail after VPN fail, criminal messaging apps, and wolf-crying watches
When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with SecurEnvoy's Chris Martin.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now.Episode links:Ubiquiti tells customers to change passwords after security breach - ZD Net.“No way out” trailer - YouTube.Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica.Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender.Final Thoughts on Ubiquiti - Krebs on Security.Former Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For Ransom - Department of Justice.Dutch Police Read Messages of Encrypted Messenger 'Exclu' - Vice.Shock and applause for Apple Watch's chilling real-life emergency call ad - Campaign Live. 911 call made from Apple Watch of Washington woman buried alive released - Yahoo! News.Apple Watch
2/8/2023 • 1 hour, 5 minutes, 30 seconds
ChatGPT and the Minister for Foreign Affairs
Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Artis Pabriks.‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World.'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News.Amazon Warns Employees to Beware of ChatGPT - Gizmodo. ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. ChatGPT raises red flags by acing MBA exam.ChatGPT passes exams from law and business schools - CNN. I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. Real estate agents say they can’t imagine working without ChatGPT now - CNN. Science journals ban listing of ChatGPT as co-author on papers - The Guardian. Blakes 7 Bot - an automated bot that posts lines of dialogue from Blakes 7.Yarn - Find video clips by quotes.The New Gurus Podcast - BBC Sounds. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for....
2/1/2023 • 52 minutes, 48 seconds
No Fly lists, cell phones, and the end of ransomware riches?
What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.Episode links:The Complete Idiot's Guide to Writing Erotic Romance - Amazon.The Many Ingenious Ways People in Prison Use (Forbidden) Cell Phone - The Marshall Project.How Did They Run an Elaborate “Sextortion” Scam From Prison? Cellphones - The Marshall Project.Alarm Over Death Row Cell Phone Threats - CBS News.How to completely own an airline in 3 easy steps - Maia arson crimew.U.S. airline accidentally exposes ‘No Fly List’ on unsecured server - Daily Dot.Cyber-crime gangs' earnings slide as victims refuse to pay - BBC. Ransomware Revenue Down As More Victims Refuse to Pay - ChainAnalysis.Leaked Ransomware Docs Show Conti Helping Putin From the Shadows - Wired. Luxe Listings Sydney trailer - YouTube.Luxe Listing Sydney - Wikipedia.<a href="https://twitter.com/MattWBZ" rel="noopener noreferrer"...
1/25/2023 • 50 minutes, 42 seconds
Norton unlocked, and police leaks
Carole is in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information.Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Operation Protect the Innocent - LA Police Department.A Police App Exposed Secret Details About Raids and Suspects - Wired.ODIN Intelligence website is defaced as hackers claim breach - TechCrunch.Norton LifeLock says thousands of customer accounts breached - TechCrunch.Ugh! Norton LifeLock password manager accounts accessed by hackers - Graham Cluley.Reports: Twitter’s sudden third-party client lockouts were intentional - Ars Technica.Spring app - Twitter.Spring app - Mac App Store.Mona app - Mastodon.Tulsa King trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.DigiCert - DigiCert's Trust Lifecycle Manager sets a new bar for unified management of digital trust. Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via <a href="https://www.patreon.com/smashingsecurity"...
1/18/2023 • 39 minutes, 10 seconds
Oxford's dating disaster, cheap security robots, and faking a suicide
Someone called OxShagger thinks he has come up with the perfect Valentine's surprise for Oxford students, but is the way he has gone about "bookworms with benefits" really a good idea? Robot security guards are trundling the streets of - you guessed it - America. And a writer of paranormal bully romances (no, we don't know what that means either) returns from the grave...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden - Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 - A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.NordLayer - NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.Episode links:Dating site for horny Oxford students slammed for privacy violations - Cherwell.OxShag will not be running this term as creator says they ‘made some poor choices’ - The Oxford Tab.Dysfunctional: OxShag to shut down amid controversy - Cherwell.Oxford University dating website for staff and students shut down after ‘huge data breach’ - The Times.CES 2023 Robots: Humanoid Helpers, Coding Pups and Farming Planters - CNet.One of America's most hated companies hired a security robot. It didn't go well - ZDNet.Robot security downtown getting lots of attention, KHON2 News - YouTube.4 New Contracts for 8 Machines to Kick Off New Year at Knightscope -...
1/11/2023 • 50 minutes, 58 seconds
Secret Roomba snaps, Christmas cab scams, and the future of AI
Beware your Roomba's roving eye, the Finns warn of AI threats around the corner, and watch out when hailing a taxi cab in Dublin...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? - MIT Technology Review.Building Smart Robots Requires Responsible Development - Roomba CEO Colin Angle on LinkedIn.OpenAI predicts biz can break a billion in revs by 2024 - The Register.The security threat of AI-enabled cyberattacks (PDF) - The Finnish Transport and Communications Agency, Traficom.Ireland Christmas weather ‘roller-coaster’ amid new ‘Beast from the East’ threat - Irish Mirror.Christmas revellers warned about sophisticated taxi scam as €300,000 is stolen from victims - MSN. Taxi cab scam has cleaned out €300,000 from bank accounts of victims - Irish Independent. “La Cabina” - YouTube.“Last and First Men” by Olaf Stapledon - Wikipedia.”The other side of night” by Adam Hamdy - Pan MacMillan Press. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or <a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener...
12/21/2022 • 48 minutes, 4 seconds
Lensa AI, and a dog called Bob
Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Rico Acosta, IT manager at Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security 229: Dating leaks, right to repair, and a stinky bishop - Smashing Security.Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall - The Register.Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickers - NCA.What does the Lensa AI app do with my self-portraits and why has it gone viral? - The Guardian. Lensa, the AI portrait app, has soared in popularity. But many artists question the ethics of AI art - NBC News.I Uploaded Photos of Myself to the New Lensa A.I. Portrait Generator. The Results Were Stunning, Strange… and Super Creepy - Artnet.People keep sharing their AI-generated portraits: What to know about Lensa, and why some push back on it - USA Today.How Is Everyone Making Those A.I. Selfies? - New York Times. Lensa AI: Security concerns regarding app behind colourful selfies on social media - The National News. ‘Magic Avatar’ App Lensa Generated Nudes From My Childhood Photos - Wired. Celebrities Are Obsessed With This Amazing New AI Portrait App - Hello Giggles. This AI Self-Portrait App is Taking Over the Internet - Medium.Wednesday Shows Off Her Moves - YouTube.<a href="https://www.nme.com/news/tv/wednesday-backlash-jenna-ortega-covid-dance-scene-3362335"...
12/14/2022 • 54 minutes, 51 seconds
AI chatbot or the start of Skynet? Eufy privacy, and hot desks
An AI chatbot is causing a stir - both impressing and terrifying users in equal measure. A security researcher discovers that a "smart" cam that doesn't use the internet is err.. using the internet. And university students revolt over under-the-belt surveillance. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:While anticipation builds for GPT-4, OpenAI quietly releases GPT-3.5 - TechCrunch.OpenAI upgrades GPT-3, stunning with rhyming poetry and lyrics - Ars Technica.GPT-3.5 finds a security vulnerability - Twitter.Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - YouTube.OpenAI's new ChatGPT bot: 10 dangerous things it's capable of - Bleeping Computer.What GPT-3.5 really thinks about us humans - Twitter.We asked GPT-3.5 to write a story about the “Smashing Security” hosts - Twitter.GPT-Chat - OpenAI.Researcher Paul Moore questions Eufy about its privacy - Twitter.Eufy’s “local storage” cameras can be streamed from anywhere, unencrypted - Ars Technica.Eufy privacy statement - Eufy.‘NO’: Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them - Vice. Max Von Himmel Twitter Feed - Twitter. It’s Not Science, Just Surveillance (and it's Under Your Desk) - TWC newsletter. Northeastern University - Northeastern University homepage. <a href="https://www.spaceti.com/building-management-platform" rel="noopener...
12/7/2022 • 56 minutes, 4 seconds
Interplanetary file systems, iSpoof, and don't delete Twitter
Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems).All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original show co-host Vanja Švajcer.What an amazing 6 years of bickering it has been… thanks to all of you who have tuned in, appeared on the show, or supported us! 🙏Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security #001: “One cup, two hotel guests” - YouTube.Whoopi Goldberg Quitting Twitter: “As Of Tonight I’m Done” - Deadline.Stephen Fry Joins Celebrity Twitter Exodus, Says “Goodbye” With Scrabble Message - Deadline.Twitter Users Warned Not To Delete Their Accounts - Here’s Why - ForbesHow to deactivate your account - Twitter.InterPlanetary File System - Wikipedia.Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns - Cisco Talos.Decentralized IPFS networks forming the 'hotbed of phishing' - The Register.UK police arrest 120 in largest-ever cyber fraud crackdown - Computer Weekly. Grote spoofingdienst uit de lucht gehaald door internationale samenwerking - Politie.nl.Received a text from the Metropolitan Police about iSpoof? - Cel solicitors.iSpoof' service dismantled, main operator and 145 users arrested - Bleeping Computer.iSpoof: What is iSpoof and how did police take down scam call site linked to 200,000 victims? - The Scotman.Listen to the...
11/30/2022 • 1 hour, 4 minutes, 42 seconds
EV charging risks, FTX, and an ancient apocalypse
Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes of AMTSO.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Larry David promotes FTX in Superbowl ad - YouTube.Crypto giant FTX collapses into bankruptcy - BBC News.FTX's new CEO: "Never in my career have I seen such a complete failure" - CBS News.Tom Brady, Giselle Bündchen, Larry David & Steph Curry Caught In FTX Crypto Fallout With Class Action Suit - Deadline.Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 milion - Reuters.Tweet showing Sam Bankman-Fried deepfake scam - Twitter.FTX Founder Deepfake Offers Refund to Victims in Verified Twitter Account Scam - Vice.Crypto.com CEO admits company accidentally sent 320,000 ETH ($416 million) to another crypto exchange a few weeks prior - Web3 is going great.Sandia studies vulnerabilities of electric vehicle charging infrastructure - Sandia Labs.Review of Electric Vehicle Charger Cybersecurity Vulnerabilities, Potential Impacts, and Defenses - MDPI.Shocker: EV charging infrastructure is seriously insecure - The Register.Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device - Microsoft.Gaming for everyone, everywhere: our view on the Activision Blizzard acquisition - Microsoft.<a href="https://www.statista.com/topics/8091/video-gaming-market-leaders/#dossierKeyfigures" rel="noopener...
11/23/2022 • 57 minutes, 4 seconds
Housing market scams, Twitter 2FA, and the fesshole
Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Plus don't miss our featured interview with Pentera's Shakel Ahmed talking about automating continuous cyber defence validation.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Graham offers Dave Bittner some advice on “Welcome Datacomp”... in 1995! - Usenet.Elon Musk apologises to users for Twitter being slow - Twitter.Former Twitter employee doesn’t think Elon Musk knows what he’s talking about - Twitter.Eric Frohnhoefer says Elon Musk is wrong - Twitter.Twitter engineer calls out Elon Musk for technical BS in unusual career move - The Register.Elon Musk says that he is turning off microservices “bloatware” - Twitter.Twitter’s SMS Two-Factor Authentication Is Melting Down - Wired.Elon only trusts Elon - Platformer.Elon’s paranoid purge - Platformer.Google to pay nearly $400 million over deceptive location tracking practices - The Record.Follow Smashing Security on Mastodon.South Bay Man Pleads Guilty to Participating in a Multimillion-Dollar Real Estate Scam Involving Fake Open Houses at Not-for-Sale Homes - Justice.gov.A South Bay man accepted hundreds of offers from open houses. But the homes weren’t for sale - LA Times. The typing of the Regex.Fesshole - Twitter.If Books Could Kill -...
11/16/2022 • 1 hour, 11 minutes, 20 seconds
Mastodon 101, and the Hushpuppi saga
Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a guest this week.Warning: This podcast may contain nuts, adult themes, some snorting, and rude language.Episode links:Mastodon: What you need to know for your security and privacy - Graham Cluley.Follow Graham Cluley on Mastodon.Hushpuppi: Notorious Nigerian fraudster jailed for 11 years in US - BBC. Influencer involved in $1.1 million Qatar school financing scam jailed - Alarabiya. Influencer ‘Ray Hushpuppi’ jailed over plan to launder $300m - The Guardian. Hushpuppi’s wife, Imams write judge as US court sentences fraudster today - Premium Times.Living trailer - YouTube.Kleo - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a <a href="https://www.patreon.com/smashingsecurity"...
11/9/2022 • 43 minutes, 54 seconds
Twitter turmoil, AI animal chatters, and metaverse at work
Twitter has a new chief twit in the form of Elon Musk and he's causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, dolphin noises, and rude language.Episode links:Twitter employees are sleeping on the office floor to meet Elon Musk’s deadlines - The Verge.Elon Musk shows what being Chief Twit is all about across weird weekend - The Register.Pranksters pretending to be laid-off Twitter employees leave San Francisco HQ - YouTube.Twitter Limits Content-Enforcement Work as US Election Looms - Bloomberg.Twitter’s Yoel Roth comments on the firm’s trust and safety staff having their access to moderation and enforcement tools frozen - Twitter. Paul Pelosi Conspiracy Theory Trends on Twitter After Elon Musk Pushes It - Rolling Stone.Yoel Roth describes how Twitter will warn users of misleading information - Twitter.Yoel Roth describes “surge in hateful conduct on Twitter” - Twitter.The Demise of Digg: How an Online Giant Lost Control of the Digital Crowd - Harvard.Follow Graham on Mastodon.How tech is helping us talk to animals - Vox.“The Sounds of Life: How Digital Technology Is Bringing Us Closer to the Worlds of Animals and Plants” - Book by Karen Bakker.Project CETI - The Cetacean Translation Initiative. Not to be mixed-up with Project SETI.The Dark Side Of VR - The Intercept. <a...
11/2/2022 • 55 minutes, 10 seconds
Slushygate, sextortion, and nano-targeting
What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails? And what the flip is nano-targeting?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by fan favourite Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.No contortionists were hurt during the making of this episode.Episode links:Memorandum of sentencing of Bryan Wilson - United States District Court Western District Court of Kentucky at Louisville.Accurint for Law Enforcement - LexisNexis.LexisNexis illegally collected and sold people's personal data, lawsuit alleges - CBS News.Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos - Bitdefender.Congress should consider enhancing protections around scores used to rank consumers (PDF) - Government Accountability Office. Online Shoppers Beware: Scammers Most Likely to Impersonate DHL - Check Point.Why Am I Seeing That Political Ad? Check Your ‘Trump Resistance’ Score - New York Times.I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too - New York Times.Mixed Idioms.Apollo Remastered.Cosmic Background.Death of an Artist - Pushkin podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted
10/26/2022 • 52 minutes, 27 seconds
The Virgin trains swindler, cyber clowns, and AirTag election debacle
Someone's election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by runZero's Chris Kitsch.Plus don't miss our featured interview with Akamai's Patrick Sullivan talking about how retailers can better thwart bots this holiday season.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The rundown on becoming runZero: What I learned rebranding a company - Chris Kirsch on the runZero blog.Tweet by Melissa Shusterman - Twitter.Apple AirTag Used To Find Over 100 Stolen Democratic Campaign Signs, Police Say - Forbes.Wie eine russische Firma ungestört Deutschland hackt - ZDF Magazin Royale on YouTube.German cybersecurity chief investigated over Russia ties - AP News.German cybersecurity chief sacked following reports of Russia ties - The Guardian. Fraudster swindled Virgin Trains out of £116,000 in 'sophisticated' scam - MSN. Virgin Trains worker, 37, swindled rail firm out of £116,000 in 'delay and repay' compensation scam by photoshopping tickets to exploit flaw in system - Daily Mail. Train delays:How to claim if it's late or cancelled - Money Saving Expert.How many trains arrive on time - Gov.uk.Employee swindled Virgin Trains out of £116,000 in delay and repay compensation scam - Birmingham Mail. Fat Bear Week 2022.‘Fat Bear Week’ Hit By Voter-Fraud Attempt - Rolling Stone.PimEyes - Face search engine.<a...
10/19/2022 • 1 hour, 10 minutes, 14 seconds
Massive crypto bungle, and the slave scammers
A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo again this week.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC.Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter.Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian.Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News.Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian.ZÈRTZ game.ZÈRTZ - Wikipedia.GIPF project - Wikipedia.The Capture - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release...
10/12/2022 • 38 minutes, 44 seconds
Trussterflucks and eBay stalking
Has new UK prime minister Liz Truss been careless with her mobile phone, and hear the most extraordinary story of corporate cyberstalking.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody for reasons that will become obvious.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths - Bitdefender.Two Former eBay Executives Sentenced to Prison for Cyberstalking - US Department of Justice.Jonathan Pie: Welcome to Britain. Everything is Terrible - NYT Opinion.UK Supermarket’s Loans-for-Groceries Offer Attracts Huge Take Up - Bloomberg.Liz Truss' mobile number is being sold online for £6.49 - Daily Mail.How to Cook a Soft Boiled Egg Perfectly Every Time - YouTube.11 Best Twitter Bots to Follow to Boost Productivity - Gadgetshouse.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Akamai - Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
10/5/2022 • 39 minutes, 43 seconds
Deepfake dangers, AI image opt out, and controlling your urges
Anti-porn "shameware" apps take a privacy pounding, is your image already being used by AI, and deepfake danger continues to deepen.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps - WIRED.Covenant Eyes.Sick and tired of trying to quit porn? You’re not alone - Covenant Eyes promotional video.Fortify.AI Is Probably Using Your Images and It's Not Easy to Opt Out - Vice.ISIS Executions and Non-Consensual Porn Are Powering AI Art - Vice.Have I been trained?The Deepfake Danger: When It Wasn’t You On That Zoom Call - CSO Online.Deepfake Audio Has A Tell – Researchers Use Fluid Dynamics To Spot Artificial Imposter Voices - The Conversation. Deephy: On Deepfake Phylogeny - Cornell University.On The Horizon: Interactive And Compositional Deepfakes - Microsoft. Detect DeepFakes: How to counteract misinformation created by AI - MIT University. New Deepfake Threats Loom, Says Microsoft’s Chief Science Officer - Venture Beat.The Joy of Sets - BBC Archive.Steam Deck.Am I Being Unreasonable? - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends
9/28/2022 • 56 minutes, 10 seconds
Uber, Rockstar, and crystal balls
Researchers reveal how your eyeglasses could be leaking secrets when you're on video conferencing calls, we take a look at the recent data breaches involving Uber and Grand Theft Auto 6, and we cast an eye at what threats may be around the corner...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Plus - don't miss our featured interview with Sal Aurigemma, the faculty director of the Master of Science in Cyber Security program at the University of Tulsa.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:“Iain Exotic”, Iain Thomson’s dress-up homage to Joe Exotic, the Tiger King - Twitter.“Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing” - Research paper by Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, and Kevin Fu.“We saved you a seat in chat” - Rather large text on the Twitch website.Stalker zoomed in on Japanese idol’s eyes to find out where she lived - Graham Cluley.Uber is looking for more security staff - Twitter.Uber explains how it was pwned this month, points finger at Lapsus$ gang - The Register.Uber’s hacker *irritated* his way into its network, stole internal documents - Graham Cluley.Security update - Uber.Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist - The Register.Cybersecurity Awareness Month - CISA. The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats - ZDNet.U.S. Government Spending Billions on Cybersecurity - Hacker News.The Mitchells vs The Machines trailer - YouTube.The Mitchells vs The Machines - Netflix.<a...
9/21/2022 • 1 hour, 4 minutes, 16 seconds
Printer peeves, health data hangups, and Twitter tussles - with Rory Cellan-Jones
How could your inkjet printer finally help you make some money, why is it so hard to share our health data even if we want to, and what result do you want to see from the Elon Musk vs Twitter bunfight?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rory Cellan-Jones.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Dynamic Cartridge Security - disable please - Angry customers complain on HP support forum.Update now! Many HP printers affected by three critical security vulnerabilities - MalwareBytes.HP will pay customers for blocking non-HP ink cartridges in EU - Bleeping Computer.HP and Euroconsumers settle on Dynamic Security - Euroconsumers.Ink cartridges are a scam - YouTube.Why printer ink is so expensive - Insider.Trying to print something - YouTube.UK Biobank - why won't GPs share data? - Rory’s Always On Newsletter.Another data sharing fiasco - Rory's Always On Newsletter.Tweet by Kate Bingham - Twitter.The Twitter Whistleblower Needs You to Trust Him - Time.Twitter denies whistleblower payout violates Musk’s takeover deal - MSN.Elon Musk earns a split decision in Delaware court - The New York Times.Twitter’s whistleblower has pitched up at a very inconvenient moment - The Guardian.Damning claims about Twitter’s bots...
9/14/2022 • 56 minutes, 31 seconds
Chiquita banana, dumb criminals, and detecting ring binders
Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘The least safe day’: rollout of gun-detecting AI scanners in schools has been a ‘cluster,’ emails show - Motherboard.Gun detection AI the latest tech to make schools less safe - TechDirt.The unproven, invasive surveillance technology schools are using to monitor students - ProPublica. NYC Mayor considering a subway security system that can’t differentiate between a laptop and a handgun - Motherboard.Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire - Brian Krebs.USA vs Patrick McGovern-Allen (PDF) - Court Listener.Reports of romance scams hit record highs in 2021 - FTC.Meeting you was a fake: Investigating the increase in romance fraud during COVID-19 - Academic Research.This dating app fought scammers with bots… hilarity ensued - TechCrunch.She was 69. He Was Young, Hunky,,, and a Fraud - The Daily Beast.Gladbeck: The Hostage Crisis trailer – YouTube.Watch Gladbeck: The Hostage Crisis - Netflix.The Ocean Cleanup.We flooded our dating app with bots… to scam scammers -...
9/7/2022 • 50 minutes, 53 seconds
Lost in translation, spiders, and slapping tortillas - with Mikko Hyppönen
We're back from our summer break as we ask how did a cryptomining campaign stay unspotted for years, quiz special guest and infosec rockstar Mikko Hyppönen about his book, and ponder what spiders teach us about misinformation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The 20 Funniest Finnish Expressions (and How To Use Them) - Matador Network.Sophos punts anti-virus for Klingon - The Register.Helsinki named Klingon-speaking capital of the world – Naked Security.Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications - Check Point Research.If It's Smart It's Vulnerable - Book by Mikko Hyppönen.Psychological inoculation improves resilience against misinformation on social media -Science Advances.Let’s flatten the infodemic curve - WHO.The global spread of misinformation on spiders - Current Biology.A Journey Into Misinformation on Social Media - The New York Times.Google Looks to Vaccination to Combat Misinformation In Searches - The New York Times.Spiders Are Caught in a Global Web of Misinformation - The New York Times.The rock-paper-scissors/tortilla wrap game.DEF CON: The Documentary.Smashing Security Painting competition – Carole.wtf.Open Exhibition, Summer 2022 - Oxford Art Society.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:<a href="https://bitwarden.com/smashing/" rel="noopener noreferrer"...
8/31/2022 • 53 minutes, 56 seconds
Hackers doxxed, Pornhub probs, and Co-op security measures
Pornhub has a problem, the UK's Co-op supermarket is accused of big brother tactics, and we take a look at a security researcher's attempt to reveal the true identify of hackers.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:On security researcher's newsletter, exposing cybercriminals behind ransomware — CyberScoop.‘Imma Make U Dig Ur Own Grave’: He Doxes Ransomware Hackers and Gets Death Threats in Return — Vice.Intrusion Truth - Five Years of Naming and Shaming China’s Spies — Kim Zetter.Who Is 'Intrusion Truth,' Group Exposing Alleged Chinese Hackers? — Daily Dot.The Leopards Eating People's Faces Party meme — Know Your Meme.Tweet by Bill Ackman.Judge Refuses Visa’s Request to Escape Pornhub-Related Lawsuit — The New York Times.How to Prevent and Handle Robberies and Theft in Retail — Vend Retail Blog.Abuse of shopworkers is on the rise – coronavirus brought it to our attention and now we need to act — The Conversation.‘Tackling violence and abuse in retail must be one of the industry’s highest priorities’ — Retail Week.Convenience store spy cameras face legal challenge — BBC News.Looking back at the career of Bernard Cribbins — YouTube.Tribute to David Warner — YouTube.Webb Compare — John Christensen.Support Maria Varmazis on the Pan-Mass Challenge.<a href="https://www.smashingsecurity.com/store" rel="noopener noreferrer"...
8/3/2022 • 53 minutes, 26 seconds
Uber's hidden hack, tips for travel, and AI accent fixes
Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.Plus don't miss our featured interview with Ian Farquhar of Gigamon.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Uber Enters Non-Prosecution Agreement Related to 2016 Data Breach — US Department of Justice.Former Uber Security Chief Joe Sullivan Must Face Driver Fraud Charges — Bloomberg.Uber to pay $148 million in data breach settlement — TechCrunch.Uber paid hackers $100,000 to keep data breach quiet — Graham Cluley.Uber CISO's trial underscores the importance of truth, transparency, and trust — CSO Online.7 cybersecurity tips for your summer vacation! — Naked Security.Sanas demo.Sanas Raises $32M for Breakthrough AI Technology for Real-Time Accent Translation — Sanas press release.This 6-Million-Dollar AI Changes Accents as You Speak — IEEE Spectrum.Call centre workers can use AI to mimic your accent on the phone — New Scientist.A little less accent, a little more customer service — ComputerWorld.What Is Accent Reduction? — Accent Advisor.Compound pejoratives on Reddit – from 'buttface' to 'wankpuffin' — Colin Morris.Melissa computer virus — Wikipedia.<a...
7/27/2022 • 1 hour, 8 minutes, 6 seconds
The Most Wanted Missing CryptoQueen
In this special edition of the "Smashing Security" podcast, computer security veterans Graham Cluley and Carole Theriault welcome back author and journalist Jamie Bartlett - host of "The Missing CryptoQueen" podcast.Jamie tells us about his new book, which shares more details about the disappearance of cryptocurrency scammer Dr Ruja Ignatova, and the subsequent hunt by law enforcement.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:The Missing CryptoQueen podcast — BBC.The Missing CryptoQueen book — Penguin.Missing Cryptoqueen: FBI adds Ruja Ignatova to top ten most wanted — BBC News.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Cyber Security Inside podcast -bringing you the most important and timely security topics as well as other industry experts for insightful conversations.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.
7/20/2022 • 42 minutes, 44 seconds
Disney's social dumpster fire, Anom phones, and TikTok tragedies
A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Official Disneyland Instagram Account Hacked This Morning! — The Disney blog.Disneyland social media accounts hacked, offensive messages posted — Hot for Security.We Got the Phone the FBI Secretly Sold to Criminals — Vice.Parents Sue TikTok, Saying Children Died After Viewing ‘Blackout Challenge’ — The New York Times.Lawmakers Want Social Media Companies to Stop Getting Kids Hooked — Wired.How Social Media Tricks Us Into Thinking We Are Paying Attention — Forbes.Facebook could be sued for addicting children under California bill — Ars Technica.Kids Are Using Social Media More Than Ever, Study Finds — New York Times.2021 Facebook leak — Wikipedia.California Parents Could Soon Sue for Social Media Addiction — Gizmodo.Absurd Trolley Problems.Weird or Confusing.Google Quick, Draw!Unfinished London — Jay Foreman on YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:<a...
7/13/2022 • 54 minutes, 47 seconds
Raising money through ransomware, China's mega-leak, and hackers for hire
A hacked university might have made a profit after paying a cryptocurrency ransom, China suffers possibly the biggest data breach in history, and Reuters investigates digital mercenaries.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Dutch university paid $220,000 ransom to hackers after Christmas attack — Graham Cluley.Remarkable development in investigation into Maastricht University cyberattack — Maastricht University.Dutch University profits from returned ransomware payment — The Register.Favorable exchange rate on a fake cryptoexchange — Kaspersky.Tweet from @cz_binance about mega-leak.Vast Cache of Chinese Police Files Offered for Sale in Alleged Hack — Wall Street Journal.How mercenary hackers sway litigation battles — Reuters.Countering hack-for-hire groups — Google.The business of hackers-for-hire threat actors — TechRepublic.Fransdita Muafidin on Instagram.Giant Cats Disturbing Civilization — Geeks are sexy.Watch Good Luck to You, Leo Grande — Hulu.Good luck to you Leo Grande (Trailer) — YouTube.This is Love podcast.Cain's Jawbone — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:<a href="https://bitwarden.com/smashing/" rel="noopener noreferrer"...
7/6/2022 • 45 minutes, 18 seconds
Debug ransomware and win $1,000,000, period-tracking apps, and AI gets emotional
A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft's facial recognition tech no longer wants to know how you're feeling.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford from The Host Unknown podcast.Plus don't miss our featured interview with Bitwarden founder and CTO Kyle Spearrin.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:LockBit 3.0 introduces the first ransomware bug bounty program — Bleeping Computer.Fake copyright infringement emails install LockBit ransomware — Bleeping Computer.Why US women are deleting their period tracking apps — The Guardian.Privacy not included — Mozilla Foundation.The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant — Vice.Microsoft is removing emotion recognition features from its facial recognition tech — NBC News.Top 10 Emotional AI Examples in 2022 & Reasons for Success — AI Multiple.Analysis of Speech Features for Emotion Detection: A Review — IEEE Xplore.Microsoft's framework for building AI systems responsibly — Microsoft.The Swedish chemist shop sketch — As performed by Mel Smith and Rowan Atkinson on Not the Nine O'Clock News.Alley Cat — Wikipedia.Play Alley Cat — Internet Archive.Alley Cat Remeow Edition — Game Jolt.reMarkable.SOLAR podcast.<a...
6/29/2022 • 59 minutes, 47 seconds
Hot tub hijinx, and a sentient AI
Internet-connected jacuzzis find themselves in hot water, and a Google engineer claims that their AI has developed feelings.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Hot Tub Time Machine trailer — YouTube.Hacking into the worldwide Jacuzzi SmartTub network — Eaton Works.SmartTub — Apple iOS App Store.SmartTub — Google Play store.Hot tub hack reveals washed-up security protection — BBC News.Google engineer Blake Lemoine thinks its LaMDA AI has come to life — The Washington Post.Google engineer put on leave after saying AI chatbot has become sentient — The Guardian.AI's most convincing conversations are not what they seem — The Register.Blake Lemoine's blog.Van Gogh Bristol Exhibition: The Immersive Experience.Van Gogh: The Immersive Experience — YouTube.The Inquiry — BBC World Service.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide - the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden - Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Drata - Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Support...
6/22/2022 • 40 minutes, 20 seconds
Encrypted notes, and a deadly case of AirTag spying
How did a saxophonist sneak sensitive information in and out of the Soviet Union? How might an Apple AirTag have led to murder? And isn't the world of cryptocurrency and blockchain doing just great?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/279 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all.Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today.Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only...
6/15/2022 • 36 minutes, 50 seconds
Tim Hortons, avoiding sanctions, and good faith security research
Trouble brews with the Tim Hortons app, Mandiant gets in a tussle with a Russian ransomware gang, and should good faith security researchers be at risk of prosecution?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.Visit https://www.smashingsecurity.com/278 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:Snyk: Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.Get started right now, with a free forever account, at snyk.co/smashingKolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source
6/8/2022 • 40 minutes, 26 seconds
Bad bots, cheeky ransoms, and good deepfakes
Ransom acts of kindness are top of our mind, as we also explore how bad bots are hogging more and more of the internet's activity, and look at how deepfakes could be a good thing after all.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].Visit https://www.smashingsecurity.com/277 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ray [REDACTED].Sponsored By:Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all.Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today.Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Support Smashing SecurityLinks:Popcorn Time ransomware invites you to get ‘nasty’ to recover your files — Graham Cluley.<a...
6/1/2022 • 51 minutes, 11 seconds
Webcam extortion, Michael Fish, and food foul-ups
A browser extension bug let malicious websites spy on webcams, hackers threaten the global food supply chain, and Michael Fish (not that one...) hacked into his female classmates' online accounts, hunting for nude photos and videos.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/276 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems. It can even tell you which machines are missing endpoint protection, from your local network to the cloud. Sign up
5/25/2022 • 54 minutes, 30 seconds
Jail for Bing, and mental health apps may not be good for you
A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up to?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dr Jessica Barker.Plus don't miss our featured interview with Rumble's Chris Kirsch.Visit https://www.smashingsecurity.com/275 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Chris Kirsch and Jessica Barker.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems. It can even tell you which machines are missing endpoint protection, from your local network to the cloud. <a href="https://www.rumble.run" rel="noopener noreferrer"...
5/18/2022 • 1 hour, 5 minutes, 35 seconds
Hands off my biometrics, and a wormhole squirmish
Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.And don't miss our featured interview with Artur Kane of GoodAccess.Visit https://www.smashingsecurity.com/274 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Artur Kane.Sponsored By:GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems. It can even tell you which machines are missing endpoint protection, from your local network to the cloud. Sign up for a free trial and build your asset inventory in minutes. Get your trial at rumble.runKolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card...
5/11/2022 • 49 minutes, 10 seconds
Password blips, and who's calling the airport?
We find out why calls to Dublin airport's noise complaints line have soared, and Carole quizzes Graham to celebrate World Password Day.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.And don't miss our special featured interview with Clint Dovholuk of NetFoundry.Visit https://www.smashingsecurity.com/273 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Clint Dovholuk.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.Learn more and try it for yourself at netfoundry.io/smashingsecurity/Support Smashing SecurityLinks:<a href="https://www.chron.com/news/houston-texas/article/Houston-Zoo-asks-FBI-to-investigate-text-message-1755868.php" rel="noopener noreferrer"...
5/4/2022 • 50 minutes, 12 seconds
Going ape over the Kardashians, and the face of romance scams
Members of The Bored Ape Yacht Club get that sinking feeling, a face unwittingly launches hundreds of romance scams, and is an as-yet unseen Kim Kardashian sex tape a load of old Roblox?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the BBC's cyber correspondent Joe Tidy.Visit https://www.smashingsecurity.com/272 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Tidy.Sponsored By:Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.Learn more and try it for yourself at netfoundry.io/smashingsecurity/Support Smashing SecurityLinks:<a href="https://twitter.com/etienneshrdlu/status/1485956332989693953" rel="noopener noreferrer"...
4/27/2022 • 50 minutes, 24 seconds
Crypto break-in, Google blurring, and mics not muting
A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia... or has it? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/271 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.Learn more and try it for yourself at netfoundry.io/smashingsecurity/Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.Support Smashing SecurityLinks:<a href="https://twitter.com/revive_dom"...
4/20/2022 • 50 minutes, 46 seconds
Bearded Barbie, EDR scams, and hobbyist crime detectives
Pulchritudinous women with glossy long hair are targeting Israeli officials via Facebook - but why? Scammers have found a new way to gain access to your most sensitive information - but how? And armchair detectives are helping investigating cold cases involving DNA - but should they?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/270 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashingSupport Smashing SecurityLinks:How Barbie's body size would look in real life — Daily Mail.<a...
4/13/2022 • 51 minutes, 1 second
Trezor Deep Throat, a CCTV stalker, and Amazon's list of banned words
There's monkey business involving cryptocurrency thieves and MailChimp, a stalker exploits his ex-partner's CCTV cameras, and what are the naughty words Amazon doesn't want its staff using?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.Visit https://www.smashingsecurity.com/269 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoë Rose.Sponsored By:Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashingKolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Support Smashing SecurityLinks:Trezor wallets hacked? Don’t be duped by phishing attack email — Graham Cluley.Tweet by Trezor.<a...
4/6/2022 • 50 minutes, 9 seconds
LinkedIn deepfakes, doxxing Russian spies, and a false alarm
Strange goings-on on LinkedIn, Ukraine publishes a list of alleged Russian FSB agents, and police in Pittsburgh investigate an odd report of an active shooter.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.Visit https://www.smashingsecurity.com/268 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashingKolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Support Smashing SecurityLinks:North Korea tests its ‘largest intercontinental ballistic missile’ — YouTube.LinkedIn Professional Community Policies — LinkedIn.<a...
3/30/2022 • 48 minutes, 39 seconds
Virtual kidnapping, two helipads, and a naughty Apple employee
A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid being virtually kidnapped.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Visit https://www.smashingsecurity.com/267 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Anna Brading.Sponsored By:Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it tooCountless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process. Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drataSupport...
3/23/2022 • 53 minutes, 51 seconds
Cyberflashing, Kaspersky, and secret spies
Germany tells consumers to stop using Kaspersky anti-virus products, OSINT reveals a secret government department (with help from an Apple AirTag), and the UK says it's taking a hard line on cyberflashing.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Kirsch.Visit https://www.smashingsecurity.com/266 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Chris Kirsch.Sponsored By:Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it tooCountless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process. Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drataKolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. <a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
3/16/2022 • 58 minutes, 22 seconds
The Nigerian supercop and Alexa vs. Alexa
The most famous policeman in Nigeria is in hot water over his links to Hushpuppi, has your Amazon Echo been talking to itself, and can an AI girlfriend save your marriage?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with Jason Meller of Kolide.Visit https://www.smashingsecurity.com/265 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jason Meller.Sponsored By:Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it tooCountless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process. Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drataKolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.<a href="https://www.patreon.com/smashingsecurity"...
3/9/2022 • 54 minutes, 11 seconds
Hacked car chargers, Telegram sextortionists, and secret bossware
Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Visit https://www.smashingsecurity.com/264 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. Support Smashing SecurityLinks:Three ways you can help the people of Ukraine from the UK — The Guardian.How You Can Help Ukraine — London City Hall.Ukrainian Astronomers Named a Star 'Putin Is a D**khead' — The Atlantic.Video of hacked EV charger — AutoEnterprise on Facebook.Explanation for EV charger outage — Rosseti on Facebook.<a...
3/2/2022 • 47 minutes, 57 seconds
Problèmes de Weefeee, AI artists, and Web 3.0
Ooh la la! Horreur Wi-Fi en France! Some folks have experienced the drawbacks of Web 3.0 as their NFTs are stolen, and should computers own the copyright over the art they produce?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.And don't miss our featured interview with Sean Herbert of baramundi.Visit https://www.smashingsecurity.com/263 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Mark Stockley and Sean Herbert.Sponsored By:Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app. Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.Try Kolide Free for 14 Days; no credit card required.baramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecuritySupport Smashing SecurityLinks:<a...
2/23/2022 • 1 hour, 6 minutes, 28 seconds
Macro progress, eyeball-tracking ads, and encryption backdoors
How does Microsoft hope to defeat the macro terror? How is the UK Government trying to influence the public's opinion on end-to-end encryption? And what is MoviePass hoping to do with your eyeballs?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Visit https://www.smashingsecurity.com/262 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days. baramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecuritySupport Smashing SecurityLinks:Macros from the internet are blocked by default in...
2/16/2022 • 58 minutes
North Korea hacked, DEA cosplay, and Horizon Worlds drama
Who's wearing the pyjamas while they take down North Korea's internet? Is it a case of cop or cosplay in Oregon? And what's to fear about the metaverse?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/261 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:1Password: 1Password Families makes sharing passwords, logins, credit cards and more a (romantic) walk in the park. From now until February 28th, when you sign up for - or upgrade your individual account to - a 1Password Families membership, you’ll get $20 off the entire year!Learn more at smashingsecurity.com/love1passwordbaramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecuritySupport Smashing SecurityLinks:Space Station Photos Show North Korea at Night, Cloaked in Darkness — National Geographic.North Korea Hacked Him. So He Took Down Its Internet — Wired.<a...
2/9/2022 • 50 minutes, 42 seconds
New hire mystery, hacktivist ransomware, and digi-dating
Who's that new guy working at your company, and why don't you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/260 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: Secure online payments and grow your business with Brex and 1Password.Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks.1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States.Learn more at smashingsecurity.com/brexUptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and try it for free at...
2/2/2022 • 47 minutes, 41 seconds
Techquilibrium and mediocre linguistic escapades
Wordle - good or bad for the world? Whatever your opinion, at least someone wants to spoil players' fun. Meanwhile, we take a look at the threat mobile phones can pose to your mental health.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/259 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:1Password: Secure online payments and grow your business with Brex and 1Password.Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks.1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States.Learn more at smashingsecurity.com/brexThinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...Listeners who mail in referencing Smashing Security get a 10% discount on their order!Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes...
1/26/2022 • 42 minutes, 48 seconds
Tesla remote hijacks and revolting YouTubers
Carole's still on jury service, but the show must go on! We take a look at how some Tesla owners are at risk of having their expensive cars remotely hijacked, and why YouTubers are up in arms over NFTs.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/258 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and try it for free at uptycs.com1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s...
1/19/2022 • 33 minutes, 5 seconds
Pokemon-hunting cops and the Spine Collector scammer
Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors? Which pot contains an elephant? And why has Graham been listening to podcasts about pest control marketing?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/257 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and try it for free at uptycs.com1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you
1/12/2022 • 44 minutes, 16 seconds
Virgin Media just won't take no for an answer, NFT apes, and bad optics
After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your sleeping girlfriend's facial recognition.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined by Mark Stockley for our last episode of the year!Visit https://www.smashingsecurity.com/256 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:1Password: The first annual 1Password “State of Access” benchmark study illuminates the grave dangers unwittingly posed by checked-out, apathetic employees — including security professionals.Burned-out employees are 3 times more likely to say security rules and policies “aren’t worth the hassle,” and nearly half of burned-out security professionals say it’s unrealistic for companies to be aware of and manage all apps and devices that employees use.Read the report and find out what you can do at 1password.com/resources.Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and
12/15/2021 • 50 minutes, 10 seconds
Revolting receipts, a Twitter fandango, and shopkeeper cyber tips
"Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Visit https://www.smashingsecurity.com/255 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dinah Davis.Sponsored By:Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and try it for free at uptycs.com1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure? 100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.Act fast! This deal is only...
12/8/2021 • 53 minutes, 28 seconds
A dead hamster, a brass pen, and The Beatles
Cryptocurrency traders suffer a hamster-related loss, beware of charity scammers this holiday season, and do you have the patience to sit through Peter Jackson's eight-hour Beatles documentary?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo this week.Visit https://www.smashingsecurity.com/254 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.Find out more and try it for free at uptycs.com1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure? 100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.Act fast! This deal is only good
12/1/2021 • 37 minutes, 54 seconds
Cybercrime unicorns, HVAC hacks, and NFT piracy - with Mikko Hyppönen
Heating systems are left vulnerable to attack in the high courts, cybercrime unicorns have become a reality (but what are they?), over 15 Terabytes of NFTs are made available for anyone to download ... and Carole reveals her Pick of the Year.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen.Visit https://www.smashingsecurity.com/253 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mikko Hyppönen.Sponsored By:Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...Listeners who mail in referencing Smashing Security get a 10% discount on their order!Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform. Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.Learn more and request a demo at perimeter81.com1Password: 1Password 8 for Windows has been reimagined to feel right at home on the world's most popular desktop operating system.<a href="https://www.1password.com" rel="noopener noreferrer"...
11/24/2021 • 48 minutes, 5 seconds
Hotel hacks, workplace spies, and the FBI
Booking.com got hacked five years ago, and didn't tell its customers... but now we know who might have been behind it. Bossware rears its ugly head again in the workplace, spying on employees. And did you receive a warning email from the FBI?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the "Power Corrupts" podcast.Plus we have a featured interview with Perimeter 81 co-founder and CEO Amit Bareket.Visit https://www.smashingsecurity.com/252 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Amit Bareket and Brian Klaas.Sponsored By:Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform. Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.Learn more and request a demo at perimeter81.comQualys: Qualys was one of the first SaaS security companies, and delivers continuous, critical security intelligence via its Qualys Cloud Platform and integrated Cloud Apps.Its powerful solutions empower organisations to streamline and consolidate their security and compliance solutions in a single platform and achieve greater business agility, better outcomes and substantial cost savings.Qualys recently announced three new solutions designed to address today’s challenges faced by enterprises: Ransomware Risk Assessment, Cybersecurity Asset Management, and Zero Touch...
11/17/2021 • 1 hour, 1 minute, 15 seconds
PrawnHub, Tesla recall, and IoT luggage
Fishing fanatics find themselves in deep water, Teslas go haywire after an update, and is there actually some good news about IoT?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ken Munro.Visit https://www.smashingsecurity.com/251 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ken Munro.Sponsored By:1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.Work securely from home or in the office. 1Password allows secure access to logins and important resources anywhere you work.Instantly deploy, grant and revoke access to shared vaults. You can securely add new team members and recover locked-out user accounts.Find out more and try 1Password free for 14 days at 1Password.comQualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career. To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegas<a...
11/10/2021 • 41 minutes, 59 seconds
Yes, you heard that correctly. Two hundred and fifty
A game about Squid Game pulls the rug from under cryptocurrency investors in what appears to be a scam, PayPal hackers use a devious trick to break into 2FA-protected accounts, and have you received a job offer that's too good to be true?All this and much much more is discussed in this celebratory edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dr Jessica Barker.Plus don't miss our featured interview with the CEO and president of Qualys, Sumedh Thakar.Oh, and huge thanks to Darknet Diaries' Jack Rhysider, F-Secure's Mikko Hyppönen, The Cyberwire's Dave Bittner, and Host Unknown's Andrew Agnês, Thom Langford, and Javvad Malik for their special contributions to this episode.Visit https://www.smashingsecurity.com/250 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Andrew Agnês, Dave Bittner, Jack Rhysider, Javvad Malik, Jessica Barker, Mikko Hyppönen, Sumedh Thakar, and Thom Langford.Sponsored By:Qualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career. To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegas1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.<a href="https://www.1password.com" rel="noopener...
11/3/2021 • 1 hour, 1 minute, 47 seconds
Devious licks, Netflix, and sensitive hackers
Ransomware attackers have got hurt feelings, what does Netflix know about you, and why are schoolkids stealing lavatory seats?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by 1Password's Matt Davey from the "Random but Memorable" podcast.Visit https://www.smashingsecurity.com/249 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Matt Davey.Sponsored By:Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...Listeners who mail in referencing Smashing Security get a 10% discount on their order!1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.Visit 1Password University for free online security resources, made for everyone.Support Smashing SecurityLinks:<a...
10/27/2021 • 47 minutes, 6 seconds
Press F12 to hack
A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place for facial recognition?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/248 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.Visit 1Password University for free online security resources, made for everyone.Support Smashing SecurityLinks:Missouri teachers’ Social Security numbers at risk on state agency’s website — St Louis Post-Despatch.Missouri governor vows criminal prosecution of reporter who found flaw in state website — Missouri Independent.<a...
10/20/2021 • 45 minutes, 32 seconds
Rickrolling submarine secrets
A married couple are accused of selling nuclear sub secrets, Facebook continues to make young lives a misery, and a school hacker lets loose one heck of a prank.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/247 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Maryland Nuclear Engineer and Spouse Arrested on Espionage-Related Charges — US Department of Justice.Couple charged with leaking US nuclear sub designs — The Register.Facebook will add new safety features, notably for teens, after whistleblower leak — CNBC.Unfollow Everything cease-and-desist letter from Facebook — Louis Barclay.IoT Hacking and Rickrolling My High School District — WhiteHoodHacker.Board Game Arena — Play board games online from your browser.Foundation — Official Trailer — YouTube.Foundation — Apple TV.<a href="https://filmcourage.com/"...
10/13/2021 • 49 minutes, 49 seconds
Facebook has fallen
Facebook suffers a massive (and very public) failure, Britain announces plans for counter-attacking nation states in cyberspace, and there's a tragic story related to ransomware.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Kirsch.And don't miss our featured interview with Attivo Network's Carolyn Crandall.Visit https://www.smashingsecurity.com/246 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Carolyn Crandall and Chris Kirsch.Sponsored By:1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.Visit 1Password University for free online security resources, made for everyone.Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick...
10/6/2021 • 1 hour, 5 minutes, 44 seconds
The Julian Assange assassination plot, and IoT toilets
While Julian Assange was killing time in the Ecuador's embassy in London, the CIA were trying to dream up ways to kill him, and urine trouble if you put your trust in an IoT lavatory.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody at all.Visit https://www.smashingsecurity.com/245 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks — Yahoo News.The seven-year itch: Assange's awkward stay in the embassy — The Guardian.Assange Held Legal Meetings in Ladies' Toilet Due to Paranoia: Report — Business Insider.<a href="https://www.independent.co.uk/news/uk/crime/julian-assange-ecuador-embassy-faeces-london-wikileaks-arrest-a8866751.html"...
9/29/2021 • 36 minutes, 43 seconds
Facebook Ray-Bans, VPN spies, and AI camouflage
How much do you trust the people who work at your VPN provider? How are folks fighting facial recognition? And what on earth is Ray-Ban thinking getting into bed with Facebook?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/244 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government — Department of Justice.DarkMatter.Ex-NSA cyberspies reveal how they helped hack foes of UAE — Reuters.Daniel Gericke and ExpressVPN – Official Response — ExpressVPN.<a...
9/22/2021 • 51 minutes, 23 seconds
Breaking news, Apple zero-clicks, and bad blood
A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Visit https://www.smashingsecurity.com/243 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comAttivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport...
9/15/2021 • 48 minutes, 27 seconds
ProtonMail privacy questioned, and Banksy blunder
ProtonMail finds itself in a privacy pickle, the big problem with Facebook's algorithmic amplification, and strange things are happening on Banksy's website.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/242 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comPrivacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:ProtonMail logged IP address of French activist after order by Swiss authorities — TechCrunch.Important clarifications regarding arrest of climate...
9/8/2021 • 56 minutes, 51 seconds
Flipping dating apps, and crypto rewards for criminals
How to find your match on the Bumble dating app, convicted criminals make money out of cryptocurrency, and there are concerns about data in Afghanistan.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/241 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:Vulnerability in Bumble dating app reveals any user's exact location — Robert Heaton.How Tinder keeps your exact location (a bit) private — Robert Heaton.The Taliban Have Seized U.S. Military Biometrics Devices — The Intercept.<a...
9/1/2021 • 47 minutes, 41 seconds
3D printer hijacks, crypto fails, and a tech billionaire’s revenge
A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer.All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC cybersecurity correspondent Joe Tidy.Visit https://www.smashingsecurity.com/240 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Tidy.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport Smashing SecurityLinks:We Broke Into A Bunch...
8/25/2021 • 51 minutes, 7 seconds
TikTok vigilantes, sloppy IoT, and Wikipedia woe
The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes (who has a very controversial Pick of the Week...)Visit https://www.smashingsecurity.com/239 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Thousands of Wikipedia Pages Vandalized With Giant Swastikas — Gizmodo.Video of Wikipedia defacement — Twitter.Scottish Wikipedia.Um, almost the entire Scots Wikipedia was written by someone with no idea of the language – 10,000s of articles — The Register.<a href="https://en.wikipedia.org/wiki/Wikipedia:Protection_policy" rel="noopener noreferrer"...
8/18/2021 • 51 minutes, 57 seconds
Fashion captain, fraud family, and DEF CON. D'oh!
Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.Visit https://www.smashingsecurity.com/238 to check out this episode’s show notes and episode links.We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!Support Smashing SecurityLinks:DEF CON masks and vaccination FAQ.Hacking DEF CON 29 — Reznok.Tweet by Jeff Moss (Dark Tangent)...
7/28/2021 • 53 minutes, 31 seconds
NuNa, NuNu, NaNa
Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a "Freedom Phone" be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Visit https://www.smashingsecurity.com/237 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.Find out more at knowbe4.com/freetestOffensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless...
7/21/2021 • 1 hour, 2 minutes, 16 seconds
Stingrays, soccer, and smart homes
How did investigators ask a romance scammer out on a date, smart homes continue to play dumb, and is it time for social media sites to do more about racist football fans?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.Visit https://www.smashingsecurity.com/236 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try...
7/14/2021 • 1 hour, 36 seconds
REvil returns, TikTok grows, and Gettr defaced
A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and author Chris Stokel-Walker.Visit https://www.smashingsecurity.com/235 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Chris Stokel-Walker.Sponsored By:Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.1Password: Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers?1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (mis)management is the next big cybersecurity threat.Learn more by reading the full report at 1password.com/resourcesKnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.<a href="https://knowbe4.com/freetest" rel="noopener noreferrer"...
7/7/2021 • 59 minutes, 10 seconds
Cozy Bear, dildo scams, and robo hires and fires
Microsoft warns about a hacking gang that is far from cuddly, algorithms rather than managers are firing people, and our guest receives a surprising email from "Amazon"...And you will NOT want to miss checking out a very special "Pick of the week"!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Bisson.Visit https://www.smashingsecurity.com/234 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David Bisson.Sponsored By:1Password: Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers?1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (mis)management is the next big cybersecurity threat.Learn more by reading the full report at 1password.com/resourcesSupport Smashing SecurityLinks:Cozy Bear — Wikipedia.Bears in the Midst: Intrusion Into the Democratic National Committee — Crowdstrike.Coronavirus: Russian cyber spies attempting to steal vaccine research from Britain, US and Canada — Sky News.New Nobelium activity — Microsoft Security Response Center.Smashing Security episode 214: "Lockdown love scams, SolarWinds, and a data deletion bungle."<a...
6/30/2021 • 56 minutes, 26 seconds
Peloton problems, romance regret, and Weiner woes
We take a look at why Peloton is being accused of ransomware-like behaviour, how one man lost $250,000 in a romance scam, and how a chap called Weiner has found himself in a political pickle.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Plus we have a featured interview with KnowBe4 expert Roger Grimes. Don't miss it!Visit https://www.smashingsecurity.com/233 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Andrew Agnês and Roger A Grimes.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comJumpCloud: JumpCloud’s Directory Platform makes it easier to solve today's IT challenges by unifying device and user management through a single pane of glass.With JumpCloud securely managing your users and their devices, doing common things like onboarding and offboarding remote workers is easy.Try JumpCloud for free today at smashingsecurity.com/jumpcloud and help your organization move to a modern, secure hybrid work model.<a href="https://knowbe4.com/freetest" rel="noopener...
6/23/2021 • 1 hour, 22 minutes, 43 seconds
Zoomolympics and language matters
Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/232 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comDeep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides and the like, and creates brand new files with just the good stuff (and none of the bad). It is a great way of handling brand new threats coming into organisations via the web, email or file sharing and can run alongside your existing anti-virus. Threat Removal gives you the good stuff by delivering files that are 100% threat-free, fully functional and fully revisable. Visit deep-secure.com/smashingsecurity for more information, and set up your free trial today.<a...
6/16/2021 • 50 minutes, 40 seconds
Sexy snaps and encrypted chat traps
Criminals are caught in a encrypted chat trap, should you trust Apple's repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.And don't miss our featured interview with Dr Simon Wiseman, the CTO of Deep Secure.Visit https://www.smashingsecurity.com/231 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dave Bittner and Simon Wiseman.Sponsored By:KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.Find out more at knowbe4.com/freetestDeep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides and the like, and creates brand new files with just the good stuff (and none of the bad). It is a great way of handling brand new threats coming into organisations via the web, email or file sharing and can run alongside your existing anti-virus. Threat Removal gives you the good stuff by delivering files that are 100% threat-free, fully functional and fully revisable. Visit deep-secure.com/smashingsecurity for more information, and set up your free trial today.1Password: Around 80% of business data breaches result from weak or...
6/9/2021 • 1 hour, 8 minutes, 46 seconds
Flash card f-up and energy pipe pilfering
The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by "Lola."Visit https://www.smashingsecurity.com/230 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comJumpCloud: JumpCloud’s Directory Platform makes it easier to solve today's IT challenges by unifying device and user management through a single pane of glass.With JumpCloud securely managing your users and their devices, doing common things like onboarding and offboarding remote workers is easy.Try JumpCloud for free today at smashingsecurity.com/jumpcloud and help your organization move to a modern, secure hybrid work model.Deep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides...
6/2/2021 • 41 minutes, 19 seconds
Dating leaks, right to repair, and a stinky bishop
A big cheese ends up in jail, a Japanese dating site spills the dirt after a hack, and we learn all about the right to repair.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Roberts from The Security Ledger.Plus don't miss our featured interview with Javvad Malik from KnowBe4.Visit https://www.smashingsecurity.com/229 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Javvad Malik and Paul F Roberts.Sponsored By:KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.Find out more at knowbe4.com/freetestOneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic.As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies. OneLogin's message? You're not alone. Attend their live event on Weds May 26, "Keeping the Mind Clear and the Company Secure" at smashingsecurity.com/oneloginiamokay1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the...
5/26/2021 • 1 hour, 11 minutes, 15 seconds
Pipeline pickle, Blockchain bollocks, and Eufy SNAFU - with Rory Cellan-Jones
The Colonial Pipeline attack has shone light on the activities of the Darkside ransomware gang, we take a skeptical look at cryptocurrencies and the blockchain, and Eufy security cameras suffer an embarrassing security failure.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Rory Cellan-Jones.Plus don't miss our featured interview with Vanessa Pegueros of OneLogin.Visit https://www.smashingsecurity.com/228 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Rory Cellan-Jones and Vanessa Pegueros.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Skiff: We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately?Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even Skiff - can see what you've created.Skiff is offering listeners of Smashing Security early access. Sign up now: skiff.org/smashingOneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic.As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies. <a...
5/19/2021 • 1 hour, 12 minutes, 23 seconds
Phishing foul-up, Twitter tip jars, and Facebook's Apple fury
Facebook says it's sticking up for the little guys as it picks a fight with Apple, there are testing times on the trains, and Twitter takes a tip.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].Visit https://www.smashingsecurity.com/227 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ray [REDACTED].Sponsored By:1Password: Introduce your family to better online security and safer browsing habits with 1Password.Share more than passwords — save logins, documents, credit cards, and more, accessible on all your devices.Sharing is made simple. Keep personal logins private, and easily share access to what they need.Recover 1Password access for family members so they never get locked out.Find out more and try 1Password free for 14 days at 1Password.comOneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic.As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies. OneLogin's message? You're not alone. Attend their live event on Weds May 26, "Keeping the Mind Clear and the Company Secure" at smashingsecurity.com/oneloginiamokaySkiff: We store more personal information on our devices than we do in our homes. Where do you go...
5/12/2021 • 49 minutes, 9 seconds
Cryptocrazies and NFTs
How did the SCAM cryptocurrency become a success? Why is Google allowing government rip-off ads to still appear on search results? And why on earth is everyone suddenly spending millions of dollars on NFTs?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David McClelland.Visit https://www.smashingsecurity.com/226 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:Skiff: We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately?Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even Skiff - can see what you've created.Skiff is offering listeners of Smashing Security early access. Sign up now: skiff.org/smashingKnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.Find out more at knowbe4.com/freetest1Password: Introduce your family to better online security and safer browsing habits with 1Password.Share more than passwords — save logins, documents, credit cards, and more, accessible on all your...
5/5/2021 • 50 minutes, 57 seconds
Master of your domain, gripe sites, and John Deere Farmergeddon
Google loses its domain in Argentina, how do gripe sites make their dough, and has John Deere solved the cybersecurity problem?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/225 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:1Password: The 1Password you know and love, now for all your company secrets1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed.Visit 1password.com/secrets/ to learn more.Support Smashing SecurityLinks:Smashing Security Christmas LIVE STREAM — Including Mark Stockley and his chickens.How a WhatsApp status loophole is aiding cyberstalkers — Traced.Google Argentina's domain name bought by man for £2 — BBC News.Hacker breaks into Google Palestine homepage in protest of Maps depiction — Firstpost.Google Security Rewards - 2015 Year in Review — Google Online Security Blog.Microsoft forgets to renew hotmail.co.uk domain — The Register.<a...
4/28/2021 • 56 minutes, 37 seconds
The Lazarus Heist, Facebook faux pas, and no-cost security
Facebook has managed to do the seemingly impossible - and had a data breach about its handling of a data breach. Meanwhile, we chat to the host of the brand new podcast about North Korea's hackers targeting the rest of the world, and discuss if an intern can be trusted to monitor your security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White of "The Lazarus Heist" podcast.Plus! Don't miss our featured interview with Duo's Helen Patton.Visit https://www.smashingsecurity.com/224 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Geoff White and Helen Patton.Sponsored By:1Password: The 1Password you know and love, now for all your company secrets1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed.Visit 1password.com/secrets/ to learn more.Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.Support Smashing SecurityLinks:<a href="https://grahamcluley.com/facebook-isnt-sorry-for-letting-someone-steal-personal-details-of-half-a-billion-users/" rel="noopener noreferrer"...
4/21/2021 • 1 hour, 5 minutes, 58 seconds
Booze, nudes, and insurance dudes
Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/223 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.Support Smashing SecurityLinks:Lessons of the SolarWinds hack — Article by Marcus Willett, IISS.Insurers defend covering ransomware payments — BBC News.Cyber insurance giant CNA hit by ransomware attack — Graham Cluley.FatFace pays out $2...
4/14/2021 • 51 minutes, 35 seconds
Facebook, deepfakes, and April Fools scandals - with Nina Schick
Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook's latest data fiasco, and some less-than-brilliant April Fool's tricks.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/222 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Nina Schick.Sponsored By:Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Stolen Data of 533 Million Facebook Users Leaked Online — Business Insider.Mark Zuckerberg is on Signal — Dave Walker on Twitter.The Facebook Phone Numbers Are Now Searchable in Have I Been Pwned — Troy Hunt.Facebook isn’t...
4/7/2021 • 55 minutes, 16 seconds
God bless his hairy palms
FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house... virtually.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Visit https://www.smashingsecurity.com/221 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:FatFace would like everyone to keep its data breach “strictly private and confidential” — Graham Cluley.Retailer FatFace pays $2m ransom to Conti cyber criminals — Computer Weekly.Streisand effect — Wikipedia.'We have your porn collection': The rise of extortionware — BBC News.Mobikwik Data Breach: Data of 10 crore Mobikwik users for sale on dark web, say cybersecurity experts — The Economic Times.Mobikwik data breach said to be largest KYC leak, personal data of 3.5 million users up for sale on dark web — India Today.<a...
3/31/2021 • 49 minutes, 19 seconds
Ransoms, scandals, and glitter bombs
PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London's police not happy about Sci Hub?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Alex Eckelberry.Visit https://www.smashingsecurity.com/220 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Alex Eckelberry.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.Support Smashing SecurityLinks:Hackers cannot post Facebook comments on your behalf without you seeing it — AFP Fact Check.Does a Facebook Hack 'Hurt and Offend' Friends? — Snopes.Stop sending mail you later regret — Gmail blog.April Fools Check: Did Google Really Release Mail Goggles? — TechCrunch.<a...
3/24/2021 • 47 minutes, 39 seconds
Cheerleaders, dating apps, and crisis PR
How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Yvonne Eskenzi.Visit https://www.smashingsecurity.com/219 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Yvonne Eskenzi.Sponsored By:CrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.1Password: Check out 1Password's podcast "Random but Memorable" for lighthearted security advice and banter with hosts Matt, Anna, and Michael.Listen to the "Random but Memorable" show in your favourite podcast app to hear the latest about security horror stories, data breaches, password hacking, and more.Support Smashing SecurityLinks:Chris Farley makes an energetic entrance to the David Letterman show — YouTube.Cheer —
3/17/2021 • 55 minutes, 55 seconds
Microsoft, McAfee, and mayhem
Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/218 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.1Password: Check out 1Password's podcast "Random but Memorable" for lighthearted security advice and banter with hosts Matt, Anna, and Michael.Listen to the "Random but Memorable" show in your favourite podcast app to hear the latest about security horror stories, data breaches, password hacking, and more.Support Smashing SecurityLinks:John McAfee 'disguised as Guatemalan street hawker with a limp' — The Telegraph.John McAfee Wanted for Murder — Gizmodo.John McAfee says he infected laptops with malware, spied and stole passwords from Belize officials — Naked...
3/10/2021 • 49 minutes, 53 seconds
Would you cuddle this revolting robot? - with Robert Llewellyn
Actor, presenter and writer Robert Llewellyn, famous for playing the part of Kryten in the science-fiction comedy "Red Dwarf," joins us as we discuss robots gone rogue, electric vehicle nightmares, and creepy companions.All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Robert Llewellyn - famous for "Fully Charged," "Scrapheap Challenge," and as Kryten on "Red Dwarf."Visit https://www.smashingsecurity.com/217 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Robert Llewellyn.Sponsored By:1Password: 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it. Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household.For more details visit www.1password.com/switch50Support Smashing SecurityLinks:'Drunk' robot vacuums spark complaints from owners — BBC News.Roomba S9+ weird behaviour on version 3.10.8 — Reddit.Time lapse video of i7+ attempting to return to clean base after 3.12.8 update — Reddit.Robot vacuum cleaners can eavesdrop on your conversations, researchers reveal — Bitdefender BOX blog.The Hidden...
3/3/2021 • 54 minutes, 23 seconds
Playboy, prison, and digital ploys - with Garry Kasparov
World-chess-champion-turned-activist Garry Kasparov returns to the show as we discuss a romance scammer with plenty of time on his hands, the surge in sextortion, and how social media is being swamped with claims of fake snow.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Garry Kasparov.Visit https://www.smashingsecurity.com/216 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Garry Kasparov.Sponsored By:1Password: 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it. Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household.For more details visit www.1password.com/switch50Support Smashing SecurityLinks:Dating apps scam committed by criminal from inside prison — BBC News.File on 4 - The Dangers of Dating Apps — BBC Sounds.Playboy Magazine, November 1989 — Including Garry Kasparov's interview and sexy photo shoot.Sextortion email scams — Avast.Has Fake Snow Been Falling on the US? — Snopes.TikTok Users Are Trying (and Failing) to Prove the Snow in Texas Is Fake — Daily Beast.<a...
2/24/2021 • 55 minutes, 17 seconds
Sexy cows banned on Facebook
The FBI is hoping that its hunt for Capitol rioters will go viral, a cryptocurrency con lets its perpetrator live the high life... for a while, and just what does Facebook have against cows and a team of cricketers?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Zoe Kleinman.Visit https://www.smashingsecurity.com/215 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Recorded Future: Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligenceThey share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversariesWhether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security Intelligence gives you a fresh take from a variety of industry expertsSupport Smashing SecurityLinks:The FBI Wants You To Make These Photos Of Capitol Insurrectionists Go Viral — Huffington Post.Capitol Violence — FBI.Sedition Hunters.Boston Bombing: The Anatomy of a Misinformation Disaster — The...
2/17/2021 • 47 minutes, 44 seconds
Lockdown love scams, SolarWinds, and a data deletion bungle
Fingerprints and DNA records have been deleted from the UK's police database, the SolarWinds hack continues to wreak havoc and raise questions, and we have some advice for how to fall in love safely under lockdown...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Professor Alan Woodward.Visit https://www.smashingsecurity.com/214 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Alan Woodward.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Police probes compromised after computer records deleted — BBC News.Home Office admits 15,000 people deleted from police records — The Guardian.Home Office admits 'coding error' wiped 15,000 police records — IT Pro.Boris Johnson adviser quits after being overruled on Priti Patel bullying report — The Guardian.UK's families put on fraud alert — BBC News.Security Advisory — SolarWinds.Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources — Reuters.A Second SolarWinds Hack Deepens Third-Party Software...
2/10/2021 • 48 minutes, 6 seconds
No security smarts at Mensa, long-term identity theft, and GameStop's share frenzy
Mensa - the social club for people with high IQs - is accused of not being so smart about security, an Indian TV journalist gets an unbelievable job offer from Harvard, and we take a look at what's being going on with GameStop short selling.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/213 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Recorded Future: Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligenceThey share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversariesWhether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security Intelligence gives you a fresh take from a variety of industry expertsCrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Two British Mensa directors quit over cyber security concerns — Financial Times.<a href="https://www.forbes.com/sites/barrycollins/2021/01/30/britains-smartest-peoplemensafail-to-secure-passwords-properly/" rel="noopener noreferrer"
2/3/2021 • 1 hour, 1 minute, 5 seconds
Dutch leaks, Peeping Toms, and researchers under fire
Google warns security researchers that North Korean hackers are pretending to be their buddies, sensitive information connected to Coronavirus testing is available for sale in the Netherlands, and is a Peeping Tom at your home security provider spying on you through CCTV?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/212 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Illegale handel in privégegevens miljoenen Nederlanders uit coronasystemen GGD — RTL News.Video conference of EU Defence Ministers where a Dutch journalist gatecrashed the system — YouTube.John van den Heuvel — Wikipedia.Dutch COVID-19 patient data sold on the criminal underground — ZDNet.Smashing Security episode 175: Zoom deepfakes, Zardoz, and 'Rona tracing.Bonus: Smashing Security After Dark #2 - Zardoz commentary. — Smashing Security on Patreon.New campaign targeting security researchers — Google Threat Analysis Group (TAG).<a href="https://www.zdnet.com/article/google-north-korean-hackers-have-targeted-security-researchers-via-social-media/"
1/27/2021 • 44 minutes, 12 seconds
Fleeking, COVID-19 hacking, and Bitcoin balls-ups
Your privacy may be at risk if you're on Fleek, hackers not only steal COVID-19 vaccine data but then tamper with it to spread mistrust, and the Bitcoin bungles keep on coming...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ron Eddings from the Hacker Valley Studio podcast.Visit https://www.smashingsecurity.com/211 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ron Eddings.Sponsored By:1Password: 1Password for Families is the safest way to share logins, passwords, credit cards and other important information with the people who matter most. Use 1Password everywhere, from your Chromebook to your Apple Watch.Until March 31, if you purchase a $50 gift card you’ll get $10 towards any YubiKey 5 Series by Yubico – the security key that provides strong two-factor authentication with a simple touch. Find out more at https://1password.com/giftcardsRecorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureSupport Smashing SecurityLinks:Report: X-Rated Social Media App Exposes Users in Massive Data Breach —...
1/20/2021 • 47 minutes, 24 seconds
DC rioters ID'd, Energydots, and ransomware gets you in a pickle
Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.And don't miss our featured interview with CrowdSec's Philippe Humeau.Visit https://www.smashingsecurity.com/210 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dave Bittner and Philippe Humeau.Sponsored By:CrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.Support Smashing SecurityLinks:Smashing Security's Christmas live stream — YouTube.Smashing Security 199: A few tech cock-ups, and one cock lock-up.Taking a screwdriver to unlock your IoT sex toy is nuts — Graham Cluley.Zip tie guy Twitter thread.FBI Arrests Man Who Carried Zip Ties Into Capitol — The New York Times.SmartDot radiation-protection phone stickers 'have no effect' — BBC News.<a href="https://eu.usatoday.com/story/news/factcheck/2020/07/12/fact-check-anti-radiation-shields-do-not-protect-against-emf-emission/5349018002/"...
1/13/2021 • 1 hour, 2 minutes, 59 seconds
Vengeful ex-staff, bad Santas, and iOS app nutrition facts
Watch out for Santas wearing hoodies! A rogue employee takes down WebEx for thousands of people, and Apple forces apps to show a privacy health warning.All this and much much more is discussed in the final episode of the "Smashing Security" podcast for 2020, with computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.And don't miss our special featured interview with Kroll's Mari DeGrazia.Visit https://www.smashingsecurity.com/209 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Mari DeGrazia.Sponsored By:Kroll: Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security.See how Responder works at smashingsecurity.com/krollLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security Christmas Party live stream! — YouTube.Engineer admits he wiped 456 Cisco WebEx VMs from AWS after leaving the biz, derailed 16,000 Teams accounts — The...
12/16/2020 • 1 hour, 5 seconds
Hidden treasure, COVID tracker trauma, and happy holidays with IoT
Was hidden treasure found with help from a hack? What security lessons can be learnt from a controversial police raid in Florida? And are you ready for safer online get-togethers this Christmas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.And don't miss our special featured interview with Mimecast's Max Linscott.Visit https://www.smashingsecurity.com/208 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Anna Brading and Max Linscott.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.Learn more and try it for yourself at culture.ai/smashingMimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your...
12/9/2020 • 1 hour, 11 minutes, 13 seconds
Cyber biowarfare, giant ladybugs, and strippers
Fears are raised about cyber bioterrorists, there's a widespread blackout for IoT devices caused by a cloud cock-up, and what role do strippers play in a revamp of the United States's computer crime laws?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.And don't miss our featured interview with Steve Salinas of Deep Instinct, discussing ransomware.Visit https://www.smashingsecurity.com/207 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Mark Stockley and Steve Salinas.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.Learn more and try it for yourself at culture.ai/smashingDeep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be...
12/2/2020 • 1 hour, 12 minutes, 42 seconds
Robo dogs, deepfakes and dirty deceptions - with Tim Harford
Author and broadcaster Tim Harford joins us as we discuss the merits of robotic canine security guards, deepfakes, and the curious tale of an art forgery.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.And don't miss our special featured interview with James Moore from CultureAI.Visit https://www.smashingsecurity.com/206 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: James Moore and Tim Harford.Sponsored By:CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.Learn more and try it for yourself at culture.ai/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How To Make The World Add Up — Tim Harford.Computerized canines to join Team Tyndall — Tyndall Air Force Base.Computerized canines semi-autonomous robot dogs into their patrolling regimen to join Team Tyndall — YouTube.<a...
11/25/2020 • 1 hour, 8 minutes
Zoom password pinching and Parler problems
Watch out for a whole different type of shoulder-surfing, researchers uncover the CostaRicto hackers-for-hire gang, and we take a peek at who is behind Parler.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Cochran from the Hacker Valley Studio podcast.Visit https://www.smashingsecurity.com/205 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Chris Cochran.Sponsored By:Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Hackers could now know what people type on Zoom video call by evaluating the shoulder...
11/18/2020 • 48 minutes, 8 seconds
Green buttons, Olympic attacks, and... an apology
Darknet Diaries host Jack Rhysider joins us to discuss a cybersecurity goof in the wake of the US presidential elections, the US finally fingering the hackers responsible for disrupting the Winter Olympics in South Korea, and to take a long hard look at long hard legal mumbojumbo...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jack Rhysider from Darknet Diaries.Plus don't miss our featured interview with Mimecast's Danielle Papadakis.Visit https://www.smashingsecurity.com/204 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Danielle Papadakis and Jack Rhysider.Sponsored By:Mimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your copy at smashingsecurity.com/mimecasthubLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Kroll: Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and...
11/11/2020 • 1 hour, 12 minutes, 58 seconds
Testing times, naming names, and the bald truth about AI
Students are being spied on as they do online exams, how did a televised football match reveal the truth about artificial intelligence, and what on earth is the Canny Lumpsucker vulnerability?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford from The Host Unknown podcast.Plus don't miss the second part of our featured interview with LastPass's Dalia Hamzeh.Visit https://www.smashingsecurity.com/203 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dalia Hamzeh and Thom Langford.Sponsored By:Kroll: Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security.See how Responder works at smashingsecurity.com/krollMimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your copy at smashingsecurity.com/mimecasthubLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single...
11/4/2020 • 1 hour, 10 minutes, 48 seconds
The Wu-Tang Clan are Among Us
Voting machines are under the microscope, scammers are posing as rap stars, and American politician AOC isn't the only one who's been getting into the Among Us game.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.Plus don't miss the first part of our featured interview with LastPass's Dalia Hamzeh.Visit https://www.smashingsecurity.com/202 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dalia Hamzeh and James Thomson.Sponsored By:Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureImmersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee...
10/28/2020 • 1 hour, 12 minutes, 5 seconds
Robin Hood, Flippy, and the web ad bubble
The Darkside ransomware gang thinks it's a modern-day Robin Hood when it donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Tim Hwang.Plus don't miss our featured interview with Recorded Future's Levi Gundert.Visit https://www.smashingsecurity.com/201 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Levi Gundert and Tim Hwang.Sponsored By:Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises...
10/21/2020 • 1 hour, 12 minutes, 44 seconds
Two flipping hundred
We're in celebratory mood as we celebrate our 200th episode, but there's still time to discuss Fatima the ballerina who the UK government wants to become a cybersecurity expert, why women are quitting the tech industry, and a smartwatch which might be putting your kids at risk.Plus don't miss our featured interview with Mimecast's Michael Madon.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/200 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Michael Madon.Sponsored By:Mimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your copy at smashingsecurity.com/mimecasthubLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.<a href="https://www.immersivelabs.com/smashing" rel="noopener noreferrer"...
10/14/2020 • 1 hour, 11 minutes, 54 seconds
A few tech cock-ups, and one cock lock-up
An internet-connected adult toy could leave its users encaged, the official NHS COVID-19 contact-tracing app alarms users, and would you be happy if a robot interviewed you for a job?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Zoe Kleinman.Visit https://www.smashingsecurity.com/199 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security LIVE STREAM!CellMate chastity cage (Short model) — QIUI.<a href="https://www.pentestpartners.com/security-blog/smart-male-chastity-lock-cock-up/" rel="noopener...
10/7/2020 • 55 minutes, 11 seconds
Chucky the coffee maker
Coffee machines catching ransomware, Blacklight shines a torch on website tracking, and a woman is freaked out that a complete stranger can turn off her home's security system.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.And don't miss our featured interview with Greg Jensen from Oracle, who talks all about five free reports he has put together for listeners about cloud security.Visit https://www.smashingsecurity.com/198 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dave Bittner and Greg Jensen.Sponsored By:Oracle: Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business.Read the free reports at smashingsecurity.com/oraclereportLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Trojan Room coffee pot — Wikipedia.Trojan Room Coffee Machine — Department of Computer Science and Technology, Cambridge University.<a...
9/30/2020 • 1 hour, 7 minutes, 55 seconds
Greedy bosses, game cheats, and virtual beheadings
Why are Zoom and Twitter making some people disappear? How are Counter-Strike: Global Offensive cheats getting their just desserts? And the founder of a anti cyber-fraud firm is charged with fraud.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/197 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Package Thief vs. Glitter Bomb Trap — YouTube.CSGO Cheaters trolled by fake cheat software — YouTube.<a...
9/23/2020 • 52 minutes, 48 seconds
Smart guns, smart cars, and smart street lights - oh my!
Kalashnikov unveils its "smart" shotgun, San Diego struggles with its street lights, and a researcher reveals how he found a way to hack every Tesla on the planet.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David McClelland.Visit https://www.smashingsecurity.com/196 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingSupport Smashing SecurityLinks:Kalashnikov smart shotgun - MP-155 Ultima.Kalashnikov reveals first Russian-made smart shotgun MP-155 Ultima — YouTube.<a href="https://www.youtube.com/watch?v=A7rFNW1R_vo"...
9/16/2020 • 54 minutes, 28 seconds
Selene Delgado Lopez is not your friend - with Jon Bentley
The Gadget Show's Jon Bentley joins us to discuss the mystery of a Facebook friend you never requested, software updates for the Mercedes S-Class, and risks in the online classroom.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jon Bentley.Visit https://www.smashingsecurity.com/195 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jon Bentley.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingDeep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented.Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.<a href="https://www.lastpass.com/smashing" rel="noopener...
9/9/2020 • 50 minutes, 8 seconds
Carry on droning
A Bitcoin bungle causes one user to lose millions, hackers attempt to bribe a Tesla employee into infecting the company's network, and are we ready for a sky full of drones?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Visit https://www.smashingsecurity.com/194 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Confident Cyber Security by Jessica Barker.Tweet by John McAfee about the mathematical impossibility of Bitcoin being less than $1 million by the end of 2020.<a href="http://dickening.com/" rel="noopener noreferrer"...
9/2/2020 • 48 minutes, 19 seconds
Hacking the CIA, Bridgefy, and college lockdowns
Whatever happened to Crackas with Attitude, perfidious Albion College's approach to locking down Coronavirus, and the Bridgefy mesh messaging app falls down when it comes to security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Visit https://www.smashingsecurity.com/193 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Anna Brading.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:CIA boss has his personal email account hacked… and yes, it’s on AOL — Graham Cluley.Two years' detention for UK teenager who 'cyberterrorised' US officials — The Guardian.Kane Gamble sentencing remarks (PDF).What It’s Like for a Hacker to Get Back Online After a Two-Year Internet Ban — Motherboard.Fearing coronavirus, a Michigan college is tracking its students with a flawed app — TechCrunch.<a...
8/26/2020 • 58 minutes, 57 seconds
Ritz and robocalls - with Rory Cellan-Jones
A scam involving restaurant bookings at The Ritz is suitably sophisticated, the second wave of UK coronavirus testing apps, and we take a look at one of the biggest studies ever into the scourge of robocalls.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Rory Cellan-Jones.Visit https://www.smashingsecurity.com/192 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rory Cellan-Jones.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Tech Tent podcast — BBC World Service.Sir Frederick Barclay releases footage of alleged Ritz bugging — The Guardian.Tea at the Ritz soured by credit card scammers — BBC News.Tweet from The Ritz London.Coronavirus: England's contact-tracing app gets green light for trial — BBC News.Coronavirus: England's contact tracing app trial gets under way — BBC News.<a...
8/19/2020 • 49 minutes, 28 seconds
We are on the bird
Can a video game help your company's staff choose stronger passwords? Why might satellite-based internet communications be bad for security? And what are the alternatives to TikTok?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/191 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Passworld: A Serious Game to Promote Password Awareness and Diversity in an Enterprise — USENIX.Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks — Black Hat USA 2020.Satellite Broadband Security - James Pavur — YouTube.Twitter and TikTok reportedly have had talks about a deal — The Verge.Trump bans US transactions with Chinese-owned TikTok and WeChat — The Guardian.<a...
8/12/2020 • 54 minutes, 15 seconds
Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition
Special guest Geoff White can't resist using the podcast to promote his new book, "Crime Dot Com", but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don't give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes - the technology fighting back at facial recognition.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by "Crime Dot Com" author Geoff White.Visit https://www.smashingsecurity.com/190 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:A free chapter of Geoff's book, "Crime Dot Com"Start-Up Helps Conservative Websites Like the Daily Caller Store User Names, Postal Addresses of Anonymous Readers — Jezebel.Permission Shmarketing: How does GetEmails work? — YouTube.Some say we're criminals. Many say we're unethical. We think we're geniuses. But we're so, so bad... — YouTube.Three charged in massive Twitter hack, Bitcoin...
8/5/2020 • 48 minutes, 40 seconds
DNA cock-up, Garmin hack, and virtual kidnappings
Why are students faking their own kidnappings? What's the story behind Garmin's ransomware attack? And a genetic genealogy website suffers a hack or two.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].Visit https://www.smashingsecurity.com/189 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ray [REDACTED].Sponsored By:Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Tribe of Hackers Podcast.Golden State Killer pleads guilty to 13 murders — BBC News.Joseph James DeAngelo — Wikipedia.Hackers Attacked Two Leading Genetic Genealogy Websites — Buzzfeed...
7/29/2020 • 49 minutes, 3 seconds
Dinner with Elon Musk and Kris Jenner
Who stopped Twitter's hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.Visit https://www.smashingsecurity.com/188 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:The Twitter mega-hack. What you need to know — Tripwire State of Security.The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried — Graham Cluley.Twitter Hackers Could Have Stolen A Whole Lot More Bitcoin — Forbes.Twitter says hackers downloaded private account data — BBC News.UK condemns Russian...
7/22/2020 • 1 hour, 2 minutes, 34 seconds
Huawei ban, MGM hack, and a contact-tracing cock-up
Login chaos for England's contact tracing service, our drill-down on the Britain's Huawei 5G ban, MGM's blockbuster breach, and how to pronounce "Gigabyte."All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Plus we have a bonus featured interview with Scott Petry, the co-founder of Authentic8, all about how you can browse the internet safely, securely, and anonymously when conducting research, collecting sensitive evidence, and analyzing data.Visit https://www.smashingsecurity.com/187 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Scott Petry.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8Support Smashing SecurityLinks:<a href="https://news.sky.com/story/coronavirus-contact-tracers-in-england-locked-out-of-accounts-12028196" rel="noopener noreferrer"...
7/15/2020 • 1 hour, 3 minutes, 18 seconds
This one's for all the Karens!
A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by investigative journalist Michelle Madsen (or is it Michelle Damsen? Hmm...).Visit https://www.smashingsecurity.com/186 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Michelle Madsen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8Support Smashing SecurityLinks:Ray Hushpuppi's Instagram account.Your 2.3m Instagram fans won't stop the FBI... Web
7/8/2020 • 49 minutes, 38 seconds
Bieber fever, Roblox, and ransomware
Who's been dressing Robox players up in red baseball caps? Which ransomware victim's negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Visit https://www.smashingsecurity.com/185 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Roblox accounts being hacked in support of Trump re-election — Bleeping Computer.<a href="https://en.help.roblox.com/hc/en-us/articles/212459863-Add-2-Step-Verification-to-Your-Account"...
7/1/2020 • 47 minutes, 11 seconds
Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy
A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades' worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.Visit https://www.smashingsecurity.com/184 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How photographs are airbrushed — A 2010 BBC News article, starring Zoe Kleinman.Elon Musk Bitcoin vanity addresses used to scam users out of $2 million — ZDNet.Kate Winslet responds to Bitcoin scam faking her endorsement — Decrypt.<a...
6/24/2020 • 51 minutes, 12 seconds
MAMILs, gameshows, and a surprise from eBay
A TV gameshow with cash prizes if you're obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/183 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mr Blobby — Wikipedia.Noel's House Party — Wikipedia.A man is surprised at home by Noel's House Party — YouTube.Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy — Amnesty International.<a href="https://www.bbc.co.uk/news/world-middle-east-53052395" rel="noopener noreferrer"...
6/17/2020 • 46 minutes, 19 seconds
Space Force, credit card fraud, and beep-ti-beep
Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.And don't miss our featured interview with Robbie O'Brien of MetaCompliance, all about the new book he's written - Cyber Security Awareness for Dummies.Visit https://www.smashingsecurity.com/182 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Robert O'Brien and Thom Langford.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareSupport Smashing SecurityLinks:Security firm leaves more than five billion records exposed on unsecured database — Graham Cluley."Following a legal threat from ███████ ████ I have removed their name from this article on my site..." — Graham Cluley on Twitter.<a href="https://www.verdict.co.uk/keepnet-labs-data-breach/" rel="noopener...
6/10/2020 • 1 hour, 1 minute, 55 seconds
Anti-cybercrime ads, tricky tracing, and a 5G Bioshield
Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/181 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Deep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented.Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the...
6/3/2020 • 52 minutes, 22 seconds
Taking care of Clare
On this special splinter episode of the podcast, we're joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter.Hear what happens in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Carole's cousin (!) Clare Blackwood.Visit https://www.smashingsecurity.com/180 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Clare Blackwood.Sponsored By:Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:All ages dance on TikTok during coronavirus quarantine — Los Angeles Times.Fugitive John McAfee’s location revealed by photo meta-data screw-up — Naked Security.Have I Been Pwned: Check if your email has been compromised in a data breach.<a...
5/27/2020 • 46 minutes, 18 seconds
Deepfake Jay-Z, and beer apps spilling your data
Apps that belch out sensitive military information, what could the world learn from South Korea's digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump... and why?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the "Power Corrupts" podcast.Plus we have a bonus feature interview with Rachael Stockton from Logmein, the folks behind LastPass, all about their report into the psychology of passwords.Visit https://www.smashingsecurity.com/179 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Brian Klaas and Rachael Stockton.Sponsored By:LastPass: LastPass's "Psychology of Passwords" report surveyed over 3,000 people around the world to highlight the current state of online security behaviors – and the results are alarming.Download it now at smashingsecurity.com/passwordreportImmersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use)
5/20/2020 • 1 hour, 2 minutes, 11 seconds
Office pranks, meat dresses, and robocop dogs
Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Lisa Forte.Visit https://www.smashingsecurity.com/178 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.Oracle: Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business.Read the free reports at smashingsecurity.com/oraclereportLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing
5/13/2020 • 50 minutes, 42 seconds
Elon Musk, Roblox, and Love Bug author found
What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down the man behind one of history's biggest virus outbreaks in Manila? And what on earth is a hacker doing breaching Roblox security?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.Visit https://www.smashingsecurity.com/177 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:DomainTools: Join our friends at DomainTools for a webinar as they walk you through the process of identifying a nefarious domain, mapping connected infrastructure, and reverse-engineering a ransomware attack which used a Coronavirus disguise.Learn more about how DomainTools helps security analysts turn threat data into threat intelligence and watch the webinar at domaintools.com/smashingOracle: Build, test, and deploy applications on Oracle Cloud - for free.Sign up at smashingsecurity.com/oracle and you'll soon be building, testing and deploying cloud applications securely with Oracle.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.<a href="https://www.patreon.com/smashingsecurity" rel="noopener noreferrer"...
5/6/2020 • 1 hour, 31 seconds
Hacking hacks and university attacks
Journalists spying on their rivals, the NHS rejects Apple and Google's approach to Coronavirus-tracing, and universities are hit by an old-fashioned sexy lady attack. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Rik Ferguson.Visit https://www.smashingsecurity.com/176 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rik Ferguson.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the EU Security Blogger Awards!Financial Times reporter accessed private calls at Independent and Evening Standard — The Independent.FT suspends journalist accused of listening to rival outlets' Zoom calls — The Guardian.Sky News admits it hacked Canoe Man’s email — Naked Security.Is it ever acceptable for a journalist to hack into somebody else’s email? — Naked...
4/29/2020 • 45 minutes, 9 seconds
Zoom deepfakes, Zardoz, and 'Rona tracing
Will deepfake disguises hit a video conference near you, can Coronavirus-tracing apps be trusted, and should Facebook shut down anti-quarantine events?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/175 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Iain Thomson in fancy dress on Zoom. — Twitter.Smashing Security 134: Sextortion, silicone face masks, and a DDoS doofus.Avatarify: Avatars for Zoom and Skype — GitHub."Elon Musk joined our Zoom call" — YouTube.Avatarify demo —
4/22/2020 • 49 minutes, 45 seconds
Animal Crossing with Garry Kasparov
World-chess-champion-turned-activist Garry Kasparov joins us as we discuss celebrity lookalikes, smartphone fleeceware, the impact Coronavirus is having on security, and how a popular new video game is being used for political ends. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Garry Kasparov.Yes, the Garry Kasparov. Graham was pretty excited too.Visit https://www.smashingsecurity.com/174 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Garry Kasparov.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Don’t let fleeceware sneak into your iPhone — Sophos.Fleeceware apps persist on the Play Store — Sophos.Fleeceware apps discovered on the iOS App Store — ZDNet.How to see or cancel subscriptions on your iPhone, iPad or iPod touch — Apple Support.How to cancel, pause, or change a subscription on Google Play — Google Play Help.<a...
4/15/2020 • 46 minutes, 26 seconds
5G fiascos, Zoom gloom, and butt biometrics
We take a look at the stinky backside of surveillance, gas about the latest video-conferencing threats, and jump into the murky world of 5G conspiracy theories.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland and featuring an interview with LastPass's Barry McMahon.Visit https://www.smashingsecurity.com/173 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Barry McMahon and David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Engineers unleash car-seat identifier that reads your rear end — Phys.org.Identifying personal microbiomes using metagenomic codes — PNAS.A mountable toilet system for personalized health monitoring via the analysis of excreta — Nature.'Magic toilet' could monitor users' health, say researchers — The Guardian.Toilet hackers could snoop on your poop, steal data of a “personal nature” — Graham Cluley.<a...
4/8/2020 • 1 hour, 3 minutes, 17 seconds
UncleF***Face - with Mikko Hyppönen
Carole details how companies are spying on their stay-at-home workers, Mikko Hyppönen discusses the trustworthiness of video chat apps, and Graham gets embarrassed when he admits he's bought a Facebook Portal for his in-laws.All this and much much more is discussed in the latest edition of the award-winning "Smashing Security" podcast with Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/172 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mikko Hyppönen.Sponsored By:DomainTools: DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks.Learn more about their products at domaintools.com, or visit domaintools.com/smashing to enter their Capture The Flag competition and be in with a chance to win a $100 gift card.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Herrasmieshakkerit — Mikko's security podcast (in Finnish) with Tomi Tuominen.Video trailer for Herrasmieshakkerit — YouTube.Has Houseparty really been hacked? $1 million reward offered to unearth...
4/1/2020 • 51 minutes, 8 seconds
WhatsApp hoaxes, Zoombombs, and 8-bit love
Blackmailers are threatening to infect your family with Coronavirus, trolls are making Zoom an unsafe place for those of a sensitive disposition, and what is the mysterious Dr Negrin audio message spreading on WhatsApp?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.Visit https://www.smashingsecurity.com/171 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:"Stay home and help flatten the curve!" — Tweet by Pornhub.‘Dirty little secret’ extortion email threatens to give your family coronavirus — Naked Security.Google Assistant calling the hairdresser for an appointment — YouTube.Geoff White tweets about the "Dr Negrin" audio message. — Twitter.Priest in Italy live streams mass, activates filters by mistake — Reddit.Beware of...
3/25/2020 • 45 minutes, 30 seconds
PornHub, Coronavirus apps, and remote working
It's a self-isolated Coronavirus special as we discuss with our quarantined special guest how COVID-19 is making itself felt in the world of cybersecurity, and we offer tips on how to better protect yourself if you're unexpectedly working from home.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Malicious Life's Ran Levi from his attic.Visit https://www.smashingsecurity.com/170 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ran Levi.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.DomainTools: DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks.Learn more about their products at domaintools.com, or visit domaintools.com/smashing to enter their Capture The Flag competition and be in with a chance to win a $100 gift card.Support Smashing SecurityLinks:CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware — DomainTools.CovidLock Update: Deeper Analysis of...
3/18/2020 • 47 minutes, 21 seconds
Burglaries, breaches, and bidets
How one guy's exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/169 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Leave Smashing Security a voicemail!Google tracked his bike ride past a burglarized home. That made him a suspect. — NBC News.Smashing Security episode 144: "Google helps the FBI, Twitter Jack’s hijack, and car data woes."Breaking Password Dependencies: Challenges in the Final Mile at Microsoft — YouTube.FYI: When Virgin Media said it leaked 'limited contact info', it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more — The Register.<a href="https://www.virginmedia.com/help/data-incident/important-information" rel="noopener noreferrer"...
3/11/2020 • 51 minutes, 6 seconds
The Bitcoin fraud factory
Fraudsters steal millions from those hoping to jump on the Bitcoin bandwagon, Twitter verifies a fake US politician, and it's another face palm for facial recognition.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/168 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.DomainTools: DomainTools turns threat data into threat intelligence, giving organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks. Read a free report into how automation is changing IT security, and specifically the staffing of IT departments.Support Smashing SecurityLinks:Inside the Kiev fraud factory stealing senior citizens’ savings — Dagens Nyheter.Revealed: fake 'traders' allegedly prey on victims in global investment scam — The Guardian.Inside the Kiev Bitcoin fraud factory —...
3/4/2020 • 52 minutes, 10 seconds
Coronavirus scams and an exaggerated lion
Scammers from Africa are preying on US businesses, a drug dealer makes a mistake when hiding his Bitcoin fortune, and the Coronavirus pandemic is causing scams to soar and raising questions about facial recognition.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Anna Brading.Visit https://www.smashingsecurity.com/167 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Anna Brading.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Business Email Compromise (BEC) and G Suite: How the Exaggerated Lion Cybercrime Group Cashes Out — Agari.A weed dealer’s $59M lesson: Don’t hide Bitcoin keys with a fishing rod — Ars Technica.Chance encounter with gardaí unmasked bitcoin millionaire drug dealer — Irish Times.Man who ‘threw away’ bitcoin haul now worth over $80m wants to dig up landfill site — The Independent.<a...
2/26/2020 • 56 minutes, 21 seconds
What the Dickens! Ad ban thank you scam
How to stop dick pics on Twitter, and a new way bad guys are extorting money from websites earning cash from Google ads.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/166 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.DomainTools: DomainTools turns threat data into threat intelligence, giving organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks. Read a free report into how automation is changing IT security, and specifically the staffing of IT departments.Support Smashing SecurityLinks:Tweet from Kelsey Bressler.safeDM – Making the Internet Safer.@showYoDiq — Twitter.This Dick Pic Filter For Your Inbox Does Block Most Pictures Of Dicks, And Some Dick-Like Things — Buzzfeed.<a href="https://www.smashingsecurity.com/34" rel="noopener noreferrer"...
2/19/2020 • 42 minutes, 2 seconds
Cheapfakes, deepfakes, and Ashley Madison
Wi-Fi hopping malware, the return of Ashley Madison extortion scams, and should social media be doing anything about cheapfakes?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Visit https://www.smashingsecurity.com/165 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security #162: Robocalls, health hacks, and facial recognition fears — Carole talks about the activities of Clearview AI.The Daily: The End of Privacy as We Know It? — Apple Podcasts.Emotet Malware Advisory — US Department of Homeland Security.Emotet Wishes You a Merry Christmas from Greta Thunberg — Proofpoint.Coronavirus - hackers exploit fear of infection to spread malware — Graham Cluley.Emotet evolves with new Wi-Fi spreader — Binary Defense.<a...
2/12/2020 • 48 minutes, 30 seconds
A bitter pill to swallow
A gallery is tricked into giving millions to a fraudster, software tells doctors to push opioids onto patients, and an artist finds a novel way to trick Google Maps into thinking there's a traffic jam.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who ended up recording without a guest this week.Visit https://www.smashingsecurity.com/164 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Castbox, Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Fraudsters Posing as Art Dealer Got Gallery to Pay Millions — Bloomberg.‘Hampstead Heath, Harrow in the Distance’, John Constable, David Lucas, published 1855 — Tate.Electronic Health Records Vendor to Pay $145 Million to Resolve Criminal and Civil Investigations — Department of Justice.In secret deal with drugmaker, health-records tool pushed opioids — Los Angeles Times.<a...
2/5/2020 • 34 minutes, 15 seconds
Russian heists and Ring wrongs
Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.And don't miss our special featured interview with Adrian Sanabria, all about Thinkst Canary.Visit https://www.smashingsecurity.com/163 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Castbox, Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Adrian Sanabria and Lisa Forte.Sponsored By:Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...Listeners who mail in referencing Smashing Security get a 10% discount on their order!LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Senate Bill 30 (PDF)Maryland: Make malware possession a crime!...
1/29/2020 • 58 minutes, 7 seconds
Robocalls, health hacks, and facial recognition fears
A hospital gets hacked because of an ex-employee's grudge, robocalls are on the rise, and we share a scary story about the future of facial recognition.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks.Visit https://www.smashingsecurity.com/162 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Castbox, Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Michael Hucks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.DomainTools: DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks.Learn more about their products at domaintools.com, or visit domaintools.com/smashing to enter their Capture The Flag competition and be in with a chance to win a $100 gift card.Support Smashing SecurityLinks:YOU Season 2 Trailer — YouTube.Hospital administrator sacked for using NHS computer to download over 10,000 records is spared jail —...
1/22/2020 • 52 minutes, 17 seconds
Love, lucky dips, and 23andMe
The man who hacked the UK National Lottery didn't end up a winner, Japanese Love hotel booking tool suffers a data breach, and just what is 23andMe planning to do with your DNA?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Visit https://www.smashingsecurity.com/161 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Cyber criminal jailed over National Lottery hack — National Crime Agency.Man who hacked National Lottery for just £5 is jailed for nine months — Hot for Security.Booking data stolen from Japanese short-time love hotel booking service HappyHotel — SiliconANGLE.23andMe Licenses Drug Compound to Spanish Drugmaker Almirall — Bloomberg.Big Data and the End of Painful, Invasive Medical Procedures | — Wired.<a...
1/15/2020 • 42 minutes, 21 seconds
SNAFUs! MS Word, Amazon Ring, and TikTok
We discuss how Microsoft Word helped trap a multi-million dollar fraudster, how Amazon Ring may be recording more than you're comfortable with, and how teens are flocking to TikTok (and why that might be a problem).All this and much much more is covered in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/160 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Senior Manager Of Global Internet Company Pleads Guilty To Wire Fraud — Department of Justice.IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata — The Register.We Tested Ring’s Security. It’s Awful — Motherboard.Amazon Ring isn’t even good at pretending to care about your privacy and safety — Fight for the FutureAmazon’s Ring to let customers opt out of receiving police video...
1/8/2020 • 53 minutes, 6 seconds
Rap, robbery, and IoT holiday hell
A rapping bank worker is accused of stealing from the vault, the devices that can hide your car's true mileage, and why it may be a case of "No No No" rather than "Ho Ho Ho" when it comes to IoT toys this Christmas.And as Carole sups the mulled wine, Graham has problems with his internet connection...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/159 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:‘No Chance:’ John McAfee Halts Crypto Promo as US 2020 Elections Near — Coin Telegraph.FBI Arrests Former Bank Employee Charged With Stealing Cash From Bank Vault — US Department of Justice."Problem" video — Aceey4oez on Instagram.Man posted photos of himself with stacks of cash after stealing from bank: charges — Sydney Morning Herald.<a href="http://www.angelfire.com/fl4/cadillacs/images/seville.html" rel="noopener noreferrer"...
12/18/2019 • 55 minutes, 4 seconds
The man behind The Missing Cryptoqueen
We're joined by special guest Jamie Bartlett, of the chart-topping "The Missing Cryptoqueen" podcast, in this bumper episode where we discuss his investigation into the OneCoin cryptocurrency scam, the Russian cybercriminals behind Evil Corp, and the mysterious leaks about the NHS that have turned oh-so-political...All this and much much more can be found in the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/158 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jamie Bartlett.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Russian hacking group "Evil Corp" accused of targeting American businesses — CBS News, YouTube.Evil Corp donuts — YouTube.International law enforcement operation exposes the world’s most harmful cyber crime group — National Crime Agency.Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware — U.S. Department of the Treasury.UK Government Releases Photos of Russian Hackers, Whose Lives
12/11/2019 • 1 hour, 12 minutes, 20 seconds
A biometric knuckle duster
What is Kaspersky's ugly ring for? Is there something suspicious about how NordVPN lets you stream Disney+? And why did a hacker impersonate a music producer?Plus we have a bonus feature interview with Rachael Stockton from Logmein, the folks behind LastPass, all about behavioral biometrics!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/157 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Rachael Stockton.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:"Eau de Eugene Kaspersky" — Smashing Security, episode 12.Kaspersky Labs - Packin' The K — YouTube.Thousands of taxpayers tell HMRC to delete voiceprint data it stored without consent — Graham Cluley.Hackers Have Stolen Almost Six Million US Government Fingerprints — Tripwire.Fingerprints are not the same as passwords — Graham Cluley.Face/Off...
12/4/2019 • 1 hour, 5 minutes, 41 seconds
Better safe than Sony
In this clip from a special bonus episode produced for our Patreon supporters, Graham Cluley and Carole Theriault discuss the 2014 hack of Sony Pictures - reportedly carried out by North Korea for the very oddest of reasons...Visit https://www.smashingsecurity.com/156 to check out this episode’s show notes and episode links, and become one of our "bonus content" Patreon supporters to hear the full episode in all its glory, get early access to future episodes, occasional bonus content, and even receive stickers!Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening and Happy Thanksgiving!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Support Smashing SecurityLinks:Hackers leak Hollywood salaries, embarrassing emails - PBS Newshour — YouTube.Did North Korea hack Sony? It seems hard to believe — Graham Cluley.Poor passwords at Sony, WikiLeaks shows with archive of hacked documents — Graham Cluley.The Interview Trailer (2014) — YouTube.U.S. Said to Find North Korea Ordered Cyberattack on Sony — The New York Times.Sony hackers failed to hide their North Korean IP addresses, says FBI — Hot for Security.NSA allegedly hacked North Korea's networks before Sony attacks — Graham Cluley.
11/27/2019 • 22 minutes, 32 seconds
Juice jacking, YouTube hacking, password slacking
A bank has some of the worst password advice ever, travellers are told to be wary when USB charging their smartphones and laptops, and a gamer has his YouTube account hacked.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White.Visit https://www.smashingsecurity.com/155 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Giorgio Bonfiglio tweets about Fineco's bizarre attitude to passwords — Twitter.This Bank Had the Worst Password Policy We've Ever Seen — Motherboard.NIST password guidelines.Officials warn about the dangers of using public USB charging stations — ZDNet.MarcoStyle on Twitter.A YouTuber With 350,000 Subscribers Was Hacked, YouTube Verified His Hacker — Forbes.<a...
11/20/2019 • 50 minutes, 39 seconds
A buttock of biometrics
The UK's Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple's credit card is accused of being sexist, and what is Google up to with Project Nightingale?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Visit https://www.smashingsecurity.com/154 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:That "sophisticated" Labour cyber-attack - don't panic — Graham Cluley.General election 2019: Labour Party hit by second cyber-attack — BBC News.Election 2019: Security flaw leaves donors’ details online — The Times.Apple's 'sexist' credit card investigated by US regulator — BBC News.Apple's credit card caper probed over sexism claims – after women screwed over on limits — The Register.<a href="https://arstechnica.com/science/2019/11/would-you-trust-google-with-your-medical-records-it-might-already-have-them/" rel="noopener noreferrer"...
11/13/2019 • 50 minutes, 3 seconds
Cybercrime doesn’t pay (but Uber does)
The cybercrime lovebirds who hijacked Washington DC's CCTV cameras in the run-up to Donald Trump's inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.Visit https://www.smashingsecurity.com/153 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Ransomware attack impacted 70% of Washington DC police surveillance cameras — Graham Cluley.The Hapless Shakedown Crew That Hacked Trump’s Inauguration — Wall Street Journal.Eveline Cismaru's Instagram account.London Investment Bankers Charged in Insider-Trading Ring — Bloomberg.Trade-Secrets Case Linked to Google Seen as Warning to Silicon Valley — Wall Street Journal.<a...
11/6/2019 • 49 minutes, 50 seconds
Cats, hoodies, and rent
What's the problem with IoT-enabled pet feeders? Can hacking ever be illustrated without a hoodie? And just how are landlords using smart home technology to snoop upon their residents?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.Visit https://www.smashingsecurity.com/152 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:Immersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support...
10/30/2019 • 54 minutes, 22 seconds
Frankly, sometimes paying the ransom is a good idea
Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn't the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, with a featured interview with Rachael Stockton from Logmein.Visit https://www.smashingsecurity.com/151 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rachael Stockton.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of...
10/23/2019 • 55 minutes, 49 seconds
Liverpool WAGs, Facebook politics, and a selfie stalker
Footballers' wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it's in a political ad), and things take a horrific turn in Japan, as a stalker uses a scary technique to find out where his pop idol lives.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/150 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.<a href="https://www.patreon.com/smashingsecurity" rel="noopener...
10/16/2019 • 51 minutes, 23 seconds
Falling in love with fraudsters
We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting Match.com's profits.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ran Levi of the "Malicious Life" podcast.Visit https://www.smashingsecurity.com/149 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ran Levi.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.<a href="https://www.patreon.com/smashingsecurity"...
10/9/2019 • 46 minutes, 25 seconds
Billboard boobs, face forensics, and Alexa gets way too personal
Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has... uh... deepened, and Carole is less than happy about Amazon's announcement about new Alexa integrations.All this, an annoying goose, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/148 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Immersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Wonderbra 'Hello Boys' advert voted most iconic of all time — Daily Mail.Hello boys! The greatest billboard ads of all time — The Sun.Outdoor advertisements and signs: a guide...
10/2/2019 • 50 minutes, 24 seconds
Don't Snapchat and drive
How is private medical data leaking onto the streets of Milton Keynes, what is widening the cybersecurity skills gap, and how is Australia controversially tackling the problem of drivers using their mobile phones?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.Visit https://www.smashingsecurity.com/147 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Carrigan.Sponsored By:Detectify: Detectify will run over 1500 security tests against your website, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 handpicked ethical hackers.Go hack yourself! Take a 14-day free trial at smashingsecurity.com/detectifyLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:50 reasons to love Milton Keynes (what, only 50?) — The Guardian.Logan's Run movie trailer — YouTube.Understanding Milton Keynes —...
9/25/2019 • 50 minutes
Password secrets and baking brownies
In the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils of passwords, and Rachael Stockton from LastPass drops by for a chat.Visit https://www.smashingsecurity.com/146 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Rachael Stockton and Vanja Švajcer.Sponsored By:Detectify: Detectify will run over 1500 security tests against your website, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 handpicked ethical hackers.Go hack yourself! Take a 14-day free trial at smashingsecurity.com/detectifyLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
9/18/2019 • 38 minutes, 57 seconds
Apple and Google willy wave while home assistants spy - DoH!
Apple is furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by web security journalist John Leyden.Visit https://www.smashingsecurity.com/145 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Leyden.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber...
9/11/2019 • 44 minutes, 22 seconds
Google helps the FBI, Twitter Jack’s hijack, and car data woes
Should Google really be helping the FBI with a bank robbery? What's the story behind the Twitter CEO claiming there's a bomb in their offices? And how much does your car really know about you?And we mourn the loss of Doctor Who legend Terrance Dicks...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.Visit https://www.smashingsecurity.com/144 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Detectify: Detectify will run over 1500 security tests against your website, identifying real problems with a list of constantly updated vulnerabilities submitted by a global network of over 150 handpicked ethical hackers.Go hack yourself! Take a 14-day free trial at smashingsecurity.com/detectifySupport Smashing SecurityLinks:Feds ordered Google location dragnet to solve Wisconsin bank robbery — The Verge.Google reverse location search warrant.<a...
9/4/2019 • 51 minutes, 34 seconds
Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians
Was a cybercrime committed on the International Space Station? What on earth were Ukrainian scientists thinking when they plugged a nuclear power station into the internet? And someone has cloned Canadian clinical psychologist Jordan Peterson's voice...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/143 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:NASA Astronaut Anne McClain Accused by Spouse of Crime in Space — The New York Times.Space Station's Data Rate Increase Supports Future Exploration — NASA.<a...
8/28/2019 • 43 minutes, 35 seconds
Mercedes secret sensors, smart cities, and ransomware runs riot
Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the security threats impacting smart cities, and a new feature coming to your Facebook app. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/142 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jack Rhysider.Sponsored By:Immersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mercedes spies on drivers by secretly installing tracking devices in cars and passing information to bailiffs — The Sun.Three-unique-words 'map' used to rescue mother and child — BBC News.Rolling a Reliant Robin - Top Gear — YouTube.<a...
8/21/2019 • 49 minutes, 31 seconds
Black Hat and Bridezillas
Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you're about to plug into your MacBook?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/141 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Say Cheese: Ransomware-ing a DSLR Camera — Check Point Research.Ransomware on a DSLR Camera — YouTube.Security advisory for Canon digital cameras related to PTP (Picture Transfer Protocol) communication functions and firmware update functions —
8/14/2019 • 51 minutes, 31 seconds
Love, PINs, and 8chan
Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/140 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:Most Common iPhone Passcodes — Daniel Amitay.We’ve fixed an issue that meant we weren’t...
8/7/2019 • 54 minutes, 52 seconds
Capital One hacked, iMessage flaws, and anonymity my ass!
Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to... Penelope?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole 'Penelope' Theriault, joined this week by technology broadcaster David McClelland.Visit https://www.smashingsecurity.com/139 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Woman arrested after Capital One hack spills personal info on 106 million — Tripwire.<a href="https://www.seattletimes.com/business/seattle-woman-arrested-in-breach-of-capital-one-systems-millions-of-credit-applications/" rel="noopener noreferrer"...
7/31/2019 • 47 minutes, 59 seconds
Logic bombs, brain data exploitation, and Digga D tweets
Logic bombs in Excel spreadsheets, how should we protect our brain data from big companies, and how did bizarre messages about Drill rap end up on the Metropolitan Police's Twitter account and website?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BJ Mendelson.Visit https://www.smashingsecurity.com/138 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: B J Mendelson.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Tinley Consulting's website.The meaning and origin of 'Come a cropper'.Siemens contractor pleads guilty to planting logic bomb in company spreadsheets — ZDNet.Brain data regulation — Practical Ethics, University of Oxford.Monkey uses brain to control prothetic arm — YouTube.Neuralink and the Brain's Magical Future — Wait But Why.<a href="https://www.theverge.com/2017/2/22/14631122/kernel-neuroscience-bryan-johnson-human-intelligence-ai-startup" rel="noopener
7/24/2019 • 49 minutes, 52 seconds
Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED
Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody's account. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/137 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs — IEEE.Academics steal data from air-gapped systems via a keyboard's LEDs — ZDNet.<a...
7/17/2019 • 44 minutes, 9 seconds
Oops, we created Iran's hacking exploit
Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Charl van der Walt.Visit https://www.smashingsecurity.com/136 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Charl van der Walt.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your...
7/10/2019 • 50 minutes
Zombie grannies and unintended leaks
We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Oli Skertchly.Visit https://www.smashingsecurity.com/135 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Oli Skertchly.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:This scary game app is coming for your credentials — Wandera.App vetting: How do you measure the risk level of risky apps? — Wandera.The not so ultra lock — Pen Test Partners.<a...
7/3/2019 • 56 minutes, 27 seconds
Sextortion, silicone face masks, and a DDoS doofus
Scammers steal millions by impersonating a French politician, we offer fashion tips for DDoS attackers, and hear how a small town fought a sextortionist preying on young women.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Visit https://www.smashingsecurity.com/134 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Edgewise Networks: Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise's data-centric approach makes micro-segmentation simpler and more secure.Learn more and get a free trial at edgewise.net.Support Smashing SecurityLinks:Anonymous hacker exposed after dropping USB drive while throwing Molotov cocktail — ZDNet.18 maanden cel voor hacker die website Crelan en pizzeria plat legde — HLN.<a href="https://www.bbc.com/news/amp/world-europe-48510027" rel="noopener noreferrer"...
6/26/2019 • 47 minutes, 4 seconds
Cookie cock-ups, Hong Kong protests, and smart TV virus scans
We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won't believe whose website is not GDPR-compliant.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.Visit https://www.smashingsecurity.com/133 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language. "Chickens!"Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: James Thomson.Sponsored By:Edgewise Networks: Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise's data-centric approach makes micro-segmentation simpler and more secure.Learn more and get a free trial at edgewise.net.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Information about Cookies — ICO.All About Do Not Track.Apple is removing the Do Not Track toggle from Safari, but for a good reason — Macworld.Google Chrome privacy extension hasn't been updated for years — Graham...
6/19/2019 • 56 minutes, 26 seconds
CBP cyber attack, an iPhone privacy boost, and Twitter list abuse
United States Customs and Border Protection had sensitive data stolen, but the hackers didn't have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims.All this and much much more is discussed in the latest edition of the MULTI-AWARD-WINNING "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.Visit https://www.smashingsecurity.com/132 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Edgewise Networks: Edgewise is the industry's first zero-trust segmentation platform. It’s simple to use interface lets you stops data breaches by allowing only verified software to communicate within your cloud or data centre. Edgewise's data-centric approach makes micro-segmentation simpler and more secure.Learn more and get a free trial at edgewise.net.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security named the Best Security Podcast — Graham Cluley.U.S. Customs and Border Protection says photos of travelers into and out of the country were...
6/12/2019 • 48 minutes, 14 seconds
Zap yourself from the net, and patch now against BlueKeep
Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a special guest this week.Visit https://www.smashingsecurity.com/131 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceMetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:WannaCry ransomware hits systems worldwide — Graham Cluley.WannaCry - Who's to blame? — Smashing Security #021.Remote Desktop Services Remote Code Execution Vulnerability CVE-2019-0708 — Microsoft.<a...
6/5/2019 • 34 minutes, 14 seconds
Doctored videos, Bcc blunders, and a diva
You won't believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware... and how Carole gets her diva on.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a guest this week.Visit https://www.smashingsecurity.com/130 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Final chance to vote for Smashing Security!Apple Podcasts New &...
5/30/2019 • 48 minutes, 11 seconds
Too Long; Didn't Listen
Don't hire a hacker, they might scam you! What works and what doesn't when it comes to protecting your email account? And China's controversial social credit system comes under the microscope.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/129 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the EU Security Blogger Awards"How to hack a Facebook account..." - how on earth to answer? — Graham Cluley.Hack for Hire: Exploring the Emerging Marketfor Account Hijacking — Report from University...
5/22/2019 • 51 minutes, 34 seconds
Shackled ankles, photo scrapes, and SIM card swaps
A bad software update causes big headaches for Dutch police, but brings temporary freedom to criminals. SIM swaps are in the news again as fraudsters steal millions. And does your cloud photo storage service have a dirty little secret?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rip Off Britain's David McClelland.Visit https://www.smashingsecurity.com/128 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:Gartner: Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unbiased research and advice on cyber attacks, and emerging technologies including AI, blockchain, machine-learning and more.Visit smashingsecurity.com/gartner to find out more. Smashing Security listeners can save $350 off the standard registration rate by using the code "SMASHING". Promo Code: SMASHINGRecorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.<a href="https://www.lastpass.com/smashing" rel="noopener noreferrer"...
5/15/2019 • 50 minutes, 34 seconds
I do love the Dutch
Israel strikes back at Hamas's hacking HQ, a new sextortion email comes with a twist, and Carole saves the world with some help from hacked Roomba vacuum cleaners.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Malicious Life's Ran Levi.Visit https://www.smashingsecurity.com/127 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ran Levi.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Gartner: Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unbiased research and advice on cyber attacks, and emerging technologies including AI, blockchain, machine-learning and more.Visit smashingsecurity.com/gartner to find out more. Smashing Security listeners can save $350 off the standard registration rate by using the code "SMASHING". Promo Code: SMASHINGMetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to...
5/8/2019 • 45 minutes, 24 seconds
Zombie chickens and fast-food victims
What's the worst that can happen if you join a Hollywood hard man's Facebook page? What drove a man to hijack a website's name at gunpoint? And can you solve the mystery of the Canadian Hamburglar?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Mark Stockley.Visit https://www.smashingsecurity.com/126 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Gartner: Gartner's Security & Risk Management Summit, running from June 17-20 2019 in National Harbor, Maryland, is the premier cybersecurity conference for CISOs, IT Security & Risk Professionals. Get the latest unbiased research and advice on cyber attacks, and emerging technologies including AI, blockchain, machine-learning and more.Visit smashingsecurity.com/gartner to find out more. Smashing Security listeners can save $350 off the standard registration rate by using the code "SMASHING". Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read...
5/1/2019 • 49 minutes, 11 seconds
Pick of the thief!
WannaCry's "accidental hero" pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:"Gents! Stop airdropping your pics!" — Smashing Security episode 038, where we discussed the arrest of Marcus Hutchins.Marcus Hutchins plea agreement — PDFStatement from Marcus Hutchins (aka MalwareTech)"Stick to the good side." — Marcus Hutchins...
4/24/2019 • 47 minutes, 19 seconds
Poisoned porn ads, the A word, and why why why Wipro?
The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Brian Honan.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:Hacker from Russian crime group jailed for multi-million pound global blackmail conspiracy — NCA.The No More Ransom Project.<a href="https://krebsonsecurity.com/2019/04/experts-breach-at-it-outsourcing-giant-wipro/"...
4/17/2019 • 52 minutes, 41 seconds
Backups - a necessary evil? (replay)
With Graham incapacitated, we drag an episode out from the archives. In this special "splinter" episode of the "Smashing Security" podcast from September 2017 we tackle the tricky subject of backups - When did you last backup your data? How and what should you backup? And where should you store them?Lots of questions and Graham gets to do his Tina Turner impression.All this and more is discussed in this edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Tina Turner - Private Dancer — YouTube.The Baranton Sisters foot juggling tables — YouTube.How to create a robust data backup plan (and make sure it works)<a href="https://support.apple.com/en-gb/ht203977" rel="noopener...
4/10/2019 • 30 minutes, 46 seconds
The big fat con at Office Depot
Office Depot and OfficeMax are fined millions for tricking customers into thinking their computers were infected with malware, car alarms can make your vehicle less secure, and facial recognition in apartment blocks comes under the microscope.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Is Office Depot diagnosing non-existent computer problems? — YouTube.Office Depot and Tech Support Firm Will Pay $35 Million to Settle FTC Allegations That They Tricked Consumers into Buying...
4/3/2019 • 48 minutes, 44 seconds
Hijacked motel rooms, ASUS PCs, and leaky apps
An app leaking private conversations and intimate photographs is ignoring requests to fix the problem, hackers poison a security update sent to ASUS PCs, and how to protect your privacy in motel rooms.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Mimecast: Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions.Get your free kit at smashingsecurity.com/mimecastSupport Smashing SecurityLinks:Varmazis.gr - The hot sauce factory.This Spyware Data Leak Is So Bad We Can't Even Tell You About It — Motherboard.A family tracking app was leaking real-time location data — TechCrunch.Popular family tracking app exposed real-time location data onto the internet – no password required — Hot for Security.Hosting Provider Finally Takes Down Spyware Leak of Thousands of Photos and Phone Calls — Motherboard.security.txt | A proposed standard which allows websites to define security policies.Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers — Motherboard.<a...
3/27/2019 • 47 minutes, 37 seconds
Silk Road with Deliveroo
Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:'It's like Uber, but for weed': Meet the man who revolutionized Israel's pot trade — Haaretz.Israel Police arrest top members of Telegrass online drug ring — Haaretz.Sources: Telegrass head cooperating with police — YNet News.You left WHAT on that USB drive?! — Naked Security.Cult of the Dead Cow — Wikipedia.Back Orifice — Wikipedia.Beto O’Rourke’s secret membership in America’s oldest hacking group — Reuters.<a...
3/20/2019 • 48 minutes, 29 seconds
Hijacked homes, porn passports, and ransomware regret
A $150 million mansion is hijacked online, Brits will soon have to scan their passport to watch internet porn, and are organisations right to pay up when hit by ransomware?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Mimecast: Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions.Get your free kit at smashingsecurity.com/mimecastSupport Smashing SecurityLinks:What Is a Zillow Zestimate? — YouTube.Zillow sued over hacked listing of $150 million California mansion — Chicago Tribune.The Headington Shark, Oxford.UK Digital Economy Act 2017 — Legislation.gov.uk.AgeID | Your Access to the World of Age-Restricted Websites.CleanBrowsing...
3/13/2019 • 54 minutes, 9 seconds
The 's' in IoT stands for security
Twerking robot assistants, an app from Saudi Arabia that lets men track women, and a gnarly skiing security snarl-up!Oh, and find out how a didgeridoo could change your life and that of your loved ones.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:A Jibo twerking — YouTube.Tweet by Dylan Martin about Jibo — Twitter.After Being Sold to a VC Firm, this $899 IoT Robot Will Soon Brick Itself — Motherboard.<a...
3/6/2019 • 42 minutes, 50 seconds
SWATs on a plane
Why is Tampa's mayor tweeting about blowing up the airport? Are hackers trying to connect with you via LinkedIn? And has Maria succeeded in her attempt to survive February without Facebook? All this and much much more in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Plus, after last week's discussion about the legal battle between Mondelez and Zurich Insurance, we have a chat with security veteran Martin Overton to take a deeper look into cyberinsurance.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Martin Overton.Sponsored By:Mimecast: Grab your FREE Cybersecurity Awareness Training Kit from Mimecast, and share it throughout your company. Give your employees the information they need to make the best cybersecurity decisions.Get your free kit at smashingsecurity.com/mimecastLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Pornography, racism and threats of missile attack fill Tampa mayor's Twitter feed during hack — WTSP News.How to use the Teams feature on TweetDeck — Twitter.I Blocked Amazon, Facebook, Google, Microsoft, and...
2/27/2019 • 57 minutes, 24 seconds
Stalking debtors, Facebook farce, and a cyber insurance snag
How would you track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, Castbox, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Carrigan.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:In first such case, Chinese police arrest hacker for selling tracking app to debt collectors — Global Times.Ravenous Bugblatter Beast of Traal — Urban Dictionary.<a...
2/20/2019 • 45 minutes, 55 seconds
Love, Nests, and is 2FA destroying the world?
Is two factor authentication such a pain in the rear end that it's costing the economy millions? Do you feel safe having a Google Nest in your home? And don't get caught by a catfisher this Valentine's Day.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by B J Mendelson.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, Castbox, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: B J Mendelson.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Hello by Lionel Richie — YouTube.Apple being sued because two-factor authentication on an iPhone or Mac takes too much time — Apple Insider.<a...
2/13/2019 • 38 minutes, 52 seconds
Darknet Diaries, death, and beauty apps
Jack Rhysider from the "Darknet Diaries" podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how 'beauty camera' apps are redirecting users to phishing websites and stealing their selfies.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jack Rhysider of the "Darknet Diaries" podcast.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jack Rhysider.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:This hypnotist helps people recover lost bitcoin passwords — CNBC.Good News! You Are a Bitcoin Millionaire. Bad News! You Forgot Your Password — Wall Street Journal.<a...
2/6/2019 • 50 minutes, 28 seconds
FaceTime, Facebook, faceplant
A FaceTime bug allows callers to see and hear you before you answer the phone, Facebook's Nick Clegg tries to convince us the social network is changing its ways, and IoT hacking is big in Japan.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Smashing Security on Reddit.Apple has a huge privacy ad at CES 2019 — CNBC.Apple races to fix FaceTime bug that lets you spy on someone *before* they pick up your call — Graham Cluley.<a...
1/30/2019 • 45 minutes, 51 seconds
Payroll scams, gold coin heists, web giants spanked
Business email compromise evolves to target your company's payroll, how the world's largest gold coin was stolen from a Berlin museum, and are internet giants feeling the heat yet over data security?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by people hacker Jenny Radcliffe.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jenny Radcliffe.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:Smashing Security on RedditBusiness Email Compromise Scams Have Netted $12.5 Billion, Says FBI — Bitdefender.The 2 Investigators: Theft By 'Business Email Compromise' — YouTube.<a href="https://www.youtube.com/watch?v=IIfBr5VVTbY&feature=youtu.be&t=1516"...
1/23/2019 • 43 minutes, 7 seconds
When rivals hack, and "extreme" baby monitors
Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoë Rose.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mirai Botnet DDoS (Sky News) — YouTube.Massive Cyber Attack Knocks Out Access To Websites (CNBC) — YouTube.Download the Mirai source code, and you can run your own IoT botnet — Graham Cluley.<a href="https://www.tripwire.com/state-of-security/featured/mirai-iot-hijacking-botnet-sentenced/" rel="noopener...
1/16/2019 • 40 minutes, 56 seconds
What? You can get paid to leave Facebook?
Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Dad pays girl $200 to give up Facebook — YouTube.How much is social media worth? Estimating the value of Facebook by paying users to stop using it — PLOS.Being paid to quit Facebook — Graham Cluley.<a...
1/9/2019 • 51 minutes, 8 seconds
Grinches target Amazon and Reddit, stealing Christmas from the poor
Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Dave Bittner from The Cyberwire.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Smashing Security: We're sponsoring ourselves this week! Get in touch at [email protected] if you're interested in partnering with us for a future episode of the show.Support Smashing SecurityLinks:PewDiePie printer hackers strike again — BBC News.ASCII art attack — Smashing Security episode 007.TheHackerGiraffe — Patreon.Buying PewDiePie a $1M Billboard in Times Square! — YouTube.I Bought Every Billboard In My City For This — YouTube.PewDiePie Billboards in INDIA | T-Series vs PewDiePie — YouTube.WSJ website defaced by PewDiePie fan in ongoing YouTube subscribers battle — ZDNet.Disney Severs Ties With YouTube Star PewDiePie After Anti-Semitic Posts — Wall Street Journal.TheHackerGiraffe comments on WSJ defacement — Twitter.Cockwomble definition — Urban Dictionary.The Wombles Season 1 —...
12/19/2018 • 46 minutes, 59 seconds
Hoaxes, Huawei and chatbots - with Mikko Hyppönen
The curious case of George Duke-Cohan, Huawei's CFO finds herself in hot water, and the crazy world of mobile phone mental health apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mikko Hyppönen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Three years in jail for teenager who spammed out school bomb threats, and made hoax call about hijacked plane — Graham Cluley.Schools bomb hoaxes: Bodycam shows George Duke-Cohan arrest — BBC News.Bomb Threat Hoaxer, DDos Boss Gets 3 Years — Krebs on Security.Estonian DDoS revenge worm crafter jailed — The Register.Canada could be at risk of ‘nasty’ retaliation from China — Vancouver Star.Bad news for scammers. Huawei executive Meng Wanzhou has been released on bail — Graham Cluley.Child advice chatbots fail to spot sexual...
12/12/2018 • 48 minutes, 43 seconds
Sextorting the US army, and a Touch ID scam
Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won't believe who was behind a sextortion scam that targeted over 400 members of the US military.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoë Rose.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Military criminal investigative organizations crack down on sextortion ring targeting service members — NCIS.Scam iOS apps promise fitness, steal money instead — WeLIveSecurity.Mastercard, Microsoft to Advance Digital Identity Innovations — Mastercard press release.China's Surveillance State Should Scare Everyone — The Atlantic.Mastercard and Microsoft to jointly develop universal digital ID technology — IT Pro.A Victorian point and click adventure game — Bertram Fiddle.Bertram...
12/5/2018 • 44 minutes, 17 seconds
Google Maps, Fed phishing, and Grinch bots
How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.And don't miss our special bonus interview about passwords with Rachael Stockton of LastPass, sponsors of this week's show.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Rachael Stockton.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:A new bank scam using Google Maps loophole — The Hindu.Google’s sorry that this crudely offensive image of the Apple logo turned up in Maps — The Washington Post.‘Edwards Snow Den’ infiltrates the White House on Google Maps — The Washington Post.The FBI Created a Fake FedEx Website to Unmask a Cybercriminal — Motherboard.what3words | Addressing the world.<a...
11/28/2018 • 1 hour, 51 seconds
Facebook, Nietzsche, Tesla, and Nicole
Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:Smashing Security: We're sponsoring ourselves this week! Get in touch at [email protected] if you're interested in partnering with us for a future episode of the show.Support Smashing SecurityLinks:How I Went From Tesla Delivery Hell To Tesla Giving Me Control Of Their Site Forums With Over 1.5 Million Tesla Account Contacts — DansDeals.com.Customer Complains About Tesla Forums, Tesla Accidentally Gives Him Control Over Them — Motherboard.A Guy Emailed 246 Nicoles Trying To Find The One He Met At A Bar And Now They're All Friends — Buzzfeed News.Facebook exodus: 44 percent of American users ages 18-29 have deleted app — CNBC.How Facebook employees reacted to NYT report on leadership, scandals — Business Insider.Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis — New York Times.Facebook’s top execs ‘make tobacco executives look like Mister Rogers’ — Recode.<a...
11/21/2018 • 44 minutes, 17 seconds
The world's most evil phishing test, and cyborgs in the workplace
Does your employer want to turn you into a cyborg? Was this phishing test devised by an evil genius? And how did a cinema chain get scammed out of millions, time and time again...?Oh, and the subject of erasable pens comes up again.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Scott Helme.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Scott Helme.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Cinema Chain Sees Bad Movie Script Play Out As It Loses Millions In Email Scam — Martijn Grooten writes on Forbes.Internet con men ripped off Pathe NL for €19m in sophisticated fraud — DutchNews.nl.Court documents describing the scam — It's in Dutch. Don't ask us to translate it.Tweet from InfoSecSherpa describing diabolical phishing test.BBC Click on Twitter: "Could you be paying for things using just your hand?" — Scott Helme is filmed getting an implant.The future prospects of embedded microchips in humans as unique identifiers: the risks versus the rewards...
11/14/2018 • 54 minutes, 48 seconds
An Instagram nightmare, crazy iPhone deaths, and election hack claims
One travel blogger finds you don't have to be Kylie Jenner to be targeted by an Instagram hacker. When 40 iPhones at a hospital mysteriously die, what could be the explanation? And, surprise surprise, political parties in the USA are throwing around hacking accusations.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Mark Stockley.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Kylie Jenner — Instagram.Hacker, angry over unpaid $200, deletes Abu Dhabi-based travel blogger's account — Gulf News.Of Travels & Tales — Delaine Maria D’Costa's blog.Delaine Maria D’Costa's Instagram account<a href="https://www.instagram.com/stories/highlights/17980852519107045/" rel="noopener noreferrer"...
11/7/2018 • 52 minutes, 59 seconds
Ethical dilemmas, Girl Scouts, and porn-loving US officials
Who deserves to die in a driverless car crash? Who has been sniffing around the Girl Scouts' email account? And just how long would it take for a geologist to visit 9,000 adult web pages?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist and "Friends" fan Dan Raywood.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dan Raywood.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Self-Driving Cars: The Ethical Dilemma — YouTube.Moral Machine — A platform for gathering a human perspective on moral decisions made by machine intelligence, such as self-driving cars.Moral Machine - Human Perspectives on Machine Ethics — YouTube.Girl Scouts' personal information affected by recent data breach — ABC30.Girl Scouts Alerted to Possible Data Breach — Infosecurity Magazine.Where does Girl Scout cookie money go? — SAS Learning Post."You're a Big Scrud" — YouTube.USGS IT Security vulnerabilities (PDF) — Office of Inspector General...
10/31/2018 • 47 minutes, 42 seconds
Rule 34, Twitter scams, and Facebook fails
A Facebook friend request leads to arrest, Twitter scams ride again via promoted ads, and adult websites expose their members. Oh, and Graham finds out what Rule 34 is.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Robber contacts victim on Facebook to apologize, Reading police say — Reading EagleMaria Varmazis spots a promoted, verified scam tweet — TwitterWhy is Elon Musk promoting this Bitcoin scam? (He’s not) — Naked SecurityTwitter thought Elon Musk's bizarre tweets were evidence he'd been hacked — Graham Cluley<a...
10/24/2018 • 50 minutes, 33 seconds
IoT failures, and Donald Trump dating disaster
Yes, Smashing Security has reached its 100th episode!Despite our celebratory mood, we don't forget to take a look at the security stories of the last week - including an alarming IoT failure and a dating app disaster for Donald Trump devotees.All this and much more is discussed in this very special 100th edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:The very first episode of Smashing Security: "One cup, two hotel guests" — Sorry about the poor audio quality. Turns out we got better...Yale UK announces some "unplanned network maintenance" — TwitterYale UK's network maintenance isn't going well — Twitter<a...
10/17/2018 • 52 minutes, 24 seconds
099: Passwords - A Smashing Security splinter (replay)
With Carole in the wilds of Canada, and Graham knee-deep in a security conference in Glasgow, we drag an episode out from the archives of February 2017 - looking at the thorny subject of passwords.
Join computer security veterans Graham Cluley, Carole Theriault, and Vanja Švajcer as they offer some advice and tips for computer users.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Vanja Švajcer.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
10/10/2018 • 16 minutes, 45 seconds
098: A Facebook omnishambles
Millions of Facebook user accounts put at risk after hack! The UK Conservative party's conference app causes a privacy omnishambles! And Facebook (again) has been doing something naughty with the phone numbers you give it for security reasons! Oh, and Maria gets very excited about something to do with Star Trek.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.
Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor
Support Smashing SecurityLinks:Our Podcast Awards trophy acceptance video — Even though we didn't actually win, we still thought you might like to see it.Virus Bulletin conference, Montreal — Say "Hi" to Carole if you see her there.Everything that went wrong during Theresa May’s 2017 conference speech - YouTubeDie Hard on the One Show - Charlie Brooker's Weekly Wipe - YouTubeConservative Party conference app reveals MPs' numbers - BBC News<a...
10/3/2018 • 51 minutes, 29 seconds
097: Dash cam surveillance, robocall plague, and Zoho woe
Why was Zoho's website taken offline by its own domain registrar? How are dash cams making you less secure? And why are robocalls on the rise in the United States?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Update on Zoho Services Disruption - Zoho BlogZoho CEO Sridhar Vembu asks for help on TwitterWhoa – oh no, Zoho: Domain name no-show deals CRM biz, 40m punters a crushing blowDomain registrar oversteps taking down Zoho domain, impacts over 30Mil usersBlackvue Dash-Cams Broadcasting Live Video and GPS of Your Car PUBLICLY by DEFAULT! - YouTubeTim Woodruff's tweet about BlackVue dash camsYes, It’s Bad. Robocalls, and Their Scams, Are SurgingYouMail - Robocall Index4.2 Billion Robocalls in August Set All-Time Record for YouMail Robocall Index<a...
9/26/2018 • 44 minutes, 14 seconds
096: Bribing Amazon staff, and blinking deepfakes
Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee's bitcoin bet, and our guest gets a shock...
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week (for a while at least) by David Bisson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: David Bisson.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.
Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptor
Support Smashing SecurityLinks:'Pull your finger out' - the phrase's meaning and originAmazon Investigates Employees Leaking Data for Bribes - WSJAmazon staff said to be taking bribes to leak dataCrooked firms bribe customers with free gifts to leave fake reviewsSmashing Security 063: Carole's back! (where Maria Varmazis discusses deepfakes)Carnegie Mellon Researchers Develop New Deepfake MethodTransferring One Video Into the Style of Another - YouTubeThe Secret to Detecting Deep Fakes Is in the Eye...
9/19/2018 • 33 minutes, 51 seconds
095: British Airways hack, Mac apps steal browser history, and one person has 285,000 texts leaked
Malicious script is being blamed for the British Airways hack, Trend Micro's apps are booted out of the Mac App Store for snaffling private data, and Paul Manafort's daughter wants Twitter to remove a link.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Emm of Kaspersky Lab.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: David Emm.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:A Deceitful 'Doctor' in the Mac App StoreAlert: Adware Doctor stealing your files - YouTube videoApps that steal users' browser histories kicked out of the Mac App storeTrend Micro apologises after Mac apps found scooping up users' browser historyBritish Airways hacked - customer data and details of 380,000 card payments stolenThe British Airways Breach: How Magecart Claimed 380,000 VictimsBritish Airways hack: Infosec experts finger third-party scripts on payment pagesLaw firm launches £500 million group action over British Airways hack<a...
9/12/2018 • 42 minutes, 22 seconds
094: Rogue browser extensions, Twitter presence, and how to cheat in exams
What's the danger when browser extensions go bad? Is Twitter sharing your online status a boon for stalkers? And which of the show's hosts is going to admit to cheating in their exams?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist David McClelland.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:MEGA.nz Chrome extension caught stealing passwords, cryptocurrency private keysSecurity warnings for MEGA Chrome extension usersTwitter testing new feature that reveals when you're online... Who other than stalkers actually wants this?Giving social networking back to you - The Mastodon ProjectGraham Cluley on MastodonPhotomath - Camera calculatorTechnology Gives Students Innovative Tools for CheatingStudents’ cheating takes a high-tech turn<a href="https://www.youtube.com/watch?v=PpKYObNqsJA" rel="noopener noreferrer"...
9/5/2018 • 52 minutes
093: Abandoned domains and dating app dangers
How do fraudsters exploit abandoned domains to steal your company's secrets? How can you better protect your privacy when looking for love online? And who has the longest arms in the animal kingdom?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who were joined briefly by a man in a wind tunnel for this episode.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:What do the drsolomon.com and sands.co.uk domains look like now?Hacking law firms with abandoned domain namesFraudsters Can Access Sensitive Information from Abandoned DomainsHave I Been Pwned: Domain searchJohn and Lorena BobbittHe Used Tinder to Hunt the Women He Raped and Killed, Police SayMissing Paperwork Got Him Out of Jail. Then, Police Say, He Raped and Killed<a...
8/29/2018 • 37 minutes, 18 seconds
092: Hacky sack hack hack
Is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm's files? And why on earth would a firm of lawyers start producing pornographic videos? You'll be surprised by the answers!
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Connected car data handover headache: There's no quick fix... and it's NOT just Land RoversShock Land Rover Discovery: Sellers could meddle with connected cars if not unboundThe hidden data danger of the ‘Connected’ carYour BMW or Merc may also be at risk of being hacked, because of your iOS appSamy, the MySpace worm written by Samy KamkarApple hacked by 16-year-old who “dreamed” of working for firmMelbourne teen hacked into Apple's secure computer network, court toldPrenda Law stories at...
8/22/2018 • 51 minutes, 55 seconds
091: Sextortion, Las Vegas hotels, and Alex Jones
Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they won't be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banned from Twitter?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:The Podcast Awards - The People's ChoiceSex extortion emails now quoting part of their victim's phone numberNew Extortion Tricks: Now Including Your (Partial) Phone Number!In post-massacre Vegas, security policies clash with privacy valuesKatie Moussouris tweets about her Las Vegas hotel experienceVideo Shows Hotel Security at DEF CON Joking About Posting Photos of Guests' Belongings to...
8/15/2018 • 48 minutes, 14 seconds
090: Fortnite for Android, and the FCC's DDoS BS
Fortnite players are told they'll have to disable a security setting on Android, the FCC finally admits that it wasn't hit by a DDoS attack, and Verizon's VPN smallprint raises privacy concerns.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Bisson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: David Bisson.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:You'll have to disable a recommended Android security setting to install FortniteFortnite is putting users at risk, to prove a point about Google's Android monopolyIntroducing Android 9 PieSafe-WiFi Wireless Private Network - Verizon WirelessVerizon Didn’t Bother to Write a Privacy Policy for its ‘Privacy Protecting’ VPNTerms of Service for the Verizon Safe Wi Fi AppMcAfee Privacy NoticeVerizon customers can sue ad company over “zombie” cookies, judges rule <a...
8/8/2018 • 36 minutes, 47 seconds
089: Data breaches, ransomware, Bitcoin robberies, and typewriters
Ransomware rears its head again, Dixons Carphone reveals its data breach was almost 1000% worse than they previously thought, a man is accused of stealing five million dollars worth of cryptocurrency through hijacking mobile phones, and a Canadian guy called Norman is rushing to get the typewriters out of storage.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist Geoff White.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Shipping company’s networks in the Americas crippled by ransomware attackYahoo addresses used by Cosco following ransomware attackBitPaymer Ransomware Infection Forces Alaskan Town to Use Typewriters for a WeekJim Hagemann Snabe, Maersk chairman, describing their recovery from the NotPetya ransomware - YouTubeDixons Carphone admits hack far bigger than originally thought<a...
8/1/2018 • 44 minutes, 31 seconds
088: PayPal’s Venmo app even makes your drug purchases public
Websites still using HTTP are marked as "not secure" by Chrome, 85,000 Google employees haven't been phished for a year, and if you're buying drugs via PayPal’s Venmo app you should say goodbye to privacy.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Scott Helme.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.Special Guest: Scott Helme.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the podcast awards!Smashing Security 039: Woah - are we talking to a cyborg?Google: Security Keys Neutralized Employee PhishingYubicoLess than 10% of Gmail users have enabled two-factor authenticationGoogle's Advanced Protection ProgramWhat is Google’s Advanced Protection Program? - YouTubeTwo-factor authentication versus two-step verificationOne small step for a browser, one giant leap for web security!Chrome browser flags Daily Mail and other sites as 'not...
7/25/2018 • 42 minutes, 55 seconds
087: How Russia hacked the US election
Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier things being done in the name of surveillance.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the podcast awards!Scammers strike as Elon Musk retracts vile Twitter accusation against cave rescuerDonald Trump 'encourages Russia to hack Clinton emails' - YouTubeIndictment against 12 Russian hackersBears in the Midst: Intrusion into the Democratic National CommitteeThis is the email that hacked Hillary Clinton’s campaign chiefGuccifer 2.0’s schoolboy error reveals he’s hacking from Moscow<a...
7/18/2018 • 44 minutes, 32 seconds
086: Elon Musk submarine scams and 2FA bypass
The world has been gripped with the story of that soccer team, those poor boys... but enough about England's World Cup hopes being dashed, it's time for another episode of "Smashing Security".
Crypto scamming Thai cave rescue scoundrels! $25 million to make anti-fake news videos! TimeHop data breach! Phone number port out scams!
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the author of "Social media is bullshit", B J Mendelson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: B J Mendelson.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for "Smashing Security" in the Podcast AwardsThai Cave rescue scammers pose as Elon MuskWhy was Elon Musk at the Thai cave rescue?The full story of Thailand’s extraordinary cave rescueBad Checks: Twitter's Identity Crisis Is Costing Users More Than BitcoinYouTube Pledges $25 Million to Help Fight Fake NewsTimehop security incidentwhat3words | Addressing the worldJustified Season 1 Promo / trailer - YouTube<a href="https://www.theguardian.com/tv-and-radio/2018/jun/29/dear-joan-and-jericha-agony-aunts-of-the-most-ribald-kind-podcasts-of-the-week" title="Dear Joan and Jericha: agony aunts of the most ribald kind"...
7/11/2018 • 39 minutes, 5 seconds
085: Doctor Who, Facebook patents, and Bob's Burgers
Doctor Who's TARDIS has sprung a data leak, Facebook's creepy patents are unmasked, and an app to keep women safe on dates has surprising origins.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:BBC Goes to Court to Identify 'Doctor Who' LeakerDoctor Who episodes leak online - should you download them?Reality Winner pleads guilty after being unmasked by microdotsGerman researchers defeat printers' doc-tracking dotsAre you happy with this technology that Facebook’s developing?Emma Sayle - CEO. Wife. Mother. Liberator. Feminist.Killing Kittens Parties Liberating Women Worldwide<a...
7/4/2018 • 37 minutes, 10 seconds
084: No! My voice is not my password
Who's been collecting the voice prints of millions of people saying "My voice is my password"? Why has it become tougher for law enforcement to scoop up cellphone data? And who's been turning up your central heating?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes of AMTSO.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:VirusTotal: VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks.
Find out more at https://www.virustotal.com/learn
Support Smashing SecurityLinks:Voice ID showcases latest digital development for HMRC customersHMRC takes 5 million taxpayers’ Voice IDs without consent – Big Brother WatchUK taxman has amassed voice profiles of 5.1 million taxpayers BBC fools HSBC voice recognition security systemKnock down ginger — What Graham meant to say when he referred to "Postman's knock"Victory! Supreme Court Says Fourth Amendment Applies to Cell Phone TrackingThermostats, Locks and Lights: Digital Tools of Domestic AbuseSafety Net: the National Safe & Strategic Technology ProjectUS Tech Safety hotlinesUK National Domestic Violence Helpline<a...
6/27/2018 • 33 minutes, 54 seconds
083: Fake email derails clarinetist's dream
Hell hath no fury like a jealous clarinetist's girlfriend! Your Google ChromeCast could be letting stalkers find out where you live! And why on earth is Graham recommending people write their passwords down in a book!?
Join computer security veterans Graham Cluley and Carole Theriault on a shorter episode of the "Smashing Security" podcast than normal, as they're awfully busy touring up and down the country doing things in front of live audiences.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:View from Carole's hotel room in ManchesterEric Abramovitz plays the clarinet - YouTubeMcGill music student awarded $350,000 after girlfriend stalls careerEric Abramovitz vs Jennifer (Jooyeon) Lee - Court documentsGoogle’s Newest Feature: Find My HomeSteve Gibson's Three Router Solution to IOT InsecurityGoogle Removes 'Don't Be Evil' Clause From Its Code of ConductPassword Minder Infomercial - YouTubeLaDonna - This American LifeSmashing Security merchandise (t-shirts, mugs, stickers and stuff)
6/20/2018 • 27 minutes, 33 seconds
082: World Cup cybersecurity, crypto crashes, and a bang of a password fail
Coinrail cryptocurrency exchange goes offline after hack, Russia appears to be 'live testing' cyber attacks, and Florida stopped running background checks on gun buyers because of forgotten password.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's football-mad John Leyden.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Leyden.Sponsored By:VirusTotal: VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks.Find out more at https://www.virustotal.com/learnSupport Smashing SecurityLinks:Bitcoin price takes a dive after another cryptocurrency exchange hackMikko Hypponen on Twitter explains why cryptocurrency exchanges get hacked$1m by 2020: John McAfee will still ‘eat his own d*ck’ if he’s wrong about Bitcoin2018 FIFA World Cup RussiaRussia appears to be 'live testing' cyber attacks - Former UK spy boss Robert HanniganFrench TV network taken off air after attack by pro-ISIS hackersTV5Monde attack proves hacking attribution is very difficultTV station exposé its own passwords on l'air. A Franglais reportVPNFilter botnet has hacked 500,000 routers....
6/13/2018 • 39 minutes, 1 second
081: Hacker no-hopers, Wessex Water has a word, and we win an award
The mastermind behind the Owari botnet doesn't seem to have learnt anything from his victims, and someone at Wessex Water forgets to remove an embarrassing sentence from a letter sent to customers...
All this and much much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who recorded a shorter podcast than normal this week as they were far too busy recovering from receiving the best security podcast award!
Follow the award-winning show on Twitter at @SmashinSecurity, or visit our website for more award-winning episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the award-winning episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:We did it! Smashing Security’s Carole celebrates with the best security podcast award!… Full results from the Infosec18 European Blogger AwardsHacker Fail: IoT botnet command and control server accessible via default credentialsPwn goal: Hackers used the username root, password root for botnet control database loginTweet by Vesselin BontchevMailshot meltdown as Wessex Water gets sweary about a poor chap called TomApology from Wessex Water on TwitterExcel pivot table data leak leads to £120,000 fine...
6/6/2018 • 25 minutes, 32 seconds
080: Country bans Facebook, eavesdropping Alexa, and PornHub VPN
The country of Papua New Guinea is planning a month-long nationwide ban of Facebook, PornHub wants to keep your online activities more private, and Amazon Alexa forwards a married couple's private conversation to a random contact.
All this and much much more is discussed in the latest 100% GDPR-compliant edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ESET's Tommi Uhlemann.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Tommi Uhlemann.Sponsored By:VirusTotal: VirusTotal Intelligence is one of the world’s largest malware intelligence services. Security professionals rely on it to better understand the effects of malware in enterprise networks.
Find out more at https://www.virustotal.com/learn
Support Smashing SecurityLinks:Papua New Guinea to ban Facebook for a monthShutting down facebook in PNG is a realityPornhub launches VPNhub, a VPN service with free, unlimited bandwidthPornhub hack: Hackers hijacked ads with malware in year-long attackBe cautious, free VPNs are selling your data to 3rd partiesHow to hear (and delete) every conversation your Amazon Alexa has recordedWoman says her Amazon device recorded private conversation, sent it out to random contactSmashing Security 044: Bonus behind the scenes - shower time<a href="https://www.buzzfeed.com/nicolenguyen/how-to-deactivate-alexa-calling-and-messaging?utm_term=.omQq2PPJN#.vu3jyNN52" title="Here's How To Deactivate Alexa Calling After You
5/30/2018 • 34 minutes, 25 seconds
079: Mugshots, mobile mania, and backend gurus
A website which demands money if you want your police mugshot removed, could "sharenting" lead to a rise in fraud and identity theft, and how could the FBI have overcounted encrypted phones so badly?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security!Smashing Security LIVE on Tour!Court documents about Mugshots.com caseAll of Mugshots.com’s alleged co-owners arrested on extortion charges'Sharenting' puts young at risk of online fraudParents ‘oversharing’ family photos online, but lack basic privacy know-howFBI Admits It Inflated Number of Supposedly Unhackable DevicesDonald Trump's smartphone security: an inconvenient truthApple Wants to Make Totally Unhackable iPhonesA Very English Scandal (TV...
5/23/2018 • 51 minutes, 14 seconds
078: Hounds hunt hackers, too-human Google AI, and ethnic recognition tech - WTF?
Dogs are trained to sniff out hackers' hard drives, facial recognition takes an ugly turn, and do you trust Google to book your hair appointment?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by investigative journalist Geoff White.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Geoff White.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Vote for Smashing Security in the European Security Blogger Awards!See Smashing Security LIVE!K-9 Helps Concord Cops Nab Student Hacker Who Upped GradesFerris Bueller's Day Off - hacking the computer -YouTubePolice Use Dog To Find Memory And Hard Drives In SearchDog Can Sniff Out Hidden Cellphones, Thumb Drives and More Facial Recognition and “ethnicity”Facial scans to identify bad Elvises at Porthcawl festivalMasked Anonymous Protesters Aid Time Warner’s ProfitsGoogle Duplex: A.I. Assistant Calls Local Businesses To Make Appointments - YouTube<a...
5/16/2018 • 43 minutes, 52 seconds
077: Why Paris Hilton doesn’t use iCloud, lottery hacking, and Facebook dating
The tricky-to-pronounce Paytsar Bkhchadzhyan is jailed for hacking Paris Hilton, we hear the story of the man who hacked the lottery and almost got away with $16.5 million, and Facebook thinks it is the perfect partner to find you a date.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the CyberWire's Dave Bittner.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dave Bittner.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Paris Hilton's hacker sentenced to 57 months in prisonFBI wasn't able to unlock iPhone, even with a 'fingerprint unlock warrant'Paris Hilton Comes Face to Face With Her Hacker in Court - YouTubeTweet by Paris Hilton: "Karma has no menu. You get served what you deserve..."Paris Hilton: Hacked or Not?Two-factor authentication for Apple ID - Apple SupportThe Man Who Cracked the LotteryLottery security director accused of hacking random-number generatorIowa Lottery releases surveillance footage of mystery Hot Lotto winner -...
5/9/2018 • 39 minutes, 54 seconds
076: Spying phones, hacked ski lifts, and World Password Day
Cheap Android smartphones sold on Amazon have been sending customers' full text messages to a Chinese server, ski lifts are found to be the latest devices left open to abuse by hackers, and we remind you why password managers are a good idea on World Password Day. Oh, and our guest serenades us with a hit from the 1980s!
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist and broadcaster David McClelland.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:See Smashing Security LIVE!Mobile Phone Maker BLU Reaches Settlement with FTC over Deceptive Privacy and Data Security ClaimsPhone maker settles charges it let partner collect customers’ text messagesBackdoor in some Android phones caught secretly sending data to ChinaUK bank advises against password managers - TwitterSantander Locks Horns with Security Pros, NCSC Over Password ManagersPasswords - a Smashing Security splinter episodeTerrifying Ski Lift Malfunction Caught On Camera - YouTubeSki...
5/2/2018 • 44 minutes, 1 second
075: Quitting Facebook
Should you quit Facebook? How do you delete your Facebook account? What do you need to consider before leaving Facebook for good? And what's the easiest way to successfully go cold turkey on Facebook?
Find out in this special splinter episode of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How do I download a copy of my information on Facebook?Facebook retracted Zuckerberg’s messages from recipients’ inboxesHow do I turn off Facebook's integration with apps, games and websites?How to use "Turn Platform Off" on Facebook for privacyHow do I deactivate my Facebook account?How to deactivate Facebook MessengerAsk Facebook to delete your accountSmashing Security merchandise (t-shirts, mugs, stickers and stuff)
4/25/2018 • 28 minutes, 8 seconds
074: Smashing Security isn't bullsh*t
Crime forums on Facebook, fraudsters pose as anti-fraud hotlines, and how big advertising companies are in bed with the rampant data collection of internet giants.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest B J Mendelson, author of "Social media is bullsh*t."
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: B J Mendelson.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Oh look "security expert" Rudy Giuliani shows you how to do a special "dark web scan", courtesy of Experian...Nobody seems to know what Rudy Giuliani's cybersecurity firm actually doesDeleted Facebook Cybercrime Groups Had 300,000 MembersHow to Report Abuse on FacebookMartin Sorrell Resigns as Chief of WPP Advertising AgencyAirbnb co-founder Nathan Blecharczyk spam pioneer says bookAn Apology for the Internet — From the People Who Built ItAutomated Action Fraud Tech Support scam callsCrime in England and Wales from Office for...
4/18/2018 • 48 minutes, 43 seconds
073: Rick Astley: Never gonna hack you up...
Politician admits to hacking a rival's website, T-Mobile Austria ends up in a Twitter security storm, and siren systems are hit by a Rick Astley attack.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Spoof blogger attacks Harman siteHarman hack horror has blog backing BorisHarriet Harman resigns!Boris Johnson left hanging on zip wire during Olympic eventHow to Hack Harriet HarmanTop Conservative MP tipped as a future Prime Minister admits hacking into Labour MP's websiteBafflement over Tory MP's admission she hacked Harriet Harman's websiteHarriet Harman accepts Tory MP Kemi Badenoch's hacking apologyThe lax computer security of British MPs - as detailed in their own tweets<a href="https://twitter.com/tmobileat/status/982187919061303296" title="T-Mobile Austria...
4/11/2018 • 39 minutes, 14 seconds
072: Why are firms so cr*p with our private data?
Grindr, MyFitnessPal, and Panera Bread. They've all had data breach scares of varying degrees this week. Some handled the security breaches well, some didn't. We took a look at how well different firms are respecting your data privacy.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who don't have a special guest this week.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Grindr Is Letting Other Companies See User HIV Status And Location DataGrindr Will Now Remind You To Get Tested For HIVGrindr to stop sharing HIV status with third partiesHackers steal data of 150 million MyFitnessPal app usersMyFitnessPal Security Issue FAQSmashing Security: Passwords - a Smashing Security splinterPanerabread.com Leaks Millions of Customer RecordsNo, Panera Bread Doesn’t Take Security SeriouslyDon't blame Panera Bread's security guy just because he used to work at Equifax<a...
4/4/2018 • 33 minutes, 41 seconds
071: Pony-tailed pundit ponders privacy problems - with Mikko Hyppönen
Endangering your friends online, the fibs told by VPN vendors, developments from the world of cryptomining, and Carole shares an animated GIF with Mikko and Graham.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen from F-Secure.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Mikko Hyppönen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mikko's adventure game "Paha Juttu" at the Finnish Game MuseumDownload the Paha Juttu Commodore 64 floppy image file (d64)Commodore 64 online emulator (load a d64 file into this)Mat Johnson's tweet about Facebook logging his phone calls and textsFact Check: Your Call and SMS HistoryWho and What Is Coinhive?100+ VPNs & Their Logging Policy (What Logs Are Kept by Who?)Which VPN Services Keep You Anonymous in 2018?‘Lone DNC Hacker’ Guccifer 2.0 Slipped Up and Revealed He Was a Russian Intelligence Officer<a...
3/28/2018 • 41 minutes, 37 seconds
070: Facebook and Cambridge Diabolica
It’s not fair to describe what happened at Facebook and Cambridge Analytica as a data breach - it’s much worse than that. An autonomous Uber vehicle kills a pedestrian. And sextortion continues to be a serious problem.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by researcher Scott Helme.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Scott Helme.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breachRevealed: Trump’s election consultants filmed saying they use bribes and sex workers to entrap politiciansCambridge Analytica's grab of 50 million Facebook users' dataCambridge Analytica controversy: Was there a Facebook data breach?Martijn Grooten's GDPR jokeHow To Change Your Facebook Settings To Opt Out of Platform API SharingUber Halts Autonomous Car Tests After Fatal Crash in Arizona Warning from police: scammers solicit nude...
3/21/2018 • 40 minutes, 38 seconds
069: Cryptomining, China, and Bob Ross
How come Apple's Mac App Store authorised a buggy app that mined for cryptocurrency in the background? How can a Mosquito attack steal data from an air-gapped computer? And is China keeping score on its social media-loving citizens?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest John Hawes.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:There’s a currency miner in the Mac App Store, and Apple seems OK with itA Surreptitious Cryptocurrency Miner in the Mac App Store?MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange DataMOSQUITO earbuds: Jumping air-gaps via speaker-to-speaker communication - YouTubeWould you choose a partner based on their 'citizen score'?China eyes 'black tech' to boost security as parliament meetsBig data meets Big Brother as China moves to rate its citizensHow WeChat came to rule China <a href="http://build-its-inprogress.blogspot.co.uk/2018/03/the-rubiks-contraption.html" title="The Rubik's...
3/14/2018 • 42 minutes, 11 seconds
068: Malware from outer space!
If aliens did contact us would it be safe to open the email? Why would MoviePass track film lovers after they leave the cinema? Would you know how to get around Malaysia when your car rental website lets you down? And will Graham please stop talking about text adventure games?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by journalist (and possible spy) James Thomson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: James Thomson.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Eurozine discusses disinformation and democracyMalware from Space Interstellar communication. IX. Message contamination is impossible (PDF)MoviePass CEO proudly says the app tracks your location before and after moviesCEO Mitch Lowe Says MoviePass Will Reach 5 Million Subs by End of YearMoviePass Privacy PolicyGET LAMP: The text adventure documentaryLeather Goddesses of PhobosGET LAMP: The Text Adventure Documentary - YouTubeInfocom: The Documentary - YouTubeJacaranda Jim - retro text adventure game by...
3/7/2018 • 44 minutes, 57 seconds
067: Cyber stalking and gun control
Incognito mode on your browser not as private as you think, consumer spyware companies get hacked, Graham is accused of "multitasking" in his hotel room, and Carole champions the students of Parkland, Florida.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who recorded without a special guest this week.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How to go 'Incognito' on your web browser, and what it meansYour private browsing isn’t as incognito as you want it to beVeil is private browsing for the ultra-paranoidHacker Strikes ‘Stalkerware’ Companies, Stealing Alleged Texts and GPS Locations of CustomersSpy on Your Valentine Using Spy SoftwareHow stalking has been made easier by the internet and social networksTrailer NiteFlorida student to NRA and Trump: 'We call BS' - YouTubeMarch for our livesEmma González on Twitter<a...
3/1/2018 • 35 minutes, 39 seconds
066: Passwords, pirates, and postcards
Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest The CyberWire's Dave Bittner.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dave Bittner.Sponsored By:Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr
MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:FSLabs' A320 installer seems to include a Chrome password extraction toolFlight Simulator Add-On Tried to Catch Pirates By Installing Password-Stealing Malware on Their ComputersA320-X DRM clarification - Flight Sim Labs ForumsFlightSimLabs Alleged Malware Analysis – Luke GormanA320-X DRM - what happened - Flight Sim Labs ForumsLawsuits threaten infosec research - just when we need it mostFacebook plans to use U.S. mail to verify IDs of election ad buyers<a...
2/21/2018 • 39 minutes, 31 seconds
065: Cryptominomania, Poppy, and your Amazon Alexa
Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr
Support Smashing SecurityLinks:Government websites hijacked by cryptomining pluginRussian nuclear scientists arrested for allegedly hijacking supercomputer to mine BitcoinsNow that's taking the p... Sewage plant 'hacked' to craft crypto-coinsSalon website gives you a choice: turn off your ad blocker or let us mine cryptocurrenciesCoinhive review: Embeddable JavaScript Crypto Miner - 3 days inSmashing Security 059: An intro to Bitcoin and BlockchainYouTube Kids app still showing disturbing videosSomething is wrong on the internet – James...
2/15/2018 • 49 minutes, 42 seconds
064: So just a "teeny tiny" security issue then?
A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest HaveIBeenPwned's Troy Hunt.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Troy Hunt.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGRapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidr
Support Smashing SecurityLinks:Namecheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-DomainsThat’s not how security works, security is not obscurityUpdate on Recent Hosting Breach - Namecheap BlogHave I been pwned? Pwned PasswordsHow Long is Long Enough? Minimum Password Lengths by the World's Top SitesCenter for Humane TechnologyAdam Alter: Why our screens make us less happyEx Facebook, Google Employees Launch Anti-Tech CampaignSocial Networking Sites and Addiction: Ten Lessons Learned<a...
2/7/2018 • 43 minutes, 56 seconds
063: Carole's back!
Fitness trackers breaching your privacy, how anyone can create convincing celebrity porn, and how ransomware authors are getting ripped off by scammers.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:Chess CyberSecurity: Chess CyberSecurity is taking the pulse of the IT nation. Complete their three-minute quiz and you could win amazing prizes - including limited edition t-shirts, wireless headphones, an iPad Pro and a Sony PS4.Support Smashing SecurityLinks:Strava's Global HeatmapNathan Ruser tweets about Strava's global heatmapPrivacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared onlineThar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombsAdvanced Deanonymization through StravaFake celebrity porn is blowing up on Reddit, thanks to artificial intelligenceReddit User Outperforms Disney with AI-Generated Princess LeiaFake News Is About to Get Even Scarier than You Ever DreamedJosh Turner of The Other Favorites - YouTubeThe Levee by The Other Favorites - YouTube<a href="https://en.wikipedia.org/wiki/Blood_on_the_Tracks" title="Blood on the...
2/1/2018 • 45 minutes, 26 seconds
062: Tinder spying, Amazon shoplifting, and petrol pump malware
Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.
With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more with special guests David McClelland and Vanja Švajcer.
Follow the "Smashing Security" podcast on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guests: David McClelland and Vanja Švajcer.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Tinder's Lack of Encryption Lets Strangers Spy on Your SwipesTinder drift demo - YouTubeUsing public Wi-Fi - a Smashing Security splinterWatchdog Wednesday: WiFi hackers - BBCApple drops requirement for apps to use HTTPS by 2017Amazon Go debuts, and its prying cameras foil our shoplifting attemptsHacker Infects Gas Pumps with Code to Cheat CustomersMaking Blake's Seven 101 - YouTubeJon Alpert Speaks On His Film, "Cuba and the...
1/24/2018 • 44 minutes, 11 seconds
061: Fallout over Hawaii missile false alarm
User interfaces and poor procedures lead to pandemonium in Hawaii, hackers are attempting to trick victims into opening cryptocurrency-related email attachments, and yet more pox-ridden apps are found in Android's Google Play store.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Hawaii's ballistic missile false alarm and a user interface failureHawaii missile alert: How one employee ‘pushed the wrong button’ and caused a wave of panicWhat Hawaii Was Like After the False Nuclear AlarmCryptocurrency as the lure, an ISO as the attachment – why not open it?Malware Displaying Porn Ads Discovered in Game Apps on Google PlayGames with pornographic ads sneak into the Play Store, get 3 million downloads<a href="https://hotforsecurity.bitdefender.com/blog/fake-whatsapp-app-tricked-over-a-million-users-19195.html" title="Fake WhatsApp app...
1/17/2018 • 50 minutes, 29 seconds
060: Meltdown, Spectre, and personal devices in the White House
The chips are down, as tech companies struggle to protect against the Meltdown and Spectre flaws. The White House is getting tough on leakers by banning personal devices from the West Wing. And someone has been embedding a Bitcoin wallet into their hand...
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPadsSpectre? Meltdown? F*CKWIT? Calm down and make yourself some teaUntil your anti-virus adds this Registry key, you aren't getting any more Windows security updatesImportant information about Microsoft Meltdown CPU security fixes, antivirus vendors and youOuch! Microsoft's Meltdown and Spectre security update bricks some AMD-powered PCsRipple soars, becomes second-biggest cryptocurrency by market capBICHIPWould you store Ripple and Bitcoin in 'mark of the beast' microchip?Biohacker Summit 2017 – Uniting Technology & Nature<a href="https://www.theguardian.com/technology/2017/jan/06/first-humans-sense-where-north-is-cyborg-gadget" title="Meet the first...
1/10/2018 • 40 minutes, 16 seconds
059: An intro to Bitcoin and Blockchain
In this special "splinter" episode of the "Smashing Security" podcast we take a look at Bitcoin and Blockchain. What's all the fuss about cryptocurrencies? How can you protect your Bitcoin wallet? And how does the Blockchain work?
Lots of questions, and Graham offers to sell his family.
Listen to the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Peter Ullrich of the "Explain Blockchain" podcast.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Peter Ullrich.Support Smashing SecurityLinks:Bitcoin Resources from Jameson LoppMastering Bitcoin book by Andreas AntonopoulosExplain Bitcoin Like I’m FiveBitcoin ExchangesSilk Road's Ross Ulbricht sentenced to life in prison, without paroleBitcoin Energy Consumption IndexJaxx mobile cryptocurrency walletTrezor hardware Bitcoin wallet"Explain Blockchain" podcastSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)
1/3/2018 • 26 minutes, 28 seconds
058: Face ID, Firefox, and Windows SNAFUs, plus Bitcoin FOMO
Is Face ID racist? Has Mr Robot infected your Firefox browser? Has Microsoft pushed a buggy password manager onto your Windows PC?
All this and much much more is discussed in the special first birthday edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original co-host Vanja Švajcer.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Sponsored By:OneLogin: OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation.
Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/oneloginSupport Smashing SecurityLinks:Smashing Security #001: "One cup, two hotel guests" - YouTubeMozilla Slipped a ‘Mr. Robot’-Promo Plugin into Firefox and Users Are PissedThis Looking Glass/Mr Robot sh*t really p*sses me off - RedditUnknown Mozilla dev addon "Looking Glass 1.0.3" on browser... or is it just malware? - Firefox Support ForumUpdate: Looking Glass Add-onBono and Tim Cook - YouTubeHow to remove Bono and U2 from YOUR f*#!ing iPhone - YouTubeFor 8 days Windows bundled a password manager with a critical...
12/20/2017 • 42 minutes, 46 seconds
057: Mikko Hyppönen - live from the sauna - talks Bitcoin security
How to protect yourself from Bitcoin hackers, why you should think twice before giving Amazon the keys to your house, and how a private investigator tried to hack Donald Trump's tax returns.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen from F-Secure.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Mikko Hyppönen.Sponsored By:OneLogin: OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation.
Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/oneloginNetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:Mikko Hypponen has his ponytail hair cut. - YouTubeCyber Security Sauna podcastLouisiana man admits misusing Trump's Social Security numberOne of Your Equifax Hack Protections Expires SoonHow to protect yourself in the wake of the Equifax data breach<a href="https://www.cnbc.com/2017/10/15/larry-flynt-offers-10-million-for-dirt-that-could-get-donald-trump-impeached.html" title="Larry Flynt offers $10 million...
12/13/2017 • 40 minutes, 35 seconds
056: Peeping Toms, prison hacks, and parliamentary passwords
Why you should check your Airbnb for hidden cameras, a hacker attempts a different kind of jailbreak, and British MPs prove that they really are clueless when it comes to cybersecurity.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Ian Whalley.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Ian Whalley.Sponsored By:OneLogin: OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don't have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation.
Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/oneloginNetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:The lax computer security of British MPs - as detailed in their own tweetsNadine Dorries MP tweets about sharing her passwordHackers attempt to break into UK MPs' email accounts, as Houses of Parliament targeted by cyber attackNow criminals are ringing up British MPs to ask them their passwords<a href="https://twitter.com/NadineDorries/status/937043585454796801?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.grahamcluley.com%2Flax-computer-security-british-mps-detailed-tweets%2F" title="Nadine Dorries MP
12/6/2017 • 41 minutes, 11 seconds
055: Uber, net neutrality, and website hacks
Uber covers up a data breach, the noose tightens on net neutrality, and Bulletproof's website spills the data beans.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by umm.. nobody because they didn't arrange a special guest.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:Uber paid hackers $100,000 to keep data breach quietBulletproof breach notification letter to customers (PDF)Bulletproof Coffee lacks bulletproof security: Nerd brain juice biz hacked, cards gulpedNet Neutrality: What You Need to Know NowRacist, threatening attacks on FCC Chair Ajit Pai won't save net neutralityAmericans are spending Thanksgiving fighting for net neutralityAn update on the fight for the free and open internetGoogle YouTube Keyboard ShortcutsTom Baker returns to finish shelved Doctor Who episodes penned by Douglas Adams<a...
11/30/2017 • 28 minutes, 6 seconds
054: A great big fat macOS bug
Yes, you can log into macOS High Sierra's root account with no password.
In this special "emergency" edition of the podcast computer security veterans Graham Cluley and Carole Theriault discuss the breaking news of a serious Apple macOS bug that allows anyone to log into your Mac with root admin rights, without having to enter a password.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Support Smashing SecurityLinks:Tweet by Lemi ErginHuge MacOS bug lets anyone login as root without a password: what you need to knowHow to enable the root user on your Mac or change your root password - Apple SupportSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)
11/29/2017 • 8 minutes, 9 seconds
053: Game of Thrones, a major Amazon cloud leak, and web tracking gone crazy
The FBI think they've identified the HBO hacker, the US military have been caught with a leaky bucket, and web tracking has just got scarier than ever.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Iain Thomson.Support Smashing SecurityLinks:Uber paid hackers $100,000 to keep data breach quiet HBO offered its hackers $250,000 after attack, leaked email claims
Game of Thrones stars’ personal phone numbers leaked, as HBO hackers attempt to extort ransomSmashing Security 037: Boobs, dragons and data breachesIranian ‘Game of Thrones’ Hacker Demanded $6 Million Bitcoin Ransom From HBO, Feds SaySealed IndictmentOver 400 of the World's Most Popular Websites Record Your Every Keystroke, Princeton Researchers FindNo boundaries: Exfiltration of personal data by session-replay scriptsData release: list of websites that have third-party “session replay” scriptsThe dark side of Replay Sessions that record your every move onlineShark Attack 3 - That Famous Line (NSFW!)<a...
11/22/2017 • 40 minutes, 31 seconds
052: Facebook tackles vengeful scumbags, and a sex toy privacy boob
Is your dildo listening to you? Do you trust Facebook with your most intimate photos? And just how did a vengeful DDoSer come up with that nickname?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest John Hawes.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:Give Facebook your nude pics to tackle revenge pornThe Facts: Non-Consensual Intimate Image PilotUsing Technology to Protect Intimate Images and Help Build a Safe CommunitySex toy company admits to recording users' remote sex sessions, calls it a 'minor bug'PSA: Lovense remote control vibrator app recording "private" sessions without express permissionHack a BT Low Energy (BLE) butt plugMan Uses DDoS-for-Hire Services to Attack Former Employer, Taunts Firm via EmailGoogle's Inactive Account ManagerLee Valley Tools - Woodworking Tools, Gardening Tools, HardwareSnap
11/15/2017 • 39 minutes, 27 seconds
051: Robots, romance, passwords, and CrunchyRoll
Passwords are under the microscope again, CrunchyRoll leads anime fans to malware, a sexy robot gains Saudi citizenship, and Carole begins her career as an agony aunt.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:LastPass reveals the threats posed by passwords in the workplaceOne in five security professionals still uses paper to manage privileged passwordsPasswords - a Smashing Security splinterPSA : Don't enter crunchyroll.com at the moment, it seems they've been hackedBlaze's Security Blog: CrunchyRoll hack delivers malwareCrunchyroll.com updateMeet Sophia: The first robot declared a citizen by Saudi Arabia - YouTubeHot Robot At SXSW Says She Wants To Destroy HumansSaudi Arabia has a new citizen: Sophia the robot. But what does that even mean?Japan Has Just Granted...
11/9/2017 • 41 minutes, 34 seconds
050: MailChimp, Piers Morgan, and The Dark Overlord
There's little time to celebrate our 50th episode, because there are rants to be had about MailChimp's switch to single opt-in, Graham upsets Piers Morgan on Twitter, and the Dark Overlord hacking gang are up to some pretty horrid tricks.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who didn't bother to organise a special guest this week.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Enterskekt: Entersekt develops authentication and mobile security solutions that make the internet a safer place to bank and shop. Join Entersekt's webinar which promises to tell you EVERYTHING you need to know about "The secret key to PSD2 compliance" by visiting https://www.smashingsecurity.com/entersektSupport Smashing SecurityLinks:Graham declines to appear on Good Morning BritainPiers Morgan responds to GrahamPiers Morgan tells Leveson: Daily Mirror did not hack phonesPiers Morgan told me how to hack a phone, says Jeremy PaxmanDaily Mirror owners must pay £1.2m to celebrity phone-hacking victimsWendi Deng protects Rupert Murdoch from custard pieI can no longer recommend MailChimp Mailchimp backtracks on all their recommendations, enforcing single opt-in<a...
11/2/2017 • 42 minutes, 41 seconds
049: Hacking funeral homes, crypto mining websites, and careful with that hairspray
Scammers show a lack of imagination after hacking a funeral home, more websites are secretly stealing visitors' resources to mine for cryptocurrency, and everyone is very confused about the USA's airline laptop ban.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's John Leyden.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Leyden.Sponsored By:Enterskekt: Entersekt develops authentication and mobile security solutions that make the internet a safer place to bank and shop. Join Entersekt's webinar which promises to tell you EVERYTHING you need to know about "The secret key to PSD2 compliance" by visiting https://www.smashingsecurity.com/entersektNetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:Local funeral home gets hacked in the middle of the night leaving employees without accessLocal business' Yahoo! account hackedSmashing Security: 014: Protecting webmailStealth web crypto-cash miner Coin Hive back to the drawing board as blockers move in - The RegisterCryptocurrency mining affects over 500 million people. And they have no idea it is happening.Laptops and tablets have been banned from being used on 56 routes to the US<a...
10/25/2017 • 44 minutes, 57 seconds
048: KRACK, North Korea, and an 18th century cyber attack
KRACK! Has the Wi-Fi vulnerability got you worried? Did North Korea hack a British TV company to prevent a "slanderous farce" from being made? And what have Dutch police learnt from Pokémon?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Virus Bulletin's Martijn Grooten.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Martijn Grooten.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:UK TV drama about North Korea hit by cyber-attack - BBC NewsThe World Once Laughed at North Korean Cyberpower. No More. - The New York TimesNaked Attraction: Channel 4 show returns and viewers observe 'missing detail' on female contestants | The Independent'Krack' wi-fi breach means every modern network and device is vulnerable to hack, researcher says - The IndependentKRACK Attacks: Breaking WPA2KRACK Wi-Fi attack - the rules haven't changedPolicing in the future uses citizen detectives, Pokémon Go-like appPolitiepokémon op komst - Telegraaf.nl<a href="https://en.wikipedia.org/wiki/Blokus" title="Blokus - Wikipedia"...
10/18/2017 • 33 minutes, 45 seconds
047: Kaspersky, AI, and a well-handled data breach
America turns the heat up on Kaspersky anti-virus, Disqus announces a data breach, Elon Musk plans a bolthole on Mars to escape our robot overlords, and Graham gets to play chess with Garry Kasparov.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:NetSparker: NetSparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Download a free demo now.
Support Smashing SecurityLinks:Altered Images - Happy BirthdayGraham met Garry KasparovGraham about to lose a game of chess to Garry KasparovSign in Office Depot store (via @gadievron on Twitter)Kaspersky accused of close ties to sauna-loving Russian spiesRussian Hackers Stole NSA Data on U.S. Cyber Defense - WSJWhat is Kaspersky's role in NSA data theft? Here are three likely outcomes - ZDNetEugene Kaspersky says U.S. government can examine his company's source codeMcAfee joins the anti-Kaspersky witch hunt in shitty attempt to sell a few boxesDisqus security alert: User info...
10/11/2017 • 40 minutes, 36 seconds
046: Good beard bad beard
Bearded man entangled in dark web drugs market bust, Google researches how to make browser security warnings less confusing, and (ahem) "bedroom entertainment systems" probed for security holes.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Rich Baldry.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Rich Baldry.Support Smashing SecurityLinks:Feds catch a lord of the 'dark web' suspected of drug deals - Miami HeraldTrip to world beard competition ends in arrest for alleged dark web drug dealer - The GuardianAustin Facial Hair ClubThe World Beard and Moustache ChampionshipsGlorious Portraits from the 2017 World Beard And Mustache ChampionshipWhere the wild warnings are: Root causes of Chrome HTTPS certificate errors [PDF]Screwdriving. Locating and exploiting smart adult toys - Pen Test PartnersWi-Fi sex toy with built-in camera fails penetration test - The Register ForumsTopo by ErgodrivenDirk Gently's Holistic Detective Agency - IMDbDead roach in Utah man’s milkshake becomes Twitter hero - KSL.com<a href="https://twitter.com/sehnaoui/status/912151355799859201?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.ksl.com%2F%3Fsid%3D45957914%26nid%3D148%26title%3Ddead-roach-in-utah-mans-milkshake-becomes-twitter-hero" title="Trevor The Roach: A Tribute Movie"...
10/4/2017 • 38 minutes, 17 seconds
045: Deloitte fail, CCleaner, and dotards on Twitter
Deloitte suffers an embarrassing hack, CCleaner spreads malware, and Twitter explains why it isn't planning to ban Donald Trump from Twitter anytime soon.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Phil Wood of Cisco.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Phil Wood.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Graham Cluley on Twitter: "Turns out I slept in a cheesegrater last night"Deloitte hit by cyber-attack revealing clients’ secret emails - The GuardianSource: Deloitte Breach Affected All Company Email, Admin Accounts — Krebs on SecurityDeloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked' • The RegisterCCleanup: A Vast Number of Machines at Risk - Talos Intelligence blogCCleaner Command and Control Causes Concern - Talos IntelligenceNorth Korean Minister: Trump's 'Declaration Of War' Means N.K. Can Shoot Down U.S. Bombers - NPRTwitter PublicPolicy on TwitterThe Twitter Rules - Twitter Help Center<a href="http://www.wildergorn.com/"...
9/27/2017 • 36 minutes, 26 seconds
044: Bonus behind the scenes - shower time
Carole wants to know why Graham keeps FaceTiming her from the shower.
Can you help solve the mystery?
("Bonus" behind-the-scenes content.)
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Support Smashing Security
9/25/2017 • 7 minutes
043: Backups - a necessary evil?
In this special "splinter" episode of the "Smashing Security" podcast we tackle the tricky subject of backups - when did you last backup your data? how and what should you backup? and where should you store them?
Lots of questions and Graham gets to do his Tina Turner impression.
Listen to the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Tina Turner - Private Dancer - YouTubeThe Ed Sullivan Show - 'Baranton Sisters' - “Foot Jugglers” (Aired February 2, 1969) - YouTubeHow to create a robust data backup plan (and make sure it works)How to back up your iPhone, iPad, and iPod touch - Apple SupportHow to back up your Android phone or tablet: The ultimate guideCrashplan stops offering its consumer backup solutionCarbonite cloud backupBackblaze Online BackupMozy Cloud Storage & BackupAmazon GlacierCloudBerry Lab - Cross-Platform Cloud BackupSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and...
9/20/2017 • 29 minutes, 18 seconds
042: Equifax, BlueBorne, and the iPhone X
Equifax's shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple's iPhone X comes with Face ID.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik of AlienVault.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Javvad Malik.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.
Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:We tested Equifax's data breach checker — and it's basically useless | ZDNetEquifax hack: 44 million Britons' personal details feared stolen in major US data breach"The front page of Equifax's UK website. They don't seem to have room to mention the data breach affecting up to 44 million Brits." - TwitterChatbot lets you sue Equifax for up to $25,000 without a lawyer - The VergeHow to protect yourself in the wake of the Equifax data breachAyuda! (Help!) Equifax Has My Data! — Krebs on SecurityBlueBorne Information from the Research Team - Armis LabsThe five biggest questions about Apple’s new facial recognition system - The VergeCan the government force you to unlock your own phone? | The...
9/13/2017 • 45 minutes, 47 seconds
041: Hacking Instagram, facial failures, and spying bosses
It's easy to phone up a celebrity on Instagram following security breach, facial recognition at Notting Hill Carnival can't tell the girls from the boys, and companies are spying on their workers' activities.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest David Bisson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David Bisson.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:"Who Is Marcus Hutchins?" — Krebs on SecurityAhem, Kim Kardashian Is Naked Up A Tree - Huffington PostHackers Claim Apparent Instagram Fightback Will Not Stop Them From Selling Stolen ‘Doxagram’ Data - The Daily BeastA Note on Security from Instagram’s CTO - Instagram BlogLondon police’s use of facial recognition falls flat on its face – Naked SecurityMisidentification and improvised rules - we lift the lid on the Met's Notting Hill facial recognition operation - LibertyStatement from police commander for Notting Hill Carnival 2016 - Metropolitan Police<a href="https://www.theregister.co.uk/2017/08/17/home_office_pushes_ahead_with_facial_recognition_system_despite_furore_over_innocent_mugshots/" title="UK govt steams ahead with £5m facial recog system amid furore over innocents' mugshots - The Register"...
9/7/2017 • 46 minutes, 10 seconds
040: The show that cost Troy Hunt 14 dollars
Are public figures lying about being hacked? What were online criminals doing with 711 million email addresses? And how could scammers profit from Hurricane Harvey?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Troy Hunt.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Troy Hunt.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Trump appointee says for the 'past several years' he has been the victim of 'multiple cyber attacks' — Graham Cluley.Trump appointee: Comment calling Obama's mother a 'w@!re' result of 'Internet crimes' against me — CNN.Inside the Massive 711 Million Record Onliner Spambot Dump — Troy Hunt.Have I been pwned? — Check if your email has been compromised in a data breachHarvey Hoax: There are no sharks on Houston's flooded freeways — WCVB 5.Photo of planes at flooded Houston airport is a fake — Daily Mail.Charity Listing - BBB Wise Giving Alliance — Give.org.Wise giving in the wake of Hurricane Harvey — FTC.The Phoenix ComicLittle Ripper Lifesaver Drones Spot Sharks Electronically — YouTube.<a...
8/30/2017 • 47 minutes, 34 seconds
039: Woah - are we talking to a cyborg?
Hackers could change emails in your inbox after they are delivered, the web is getting more and more encrypted, and hacked robots can be commanded to umm... stab you.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by researcher Scott Helme.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Scott Helme.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.
Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:Introducing the ROPEMAKER Email Exploit — Mimecast.Did ROPEMAKER just unravel email security? Nah, it's likely a feature — The Register.Measuring HTTPS adoption on the web [USENIX 17] — Research presented by Adrienne Porter Felt (Google) and April King (Mozilla).Alexa Top 1 Million Analysis - August 2017 — Scott Helme's report.ALPHA 2, The World's First Humanoid Robot for the Family — YouTube.UBTech Alpha 2 turns Chucky — YouTubeResearchers warn against 'hackable' robots — IT Pro.Overcooked — Team 17."Could you be paying for things using just your hand? — BBC Click on Twitter.250,000 Dominoes - The Incredible Science Machine — YouTube.Smashing Security on FacebookSmashing...
8/24/2017 • 46 minutes, 1 second
038: Gents! Stop airdropping your pics!
WannaCry hero Marcus Hutchins (aka MalwareTech) pleads not guilty to malware charges, the Scottish parliament is hit by a brute force attack, IoT smart locks aren't so smart, and.. ahem.. someone is sending intimate pics via AirDrop to unsuspecting commuters.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Geoff White.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:"The Secret Life of Your Mobile Phone" — Geoff White's show at the Edinburgh Festival FringeMalwareTech is back online, as he pleads not guilty to Kronos malware charges — Graham Cluley.Scottish parliament hit by cyber-attack similar to Westminster assault — The Guardian.Hackers try to break into Scottish parliament email accounts weeks after Westminster attack — Graham Cluley.Blocking Brute Force Attacks — Advice from OWASP.Hundreds of 'smart' locks bricked by flubbed remote update — Graham Cluley.Friendly neighborhood hacker helps family regain access to locked car — Graham Cluley.AirDropping penis pics is the latest horrifying subway trend — New York Post.<a...
8/17/2017 • 44 minutes, 55 seconds
037: Boobs, dragons and data breaches
Hackers are holding HBO to ransom after a massive data breach, and have leaked the phone numbers and email addresses of "Game of Thrones" cast members. Has security firm Carbon Black been leaking customers's sensitive files while trying to scan them? And Disney's mobile apps are accused of spying on kids...
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:FBI arrests WannaCry's 'accidental hero' in connection with Kronos banking trojanHBO hack ransom note: Watch the video, set to Game of Thrones musicGame of Thrones stars' personal phone numbers leaked, as HBO hackers attempt to extort ransomMarkus Ueberall's tweetMovie studio tells all about Dark Overlord's leak of 'Orange Is the New Black'Harvesting Cb Response Data Leaks for fun and profit | DirectDefenseDirectDefense Incorrectly Asserts Architectural Flaw in Cb Response | Carbon Black — Carbon Black responds.Children's Online Privacy Protection Rule ("COPPA") | Federal Trade Commission<a...
8/9/2017 • 37 minutes, 39 seconds
036: Flash? Clunk flush... and hacking security researchers
A security threat researcher is badly hacked in a revenge attack. Some people want to save Adobe Flash, but is that wise? And a poorly-secured electronic billboard starts displaying offensive images...
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Hackers Leak Data From Mandiant Security Researcher in Operation #LeakTheAnalyst — Bleeping Computer.Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm — The Next WebLinkedIn profile of a Mandiant employee — Warning - contains image of hairy bottom. This is really here just for Maria.How to choose a strong password - simple tips for better security — YouTube video from 2009, featuring Graham (and filmed by Carole). So, who remembered correctly what we actually said in the video?Smashing Security podcast: Protecting webmail — A Smashing Security splinter.Flash & The Future of Interactive Content — Adobe.Petition to open source Flash and Shockwave — Github.Adobe Flash Fans Want a Chance to Fix Its One Million Bugs Under an Open Source License — Gizmodo.<a...
8/3/2017 • 44 minutes, 58 seconds
035: Up the Roomba with mandatory Chinese spyware
China is forcing people to install smartphone spyware, young cyberoffenders are offered rehab, and robot vacuum cleaners want to sell maps of the inside of your house to tech firms.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dan Ring.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dan Ring.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.
Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:Xinjiang Users Arrested over State Spyware Usage — Infosecurity MagazineChina crams spyware on phones in Muslim-majority province — The Register.Rehab camp aims to put young cyber-crooks on right track — BBC News.Roomba vacuum maker iRobot betting big on the 'smart' home — Reuters.iRobot Wants to Sell Mapping Data Collected by Roomba Vacuums to a Tech Company Like Apple — Mac Rumors.Griffin BreakSafe Magnetic USB C Charging Cable — To make your upgraded MacBook Pro a little less of a downgrade.USB-C MagSafe - Will it work!?!? — iJustine's video on YouTube.Chipotle Blames Norovirus Outbreak on a Sick Employee — Pick of the week?Jim'll Paint It — See what Microsoft Paint can do in the hands of a genius.MS Paint is here to stay — Microsoft.
7/26/2017 • 37 minutes, 24 seconds
034: The pen is mightier than the password
The UK government wants you to give your credit card details to porn sites, Ashley Madison offers compensation to the people whose lives it ruined, and an adult website wants you to pass its unorthodox and below-the-belt biometric identity check... gulp!
All this and Myspace, Google Glass, Fleabag, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:BBC One - X-Ray, Summer Specials, Photography Special — Watch David McClelland on iPlayer if you're in the UK. There may also be ways of watching this outside the UK. We couldn't possibly comment...Vladimir Putin Cut From Two Upcoming Hollywood Movies — Hollywood ReporterIt's not Yourspace, it's Myspace — Leigh-Anne Galloway shares her research on Myspace's diabolical security.Myspace fixes account security hole - but delete your account anywayThe UK will block online porn from next year. Here's what we know — WiredAshley Madison will pay $11.2 million to data breach victims — EngadgetYou can now use a dick pic as a password. Why, god? Why. — MashableNasty Bug Left Thousands of Internet of Things Devices Open to Hackers — Motherboard<a...
7/20/2017 • 48 minutes, 35 seconds
033: 1Password, net neutrality, and spatchcock chicken
Is password manager 1Password treating its customers unfairly? Are autonomous cars driving us around the bend? And what is this Net Neutrality thing anyway?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks from PC Pitstop.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Michael Hucks.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:sweetsweet — Michael's band.Why Security Experts Are Pissed That ‘1Password’ Is Pushing Users to the Cloud — Motherboard report.1Password irks security experts in push toward cloud-based vaults — AppleInsider report.Are local vaults going to exist for the foreseeable future? — AgileBits Support Forum — 1Password's support forum.1Password wants you to sync via the cloud, but won't force youThe new Audi A8 luxury sedan is a high-tech beast that can drive itself — The Verge.Tesla owners are ignoring autopilot safety advice and putting the results on YouTube — The Verge.The biggest threat facing connected autonomous vehicles is cybersecurity — TechCrunch.Join the Battle for Net...
7/13/2017 • 42 minutes, 4 seconds
032: The iPhone 8, a data breach at the AA, and a mystery no show
The iPhone 8 is on its way and may use 3D facial recognition rather than a fingerprint sensor to lock out intruders, and the UK's Automobile Association claims it hasn't leaked any credit card data, so why is it getting so upset about security researchers publishing screenshots of leaked data?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by umm.. nobody.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Yes - despite what it says - AA customer credit card data was exposedApple Readies iPhone Overhaul for Smartphone’s 10th Anniversary - BloombergThe World's Blackest Material - An Inside Look At Vantablack — YouTube video.About Touch ID advanced security technology - Apple SupportHe thought a book would stop a bullet and make him a YouTube star. Now he’s dead. - The Washington PostFirik Sleep Headphones — For those of you who want to look like John McEnroe when you're snoozing in bed.
7/6/2017 • 35 minutes, 26 seconds
031: Petya (don't know the name of this ransomware)
Another major ransomware outbreak rattles the world - but no-one can decide what it's called, the danger posed to driverless cars by kangaroos, and do you really want an Amazon Echo Show?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest David Bisson.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David Bisson.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.
Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:Martijn Grooten on Twitter: "Seriously injured man lies next to tree..." — Martijn seems to be suggesting the infosecurity industry might have the wrong priorities.Global ransomware outbreak hits organisations hardCybereason discovers NotPetya kill switch — You might want to create a file called "perfc" in your Windows folder.Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday — Don't pay the ransom folks...Driverless cars: Kangaroos throwing off animal detection software — Cripes!How Flying Cars Will Boost Intel, Uber and AirbusAmazon’s New Echo Show Is Very Cool And A Little Creepy[PSA] Intercom (drop-in) does require calling to be enabled and needs access to your contact listMalicious Life podcast —...
6/29/2017 • 44 minutes, 38 seconds
030: GDPR - The good and the bad
In this special "splinter" episode, regular hosts Graham Cluley and Carole Theriault are joined by special guest Kevin Gorsline to discuss the European Union's General Data Protection Regulation (GDPR), and what it means for your business even if you're not based in Europe.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Kevin Gorsline.Support Smashing SecurityLinks:The EU's GDPR legislation — A gentle read before bedtime...EU data protection rules affect everyone, say legal experts — The EU's new data protection rules will impact every entity that holds or uses European personal data both inside and outside of Europe, according to legal experts.Preparing for GDPR - 12 steps to take now (PDF) — Advice from the UK's Information Commissioner's Office.EU GDPR demystified: a straight-forward guide for US firms (Part I) – — Our own Carole Theriault writes about GDPR on the TBG Security blog.EU GDPR demystified: a straightforward reference guide for US firms (Part II) — More from Carole Theriault on the TBG Security blog.
6/22/2017 • 26 minutes, 43 seconds
029: Exploits to get your English teeth into
Microsoft gives us a Patch Tuesday shock, malware grows up for the Mac, and your mouse movements might reveal if you're an identity thief.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik of AlienVault.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Javvad Malik.Sponsored By:Foursys: IT security professionals! Register for your free place at SecureTour17, being held at Manchester United's Old Trafford stadium on July 6 2017, and hear security experts (and Graham) talk about threats and the latest technology to fight them.Support Smashing SecurityLinks:June 2017 security update release — Microsoft reveals it is releasing security updates for older versions of Windows that are no longer officially supported.Microsoft security advisory — Guidance related to June 2017 security update release.
Microsoft security advisory - guidance for older platformsMacSpy: OS X RAT as a Service — Information from experts at AlienVault on the MacOS malware-as-a-service threat.MacRansom: Offered as Ransomware as a Service — Fortinet's analysis of MacRansom.Identity theft can be thwarted by artificial intelligence analysis of a user's mouse movements — Your mouse movements can indicate whether you're lying.The detection of faked identity using unexpected questions and mouse dynamics — Check out the technical paper by Monaro, Gamberini and Sartori.Rude security video from Javvad Malik — Why spend thousands on complex and innovative security awareness activities, when all you need to do, is train your staff to be rude.<a...
6/15/2017 • 38 minutes, 8 seconds
024: Reality Winner, Gordon Ramsay and a leaky bucket
Evidence of Russia hacking the US election leaks from the NSA and Reality is not a winner, confidential data is accidentally exposed in the cloud by a defence contractor, and Gordon Ramsay has a few choice words for his hacking father-in-law.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Ian Whalley.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Ian Whalley.Sponsored By:iovation: iovation is offering Smashing Security listeners a free demonstration of its mobile multifactor solution product, LaunchKey, which can be built into your mobile apps, websites and online services to provide a simple, streamlined remote login function.Support Smashing SecurityLinks:The classic era Smashing Security team... reunited at Infosec — Graham and Carole bumped into someone called Vanja Svajcer at the Infosec show in London, and couldn't resist getting a selfie.Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election — The Intercept report which kicked everything off.Affidavit in support of application for Reality Winner's arrest warrant — Read the PDF for yourself.How The Intercept might have helped unmasked Reality Winner to the NSA — David Bisson writes on grahamcluley.com.How The Intercept Outed Reality Winner — Robert Graham's blog post about the really rather hard-to-see little yellow dots.Defense contractor stored intelligence data in Amazon cloud unprotected — Booz Allen Hamilton engineer posted geospatial intelligence to Amazon S3 bucket.Gordon Ramsay's father-in-law jailed over hacking plot — BBC News Online.<a href="http://www.dailymail.co.uk/tvshowbiz/article-1351577/Gordon-Ramsay-hypocrite-How-TV-chef-defended-sharks--previously-caught-rare-ones-fun.html" title="Gordon Ramsay the hypocrite: How TV chef...
6/7/2017 • 38 minutes, 8 seconds
023: Covfefe
Hackers are blackmailing cosmetic surgery patients, and threatening to release their naked photos. A British Airways IT snafu causes travel chaos for thousands. And Germany is threatening to throw hefty fines at Facebook if it can't police its content properly. All this and "Covfefe" is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest John Hawes. Show notes: Cosmetic surgery hacked. Nude photos and data exposed on the dark web, as hackers blackmail patients - Bitdefender. Lithuanian cosmetic surgery firm's website - Grožio Chirurgija. British Airways: Chaos continues at Heathrow - BBC News. What went wrong at BA? - BBC News. Delta finally explained how one power outage grounded an entire airline - BGR. Facebook said Germany's plan to tackle fake news would make social media companies delete legal content - Business Insider. Sgt. Pepper's Lonely Hearts Club Band - The Beatles. Spanish art restorer, 82, who turned Jesus into a 'hairy monkey' in clumsy restoration of famous work signs merchandising deal as image gets imprinted on T-shirts - Daily Mail. Clash of Clans - Supercell. This is what Candy Crush does to your brain - The Guardian. Sweet Sweet - Reverb Nation. Help Sweet Sweet - Bonnaroo Bound! - GoFundMe.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:iovation: iovation is offering Smashing Security listeners a free demonstration of its mobile multifactor solution product, LaunchKey, which can be built into your mobile apps, websites and online services to provide a simple, streamlined remote login function.Support Smashing Security
5/31/2017 • 40 minutes, 28 seconds
022: Walk this way... to defeat biometrics
The Samsung Galaxy S8 claims that its iris recognition technology provides "airtight security", but the Chaos Computer Club knows better and shows how it can be easily bypassed. Australian researchers create a wearable gizmo that authenticates you through your walk, but is it ever going to be practical? Mac malware reportedly wastes no time stealing information from a software developer. And the boss of the Bank of England is smart enough not to fall for an email prankster. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul "Duck" Ducklin. Show notes: Chaos Computer Clubs breaks iris recognition system of the Samsung Galaxy S8 - Chaos Computer Club. Breaking the iris scanner locking Samsung’s Galaxy S8 is laughably easy - Ars Technica. New technology uses the way you walk as a password - CNet. Hofmeister - follow the bear TV advert - YouTube. Monty Python's Flying Circus's Ministry of Silly Walks sketch - YouTube. Source Code for Several Panic Apps Stolen via HandBrake Malware Attack - MacRumors. Bank of England accused of airbrushing Jane Austen on the new £10 note - Liverpool Echo. Bank of England governor falls for email prank but maintains his composure - The Guardian.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:iovation: iovation is offering Smashing Security listeners a free demonstration of its mobile multifactor solution product, LaunchKey, which can be built into your mobile apps, websites and online services to provide a simple, streamlined remote login function.Support Smashing Security
5/24/2017 • 31 minutes, 48 seconds
021: WannaCry - Who's to blame?
The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturing the keystrokes of its laptop users. Then we briefly discuss what might be the worst cinema date in history, before rounding things off with a discussion of hackers extorting money out of movie studios. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul "Pob" Baccas. Show notes: Hello to Jason Isaacs - Witterpedia. Unintended/Covert Storage Channel for sensitive data in Conexant HD Audio Driver Package - modzero Security Advisory. Keylogger Found in Audio Driver of HP Laptops - Bleeping Computer. HP responds to laptop keylogger fiasco, promises ‘fix shortly' - Trusted Reviews. Tweet from @ths - Twitter. Backin Up Song - YouTube. The Sobig Worm - Wikipedia. Customer Guidance for WannaCrypt attacks - Microsoft. Microsoft Security Bulletin MS17-010 - Microsoft. Microsoft: WannaCry outbreak reveals why governments shouldn't hoard vulnerabilities - Graham Cluley. ‘THIS IS CRAZY’: Austin man sues date for texting during movie - Statesman. Hackers Seem to Dump Pirates of the Caribbean on Torrent Sites Ahead of Premiere - Softpedia.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Baccas.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
5/18/2017 • 35 minutes, 16 seconds
020: Phishing for Donald Trump
Gizmodo's attempt to reveal Donald Trump's administration ineptitude when it comes to cybersecurity fails to impress. Mac users are warned that the HandBrake DVD-ripping app has been compromised by malware. And will the US Army insist IT security professionals spend months ironing their bedsheets..? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin from Sophos. Show notes: Here's How Easy It Is to Get Trump Officials to Click on a Fake Link in Email - Gizmodo. Opinion: Some thoughts about Gizmodo's Phishing story - CSO Online. Mac video app HandBrake – now with free spyware - Naked Security. OS X malware spread via signed Transmission app... again - Graham Cluley. DOD’s new Internet strategy boosts role in defending “US interests” - Ars Technica.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
5/10/2017 • 30 minutes, 45 seconds
019: The Love Bug virus
On May 4th 2000, the Love Bug virus (also known as ILOVEYOU or LoveLetter) rapidly spread around the world, clogging up email systems. Computer security veterans Graham Cluley and Carole Theriault are joined this week by special guest John Hawes for a trip down memory lane. Show notes: Memories of the Love Bug worm - Naked Security "Subject: I Love You" movie trailer - YouTube
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
5/3/2017 • 29 minutes, 21 seconds
018: Windows is a virus. True or False?
Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers' PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Michael Hucks from PC Matic. Show notes: Webroot antivirus goes bananas, starts trashing Windows system files - The Register. Webroot causes massive headaches after falsely flagging Windows files as malicious - Graham Cluley. Tweet by Webroot user Bob Ripley - @M5_Driver. W32.Trojan.Gen false positive - advice for home users - Webroot. W32.Trojan.Gen false positive - advice for business users - Webroot. Most millennials regularly stream pirated content, survey finds - Torrent Freak. Malware, data theft, and scams: researchers expose risks of free livestreaming websites - Ku Leuven. File sharer hit with $675,000 fine - Digital Trends. Ashley Madison blackmail roars back to life - ZDNet.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Michael Hucks.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
4/27/2017 • 30 minutes, 42 seconds
017: Data breaches, zero day exploits, and toenail clippings
Hotel malware has been stealing guests' payment card details... again, should businesses relay delay rolling out vulnerability patches, and Burger King's Whopper TV ad campaign tries to take advantage of viewers' Google Home devices with predictable results. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin. Show notes: InterContinental Hotels Group (IHG) Notifies Guests of Payment Card Incident at IHG-Branded Franchise Hotel Locations in the Americas Region - IHG. Affected hotel look-up tool - IHG. Been to one of these 1170 IHG hotels? Your credit card details may have been stolen by malware - Bitdefender. Microsoft patches Word zero-day booby-trap exploit - Naked Security. Microsoft zero-day vulnerability was being exploited for cyber-espionage - Graham Cluley. The Shadow Brokers - Wikipedia. Burger King's 'OK Google' sad ad saga somehow gets worse - The Register. Burger King Connected Whopper ad - YouTube.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
4/20/2017 • 30 minutes, 38 seconds
016: Wonga wronga!
Spyware companies are filmed plotting to break global sanctions to ship surveillance and spying equipment to dodgy authoritarian regimes, an unsecured database exposed diabetics’ sensitive data, and a massive data breach leaves hundreds of thousands of current and former Wonga customers at risk. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Lisa Vaas. Show notes: Spyware firms in breach of global sanctions - Al Jazeera. Al Jazeera Investigations - Spy Merchants - YouTube. Mounties admit to using cellphone-snooping ‘stingrays’ - Sophos Naked Security. A huge trove of patient data leaks, thanks to telemarketers' bad security - ZDNet. Leak of diabetic patients’ data highlights risks of giving info to telemarketers - DataBreaches.net. Unsecured database exposed diabetics’ sensitive data - Sophos Naked Security. Fraudsters Target People With Diabetes - AARP. Wonga.com TV advert - YouTube. Wonga security incident FAQ - Wonga.com. Wonga data breach puts up to 245,000 UK current and former customers at risk - Graham Cluley.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Lisa Vaas.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
4/13/2017 • 27 minutes, 16 seconds
015: Bad vibrations
Don't let an internet-enabled sex toy make your most private moments oh-so-public. Samsung's wannabe-Android-killer is found lacking. And did you hear about the firm that is micro-chipping its employees? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest John Hawes. Show notes: Vulnerable Wi-Fi dildo camera endoscope. Yes really - Pen Test Partners Samsung's Android Replacement Is a Hacker's Dream - Motherboard Companies start implanting microchips into workers' bodies - LA Times This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
4/5/2017 • 26 minutes, 55 seconds
Protecting webmail - a Smashing Security splinter
What can you do to better protect your online email accounts?In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin tips on how to defend your Gmail/Yahoo/Hotmail/Outlook/etc account.SHOW NOTES:Passwords - a Smashing Security splinter How to better protect your Google account with two-step verification and Google Authenticator - Graham CluleyHow to protect your Yahoo account with two-step verification (2SV) - Graham CluleyNIST declares the age of SMS-based 2-factor authentication over - TechCrunchThe lesson we all must learn from the Celebgate nude photo hack - Graham Cluley Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
3/30/2017 • 30 minutes, 33 seconds
013: Assault with a deadly tweet
Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Alex Eckelberry. SHOW NOTES: Sorry for the Nazi spam from my Twitter account - Graham Cluley Newsweek reporter Kurt Eichenwald on Fox News, 15 December 2016 - YouTube Maryland man arrested for cyberstalking - US Dept of Justice US man held for sending flashing tweet to epileptic writer - BBC News Epilepsy site hacked with seizure images - CBS News How to really pronounce GIF - howtoreallypronouncegif.com Gif's inventor says ignore dictionaries and say 'Jif' - BBC News How to disable animated GIFs in different web browsers - The Windows Club How to disable autoplaying videos on Twitter - Twitter This is the email that hacked Hillary Clinton’s campaign chief - Bitdefender Hot for Security Fry all the things! USB Kill zaps tons of computing devices - Graham Cluley UK flight ban on electronic devices announced - BBC News Electronics banned from cabins on some Middle Eastern and African flights to U.S. - CNN
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Alex Eckelberry.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security
3/23/2017 • 33 minutes, 59 seconds
012: Eau de Eugene Kaspersky
Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Graham Cluley, Carole Theriault and special guest Nick FitzGerald discuss the latest news from the world of computer security. SHOW NOTES: Preinstalled Malware Targeting Mobile Users - CheckPoint Chinese Android smartphone comes with malware pre-installed - Graham Cluley WikiLeaks says it will work with software vendors to fix CIA zero-day exploits... but when? - Graham Cluley Kaspersky launches a range of perfumes to, er, defend your odour - The Register Toilet hackers could snoop on your poop, steal data of a "personal nature" - Graham Cluley Beauty blogger Scarlett London launches Threat de Toilette in bid to stop youngsters oversharing online - The Sun Jackie Chan and Eugene Kaspersky - YouTube Packin' the K music video - YouTube This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Thanks to Recorded Future for their support.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Nick FitzGerald.Support Smashing Security
3/16/2017 • 28 minutes, 44 seconds
011: WikiLeaks and the CIA
Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control? Computer security veterans Graham Cluley, Carole Theriault and special guest Paul Ducklin discuss. SHOW NOTES: Nintendo Classic Mini WikiLeaks says it releases files on CIA cyber spying tools The CIA didn't break Signal or WhatsApp, despite what you've heard After NSA hacking exposé, CIA staffers asked where Equation Group went wrong Apple, Samsung Respond To Wikileaks Claims Of CIA Hacking Programs Twitter reactions to the WikiLeaks CIA data dump Is the CIA's Weeping Angel spying on TV viewers? Satan ransomware: old name, new business model 3 (free) things that journalists can do right now to protect their data and their sources at the border The US Gov Can Download the Entire Contents of Your Computer at Border Crossings What Are Your Rights if Border Agents Want to Search Your Phone? Stop Fabricating Travel Security Advice This episode of Smashing Security is sponsored by Foursys - check out their free end-user cybersecurity training kit - it's everything you need to roll out infosecurity best practice training (right from your desk). Grab it now from https://www.foursys.co.uk/toolkit Thanks to Foursys for sponsoring this episode of Smashing Security.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Support Smashing Security
3/9/2017 • 33 minutes, 45 seconds
010: The dolls must be destroyed
A creepy teddybear leaks two million voicemail messages, Windows 10 pushes you into only installing vetted apps, and Boeing warns 36,000 employees their personal information could have been exposed after a worker sends a spreadsheet to his wife. All this and more is discussed by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault. SHOW NOTES: Announcing the first SHA1 collision Tavis Ormandy: Cloudflare Reverse Proxies are Dumping Uninitialized Memory Incident report on memory leak caused by Cloudflare parser bug List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak Quantifying the impact of "CloudBleed" CloudPets commercial Data from connected CloudPets teddy bears leaked and ransomed, exposing kids' voice messages Microsoft slaps Apple Gatekeeper-like controls on Windows 10: Install only apps from store Boeing Notifies 36,000 Employees Following Breach This episode of Smashing Security is sponsored by NetFort - https://www.netfort.com/ NetFort LANGuardian is easy-to-use network traffic and security monitoring software that tells you what is really happening on your network - no specialist hardware required! Check out the demo of LANGuardian and download a free trial from https://www.netfort.com/. Mention "Smashing Security" and you'll save 20% off your order! Thanks to NetFort for sponsoring this episode of Smashing Security.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
3/2/2017 • 36 minutes, 11 seconds
009: False flags and hacker clues
The Lazarus malware attempts to trick you into believing it was written by Russians, second-hand connected cars may be easier to steal, and is your child a malicious hacker? All this and more is discussed by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault. Oh, and Carole makes Graham and Vanja apologise for their past mistakes. SHOW NOTES: You Only Live Twice - space capsule scene Lazarus's false flag malware Hackers behind bank attack campaign use Russian as decoy It’s too easy to steal a second-hand connected car Nissan Figaro Is your child a hacker? Liverpudlian parents get warning signs checklist How do I remove a tag from a Facebook photo or post I’m tagged in? Code Red IIS worm
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/23/2017 • 26 minutes, 22 seconds
Macs and malware - a Smashing Security splinter
Do you run an anti-virus on your Mac? Should you? In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss the malware threat for Apple Macs and MacBooks. SHOW NOTES: 600,000 Macs infected with Flashback trojan, 274 in Cupertino Flashback to the biggest Mac malware attack of all time - Is it still a threat? Hackers target Iranian activists’ Mac devices with revamped malware Microsoft Office macro malware targets Macs 12 security suites for Mac OS X put to the test
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/21/2017 • 16 minutes, 27 seconds
008: I'll give you my Android when you pry it from my cold, dead paws
Handbags at dawn for CrowdStrike and NSS Labs! Donald Trump's insecure Android phone! File-less malware - is that so new? And StalkScan makes it easier to reveal what Facebook users have been carelessly sharing... Computer security veterans Graham Cluley, Carole Theriault and Vanja Svajcer discuss. SHOW NOTES AEP Public Test Announcement NSS Labs Report Confirms Testing of CrowdStrike Falcon was Incomplete and Wrong Some thoughts on the CrowdStrike vs NSS Labs debacle Which Android phone does Donald Trump use? Senators raise concerns over Donald Trump's smartphone security Google claims ‘massive’ Stagefright Android bug had 'sod all effect' A Scary New Kind of Malware Is Invading Banks All Over the World Fileless attacks against enterprise networks StalkScan This creepy Facebook tool is revealing a LOT about you
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/16/2017 • 28 minutes, 14 seconds
Using public Wi-Fi - a Smashing Security splinter
The tricky problem of public Wi-Fi hotspots. In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss, and offer some advice and tips for computer users. SHOW NOTES: VPN comparison chart The dangers of public Wi-Fi - and crazy things people do to use it Free open WiFi suspected in Facebook hack of Missouri state representatives Finally! Yahoo Mail to turn on SSL by default in 2014 150 best Wi-Fi names for your router
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/13/2017 • 21 minutes, 28 seconds
007: ASCII art attack
Printers start churning out ASCII art after a vigilante hacker hijacks 160,000 devices, a researcher reveals how you can get Donald Trump to tweet an embarrassing spoof video of himself, and has your smart TV been snooping on you? Computer security veterans Graham Cluley, Carole Theriault and Vanja Svajcer discuss. SHOW NOTES Hacker: I made 160,000 printers spew out ASCII art around the world ASCII art collection How I hijacked top celebrities tweets including Katy Perry, Shakira… Donald Trump's hijacked tweet VIZIO Settlement: Smart TVs should not track your shows without your O.K. Vizio settles FTC lawsuit and agrees to get viewer consent before tracking TV habits LG Smart TVs logging USB filenames and viewing info to LG servers
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/9/2017 • 22 minutes, 56 seconds
Email attachment malware - a Smashing Security splinter
Email attachment malware is the thorny topic tackled by computer security veterans Graham Cluley, Carole Theriault and Vanja Svajcer in this "splinter" episode from the Smashing Security team. Listen to this before you click! Oh, and Carole would like to apologise to all her fellow Canadians for the terrible faux pas she made in this episode... SHOW NOTES: New feature in Office 2016 can block macros and help prevent infection It's time to secure Microsoft Office Memories of the Anna Kournikova worm Memories of the Love Bug Memories of the Melissa virus Alanis Morissette - Ironic (Official video) Avril Lavigne - Complicated
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/8/2017 • 18 minutes, 27 seconds
Passwords - a Smashing Security splinter
Passwords - everything you need to know about how to make them safer, and better secure your online accounts.In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss the perennial problem of passwords and offer some advice and tips for computer users.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
2/7/2017 • 13 minutes, 9 seconds
006: A romantic ransomware hotel break
Were hotel guests really trapped in their rooms by ransomware? Does anti-virus increase your attack surface so much that it's not worth running at all? And 11% of people on the internet are running ad blockers, says company which blocks ad blockers. Oh, and we have a new theme tune... Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and computer security.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing SecurityLinks:Hotel guests locked in their rooms by ransomware? It doesn't make senseDisable Your Antivirus Software (Except Microsoft's)It might be time to stop using antivirusGoogle Chrome engineer says Windows Defender "the only well behaved AV"500 publishers were hacked through anti-ad block tool PageFairNews media move to ban ad blockers from websitesEncryption and Other Tricks Are Making Malvertising Harder to HuntSmashing Security merchandise (t-shirts, mugs, stickers and stuff)
2/2/2017 • 28 minutes, 11 seconds
005: Upskirt insecurity
An alleged hacker finds the downside to car rental, a New York Times Twitter account announces Vladimir Putin is planning to launch a missile attack against the United States, and an "upskirt" website leaks its user data. Oh, and Vanja forces Graham to share an embarrassing privacy-breaching lavatory anecdote. Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and computer security.
SHOW NOTES Spanish Police Arrest Suspect Behind NeverQuest Banking Trojan Vawtrak - International crimeware-as-a-service (PDF) Vawtrak version 2 (PDF) Twitter hack sees New York Times warn of Russian missile strike against USA Badlands National Park deletes tweets on climate change Tweet by journalist Claudia Koerner, quoting Badlands National Park Service 'Upskirt' porn website hit with massive data leak exposing 180,000 voyeurs HaveIBeenPwned
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
1/26/2017 • 25 minutes, 6 seconds
004: You don't mess with Brian Krebs
The Spora ransomware offers you more than just your encrypted files back, Brian Krebs busts the alleged masterminds behind the Mirai botnet, and be careful that your IT staff aren't the only ones who know your corporate passwords. Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and computer security. Recorded live: Thursday 19 January, 2017. Check out the video of this podcast at https://www.youtube.com/watch?v=NJsCpadzVGs
SHOW NOTES Spora Ransomware Works Offline, Has the Most Sophisticated Payment Site as of Yet Spora - the Shortcut Worm that is also a Ransomware Popcorn Time ransomware invites you to get 'nasty' to recover your files Who is Anna-Senpai, the Mirai Worm Author? College fires IT admin, loses access to Google email, successfully sues IT admin for $250,000 Fired IT Employee at Online Indiana College Offered to Help Unlock Google Account for $200K Subscribe and leave us a review on iTunes - it really helps! https://itunes.apple.com/gb/podcast/smashing-security/id1195001633
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
1/19/2017 • 30 minutes, 32 seconds
003: Alexa! Get me an axe!
Donald Trump and that secret dossier, MongoDB databases under attack, Microsoft employees suffering from PTSD and Alexa buying doll houses. Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and security. Recorded live: Thursday 12 January, 2017 Watch the video version of this podcast at https://www.youtube.com/watch?v=BwpXbrEtgNg. SHOW NOTES Donald Trump finally believes Russia hacked the DNC 27,000 MongoDB servers have their data wiped, receive ransom demand for its safe return Advice on how to secure MongoDB Microsoft Anti-Porn Workers Sue Over PTSD TV News anchor says 'Alexa, buy me a dollhouse' with predictable results...
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
1/12/2017 • 26 minutes, 33 seconds
002: Invest in carrier pigeons
Donald Trump talks cybersecurity and explains how to keep your messages top secret, Ukrainian soldiers are being spied upon by Android malware and an artist has devised a novel way of avoiding facial recognition technology. Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and security. Recorded live: Thursday 5 January, 2017. Watch the video version of this podcast at https://www.youtube.com/watch?v=6jfvNSbSpt8 SHOW NOTES Trump's 'no computer is safe' stance could be disastrous for US and others, cybersecurity experts say Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units This camouflage makes you ‘immune’ from facial recognition cameras "Sophos RAPIL: Wiping the smile off virus writers' faces" (starring a young Vanja Svajcer)
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
1/5/2017 • 22 minutes, 49 seconds
001: One cup, two hotel guests
We discuss the pains of providing tech support to family and friends, when writing down your passwords is actually a good idea, and muse on cloud backup services. Cool gadgetry, smart basketballs, below-par hotel services and, of course, Christmas being "..in TWO days". Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online privacy and security. Recorded live, December 22 2016. Watch the video version at https://www.youtube.com/watch?v=mDfVI_EJWW0
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security
12/22/2016 • 27 minutes, 46 seconds
000: Coming up...
A trailer for the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined each week by special guests.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Support Smashing Security