Smashing Security
Subscribe
iTunes / Overcast / RSSWebsite
smashingsecurity.comEpisodes
Unleash the AI bot army against the scammers - now!
A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
O2?s AI granny Daisy unveils what she?s learnt from her time on the phone to scammers ? and what you can do to ruin their day - O2.Lenny - The Telemarketing Troll.I Built a Bot Army that Scams Scammers - Kitboga on YouTube.Takeaways From Our Money Laundering Investigation - The New York Times.Infiltrating scammer networks with the world?s top fraud fighters - YouTube.Open Street Map - Open Street Map.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!Drata - The world?s most advanced Trust Management platform ? making risk and compliance management accessible, continuous, and 10x more automated than ever before. 1Password Extended Access Management ? Secure every sign-in for every app on every device.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
This...
Link to episode
Peeping perverts and FBI phone calls
In episode 409 of the "Smashing Security" podcast, we uncover the curious case of the Chinese cyber-attack on Littleton's Electric Light Company, and a California landlord's hidden camera scandal.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
This is the FBI, open up. China's Volt Typhoon is on your network - The Register.Landlord recorded nude videos of woman tenant with cameras hidden in bedroom smoke detectors, lawsuit says - The Independent.Landlord arrested after tenant discovers hidden camera in rented room - PBSO.Hidden Cameras: What Travelers Need to Know - The New York Times.Shakespeare insults t-shirt - Royal Shakespeare Company.OAS Exhibitions - Oxford Art Society.Carole?s ?Rusty Sage? - Bluesky.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Drata - The world?s most advanced Trust Management platform ? making risk and compliance management accessible, continuous, and 10x more automated than ever before. Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Link to episode
A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant?s legal threats ignite a Streisand Effect wildfire? while a ransomware gang appears to ditch the dark web for postage stamps?
Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
'We wanted to help': Students arrested after exposing FreeHour security flaw - Times of Malta.Medusa ransomware gang demands $2M from UK private health services provider - DataBreaches.net.Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - DataBreaches.net.HCRG Care?s lawyers claimed an injunction issued in a ?private? hearing required us to remove two posts. We didn?t comply - DataBreaches.net.Security firm leaves more than five billion records exposed on unsecured database - Graham Cluley.After threatening me with legal action, Keepnet Labs finally issues statement over data breach - Graham Cluley.Sophos apologises for going legal on school techies - The Register.Mail Scam Targeting Corporate Executives Claims Ties to Ransomware - IC3.One of the nastiest ransomware groups around may have a whole new way of doing things - TechRadar.Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear - GuidePoint Security.Severance - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Palo Alto Networks - Get the 2025 Unit 42 Global Incident Response report to discover emerging threat trends, attacker tactics and expert recommendations to safeguard your business.Link to episode
HP's hold music, and human trafficking
Journey with us to Myanmar's shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company's mandatory hold time for tech support could lead to innocent users having their computers compromised.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus - don't miss our featured interview with Acronis CISO Gerald Beuchelt!
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
HP deliberately adds 15 minutes waiting time for telephone support calls - The Register.HP mandated 15-minute wait time for callers - why that was good news for criminals - Bob Sullivan.How vulnerable people are trafficked to fuel a global cyber scam industry - ABC News.Hundreds of foreigners freed from Myanmar's scam centres - BBC News.'I need help': Freed from Myanmar's scam centres, thousands are now stranded - BBC News.Some foreigners pulled out of Myanmar scam centres face struggle to get home - Yahoo! News.'Pig Butchering' Scam: How China's 'Broken Tooth' stole over $75 bn from global investors using crypto currencies - The Economic Times.Scunthorpe problem - Wikipedia.Scunthorpe Sans font.Sociopath: A Memoir by Patric Gagne - Goodreads.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Acronis - Integrated cybersecurity, data protection and endpoint management built for MSPs.Threat Vector - The podcast from Palo Alto Networks that gives you timely analysis of current security trends and challenges.Drata - The world?s most advanced Trust Management platform ? making risk and compliance management accessible, continuous, and 10x more automated than ever before.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on
Link to episode
History's biggest heist just happened, and online abuse
We explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion, and we look at what is being done to better defend women and girls' safety online.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Incident Update: Unauthorized Activity Involving ETH Cold Wallet - Bybit.Bybit Launches Recovery Bounty Program with Rewards up to 10% of Stolen Funds - Bybit.ZachXBT links Bybit hack to Lazarus Group - Twitter.Online Safety Act: explainer - GOV.UKThese Are The 10 Most Complained-About TV Moments In Ofcom's History - Ofcom. Ofcom to push for better age verification, filters and 40 other checks in new online child safety code - TechCrunch.UK?s internet watchdog toughens approach to deepfake porn - TechCrunch.Girlguiding research exposes alarming online harms facing girls - Charity Today News.Ofcom's approach to implementing the Online Safety Act - Ofcom. Women's abuse online: 'I get trolled every second, every day' - BBC. Amanda?s funniest moments in Motherland - YouTube.Amandaland - BBC iPlayer.Cassandra Sci-Fi Thriller limited series - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password ? Secure every app, device, and identity ? even the unmanaged ones at 1password.com/smashing.Scanner.dev provides a new technology offering fast search and threat detections for security data in S3 helping teams reduce the total cost of ownership of their SIEM by up to 90%. Try the interactive...Link to episode
A crypto con exchange, and soaring ticket scams
From shadowy Bitcoin exchanges to Interpol?s most wanted, Alexander Vinnik was the alleged kingpin behind BTC-e, a $4bn crypto laundering empire. Learn more about him, and how he became a geopolitical pawn between the US, France, and Russia. Plus! Hear how concert-goers are being warned about a swathe of scams hitting stadiums and arenas around the world.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
PLUS! Don't miss our featured interview with Cliff Crosland of Scanner.dev
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Russian National And Bitcoin Exchange Charged In 21-Count Indictment For Operating Alleged International Money Laundering Scheme And Allegedly Laundering Funds From Hack Of Mt. Gox - US Dept of Justice.BTC-e Operator Pleads Guilty to Money Laundering Conspiracy - US Dept of Justice.US releases Russian cybercriminal as part of exchange for teacher Marc Fogel - The Guardian.Lloyds Bank issues urgent warning over Taylor Swift ticket scams - Lloyds.Warning after more than 120k people queue for Black Sabbath Villa Park tickets as fans say 'scam' - Birmingham Live.?Don?t buy tickets for Beyoncé? - Minister Gayton McKenzie warns South Africans of concert scam - Independent Online.Beyonce Cowboy Carter tour fake tickets scam: Ticketmaster warns fans - USA Today.Singapore ticket scam queen jailed for three years after conning 76 Taylor Swift fans of S$110,000 - Malaysia News. Did Ozzy Osbourne really eat a bat? - Rock and Roll Garage.How to stop hiccups - Graham Cluley.The Telepathy Tapes podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password ? Secure every app, device, and identity ? even the unmanaged ones atLink to episode
Podcast not found
The story of how hackers managed to compromise the US Government's official SEC Twitter account to boost the price of Bitcoins, AI isn't helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware?
All this and more is discussed in episode 404 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Jane Wakefield.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
SEC's Twitter account hacked to say Bitcoin ETFs approved - Hot for Security.Twitter says it?s not its fault the SEC?s account got hacked - Graham Cluley.SEC Twitter hack blamed on SIM swap attack - Hot for Security.The SEC?s X account got hacked by a 25-year-old who went by ?AGiantSchnauzer? and got paid in Bitcoin, feds say - Fortune.Pupils share conspiracy theories for fun, with girls ?more susceptible? - The Times.AI chatbots unable to accurately summarise news, BBC finds - BBC News.US-led cybersecurity coalition vows to not pay hackers' ransom demands - TechCrunch.35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments - Chain Analysis.Ransomware: proposals to increase incident reporting and reduce payments to criminals - GOV.UK.The 2024 Ransomware Landscape: ?Looking back on another painful year? - IT Wire.The Space Doctor?s Big Idea by Randall Munroe - The New Yorker.Reading guide: Creation Lake by Rachel Kushner - Booker Prizes.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored...
Link to episode
Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
ZachXBT?s thread - Twitter.Coinbase employee tells users not to use a VPN or ad blocker - Twitter.What PowerSchool won?t say about its data breach affecting millions of students - TechCrunch.QR code - Wikipedia.Reed?Solomon error correction - Wikipedia.Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express.Scam alert: QR code on an unexpected package - Consumer AdviceNew Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog.What You Must Know Before Scanning a QR Code - AARP.?More? - Niall Conlon.?Money Men? by Dan McCrum - Penguin Books.Bitter Orange Marmalade Recipe - Ballymaloe Cooking School.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Tailscale ? Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password ? Secure every app, device, and identity ? even the unmanaged ones at 1password.com/smashing.Cortex Symphony 2025 -...Link to episode
Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee's actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations - CloudSEK.British Museum forced to partly close after alleged IT attack by former employee - The Guardian.Chart: What Do You Want to be When You Grow Up?- Statista.Tikked off: What happens when TikTok fame fades - Vox.Influencer burnout is real - Vox.Influencer slammed for staging fake kidnapping plot because she was ?bored? - Mirror Online."Mom influencer" Katie Sorensen sentenced to jail for falsely claiming couple tried to kidnap her kids at a crafts store - CBS News.Stock market influencer on the way to Coldplay concert kidnapped by data theft gang - The New Indian Express.Raycast.?Thank Goodness You?re Here? video game.The We Society Podcast - Academy of Social Sciences. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Tailscale ? Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password ? Secure every app, device, and identity ? even the...Link to episode
Hacks on the high seas, and how your home can be stolen under your nose
An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams.
All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Plus - don't miss our featured interview with Avery Pennarun of Tailscale.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Report from Corriere Di Bologna newspaper.Caro Musk, assumi subito l?hacker quindicenne di Cesena ? Il Foglio.15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun ? Hot for Security.90-year-old immigrant could lose Brooklyn home after deed theft scam, family says ? CBS News. Protect your home. Spot the signs of deed theft ? Better Business Bureau. Woman Charged for Scheme to Defraud Elvis Presley?s Family ? DOJ.Home Title Theft: How To Protect Yourself ? Forbes Advisor.Here?s How Scammers in America Can Take the Title to Your Home Without You Knowing It ? Moneywise.Could a Criminal Use Deed Fraud to Steal Your Entire Home? ? AARP.Could Fraudsters Steal Your Home From Under Your Nose? ? HomeOwners Alliance.Wizard Zines.Listen for the Lie ? Amazon.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Tailscale ? Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password ? Secure every app, device, and identity ? even the unmanaged ones atLink to episode
Hacker games, AI travel surveillance, and 25 years of IoT
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Player of Games - Grimes.?Path of Exile 2? Players Call Bulls**t on Elon Musk?s Video Game Stream - Gizmodo.Elon Musk "Playing" Path of Exile 2 - YouTube.Elon Musk is Lying About Being Good at Video Games - YouTube.Elon Musk Streams His ?Totally Not Boosted? ?Path of Exile 2? Character, Proves He Has No Idea What He?s Doing - Vice.Hacker Broke into ?Path of Exile 2? Admin Account, Hijacked Wave of Characters - 404 Media.Inside the Black Box of Predictive Travel Surveillance - WIRED.Average Number of Smart Devices in a Home 2025 - Consumer Affairs.Global IoT and non-IoT connections 2010-2025 - Statista.U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review. How the Internet of Things will be good for the planet - Thales Group.The ?Worst in Show? CES products put your data at risk and cause waste, privacy advocates say - AP News.The CES worst in show awards lampoon AI everthing - The Register.The Worst Devices of CES 2025!! - YouTube. This Could Be Your AI Robot Girlfriend - For $175,000 - Forbes.Link to episode
Honey in hot water, and reset your devices
Ever wonder how those "free" browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets.
Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss what you should do with your old, no-longer-wanted technology.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Exposing the Honey Influencer Scam - MegaLag on YouTube.The Honey Scam: Explained - Marques Brownlee on YouTube.14 million people don?t know how to erase their data from an old device - ICO. Electronics hoarding habit among Brits and Americans - SellCell.Practical advice for online and electronic devices - ICO. How to factory reset your Google Pixel phone - Google. How to factory reset your iPhone, iPad, or iPod touch - Apple. Reset your Android device to factory settings - Google. Erase your Mac and reset it to factory settings - Apple.Reset your PC - Microsoft.How do I perform a factory reset on my Samsung mobile device? - Samsung.Kagi search engine.Battery Heated Clothing - Fieldsheer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on
Link to episode
Fake CAPTCHAs, Harmageddon, and Krispy Kreme
This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down ? is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack.
All this and more is discussed in the latest jam-packed edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of "The AI Fix" podcast.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
CAPTCHAs from hell - Reddit.?DeceptionAds? ? Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising - Guardio.AI Safety Clock Ticks Closer To ?Midnight,? Signifying Rising Risk - Forbes.Krispy Kreme admits there's a hole in its security - The Register. Nutritional and Allergen Information - Krispy Kreme. &UDM=14.Does one line fix Google? - Tedium.ElevenLabs.The GCHQ Christmas Challenge 2024 - GCHQ.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on
Link to episode
Snowflake hackers, and under the influence
A Canadian man is arrested in relation to the Snowflake hacks from earlier this year - after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Accused Kitchener hacker unmasked after threatening woman online - The Waterloo Region Record.Canadian Man Arrested in Snowflake Data Extortions - Krebs on Security.Who wants to be next? - Bluesky post by Allison Nixon.Crypto Trader Kills His Mum For £500k After Going Into Debt To Maintain 'Perfect Lifestyle' - IB Times. Autopsy reveals injuries on body of Colleen Rebelo?s body after alleged murder - Australia News.Influencer Marketing Statistics 2024 - Artios.BLACKkKLANSMAN trailer - YouTube.A Soft Murmur.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on
Link to episode
Dishy DDoS dramas, and mining our minds for data
A CEO is arrested for turning satellite receivers into DDoS attack weapons, and we journey into the world of bossware and "affective computing" and explore how AI is learning to read our emotions ? is this the future of work, or a recipe for dystopia?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Korea arrests CEO for adding DDoS feature to satellite receivers - Bleeping Computer.Data on our minds: affective computing at work - IFOW. How Much Does 'Bossware' Really Curb Remote Work Slacking? - Inc. MN8 ? 2 Channel EEG Headphones - Emotiv.Commercial EEG Headsets for Enterprises - Emotiv.?Bossware? computer tracking devices harm workers? wellbeing, says report - The Times.Your Company?s Bossware Could Get You in Legal Trouble - 1Password.The Abandoned, Apocalyptic Architecture of One Bold 1970s Retail Chain - Atlas Obscura.Bankrupt - BEST Products Co. - YouTube.Defunct BEST Products Store Architecture Documentary - YouTube.Play Winning Cribbage - Amazon.Cribbage Classic - iOS App Store.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on
Link to episode
Gym hacking, disappearing DNA, and a social lockout
A Kansas City man is accused of hacking into local businesses, not to steal money, but to... get a cheaper gym membership? A DNA-testing firm has vanished, leaving customers in the dark about what's happened to their sensitive genetic data. And Australia mulls a social media ban for youngsters.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
KC Man Indicted for Computer Hacking - Department of Justice.DNA testing company vanishes along with its customers? genetic data - Malwarebytes.DNA firm holding highly sensitive data 'vanishes' without warning - BBC News.Australia proposes 'world-leading' ban on social media for children under 16 - Reuters.The government has introduced laws for its social media ban. But key details are still missing - The Conversation.Australia's under-16 social media age ban legislation excludes messaging apps - YouTube.Australia?s plan to ban children from social media popular but problematic - PBS News.Which Countries Are Considering Social Media Bans For Teens? - Newsweek.Graham?s previous encounter with hobs with knobs - Smashing Security.?The Day of the Jackal? trailer - YouTube."Anora? trailer - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally....Link to episode
Digital arrest scams and stream-jacking
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under "digital arrest", how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
'You are under digital arrest': Inside a scam looting millions from Indians - BBC News.Digital Arrest Scam: How You Can Stay Safe - YouTube.Tamil Nadu Professor Placed Under Digital Arrest, Duped of Rs 10 Lakh - YouTube.'Mann Ki Baat' episode 115 - India Prime Minister Narendra Modi.?My YouTube Channel Got Deleted Last Night..? - Bitz on YouTube.NCA shuts down major fraud platform responsible for 1.8 million scam calls - National Crime Agency.O2 launches free anti-scam caller identification for millions of customers - O2. AI Scambaiters: O2 creates AI Granny to waste scammers? time - YouTube.?StreamJacking? - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams - Guardio.Graham Cluley on Bluesky.Maria Varmazis on Bluesky.Dan Da Dan - Netflix.Butter by Asako Yuzuki - Harper Collins.'Butter' book review: Meditations on murders - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation?...Link to episode
Who needs a laptop to hack when you have a Firestick?
Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil's COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he was placed under police protection... in a Travelodge outside Oxford.
Plus Bengal cat lovers in Australia should be on their guard, as your furry feline friends might be leading you into a dangerous trap., and there's yet more headaches for troubled 23andMe.
All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.
Plus don't miss our featured interview with Paul Fryer from BlackBerry.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
FBI issues warning as crooks ramp up emergency data request scams - The Register.Optimistic father of LAPSUS$ hacking suspect says he?s going to try to stop him using computers - Graham Cluley.LAPSUS$: GTA 6 hacker handed indefinite hospital order - BBC News.This Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him - Wall Street Journal.Bengal cat lovers in Australia get psspsspss?d in Google-driven Gootloader campaign - Sophos.Struggling DNA-testing site 23andMe to lay off 40% of its workers - BBC News.Remember That DNA You Gave 23andMe? - The Atlantic.Big Pharma Would Like Your DNA - The Atlantic.Addressing Data Security Concerns - Action Plan - 23andMe Blog.YTCH - YouTube-like cable TV.Space: 1999 opening titles - YouTube.Space: 1999 - Wikipedia.Wicked movie: Mattel 'deeply regrets' porn site misprint on dolls - BBC News.The Wicked Movie - Official Wicked Movie site.Mattel's 'Wicked' Movie Dolls Mistakenly List Porn Site on Packaging - Variety.Smashing Security merchandise (t-shirts, mugs,...Link to episode
Pasta spies and private eyes, and are you applying for a ghost job?
Mamma Mia! A major hacking scandal in Italy has expanded to include alleged involvement from Israel and the Vatican, and just why are companies advertising jobs that don't exist?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Massive hack-for-hire scandal rocks Italian political elites - Politico.Dossieraggi, i contatti con il Mossad e i dati passati al Vaticano. ?Aiutiamo la Chiesa contro la Russia o no?? - La Repubblica.That position you just applied for might be a 'ghost job' that'll never be filled - The Register.Ghost jobs: why do 40% of companies advertise positions that don?t exist? - The Guardian.Job boards are still rife with 'ghost jobs'. What's the point? - BBC.How To Spot Ghost Jobs And Make Your Job Search More Efficient - Forbes.What Are Ghost Jobs and How Can You Avoid Them? - Tech.coThat job you applied for might not exist. Here's what's behind a boom in "ghost jobs." - CBS News.The Coming Storm - BBC Radio 4.Things fell apart - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!Flashpoint - Access the industry?s best threat data and intelligence.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or
Link to episode
The secret Strava service, deepfakes, and crocodiles
In this week's episode your hosts practice standing on one leg, Carole gives Graham a deepfake quiz, and we investigate how Strava may be exposing the movements of world leaders.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Smashing Security #063: Carole?s back.Privacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared online - We Live Security.Smashing Security #330: Deepfake Martin Lewis, and a deadly jog in the park.How Emmanuel Macron can be tracked - Le Monde.How Emmanuel Macron can be tracked - YouTube.The Pentagon Wants to Use AI to Create Deepfake Internet Users - Intercept.Is AI eroding democracy ahead of the US election? - BBC News.Fooled twice: People cannot detect deepfakes but think they can - PMC.Detect Fakes - Kellogg Northwestern.DON'T LET AI STEAL YOUR VOTE! - YouTube.Deepfakes fool more than half of Americans, UVU study shows - KLS News radio.Crocodiles Of The World.Here's How Long You Should Be Able To Stand On 1 Leg By Age - Huffington Post.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us...
Link to episode
When security firms get hacked, and your new North Korean remote worker
The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
SolarWinds Sunburst supply chain attack - Wikipedia.Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.Watch ?Undercover: Exposing the Far Right? - Channel 4.Undercover film exposing UK far-right activists pulled from London festival - The Guardian.Kermode and Mayo?s Take - YouTube.The Fear of God: 25 Years of the Exorcist ? BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000...Link to episode
WordPress vs WP Engine, and the Internet Archive is down
WordPress's emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
WP Engine is not WordPress - WordPress.Secure Custom Fields - ??WordPress.Tweet from Advanced Custom Fields.Advisory: Advanced Custom Fields changes - Tim Nash.WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly - The Register.Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer.The Internet Archive is still down but will return in ?days, not weeks? - The Verge.Dimsdale podcasts - OTR radio drama comedy and more.Jeff Goldblum?s furiously fun Greek gods drama is a masterpiece - The Guardian.KAOS - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!Flashpoint - Access the industry?s best threat data and intelligence.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on
Link to episode
Vacuum cleaner voyeur, and pepperoni pact blocks payout
Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner might be spying on you, and ordering a pizza could cost you your right to sue.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
We hacked a robot vacuum ? and could watch live through its camera - ABC News.Their Uber Driver Crashed. A Pizza Order Unraveled Their Injury Lawsuit - NY Times.A court blocks a couple from suing Uber over a crash, citing terms and conditions - NPR.Taken for a Ride: Parents Can't Sue Uber Over Crash After Daughter's Uber Eats Order - Law.incNew Jersey Court Bars Uber Crash Victims from Lawsuit, Citing App Agreement - The Legal Journal.Couple Seriously Injured in Uber Crash Blocked From Court by Uber Eats Terms - The Insurance Journal.Disney axes bid to stop wrongful death lawsuit over Disney+ terms - BBC.Sherwood - BBC iPlayer.Chocolate Guinness Cake - Nigella.The Best Banana Cake I've Ever Had - Sally's Baking Addiction.My Favorite Carrot Cake Recipe - Sally's Baking Addiction.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or
Link to episode
Breaches in your genes, and Kaspersky switcheroo raises a red flag
From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice.Sophos punts anti-virus for Klingons - The Register.Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury.Kaspersky says Uncle Sam snubbed its verification proposal - The Register.Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV - PC Mag. Kaspersky software replaced by 'UltraAV' on some US PCs - The Register.Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky.US bans Kaspersky antivirus software for alleged Russian links - BBC News.Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security.MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database.100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing
Link to episode
The $230 million crypto handbag heist, and misinformation on social media
Two men are accused of stealing almost a quarter of a billion dollars from one person's cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation in your most private moments...
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
ZachXBT?s thread on Twitter.Indictment Charges Two in $230 Million Cryptocurrency Scam - Department of Justice.Two men arrested one month after $230 million of cryptocurrency stolen from a single victim - Bitdefender.Skylar Harrison tells her handbag story - TikTok.Social media?s role in fueling extremism and misinformation in a divided political climate - PBS News.Misinformation on social media - statistics & facts - Pew Research.Social Media and News Fact Sheet, 2024 - Pew Research Center."Hyperactive" by Lasse Gjertsen - YouTube.Cribbage JD - Play Online - Cardsjd.Paddlers Cribbage - L.L. Bean.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or
Link to episode
TFL security derailed, and is Trump the king of crypto?
Transport for London (TfL) suffers a cybersecurity incident and tells its 30,000 staff they will all have to their identities verified... in-person. Who might have been behind the attack and why? Meanwhile, Donald Trump's curious relationship with cryptocurrency is explored.
All this and Demi Moore is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
(This episode was recorded before the former US President survived a second assassination attempt)
Episode links:
TFL cybersecurity incident announcement.TFL Employee Hub.DICK'S shuts down email, locks employee accounts after cyberattack - Bleeping Computer.MGM Resorts shuts down IT systems and slot machines go quiet following "cybersecurity incident" - Hot for Security.Teenage suspect in MGM Resorts hack arrested in Britain - The Record.Arrest made in NCA investigation into Transport for London cyber attack - NCA.Donald Trump Prepares to Unveil World Liberty Financial, a Cryptocurrency Business - The New York Times.Behind the Trump Crypto Project Is a Self-Described ?Dirtbag of the Internet? - Bloomberg. Cryptocurrency price on July 22: Bitcoin hits $68,000 level, Dogecoin, Avalanche surge up to 11% - The Economic Times.Trump vows to make US ?world capital of crypto,? taps Musk for new task force - CoinTelegraph.What bankers need to know about Trump's World Liberty Financial - Yahoo! Finance. Bitcoin soars to two-week high after Trump attack - Reuters.Trump pitches himself as 'crypto president' at San Francisco tech fundraiser - Reuters.Aave fork on...Link to episode
A room with a view, AI music shenanigans, and a cocaine bear
It's a case of algorithm and blues as we look into an AI music scam, Ukraine believes it has caught a spy high in the sky, and a cocaine-fuelled bear goes on the rampage.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Ukrainian detained for allegedly installing CCTV cameras to aid Russian attacks - The Record.Russia calls for restrictions on surveillance cameras, dating apps in cities under attack from Ukraine - The Record.Christo and Jeanne-Claude art projects.North Carolina Musician Charged With Music Streaming Fraud Aided By Artificial Intelligence - United States Department of Justice.Man Arrested for Creating Fake Bands With AI, Then Making $10 Million by Listening to Their Songs With Bots - The Futurist.Kobo Clara BW ereader - Kobo.Cocaine Bear: Why? - The Atlantic.Cocaine Bear Official trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Twitter at @SmashinSecurity, or
Link to episode
The Godfather club, and AirTags to the rescue
There's a whole new dating scam that could mean you end up out of pocket (or beaten up) after a first date with a glamorous admirer, and a woman in Los Alamos uses an Air Tag to entrap a thief.
Plus - don't miss our featured interview with Maya Levine of Sysdig.
All this, and a very bad Cockney accent, in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Mail Theft Suspect Apprehended Using AirTag - Santa Barbara County Sheriff?s Office.Google and Apple deliver support for unwanted tracking alerts in Android and iOS - Google Security blog.Apple and Google deliver support for unwanted tracking alerts in iOS and Android - Apple.Barclays Scams Bulletin: Men more likely to fall victim to romance scams, while women lose more money - Barclays.3 men trapped by same woman: Journalist on modus operandi of dating app scams - India Today. Mumbai club under fire for 'dating scam' after man gets Rs 61,000 bill - India News.Romance scams in 2024 + online dating statistics - Norton.Tips for romance scams - Better Business Bureau.What to know about romance scams - Consumer Advice.The Godfather club dating app scam in Mumbai - YouTube.What accent does Butcher have in ?The Boys?? - NME.Shokz bone conduction headphones - Shokz.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management - Secure every sign-in for every app on every device.Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.Material Security ? email security that covers the full threat landscape ?Link to episode
Smashing Security presents The AI Fix: An AI cookery dumpster fire, the ARC prize, and a creepy new AI friend
While "Smashing Security" is on its summer holiday, here's a chance to listen to an episode of its sister show - "The AI Fix".
In episode ten of The AI Fix, Graham attempts to say "quinoa", Mark draws a line in the amper-sand, ChatGPT becomes an expert in solar panels and bomb disposal, and our hosts watch a terrifying trailer for a creepy new AI friend.
Graham discovers that the world of AI cookery is a soggy, limey mess, and learns an unusual trick for making a great mojito, while Mark pits his co-host against the cleverest AI brains in the world.
Episode links:
OpenAI starts rollout of Advanced Voice Mode.UK Government shelves £1.3bn UK tech and AI plans.Friend trailer.Artificial intelligence has hard time with accents.Netherlands court uses ChatGPT to decide things.Argentina will use AI to ?predict future crimes? but experts worry for citizens? rights.Twitter thread on crockpot cookbook.Get ready for AI to rip off your favorite cookbooks.?One of the most disgusting meals I?ve ever eaten?: AI recipes tested.This cookbook author was a best-seller on Amazon ? but she may not even be human.ARC Prize.ARC Prize leaderboard.On the Measure of Intelligence research paper by François Chollet.The AI Fix
The AI Fix podcast is presented by Graham Cluley and Mark Stockley.
Learn more about the podcast at theaifix.show, and follow us on Twitter at @TheAIFix.
Never miss another episode by following us in your favourite podcast app. It's free!
Like to give us some feedback or sponsor the podcast? Get in touch.
This...
Link to episode
CrowdStrike, Dark Wire, and the Paris Olympics
Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by running a secret end-to-end encrypted messaging app!
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity journalist and the author of ?Dark Wire?, Joseph Cox.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
How a single IT update caused global havoc - BBC News.Anti-Virus Software Sees Self as Malware, Deletes Itself - NBC News report about Sophos snafu in 2012.Tweet about CrowdStrike outage by Kaspersky - Twitter.?Dark Wire? by Joseph Cox.Inside the Biggest FBI Sting Operation in History - WIRED.Trump shooter's online activity shows searches of rally site, use of encrypted platforms, officials say - CBS News.Mass Surveillance - Privacy International.338 sites internet frauduleux de revente de billets recensés à quelques semaines du début de la compétition - France Info.From wiretapping to geolocation data collection: AI mass surveillance for the Paris Olympics draws privacy concerns - Fast Company.Heading to the Paris Olympics? Don't Fall for These Scams - PC Mag.AI mass surveillance at Paris Olympics ? a legal scholar on the security boon and privacy nightmare - Scientific American.AI mass surveillance at Paris Olympics ? a legal scholar on the security boon and privacy nightmare - The Conversation.Paris 2024: Medal table predictions, facts, opening day schedule and records that could be broken - Euronews.Paris Olympics 2024: Your ultimate guide - The Telegraph.Link to episode
Trump assassination conspiracies, Squarespace account hijacks, and the butt stops here
Social media fuels conspiracies galore after Donald Trump is shot at a rally, cryptocurrency websites are hijacked after a screw-up at Squarespace, and our guest takes a close look at bottoms on Instagram.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Killed by Google.Squarespace Enters Definitive Agreement to Acquire Google Domains Assets - Squarespace.A Squarespace Retrospective, or How to Coordinate an Industry-Wide Incident Response - Security Alliance.Trump shooting: all seven conspiracy theories examined - The Telegraph.Fact-checking the wild conspiracy theories related to the attempted Trump assassination - PBS News.We fact-checked some of the rumors spreading online about the Trump assassination attempt - Reuters.Minutes after Trump shooting, misinformation started flying. Here are the facts - AP News.Joy Reid suggests Trump couldn't 'avoid the consequences' of his own rhetoric after assassination attempt - Fox News.The Gunshots Rang Out. Then the Conspiracy Theories Erupted Online - New York Times.Trump assassination attempt ? News, Research and Analysis - The Conversation.Douglas is Cancelled - ITV.Douglas Is Cancelled review ? you might hate this show for daring to exist - The Guardian.Klappbollerwagen 'Cruiser' - PinoLino.Videos for Cats to Watch - YouTube.Cat TV for Cats to Watch - YouTube.Link to episode
Teachers TikTok targeted, and fraud in the doctors? waiting room
Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus don't miss our featured interview with Jason Meller of 1Password.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Outcome, a hot tech startup, misled advertisers with manipulated information, sources say - Wall Street Journal.Three Former Executives Sentenced for $1B Corporate Fraud Scheme - US Department of Justice.Graham dancing - TikTok.Students Target Teachers in Group TikTok Attack, Shaking Their School - The New York Times.?Thank you very much indeed?Presumed Innocent ? Official Trailer - Youtube.Presumed Innocent - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.mWISE - Don't miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 ? 19 2024 in Denver.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and
Link to episode
Private nights, evil twins, and crypto home invasions
Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast (co-hosted with Graham!).
Talk about nepotism.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Hoos Out Tonight? Dundee medical student launches new app which reveals ?hot? pubs - The Courier.?It?s completely invasive?: New app lets you spy on SF bars to see if they?re poppin? - San Francisco Standard.Florida Man Convicted in Violent Crypto Theft Spree - Crypto Daily.Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree - Wired.Man charged over creation of ?evil twin? free WiFi networks to access personal data - Australian Federal Police.Police allege 'evil twin' in-flight Wi-Fi used to steal info - The Register.Australian charged for ?Evil Twin? WiFi attack on plane - Bleeping Computer.Suno - make a song about anything.The AI Fix podcast - hosted by Graham Cluley and Mark Stockley.Putty Pals - Nintendo Switch.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Twitter at...
Link to episode
Julian Assange, inside a DDoS attack, and deepfake traumas
Wikileaks's Julian Assange is a free man, deepfakes cause trouble in the playground, and we hear hot takes about ransomware and tales from inside a devastating denial-of-service attack.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Eleanor Dallaway.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Julian Assange lands in Australia a free man - BBC News.Smashing Security episode 245: The Julian Assange assassination plot, and IoT toilets.Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks - Yahoo News.Surprise! WikiLeaks won?t just hand over details of zero-day vulnerabilities to tech firms - Graham Cluley.Tubthumping (Q3 2021 Issue) - Infosecurity Magazine.Infosecurity Magazine suffering ?significant? DDoS attack - Cybernews.Infosecurity Magazine is Back Online! - Infosecurity Magazine.YouTube now lets you report AI deepfakes of yourself - MSN.Two private schools face police probe over claims pupils used AI to 'create deepfake porn images of up to a dozen girls' - Daily Mail. We're calling on the next government to protect women and girls from image-based abuse - Glamour Magazine. Deepfakes as a Security Issue: Why Gender Matters - WiisGlobal.AI poses disproportionate risks to women - Brookings.'Violating and dehumanising': How AI deepfakes are being used to target women - Euronews.Snapshot Paper - Deepfakes and Audiovisual...Link to episode
An unhealthy data dump, railway surveillance, and a cheater sues Apple
There's a wee data breach with unhealthy implications in Scotland, privacy has gone off the rails in the UK, and a cheater blames Apple for his expensive divorce.
All this and much more is discussed in the latest edition of the ?Smashing Security? podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter of the "Compromising Positions" podcast.
Plus don't miss our featured interview with Abhishek Agrawal, CEO of Material Security.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Cyber attacks update - NHS Dumfries & Galloway.J Paul Getty - Wikipedia.Cyber expert urges against 'panic' over NHS data leak - BBC News.?Don?t panic? - Corporal Jones from Dad?s Army - YouTube.All households in Scottish region to get alert about hackers publishing stolen medical data - The Record.Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers - Wired.Man ludicrously blames Apple for his wife catching him communicating with prostitutes - Apple Insider.Businessman sues Apple after wife finds ?deleted? iPhone messages to prostitute - LBC.?Tech made me do it? is no excuse for adultery - The Times.Is it DNS??My name is Barbra? - Amazon.?I'm Glad My Mom Died? by Jennette McCurdy - Simon & Schuster.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management ? Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Material Security ? email security that covers the full threat landscape ? stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.SUPPORT...
Link to episode
iOS 18 for cheaters, and a model cop extortionist?
Apple announces a new privacy feature in iOS that will allow you to hide and lock away your apps - but will it be philanderers who benefit the most? And an ex-police officer is arrested for extortion.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Graham?s video thanking people for voting for ?Smashing Security? - Twitter.iOS 18 makes iPhone more personal, capable, and intelligent than ever - Apple.Apple's new iOS 18 feature is being called 'a cheater's paradise' - Daily Mail.2 Accused In Internet Extortion Scheme Against Boss - Patch.District Attorney: Ex-police officer turned model among duo arrested in Orange County - Westchester News.Former N.Y. cop, internet model Ally Thueson arrested for extortion - NY Daily News. Extortion - FindLaw.Smile politely, nod awkwardly: greeting people you barely know - University Times.How to pass people in hallway without awkwardness? - Reddit.How Long Should a Great Kiss Last? - Psychology Today.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
1Password Extended Access Management - Secure every sign-in for every app on every device.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or
Link to episode
Crashing robo-taxis, and name-dropping rappers
Drones, some coloured cardboard, and a piece of tinfoil may be all the kit you need to crash a robot-driven taxi, and a rapper is accused of using Justin Bieber's name to defraud a TV company.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Riding Baidu's self-driving robo-taxi - YouTube.Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving - Research paper.Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard - The Register.Gang of Hackers Tries to Steal Baidu?s Driverless Car Secrets - Bloomberg.Rapper Sean Kingston agrees to return to Florida, where he and mother are charged with $1M in fraud - AP News.Sean Kingston Extradited From California to Florida in Fraud and Theft Case - Entertainment Tonight.Rapper Sean Kingston, his mother arrested on fraud charges after SWAT raid at his Southwest Ranches home - Sun Sentinel.What is fraudulent use of personal identification information? - Pumphrey Law.Google?s AI really is that stupid, feeds people answers from The Onion - AV Club.Some of Google?s ?best? AI search results - Twitter.Google Rolls Back A.I. Search Feature After Flubs and Flaws - NY Times.Sure, Google?s AI overviews could be useful ? if you like eating rocks - The Guardian.Citymapper.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Link to episode
Microsoft?s Recall controversy, and the North Korean insider threat
Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Microsoft's new Windows 11 Recall is a privacy nightmare - Bleeping Computer.Statement in response to Microsoft Recall feature - ICO.Arizona woman charged in North Korean IT worker scheme that raised millions - CNN.Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea - US Department of Justice.New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers - FTC website.Who?s who in scams: a spring roundup - FTC.Udio.Geoff's Labyrinth ext v2 - Graham?s AI song about Geoff White?s book ?Rinsed?.?Nuclear War? by Annie Jacobsen - Amazon.The Patient - Disney+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Kolide ? Kolide ensures that if your device isn?t secure it can?t access your cloud apps. It?s Device Trust for Okta. Watch the demo today!Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become
Link to episode
iPhone undeleted photos, and stealing Scarlett Johansson?s voice
iPhone photos come back from the dead! Scarlett Johansson sounds upset about GPT-4o, and there's a cockup involving celebrity fakes.
All this and much more is discussed in the latest edition of the ?Smashing Security? podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes.
Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale.The worst sales promotion in history - The Hustle.Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media.UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security.£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley.Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired.OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. How the voices for ChatGPT were chosen - OpenAI.As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News.What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times.Scarlett Johansson?s Statement About Her Interactions With Sam Altman - The New York Times.Kin TV series - Wikipedia.Portal connecting Dublin and New York 'reawakens' under new restrictions after 'inappropriate behaviour' - Sky News.How to cook the perfect chicken rendang ? recipe - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Link to episode
The fake deepfake, and Estate insecurity
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter's cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers' one-time-passcodes via a secretive online service.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
?Got that boomer!?: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts - TechCrunch.Cheerleader's mom created deepfake videos to allegedly harass her daughter's rivals - ABC News.Bucks County mom doctored videos to harass girls on daughter's cheerleading sqaud, prosecutors say - Philly Voice.Spone v. Reiss, Civil Action 23-0147 - Casetext.Mother 'used deepfake to frame cheerleading rivals' - BBC News.She was accused of faking an incriminating video of teenage cheerleaders. She was arrested, outcast and condemned. The problem? Nothing was fake after all - The Guardian.Parkrun - Wikipedia.Parkrun UK.Oxfordshire Artweeks 2024 - Artweeks homepage. Carole?s art website - carole.wtfSmashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Kolide ? Kolide ensures that if your device isn?t secure it can?t access your cloud apps. It?s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a...
Link to episode
Unmasking LockBitsupp, company extortion, and a Tinder fraudster
The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster stole £80,000 from women he met on Tinder.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by ?Ransomware Sommelier? Allan Liska.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company - US Department of Justice.United States vs Vincent Cannady (PDF) - US Department of Justice.LockBit leader unmasked and sanctioned - NCA.Romance fraudster defrauded women of £80,000 - BBC News.15 of the Most Trustworthy Accents in the UK Revealed - Country Living.Omoton phone car mount - Omoton.Stories are weapons by Annalee Newitz - WW Norton.All the Beauty in the World: A Museum Guard's Adventures in Life, Loss and Art by Patrick Bringley - Penguin.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Kolide ? Kolide ensures that if your device isn?t secure it can?t access your cloud apps. It?s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Twitter at @SmashinSecurity, or Mastodon, or...
Link to episode
The closed loop conundrum, default passwords, and Baby Reindeer
The UK Government takes aim at IoT devices shipping with weak or default passwords, a man spends two years incarcerated after being mistaken for the person who stole his identity, and are you au fait with the latest scams?
All this and much more is discussed in the latest edition of the ?Smashing Security? podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
New laws to protect consumers from cyber criminals come into force in the UK - UK Government.Mirai - Wikipedia.Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.5 scams you need to know about in 2024 - Which? News.How fraudsters are getting fake articles onto Facebook - BBC News.Five Scams To Beware In 2024 - Forbes Advisor UK.Eerie ?breathing? mistake to listen out for exposes costly AI ?audio deepfake' scam calls that take just seconds to make - The Sun.How to spot fraud - UK Government.Etymology Monday: David Crystal on the word ?gaggle? - Literary Minded.Moon - Wikipedia.Baby Reindeer - Netflix.Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Sonrai?s Cloud Permissions Firewall ? A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Link to episode
Keeping the lights on after a ransomware attack
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
When a breach goes from 25 documents to 1.3 terabytes? - Graham Cluley.Leicester street lights stuck on all day due to cyber attack - Leicester Mercury.Top AI researchers race to detect ?deepfake? videos: ?We are outgunned - Washington Post.AI deepfakes threaten to upend global elections. No one can stop them - Washington Post.Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today.Why Elections Take So Long in India - The New York Times.How A.I. Tools Could Change India?s Elections - The New York Times.Bollywood deepfakes fuel AI election meddling fears in India - GG2.World Explained: How India's politicians are using AI to reach voters in the world?s most populous country - The Scotsman.12 Angry Men - Wikipedia.VIA Rail.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Sonrai's Cloud Permissions Firewall - A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Kolide ? Kolide ensures that if your device isn?t secure it can?t access your cloud apps. It?s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:
Tell your...
Link to episode
Gary Barlow, and a scam turns deadly
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio.
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Animal Crossing with Garry Kasparov - Smashing Security.Gary Barlow - Wikipedia.I was catfished by a fake Gary Barlow on Facebook - Daily Mail.Video shows Clark County man charged with murder confront Uber driver - Springfield News.Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail.Boxfit classes - Better.Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!Kolide ? Kolide ensures that if your device isn?t secure it can?t access your cloud apps. It?s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:
Tell your friends and colleagues about ?Smashing Security?, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
?FOLLOW US:
Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and
Link to episode
WhatsApp at Westminster, unhealthy AI, and Drew Barrymore
MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Naked photos sent in WhatsApp ?phishing? attacks on UK MPs and staff - Politico.How I was targeted in the Westminster honeytrap - BBC News.The Westminster honeytrap plotter tried to catch me too - The Times.How Westminster WhatsApp ?honey trapper? targeted party conference season - Politico.William Wragg quits Commons roles over Westminster honeytrap - BBC News.A new prescription - The Economist.Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register.?The Drew Barrymore Show? Targeted by Fraudsters in Celebrity Scamming Effort - Yahoo! News.?Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety.Guy Fieri Calls Drew Barrymore ?Gangster? For Talking With Her ?Mouth Full Of Food? On ?The Drew Barrymore Show? - Decider. Beware The Fake Drew Barrymore Le Creuset Cookware Giveaway Scam - Malware Tips.Carmen - Royal Opera House.Mandy - BBC iPlayer.Anita de Monte Laughs Last - Bloomsbury.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? StepLink to episode
Money-making bots, and Incognito isn?t private
Google says it is deleting your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot - 404.Biden Bans Rival Nations From Buying Sensitive US Data - Good Luck - Wired.6 practical reasons to use Incognito mode in your browser - USA Today.Brown v. Google LLC Settlement Agreement - DocumentCloud.Google agrees to settle $5bn lawsuit claiming it secretly tracked users - The Guardian.Chrome updates Incognito warning to admit Google tracks users in ?private? mode - Ars Technica.Google changes wording for Incognito browsing in Chrome - Malwarebytes.The Incognito Mode Myth Has Fully Unraveled - Wired.Google Agrees to Delete ?Incognito? Browsing Data to Settle Class-Action Lawsuit - TIME.Amazon refuses to refund me £700 for iPhone 15 it didn?t deliver - Graham Cluley.Concorde - Lego.Cover song: samsung dryer no. 2 - YouTube.Play Drums on Samsung Washing Machine Song - YouTube.With samsung washing machine violinist - YouTube.Samsung Washing Machine Song with Piano [Franz Schubert's "Die Forelle"] - YouTube.Duet for harp and dryer - YouTube.Link to episode
Hacking hotels, Google?s AI goof, and cyberflashing
Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Unsaflok - Security vulnerabilities in Saflok hotel locks.3 million doors open to uninvited guests in keycard exploit - The Register.Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - Wired.Google's new AI search results promotes sites pushing malware, scams - Bleeping Computer.Man who sent nude picture to teenage girl is jailed under new cyberflashing laws - The Independent.Cyber-flashing convict is first to be jailed under new law - BBC News.What to do if you?re a victim of cyber flashing and how to report it - Metro.The first cyberflasher has been convicted: meet the woman who made it happen - Yahoo!What is cyber flashing? 'Banter' ? or a sinister breach of consent - UK News.Love Island star sent unsolicited pictures online calls for tougher cyber laws - Bristol Live.Secret Agent Shenanigans: 13 Weird Spy Weapons And Gadgets - Stay Weird.Baldur?s Gate 3.Merlin Bird ID - Conell Labs.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money. Smashing Security listeners get 10% off!KolideLink to episode
Bing pop-up wars, and the British Library ransomware scandal
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack.
All this and more is discussed in the latest edition of the ?Smashing Security? podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Search engine market share - Oberlo.A compilation of Bing ads - YouTube.With Edge, Microsoft?s forced Windows updates just sank to a new low - The Verge.Microsoft fixes Edge browser bug that was stealing Chrome tabs and data - The Verge.Is this Microsoft Bing Popup Malware? - Reddit.Microsoft confirms Bing pop-up ads in Chrome on Windows 11 & Windows 10 - Windows Latest.?A 22-carat disaster?: what next for British Library staff and users after data theft? - The Guardian.LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review - British Library.The Disturbing Impact of the Cyberattack at the British Library - The New Yorker.Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them? - The Guardian.Have we literally broken the English language? - The Guardian.According to the dictionary, "literally" now also means "figuratively" - Salon.Good Morning, Monster: A Therapist Shares Five Heroic Stories of Emotional Recovery - Amazon.Good Morning, Monster - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and...Link to episode
Stuck streaming sticks, TikTok conspiracies, and spying cars
Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Smashing Security episode 317 - Includes a discussion of which came first - Battle Bots or Robot Wars??Disgraceful?: Messy ToS update allegedly locks Roku devices until users give in - Ars Technica.Dispute resolution terms - Roku.Enshittification - Wikipedia.Craig Shergold - Wikipedia.?Why TikTok Is Becoming A Conspiracy Playground? - YouTube.Dave Bittner?s AI-generated image of Graham Cluley - Twitter.Graham?s AI-generated video about pig butchering - Twitter.Automakers Are Sharing Consumers? Driving Behavior With Insurance Companies - New York Times.Drivers concerned as automakers share driving data with insurance companies - NewsByte.Carmakers are sharing driving habits with insurance companies, unbeknownst to owners - TechSpot.Google Arts & Culture.WELI - Kangaroo Time (Club Edit) (From Dance Your PhD 2024 - OVERALL WINNER) - YouTube.Dance Your Ph.D. - Wikipedia.Animal DNA Run - CrazyGames.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
Kiteworks ? Step into the future of secure managed file transfer with Kiteworks.Vanta ? Expand the scope of your security program with market-leading compliance automation? while saving time and money....Link to episode
Ransomware fraud, pharmacy chaos, and suicide
Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
Mogilevich claims it has breached Epic Games - Twitter.Fraudster?s fake data breach claims should remind media to be carefu what we report - DataBreaches.net.Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender.US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters.Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired.Vastaamo data breach - Wikipedia.The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security ? Sophos.Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle.Prosecutors call for maximum penalty over Vastaamo hacking - Helsinki Times.Self-pay gas station pumps break across NZ as software can?t handle Leap Day - Ars Technica.Citrix, Sophos software impacted by 2024 leap year bugs - Bleeping Computer.Resident Alien trailer - YouTube.Link to episode