Smashing Security

Graham Cluley & Carole Theriault

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the "Best Cybersecurity Podcast" in 2018, 2019, and 2023, and the "Most Entertaining" in 2022 and 2023, Smashing Security has had over nine million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy read less
TechnologyTechnology

Episodes

Teachers TikTok targeted, and fraud in the doctors’ waiting room
4d ago
Teachers TikTok targeted, and fraud in the doctors’ waiting room
Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with Jason Meller of 1Password.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Outcome, a hot tech startup, misled advertisers with manipulated information, sources say - Wall Street Journal.Three Former Executives Sentenced for $1B Corporate Fraud Scheme - US Department of Justice.Graham dancing - TikTok.Students Target Teachers in Group TikTok Attack, Shaking Their School - The New York Times.“Thank you very much indeed”Presumed Innocent — Official Trailer - Youtube.Presumed Innocent - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.mWISE - Don't miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and
Private nights, evil twins, and crypto home invasions
Jul 3 2024
Private nights, evil twins, and crypto home invasions
Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast (co-hosted with Graham!).Talk about nepotism.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hoos Out Tonight? Dundee medical student launches new app which reveals ‘hot’ pubs - The Courier.‘It’s completely invasive’: New app lets you spy on SF bars to see if they’re poppin’ - San Francisco Standard.Florida Man Convicted in Violent Crypto Theft Spree - Crypto Daily.Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree - Wired.Man charged over creation of ‘evil twin’ free WiFi networks to access personal data  - Australian Federal Police.Police allege 'evil twin' in-flight Wi-Fi used to steal info - The Register.Australian charged for ‘Evil Twin’ WiFi attack on plane - Bleeping Computer.Suno - make a song about anything.The AI Fix podcast - hosted by Graham Cluley and Mark Stockley.Putty Pals - Nintendo Switch.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at...
Julian Assange, inside a DDoS attack, and deepfake traumas
Jun 26 2024
Julian Assange, inside a DDoS attack, and deepfake traumas
Wikileaks's Julian Assange is a free man, deepfakes cause trouble in the playground, and we hear hot takes about ransomware and tales from inside a devastating denial-of-service attack.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Eleanor Dallaway.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Julian Assange lands in Australia a free man - BBC News.Smashing Security episode 245: The Julian Assange assassination plot, and IoT toilets.Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks - Yahoo News.Surprise! WikiLeaks won’t just hand over details of zero-day vulnerabilities to tech firms - Graham Cluley.Tubthumping (Q3 2021 Issue) - Infosecurity Magazine.Infosecurity Magazine suffering ‘significant’ DDoS attack - Cybernews.Infosecurity Magazine is Back Online! - Infosecurity Magazine.YouTube now lets you report AI deepfakes of yourself - MSN.Two private schools face police probe over claims pupils used AI to 'create deepfake porn images of up to a dozen girls' - Daily Mail. We're calling on the next government to protect women and girls from image-based abuse - Glamour Magazine. Deepfakes as a Security Issue: Why Gender Matters - WiisGlobal.AI poses disproportionate risks to women - Brookings.'Violating and dehumanising': How AI deepfakes are being used to target women - Euronews.Snapshot Paper - Deepfakes and Audiovisual...
An unhealthy data dump, railway surveillance, and a cheater sues Apple
Jun 19 2024
An unhealthy data dump, railway surveillance, and a cheater sues Apple
There's a wee data breach with unhealthy implications in Scotland, privacy has gone off the rails in the UK, and a cheater blames Apple for his expensive divorce.All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter of the "Compromising Positions" podcast.Plus don't miss our featured interview with Abhishek Agrawal, CEO of Material Security.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Cyber attacks update - NHS Dumfries & Galloway.J Paul Getty - Wikipedia.Cyber expert urges against 'panic' over NHS data leak - BBC News.“Don’t panic” - Corporal Jones from Dad’s Army - YouTube.All households in Scottish region to get alert about hackers publishing stolen medical data - The Record.Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers - Wired.Man ludicrously blames Apple for his wife catching him communicating with prostitutes - Apple Insider.Businessman sues Apple after wife finds ‘deleted’ iPhone messages to prostitute - LBC.‘Tech made me do it’ is no excuse for adultery - The Times.Is it DNS?“My name is Barbra” - Amazon.”I'm Glad My Mom Died” by Jennette McCurdy - Simon & Schuster.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Material Security – email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.SUPPORT...
iOS 18 for cheaters, and a model cop extortionist?
Jun 12 2024
iOS 18 for cheaters, and a model cop extortionist?
Apple announces a new privacy feature in iOS that will allow you to hide and lock away your apps - but will it be philanderers who benefit the most? And an ex-police officer is arrested for extortion.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Graham’s video thanking people for voting for “Smashing Security” - Twitter.iOS 18 makes iPhone more personal, capable, and intelligent than ever - Apple.Apple's new iOS 18 feature is being called 'a cheater's paradise' - Daily Mail.2 Accused In Internet Extortion Scheme Against Boss - Patch.District Attorney: Ex-police officer turned model among duo arrested in Orange County - Westchester News.Former N.Y. cop, internet model Ally Thueson arrested for extortion - NY Daily News. Extortion - FindLaw.Smile politely, nod awkwardly: greeting people you barely know - University Times.How to pass people in hallway without awkwardness? - Reddit.How Long Should a Great Kiss Last? - Psychology Today.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management - Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or
Crashing robo-taxis, and name-dropping rappers
Jun 5 2024
Crashing robo-taxis, and name-dropping rappers
Drones, some coloured cardboard, and a piece of tinfoil may be all the kit you need to crash a robot-driven taxi, and a rapper is accused of using Justin Bieber's name to defraud a TV company.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Riding Baidu's self-driving robo-taxi - YouTube.Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving - Research paper.Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard - The Register.Gang of Hackers Tries to Steal Baidu’s Driverless Car Secrets - Bloomberg.Rapper Sean Kingston agrees to return to Florida, where he and mother are charged with $1M in fraud - AP News.Sean Kingston Extradited From California to Florida in Fraud and Theft Case - Entertainment Tonight.Rapper Sean Kingston, his mother arrested on fraud charges after SWAT raid at his Southwest Ranches home - Sun Sentinel.What is fraudulent use of personal identification information? - Pumphrey Law.Google’s AI really is that stupid, feeds people answers from The Onion - AV Club.Some of Google’s “best” AI search results - Twitter.Google Rolls Back A.I. Search Feature After Flubs and Flaws - NY Times.Sure, Google’s AI overviews could be useful – if you like eating rocks - The Guardian.Citymapper.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
Microsoft’s Recall controversy, and the North Korean insider threat
May 29 2024
Microsoft’s Recall controversy, and the North Korean insider threat
Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Microsoft's new Windows 11 Recall is a privacy nightmare - Bleeping Computer.Statement in response to Microsoft Recall feature - ICO.Arizona woman charged in North Korean IT worker scheme that raised millions - CNN.Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea - US Department of Justice.New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers - FTC website.Who’s who in scams: a spring roundup - FTC.Udio.Geoff's Labyrinth ext v2 - Graham’s AI song about Geoff White’s book “Rinsed”.“Nuclear War” by Annie Jacobsen - Amazon.The Patient - Disney+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Kiteworks – Step into the future of secure managed file transfer with Kiteworks.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become
iPhone undeleted photos, and stealing Scarlett Johansson’s voice
May 22 2024
iPhone undeleted photos, and stealing Scarlett Johansson’s voice
iPhone photos come back from the dead! Scarlett Johansson sounds upset about GPT-4o, and there's a cockup involving celebrity fakes.All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes.Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale.The worst sales promotion in history - The Hustle.Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media.UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security.£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley.Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired.OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. How the voices for ChatGPT were chosen - OpenAI.As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News.What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times.Scarlett Johansson’s Statement About Her Interactions With Sam Altman - The New York Times.Kin TV series - Wikipedia.Portal connecting Dublin and New York 'reawakens' under new restrictions after 'inappropriate behaviour' - Sky News.How to cook the perfect chicken rendang – recipe - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:
The fake deepfake, and Estate insecurity
May 15 2024
The fake deepfake, and Estate insecurity
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter's cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers' one-time-passcodes via a secretive online service.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts - TechCrunch.Cheerleader's mom created deepfake videos to allegedly harass her daughter's rivals - ABC News.Bucks County mom doctored videos to harass girls on daughter's cheerleading sqaud, prosecutors say - Philly Voice.Spone v. Reiss, Civil Action 23-0147 - Casetext.Mother 'used deepfake to frame cheerleading rivals' - BBC News.She was accused of faking an incriminating video of teenage cheerleaders. She was arrested, outcast and condemned. The problem? Nothing was fake after all - The Guardian.Parkrun - Wikipedia.Parkrun UK.Oxfordshire Artweeks 2024 - Artweeks homepage. Carole’s art website - carole.wtfSmashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a...
Unmasking LockBitsupp, company extortion, and a Tinder fraudster
May 8 2024
Unmasking LockBitsupp, company extortion, and a Tinder fraudster
The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster stole £80,000 from women he met on Tinder.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company - US Department of Justice.United States vs Vincent Cannady (PDF) - US Department of Justice.LockBit leader unmasked and sanctioned - NCA.Romance fraudster defrauded women of £80,000 - BBC News.15 of the Most Trustworthy Accents in the UK Revealed - Country Living.Omoton phone car mount - Omoton.Stories are weapons by Annalee Newitz - WW Norton.All the Beauty in the World: A Museum Guard's Adventures in Life, Loss and Art by Patrick Bringley - Penguin.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or...
The closed loop conundrum, default passwords, and Baby Reindeer
May 1 2024
The closed loop conundrum, default passwords, and Baby Reindeer
The UK Government takes aim at IoT devices shipping with weak or default passwords, a man spends two years incarcerated after being mistaken for the person who stole his identity, and are you au fait with the latest scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:New laws to protect consumers from cyber criminals come into force in the UK - UK Government.Mirai - Wikipedia.Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.5 scams you need to know about in 2024 - Which? News.How fraudsters are getting fake articles onto Facebook - BBC News.Five Scams To Beware In 2024 - Forbes Advisor UK.Eerie ‘breathing’ mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun.How to spot fraud - UK Government.Etymology Monday: David Crystal on the word ‘gaggle’ - Literary Minded.Moon - Wikipedia.Baby Reindeer - Netflix.Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Sonrai’s Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
Keeping the lights on after a ransomware attack
Apr 24 2024
Keeping the lights on after a ransomware attack
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:When a breach goes from 25 documents to 1.3 terabytes… - Graham Cluley.Leicester street lights stuck on all day due to cyber attack - Leicester Mercury.Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned - Washington Post.AI deepfakes threaten to upend global elections. No one can stop them - Washington Post.Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today.Why Elections Take So Long in India - The New York Times.How A.I. Tools Could Change India’s Elections  - The New York Times.Bollywood deepfakes fuel AI election meddling fears in India - GG2.World Explained: How India's politicians are using AI to reach voters in the world’s most populous country - The Scotsman.12 Angry Men - Wikipedia.VIA Rail.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Sonrai's Cloud Permissions Firewall - A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your...
Gary Barlow, and a scam turns deadly
Apr 17 2024
Gary Barlow, and a scam turns deadly
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Animal Crossing with Garry Kasparov - Smashing Security.Gary Barlow - Wikipedia.I was catfished by a fake Gary Barlow on Facebook - Daily Mail.Video shows Clark County man charged with murder confront Uber driver - Springfield News.Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail.Boxfit classes - Better.Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and
WhatsApp at Westminster, unhealthy AI, and Drew Barrymore
Apr 10 2024
WhatsApp at Westminster, unhealthy AI, and Drew Barrymore
MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff - Politico.How I was targeted in the Westminster honeytrap - BBC News.The Westminster honeytrap plotter tried to catch me too - The Times.How Westminster WhatsApp ‘honey trapper’ targeted party conference season - Politico.William Wragg quits Commons roles over Westminster honeytrap - BBC News.A new prescription - The Economist.Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register.‘The Drew Barrymore Show’ Targeted by Fraudsters in Celebrity Scamming Effort  - Yahoo! News.‘Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety.Guy Fieri Calls Drew Barrymore “Gangster” For Talking With Her “Mouth Full Of Food” On ‘The Drew Barrymore Show’ - Decider. Beware The Fake Drew Barrymore Le Creuset Cookware Giveaway Scam - Malware Tips.Carmen - Royal Opera House.Mandy - BBC iPlayer.Anita de Monte Laughs Last - Bloomsbury.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step
Money-making bots, and Incognito isn’t private
Apr 3 2024
Money-making bots, and Incognito isn’t private
Google says it is deleting your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot - 404.Biden Bans Rival Nations From Buying Sensitive US Data - Good Luck - Wired.6 practical reasons to use Incognito mode in your browser - USA Today.Brown v. Google LLC Settlement Agreement - DocumentCloud.Google agrees to settle $5bn lawsuit claiming it secretly tracked users - The Guardian.Chrome updates Incognito warning to admit Google tracks users in “private” mode - Ars Technica.Google changes wording for Incognito browsing in Chrome - Malwarebytes.The Incognito Mode Myth Has Fully Unraveled - Wired.Google Agrees to Delete ‘Incognito’ Browsing Data to Settle Class-Action Lawsuit - TIME.Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver - Graham Cluley.Concorde - Lego.Cover song: samsung dryer no. 2 - YouTube.Play Drums on Samsung Washing Machine Song - YouTube.With samsung washing machine violinist  - YouTube.Samsung Washing Machine Song with Piano [Franz Schubert's "Die Forelle"] - YouTube.Duet for harp and dryer - YouTube.
Hacking hotels, Google’s AI goof, and cyberflashing
Mar 27 2024
Hacking hotels, Google’s AI goof, and cyberflashing
Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Unsaflok - Security vulnerabilities in Saflok hotel locks.3 million doors open to uninvited guests in keycard exploit - The Register.Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - Wired.Google's new AI search results promotes sites pushing malware, scams - Bleeping Computer.Man who sent nude picture to teenage girl is jailed under new cyberflashing laws  - The Independent.Cyber-flashing convict is first to be jailed under new law - BBC News.What to do if you’re a victim of cyber flashing and how to report it - Metro.The first cyberflasher has been convicted: meet the woman who made it happen - Yahoo!What is cyber flashing? 'Banter' – or a sinister breach of consent - UK News.Love Island star sent unsolicited pictures online calls for tougher cyber laws - Bristol Live.Secret Agent Shenanigans: 13 Weird Spy Weapons And Gadgets - Stay Weird.Baldur’s Gate 3.Merlin Bird ID - Conell Labs.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Kolide
Bing pop-up wars, and the British Library ransomware scandal
Mar 20 2024
Bing pop-up wars, and the British Library ransomware scandal
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Search engine market share - Oberlo.A compilation of Bing ads - YouTube.With Edge, Microsoft’s forced Windows updates just sank to a new low - The Verge.Microsoft fixes Edge browser bug that was stealing Chrome tabs and data - The Verge.Is this Microsoft Bing Popup Malware? - Reddit.Microsoft confirms Bing pop-up ads in Chrome on Windows 11 & Windows 10 - Windows Latest.‘A 22-carat disaster’: what next for British Library staff and users after data theft? - The Guardian.LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review - British Library.The Disturbing Impact of the Cyberattack at the British Library - The New Yorker.Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them? - The Guardian.Have we literally broken the English language? - The Guardian.According to the dictionary, "literally" now also means "figuratively" - Salon.Good Morning, Monster: A Therapist Shares Five Heroic Stories of Emotional Recovery - Amazon.Good Morning, Monster - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and...
Stuck streaming sticks, TikTok conspiracies, and spying cars
Mar 13 2024
Stuck streaming sticks, TikTok conspiracies, and spying cars
Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security episode 317 - Includes a discussion of which came first - Battle Bots or Robot Wars?“Disgraceful”: Messy ToS update allegedly locks Roku devices until users give in - Ars Technica.Dispute resolution terms - Roku.Enshittification - Wikipedia.Craig Shergold - Wikipedia.“Why TikTok Is Becoming A Conspiracy Playground” - YouTube.Dave Bittner’s AI-generated image of Graham Cluley - Twitter.Graham’s AI-generated video about pig butchering - Twitter.Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies - New York Times.Drivers concerned as automakers share driving data with insurance companies - NewsByte.Carmakers are sharing driving habits with insurance companies, unbeknownst to owners - TechSpot.Google Arts & Culture.WELI - Kangaroo Time (Club Edit) (From Dance Your PhD 2024 - OVERALL WINNER) - YouTube.Dance Your Ph.D. - Wikipedia.Animal DNA Run - CrazyGames.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money....
Ransomware fraud, pharmacy chaos, and suicide
Mar 6 2024
Ransomware fraud, pharmacy chaos, and suicide
Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mogilevich claims it has breached Epic Games - Twitter.Fraudster’s fake data breach claims should remind media to be carefu what we report - DataBreaches.net.Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender.US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters.Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired.Vastaamo data breach - Wikipedia.The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security – Sophos.Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle.Prosecutors call for maximum penalty over Vastaamo hacking - Helsinki Times.Self-pay gas station pumps break across NZ as software can’t handle Leap Day - Ars Technica.Citrix, Sophos software impacted by 2024 leap year bugs - Bleeping Computer.Resident Alien trailer - YouTube.
Wireless charging woe, AI romance apps, and ransomware revisited
Feb 28 2024
Wireless charging woe, AI romance apps, and ransomware revisited
Your smartphone may be toast - if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger - ArXiv.FBI offers free decryption help for LockBit ransomware victims - Paul Ducklin.LockBitsupp unmasked!!? Graham’s reaction to the FBI and NCA’s LockBit ransomware revelation - YouTube.Dating Statistics And Facts In 2024 – Forbes Health.Romantic AI Chatbots Don't Have Your Privacy at Heart - Mozilla Privacy Not Included.Promptsmart.Solving a celestial mystery: the Sun, Earth and Moon model - Museum of Natural History, Oxford.Lotus Bud.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market todayKolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon,...