ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Plus don't miss our featured interview with David Ahn of Centripetal.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 8 new top-level domains for dads, grads and techies - Google.
• Tweet by Citizen Lab’s John Scott-Railton - Twitter.
• File Archiver in the browser - mr.d0x.
• A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.
• Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.
• Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.
• Two boys killed in Cardiff crash which was followed by riot are named - Sky News.
• Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.
• Black Butterflies - Netflix.
• Black Butterflies trailer - YouTube.
• “The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.
• Science Vs - Gimlet Media Podcast.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud...

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Man convicted of blackmail and other offences - SEROCU.
• EU hits Meta with record €1.2B privacy fine - Politico.
• Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.
• iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.
• Fraudster pleads guilty to £100m iSpoof scam - BBC News.
• 300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security.
• "John Was Trying to Contact Aliens" - Netflix.
• Sleep mask - Amazon.
• Blackout blind with suction cups - Amazon.
• Jewish Matchmaking - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Vote for "Smashing Security" in the European Security Blogger Awards.
• Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.
• Fraud Strategy: stopping scams and protecting the public - UK Gov.
• Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.
• Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.
• How Many People Use Social Media in 2023? - Oberlo.
• Scam social media quizzes dupes people into revealing personal details - ITV News.
• Where are you most likely to be scammed: phone, text or social media? - This is Money.
• Major bank calls out Meta for huge rise in scams on its platforms -  This is Money.
• The Legend of Zelda: Tears of the Kingdom - Nintendo.
• ScanSnap SV600 - Fujitsu.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Outpost24 – Understand your shadow IT risk with a free attack surface analysis.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden.

Plus don't miss our featured interview with Outpost24's John Stock.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Introducing Twitter Circle, a new way to Tweet to a smaller crowd - Twitter.
• Twitter Circles Is Broken, Revealing Nudes Not Meant For The General Public - Buzzfeed News.
• Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout - The Register.
• What is Hostile or Warlike?:  An in-depth look at the Merck war exclusion decision and its shortfalls - Kennedys Law.
• Eurovision voting scandal: Six juries cheated and voted for each other - EuroVision World.
• Eurovision: MP seeks assurances contest voting will be protected from Russian threats - Sky News.
• Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week - Daily Mail.
• Cyber security experts hope to protect Eurovision voting from possible Russian threat - ITV News.
• The technology of the Eurovision Song Contest - Technology and Engineering.
• Cyber security experts hope to protect Eurovision voting from possible Russian threat - Eurovision News.
• Eurovision voting scandal: Six juries cheated and voted for each other - Eurovision News.
• Eurovision 2023: Tickets for Liverpool sell out after huge demand - BBC News.
• Eurovision 2023: Hotel...

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Hackers steal emails, private messages from hookup websites - TechCrunch.
• Scam Interceptors - BBC.
• ‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammers - The Guardian.
• Did BBC break the law by using a botnet to send spam? - Naked Security.
• How a horse whisperer can help engineers build better robots - Science Daily.
• How Scientists Are Using AI to Talk to Animals - Scientific American.
• “I don’t know”, sung by 76-year-old Paul McCartney - YouTube.
• “I don’t know”, sung by AI Paul McCartney - YouTube.
• AI makes Paul McCartney’s voice youthful - The Daily Beatle.
• “New”, sung by the AI Beatles - YouTube.
• AI Freddie Mercury sings “Yesterday” - YouTube.
• The Evaporated - Campside Media.
• Tetris - Apple TV+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Outpost24 - Understand your shadow IT risk with a free attack surface analysis.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on

A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats - Graham Cluley.
• Lizard Squad Member: Why I Took Down Xbox and PlayStation - Sky News on YouTube.
• Hacker Charged With Extorting Online Psychotherapy Service - Krebs on Security.
• Finland’s Most-Wanted Hacker Nabbed in France - Krebs on Security.
• Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.
• Hackers can find your home on Strava even if you use privacy settings, researchers find - Yahoo Sports.
• Iron Bianca hashtag on TikTok - TIkTok.
• Investigators warn of fake suicide scams on social media platforms - MSN News.
• How did Iron Bianca die? Tribute Pours In As Tiktok Star Passed Away - PBK News.
• Spill-the-Tea-007 TikTok Channel - TikTok.
• Mike Bolhius Private Investigator - Mike Bolhius homepage.
• Paint trailer - YouTube.
• Bob Ross: Happy Accidents, Betrayal & Greed - Netflix.
• Star Trek: Picard - Paramount Plus.
• The Diplomat - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure...

Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

(Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!)

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Countering Threats Posed by the Chinese Government Inside the US - Speech by the FBI’s Christopher Wray.
• Criminals Pose as Chinese Authorities to Target US-based Chinese Community - FBI.
• FBI: How fake Xi cops prey on Chinese nationals in the US - The Register.
• Special Report: Tesla workers shared sensitive images recorded by customer cars - Reuters.
• 303: Secret Roomba snaps, Christmas cab scams, and the future of AI - Smashing Security.
• Lawsuit: Tesla must be punished for “tasteless” sharing of car-camera images - Ars Technica.
• Customer Privacy Notice - Tesla.
• Tesla hit with class action lawsuit over alleged privacy intrusion - Reuters.
• Tesla About Autopilot - Tesla.
• “Wet Nellie” - Wikipedia.
• Device Orchestra - YouTube.
• “Smoke on the Water”, as performed by Device Orchestra - YouTube.
• “Eye of the Tiger”, as performed by Device Orchestra - YouTube.
• Cabin Camera - Tesla.
• Colin from Accounts - Amazon Prime.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust....

Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Uber driver info stolen yet again: This time from law firm - The Register.
• Letter from law firm Genova Burns to impacted Uber drivers (PDF)
• Tweet by FBI Denver - Twitter.
• FBI warns against using public phone charging stations - CNBC.
• 'Juice Jacking': The Dangers of Public USB Charging Stations - FCC.
• Stop! Don’t charge your phone this way - Seattle Times.
• This Seemingly Normal Lightning Cable Will Leak Everything You Type - Vice.
• Cybersecurity Myths You Might Still Believe – Debunked! - CXO Today.
• China to require 'security assessment' for new AI products - France24.
• Cybercrime: be careful what you tell your chatbot helper…- The Guardian.
• 12 Jobs that AI will never replace - In Hunt World.
• ChatGPT Fabricates Sexual Harassment Scandal, Names Real US Law Professor As Accused - Republic World.
• Insurable cyberattacks? - Caveat podcast.
• UBI board game - Board Game Geek.
• The Eye, The Pyramid, The Map: The Psychogeography of ‘The World According to Ubi’ - We Are The Mutants.
• They Finally Let Me Into Abbey Road Studios! - Rick Beato, YouTube.

An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• These Men's Rights Activists Literally Worship Elon Musk - Buzzfeed News.
• Florida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed' - WESH.
• Florida principal resigns after sending $100K to scammer posing as Elon Musk - NY Post.
• Afroman - Will You Help Me Repair My Door - YouTube.
• Official Music Video for Because I Got High performed by Afroman - YouTube. 
• Police sue rapper Afroman for using footage of home raid in his music videos - The Guardian.
• Afroman Complaint - Adams County Court.
• Afroman Got Raided by Cops, So He Put Them in His Music Video - Vice.
• Afroman - Wikipedia.
• Afroman sued by seven officers who raided his home - NME.
• Afroman Isn’t Worried About a Police Lawsuit Over His Music Videos - Rolling Stone.
• Afroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!! - TMZ.
• Afroman I'm Missin' $400 In Cash After Raid... Thinks Cops Swiped It - TMZ.
• Atlas Obscura.
• Oak Beams, New College Oxford - Atlas Obscura. 
• BeyerDynamic DT 770 PRO Headphones - BeyerDynamic. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password...

A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Tweet by Euler Finance confirming security breach - Twitter.
• Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk.
• Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian.
• Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk.
• President Biden kind of mostly bans commercial spyware from US govt - The Register.
• Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times.
•  Utah’s social media for kids law could be coming to a state near you - Vox.
• Utah Governor Spencer Cox signs a landmark social media bill - YouTube.
• RRR - Netflix.
• RRR trailer - YouTube.
• RRR Naatu Naatu dance scene - YouTube.
• Best films of 2022 in the UK, No 7: RRR - The Guardian.
• He Died with a Felafel in His Hand - Wikipedia.
• Swarm - Amazon Prime.
• Night of the Lepus - Wikipedia.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security.
• Google Pixel exploit reverses edited parts of screenshots - The Verge.
• Tweet by researcher Simon Aarons - Twitter.
• aCropalypse demo.
• Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors.
• Android phones can be hacked just by someone knowing your phone number - Graham Cluley.
• BBC advises staff to delete TikTok from work phones - BBC News.
• TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News.
• TikTok banned from official Welsh government phones - BBC News.
• Danish public broadcaster advises staff against using TikTok - BBC News.
• Canada bans TikTok on government devices - BBC News.
• European Commission bans TikTok on staff devices - BBC News.
• New bill would ban TikTok in the US but it faces long odds - BBC News.
• A Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless' - Entrepreneur.
• Retired Colorado teacher left homeless and broke after scammers hijack house sale - MSN.
• Homebuyers scammed out of nearly $200,000 - YouTube.
• Stolen life savings Vickie and Sarah Ragle - Go Fund Me.

The twisted tale of the two Teslas, and a deepfake sandwich.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News.
• A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone.
• Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag.
• Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN.
• Spot the Deepfake - Microsoft.
• Sholay trailer - YouTube.
• Sholay: Review of the monumental Indian epic - YouTube.
• Rent or buy Sholay - YouTube Movies.
• Jazz Pianist Brad Mehldau Plays The Beatles - NPR.
• Brad Mehldau - Brad Mehldau website.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via

Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

Plus don’t miss our featured interview with Jason Meller of Kolide.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC.
• Canada grandma helps stop fraud scheme targeting senior citizens - BBC News.
• A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal.
• Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN.
• Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR.
• 9 millionaires and billionaires with the most bizarre spending habits - Business Insider.
• Phishing still the leading way attackers breach security controls: IBM - IT World Canada.
• New White House cyber strategy picks a fight with ransomware - AXIOS. 
• Happy Valley - BBC.
• My 80s TV.
• Everything Everywhere All at Once - IMDB.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business.  As a...

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Wiretapping Italian police tune in to hear their secrets being sold - The Times.
• Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.
• Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.
• Protests grow in Italy over the wiretapping of journalists - Independent.
• How I Broke Into a Bank Account With an AI-Generated Voice - Vice.
• TikTok under investigation by Canadian privacy authorities - BBC.
• The UN's cyber crime treaty could be a privacy disaster - IT Pro.
• TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.
• “Check It Out” episode about nuclear war from July 1980 - YouTube.
• The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.
• Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.
• Fleishman is in Trouble - Disney+
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your...

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Testing Meta Verified to Help Creators Establish Their Presence - Meta.
• As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.
• A pre-match message from Will Ferrell - QPR Twitter account.
• BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.
• Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.
• ‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.
• Replika homepage - Replika.
• Click and Drag - xkcd.
• 1110: Click and Drag - Explain xkcd.
• xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”
• Only Murders in the Building - Disney Plus.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!
• SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice.
• AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice.
• Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice.
• ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice.
• My Strange Day With Bing’s New AI Chatbot - Wired.
• We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company.
• How social media affects teen mental health: a missing link - Nature.
• California bill to let parents sue social media gets second try - Bloomberg.
• How to protect children from big tech companies - Wall Street Journal.
• Three out of four parents say social media is a major distraction for students, according to new study - Phys.org.
• Remarks of President Joe Biden – State of the Union address as prepared for delivery - The White House.
• Why the past 10 years of American life have been uniquely stupid - The Atlantic.
• Now Mesa public schools are also declaring that they have failed in educating their children by suing social media - Techdirt.
• Seattle school...

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Plus don't miss our featured interview with SecurEnvoy's Chris Martin.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.
• SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now.

Episode links:

• Ubiquiti tells customers to change passwords after security breach - ZD Net.
• “No way out” trailer - YouTube.
• Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica.
• Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender.
• Final Thoughts on Ubiquiti - Krebs on Security.
• Former Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For Ransom - Department of Justice.
• Dutch Police Read Messages of Encrypted Messenger 'Exclu' - Vice.
• Shock and applause for Apple Watch's chilling real-life emergency call ad - Campaign Live. 
• 911 call made from Apple Watch of Washington woman buried alive released - Yahoo! News.
• Apple Watch

Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Artis Pabriks.
• ‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World.
• 'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News.
• Amazon Warns Employees to Beware of ChatGPT - Gizmodo. 
• ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. 
• ChatGPT raises red flags by acing MBA exam.
• ChatGPT passes exams from law and business schools - CNN. 
• I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. 
• Real estate agents say they can’t imagine working without ChatGPT now - CNN. 
• Science journals ban listing of ChatGPT as co-author on papers - The Guardian. 
• Blakes 7 Bot - an automated bot that posts lines of dialogue from Blakes 7.
• Yarn - Find video clips by quotes.
• The New Gurus Podcast - BBC Sounds. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for....

What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.

Episode links:

• The Complete Idiot's Guide to Writing Erotic Romance - Amazon.
• The Many Ingenious Ways People in Prison Use (Forbidden) Cell Phone - The Marshall Project.
• How Did They Run an Elaborate “Sextortion” Scam From Prison? Cellphones - The Marshall Project.
• Alarm Over Death Row Cell Phone Threats - CBS News.
• How to completely own an airline in 3 easy steps - Maia arson crimew.
• U.S. airline accidentally exposes ‘No Fly List’ on unsecured server - Daily Dot.
• Cyber-crime gangs' earnings slide as victims refuse to pay - BBC. 
• Ransomware Revenue Down As More Victims Refuse to Pay - ChainAnalysis.
• Leaked Ransomware Docs Show Conti Helping Putin From the Shadows - Wired. 
• Luxe Listings Sydney trailer - YouTube.
• Luxe Listing Sydney - Wikipedia.

Carole is in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information.

Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Operation Protect the Innocent - LA Police Department.
• A Police App Exposed Secret Details About Raids and Suspects - Wired.
• ODIN Intelligence website is defaced as hackers claim breach - TechCrunch.
• Norton LifeLock says thousands of customer accounts breached - TechCrunch.
• Ugh! Norton LifeLock password manager accounts accessed by hackers - Graham Cluley.
• Reports: Twitter’s sudden third-party client lockouts were intentional - Ars Technica.
• Spring app - Twitter.
• Spring app - Mac App Store.
• Mona app - Mastodon.
• Tulsa King trailer - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• DigiCert - DigiCert's Trust Lifecycle Manager sets a new bar for unified management of digital trust.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via

Someone called OxShagger thinks he has come up with the perfect Valentine's surprise for Oxford students, but is the way he has gone about "bookworms with benefits" really a good idea? Robot security guards are trundling the streets of - you guessed it - America. And a writer of paranormal bully romances (no, we don't know what that means either) returns from the grave...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden - Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 - A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• NordLayer - NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.

Episode links:

• Dating site for horny Oxford students slammed for privacy violations - Cherwell.
• OxShag will not be running this term as creator says they ‘made some poor choices’ - The Oxford Tab.
• Dysfunctional: OxShag to shut down amid controversy - Cherwell.
• Oxford University dating website for staff and students shut down after ‘huge data breach’ - The Times.
• CES 2023 Robots: Humanoid Helpers, Coding Pups and Farming Planters - CNet.
• One of America's most hated companies hired a security robot. It didn't go well - ZDNet.
• Robot security downtown getting lots of attention, KHON2 News - YouTube.
• 4 New Contracts for 8 Machines to Kick Off New Year at Knightscope -...

Beware your Roomba's roving eye, the Finns warn of AI threats around the corner, and watch out when hailing a taxi cab in Dublin...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? - MIT Technology Review.
• Building Smart Robots Requires Responsible Development - Roomba CEO Colin Angle on LinkedIn.
• OpenAI predicts biz can break a billion in revs by 2024 - The Register.
• The security threat of AI-enabled cyberattacks (PDF) - The Finnish Transport and Communications Agency, Traficom.
• Ireland Christmas weather ‘roller-coaster’ amid new ‘Beast from the East’ threat - Irish Mirror.
• Christmas revellers warned about sophisticated taxi scam as €300,000 is stolen from victims - MSN. 
• Taxi cab scam has cleaned out €300,000 from bank accounts of victims - Irish Independent. 
• “La Cabina” - YouTube.
• “Last and First Men” by Olaf Stapledon - Wikipedia.
• ”The other side of night” by Adam Hamdy - Pan MacMillan Press. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Dec 21, 2022

Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus - don't miss our featured interview with Rico Acosta, IT manager at Bitwarden.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Smashing Security 229: Dating leaks, right to repair, and a stinky bishop - Smashing Security.
• Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall - The Register.
• Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickers - NCA.
• What does the Lensa AI app do with my self-portraits and why has it gone viral? - The Guardian. 
• Lensa, the AI portrait app, has soared in popularity. But many artists question the ethics of AI art - NBC News.
• I Uploaded Photos of Myself to the New Lensa A.I. Portrait Generator. The Results Were Stunning, Strange… and Super Creepy - Artnet.
• People keep sharing their AI-generated portraits: What to know about Lensa, and why some push back on it - USA Today.
• How Is Everyone Making Those A.I. Selfies? - New York Times. 
• Lensa AI: Security concerns regarding app behind colourful selfies on social media - The National News.
•  ‘Magic Avatar’ App Lensa Generated Nudes From My Childhood Photos - Wired. 
• Celebrities Are Obsessed With This Amazing New AI Portrait App - Hello Giggles. 
• This AI Self-Portrait App is Taking Over the Internet - Medium.
• Wednesday Shows Off Her Moves - YouTube.

An AI chatbot is causing a stir - both impressing and terrifying users in equal measure. A security researcher discovers that a "smart" cam that doesn't use the internet is err.. using the internet. And university students revolt over under-the-belt surveillance.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• While anticipation builds for GPT-4, OpenAI quietly releases GPT-3.5 - TechCrunch.
• OpenAI upgrades GPT-3, stunning with rhyming poetry and lyrics - Ars Technica.
• GPT-3.5 finds a security vulnerability - Twitter.
• Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - YouTube.
• OpenAI's new ChatGPT bot: 10 dangerous things it's capable of - Bleeping Computer.
• What GPT-3.5 really thinks about us humans - Twitter.
• We asked GPT-3.5 to write a story about the “Smashing Security” hosts - Twitter.
• GPT-Chat - OpenAI.
• Researcher Paul Moore questions Eufy about its privacy - Twitter.
• Eufy’s “local storage” cameras can be streamed from anywhere, unencrypted - Ars Technica.
• Eufy privacy statement - Eufy.
• ‘NO’: Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them - Vice. 
• Max Von Himmel Twitter Feed - Twitter. 
• It’s Not Science, Just Surveillance (and it's Under Your Desk) - TWC newsletter. 
• Northeastern University - Northeastern University homepage. 
• Dec 07, 2022

Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems).

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original show co-host Vanja Švajcer.

What an amazing 6 years of bickering it has been… thanks to all of you who have tuned in, appeared on the show, or supported us! 🙏

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Smashing Security #001: “One cup, two hotel guests” - YouTube.
• Whoopi Goldberg Quitting Twitter: “As Of Tonight I’m Done” - Deadline.
• Stephen Fry Joins Celebrity Twitter Exodus, Says “Goodbye” With Scrabble Message - Deadline.
• Twitter Users Warned Not To Delete Their Accounts - Here’s Why - Forbes
• How to deactivate your account - Twitter.
• InterPlanetary File System - Wikipedia.
• Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns - Cisco Talos.
• Decentralized IPFS networks forming the 'hotbed of phishing' - The Register.
• UK police arrest 120 in largest-ever cyber fraud crackdown - Computer Weekly. 
• Grote spoofingdienst uit de lucht gehaald door internationale samenwerking - Politie.nl.
• Received a text from the Metropolitan Police about iSpoof? - Cel solicitors.
• iSpoof' service dismantled, main operator and 145 users arrested - Bleeping Computer.
• iSpoof: What is iSpoof and how did police take down scam call site linked to 200,000 victims? - The Scotman.
• Listen to the...

Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes of AMTSO.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Larry David promotes FTX in Superbowl ad - YouTube.
• Crypto giant FTX collapses into bankruptcy - BBC News.
• FTX's new CEO: "Never in my career have I seen such a complete failure" - CBS News.
• Tom Brady, Giselle Bündchen, Larry David & Steph Curry Caught In FTX Crypto Fallout With Class Action Suit - Deadline.
• Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 milion - Reuters.
• Tweet showing Sam Bankman-Fried deepfake scam - Twitter.
• FTX Founder Deepfake Offers Refund to Victims in Verified Twitter Account Scam - Vice.
• Crypto.com CEO admits company accidentally sent 320,000 ETH ($416 million) to another crypto exchange a few weeks prior - Web3 is going great.
• Sandia studies vulnerabilities of electric vehicle charging infrastructure - Sandia Labs.
• Review of Electric Vehicle Charger Cybersecurity Vulnerabilities, Potential Impacts, and Defenses - MDPI.
• Shocker: EV charging infrastructure is seriously insecure - The Register.
• Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device - Microsoft.
• Gaming for everyone, everywhere: our view on the Activision Blizzard acquisition - Microsoft.
• Nov 23, 2022

Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Plus don't miss our featured interview with Pentera's Shakel Ahmed talking about automating continuous cyber defence validation.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Graham offers Dave Bittner some advice on “Welcome Datacomp”... in 1995! - Usenet.
• Elon Musk apologises to users for Twitter being slow - Twitter.
• Former Twitter employee doesn’t think Elon Musk knows what he’s talking about - Twitter.
• Eric Frohnhoefer says Elon Musk is wrong - Twitter.
• Twitter engineer calls out Elon Musk for technical BS in unusual career move - The Register.
• Elon Musk says that he is turning off microservices “bloatware” - Twitter.
• Twitter’s SMS Two-Factor Authentication Is Melting Down - Wired.
• Elon only trusts Elon - Platformer.
• Elon’s paranoid purge - Platformer.
• Google to pay nearly $400 million over deceptive location tracking practices - The Record.
• Follow Smashing Security on Mastodon.
• South Bay Man Pleads Guilty to Participating in a Multimillion-Dollar Real Estate Scam Involving Fake Open Houses at Not-for-Sale Homes - Justice.gov.
• A South Bay man accepted hundreds of offers from open houses. But the homes weren’t for sale - LA Times. 
• The typing of the Regex.
• Fesshole - Twitter.
• If Books Could Kill -...

Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a guest this week.

Warning: This podcast may contain nuts, adult themes, some snorting, and rude language.

Episode links:

• Mastodon: What you need to know for your security and privacy - Graham Cluley.
• Follow Graham Cluley on Mastodon.
• Hushpuppi: Notorious Nigerian fraudster jailed for 11 years in US - BBC. 
• Influencer involved in $1.1 million Qatar school financing scam jailed - Alarabiya. 
• Influencer ‘Ray Hushpuppi’ jailed over plan to launder $300m - The Guardian. 
• Hushpuppi’s wife, Imams write judge as US court sentences fraudster today - Premium Times.
• Living trailer - YouTube.
• Kleo - Netflix. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a

Twitter has a new chief twit in the form of Elon Musk and he's causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Warning: This podcast may contain nuts, adult themes, dolphin noises, and rude language.

Episode links:

• Twitter employees are sleeping on the office floor to meet Elon Musk’s deadlines - The Verge.
• Elon Musk shows what being Chief Twit is all about across weird weekend - The Register.
• Pranksters pretending to be laid-off Twitter employees leave San Francisco HQ - YouTube.
• Twitter Limits Content-Enforcement Work as US Election Looms - Bloomberg.
• Twitter’s Yoel Roth comments on the firm’s trust and safety staff having their access to moderation and enforcement tools frozen - Twitter. 
• Paul Pelosi Conspiracy Theory Trends on Twitter After Elon Musk Pushes It - Rolling Stone.
• Yoel Roth describes how Twitter will warn users of misleading information - Twitter.
• Yoel Roth describes “surge in hateful conduct on Twitter” - Twitter.
• The Demise of Digg: How an Online Giant Lost Control of the Digital Crowd - Harvard.
• Follow Graham on Mastodon.
• How tech is helping us talk to animals - Vox.
• “The Sounds of Life: How Digital Technology Is Bringing Us Closer to the Worlds of Animals and Plants” - Book by Karen Bakker.
• Project CETI - The Cetacean Translation Initiative. Not to be mixed-up with Project SETI.
• The Dark Side Of VR - The Intercept. 

What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails?  And what the flip is nano-targeting?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by fan favourite Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

No contortionists were hurt during the making of this episode.

Episode links:

• Memorandum of sentencing of Bryan Wilson - United States District Court Western District Court of Kentucky at Louisville.
• Accurint for Law Enforcement - LexisNexis.
• LexisNexis illegally collected and sold people's personal data, lawsuit alleges - CBS News.
• Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos - Bitdefender.
• Congress should consider enhancing protections around scores used to rank consumers (PDF) - Government Accountability Office. 
• Online Shoppers Beware: Scammers Most Likely to Impersonate DHL - Check Point.
• Why Am I Seeing That Political Ad? Check Your ‘Trump Resistance’ Score  - New York Times.
• I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too - New York Times.
• Mixed Idioms.
• Apollo Remastered.
• Cosmic Background.
• Death of an Artist - Pushkin podcasts.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted

Someone's election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by runZero's Chris Kitsch.

Plus don't miss our featured interview with Akamai's Patrick Sullivan talking about how retailers can better thwart bots this holiday season.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The rundown on becoming runZero: What I learned rebranding a company - Chris Kirsch on the runZero blog.
• Tweet by Melissa Shusterman - Twitter.
• Apple AirTag Used To Find Over 100 Stolen Democratic Campaign Signs, Police Say - Forbes.
• Wie eine russische Firma ungestört Deutschland hackt - ZDF Magazin Royale on YouTube.
• German cybersecurity chief investigated over Russia ties - AP News.
• German cybersecurity chief sacked following reports of Russia ties - The Guardian. 
• Fraudster swindled Virgin Trains out of £116,000 in 'sophisticated' scam - MSN. 
• Virgin Trains worker, 37, swindled rail firm out of £116,000 in 'delay and repay' compensation scam by photoshopping tickets to exploit flaw in system - Daily Mail. 
• Train delays:How to claim if it's late or cancelled - Money Saving Expert.
• How many trains arrive on time - Gov.uk.
• Employee swindled Virgin Trains out of £116,000 in delay and repay compensation scam - Birmingham Mail. 
• Fat Bear Week 2022.
• ‘Fat Bear Week’ Hit By Voter-Fraud Attempt - Rolling Stone.
• PimEyes - Face search engine.

A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit scams.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo again this week.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC.
• Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter.
• Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian.
• Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News.
• Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian.
• ZÈRTZ game.
• ZÈRTZ - Wikipedia.
• GIPF project - Wikipedia.
• The Capture - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release...

Has new UK prime minister Liz Truss been careless with her mobile phone, and hear the most extraordinary story of corporate cyberstalking.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody for reasons that will become obvious.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths - Bitdefender.
• Two Former eBay Executives Sentenced to Prison for Cyberstalking - US Department of Justice.
• Jonathan Pie: Welcome to Britain. Everything is Terrible -  NYT Opinion.
• UK Supermarket’s Loans-for-Groceries Offer Attracts Huge Take Up - Bloomberg.
• Liz Truss' mobile number is being sold online for £6.49 - Daily Mail.
• How to Cook a Soft Boiled Egg Perfectly Every Time - YouTube.
• 11 Best Twitter Bots to Follow to Boost Productivity - Gadgetshouse.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Akamai - Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a

Anti-porn "shameware" apps take a privacy pounding, is your image already being used by AI, and deepfake danger continues to deepen.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps - WIRED.
• Covenant Eyes.
• Sick and tired of trying to quit porn? You’re not alone - Covenant Eyes promotional video.
• Fortify.
• AI Is Probably Using Your Images and It's Not Easy to Opt Out - Vice.
• ISIS Executions and Non-Consensual Porn Are Powering AI Art - Vice.
• Have I been trained?
• The Deepfake Danger: When It Wasn’t You On That Zoom Call - CSO Online.
• Deepfake Audio Has A Tell – Researchers Use Fluid Dynamics To Spot Artificial Imposter Voices - The Conversation. 
• Deephy: On Deepfake Phylogeny - Cornell University.
• On The Horizon: Interactive And Compositional Deepfakes - Microsoft. 
• Detect DeepFakes: How to counteract misinformation created by AI - MIT University. 
• New Deepfake Threats Loom, Says Microsoft’s Chief Science Officer - Venture Beat.
• The Joy of Sets - BBC Archive.
• Steam Deck.
• Am I Being Unreasonable? - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends

Researchers reveal how your eyeglasses could be leaking secrets when you're on video conferencing calls, we take a look at the recent data breaches involving Uber and Grand Theft Auto 6, and we cast an eye at what threats may be around the corner...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Plus - don't miss our featured interview with Sal Aurigemma, the faculty director of the Master of Science in Cyber Security program at the University of Tulsa.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• “Iain Exotic”, Iain Thomson’s dress-up homage to Joe Exotic, the Tiger King - Twitter.
• “Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing” - Research paper by Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, and Kevin Fu.
• “We saved you a seat in chat” - Rather large text on the Twitch website.
• Stalker zoomed in on Japanese idol’s eyes to find out where she lived - Graham Cluley.
• Uber is looking for more security staff - Twitter.
• Uber explains how it was pwned this month, points finger at Lapsus$ gang - The Register.
• Uber’s hacker *irritated* his way into its network, stole internal documents - Graham Cluley.
• Security update - Uber.
• Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist - The Register.
• Cybersecurity Awareness Month - CISA. 
• The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats - ZDNet.
• U.S. Government Spending Billions on Cybersecurity - Hacker News.
• The Mitchells vs The Machines trailer - YouTube.
• The Mitchells vs The Machines - Netflix.

How could your inkjet printer finally help you make some money, why is it so hard to share our health data even if we want to, and what result do you want to see from the Elon Musk vs Twitter bunfight?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rory Cellan-Jones.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Dynamic Cartridge Security - disable please - Angry customers complain on HP support forum.
• Update now! Many HP printers affected by three critical security vulnerabilities - MalwareBytes.
• HP will pay customers for blocking non-HP ink cartridges in EU - Bleeping Computer.
• HP and Euroconsumers settle on Dynamic Security - Euroconsumers.
• Ink cartridges are a scam - YouTube.
• Why printer ink is so expensive - Insider.
• Trying to print something - YouTube.
• UK Biobank - why won't GPs share data? - Rory’s Always On Newsletter.
• Another data sharing fiasco - Rory's Always On Newsletter.
• Tweet by Kate Bingham - Twitter.
• The Twitter Whistleblower Needs You to Trust Him - Time.
• Twitter denies whistleblower payout violates Musk’s takeover deal - MSN.
• Elon Musk earns a split decision in Delaware court - The New York Times.
• Twitter’s whistleblower has pitched up at a very inconvenient moment - The Guardian.
• Damning claims about Twitter’s bots...

Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ‘The least safe day’: rollout of gun-detecting AI scanners in schools has been a ‘cluster,’ emails show - Motherboard.
• Gun detection AI the latest tech to make schools less safe - TechDirt.
• The unproven, invasive surveillance technology schools are using to monitor students - ProPublica. 
• NYC Mayor considering a subway security system that can’t differentiate between a laptop and a handgun - Motherboard.
• Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire - Brian Krebs.
• USA vs Patrick McGovern-Allen (PDF) - Court Listener.
• Reports of romance scams hit record highs in 2021 - FTC.
• Meeting you was a fake: Investigating the increase in romance fraud during COVID-19 - Academic Research.
• This dating app fought scammers with bots… hilarity ensued - TechCrunch.
• She was 69. He Was Young, Hunky,,, and a Fraud - The Daily Beast.
• Gladbeck: The Hostage Crisis trailer  – YouTube.
• Watch Gladbeck: The Hostage Crisis - Netflix.
• The Ocean Cleanup.
• We flooded our dating app with bots… to scam scammers  -...

We're back from our summer break as we ask how did a cryptomining campaign stay unspotted for years, quiz special guest and infosec rockstar Mikko Hyppönen about his book, and ponder what spiders teach us about misinformation.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The 20 Funniest Finnish Expressions (and How To Use Them) - Matador Network.
• Sophos punts anti-virus for Klingon - The Register.
• Helsinki named Klingon-speaking capital of the world – Naked Security.
• Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications - Check Point Research.
• If It's Smart It's Vulnerable - Book by Mikko Hyppönen.
• Psychological inoculation improves resilience against misinformation on social media -Science Advances.
• Let’s flatten the infodemic curve - WHO.
• The global spread of misinformation on spiders - Current Biology.
• A Journey Into Misinformation on Social Media - The New York Times.
• Google Looks to Vaccination to Combat Misinformation In Searches - The New York Times.
• Spiders Are Caught in a Global Web of Misinformation - The New York Times.
• The rock-paper-scissors/tortilla wrap game.
• DEF CON: The Documentary.
• Smashing Security Painting competition – Carole.wtf.
• Open Exhibition, Summer 2022 - Oxford Art Society.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Pornhub has a problem, the UK's Co-op supermarket is accused of big brother tactics, and we take a look at a security researcher's attempt to reveal the true identify of hackers.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• On security researcher's newsletter, exposing cybercriminals behind ransomware — CyberScoop.
• ‘Imma Make U Dig Ur Own Grave’: He Doxes Ransomware Hackers and Gets Death Threats in Return — Vice.
• Intrusion Truth - Five Years of Naming and Shaming China’s Spies — Kim Zetter.
• Who Is 'Intrusion Truth,' Group Exposing Alleged Chinese Hackers? — Daily Dot.
• The Leopards Eating People's Faces Party meme — Know Your Meme.
• Tweet by Bill Ackman.
• Judge Refuses Visa’s Request to Escape Pornhub-Related Lawsuit — The New York Times.
• How to Prevent and Handle Robberies and Theft in Retail — Vend Retail Blog.
• Abuse of shopworkers is on the rise – coronavirus brought it to our attention and now we need to act — The Conversation.
• ‘Tackling violence and abuse in retail must be one of the industry’s highest priorities’ — Retail Week.
• Convenience store spy cameras face legal challenge — BBC News.
• Looking back at the career of Bernard Cribbins — YouTube.
• Tribute to David Warner — YouTube.
• Webb Compare — John Christensen.
• Support Maria Varmazis on the Pan-Mass Challenge.

Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.

Plus don't miss our featured interview with Ian Farquhar of Gigamon.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• Uber Enters Non-Prosecution Agreement Related to 2016 Data Breach — US Department of Justice.
• Former Uber Security Chief Joe Sullivan Must Face Driver Fraud Charges — Bloomberg.
• Uber to pay $148 million in data breach settlement — TechCrunch.
• Uber paid hackers $100,000 to keep data breach quiet — Graham Cluley.
• Uber CISO's trial underscores the importance of truth, transparency, and trust — CSO Online.
• 7 cybersecurity tips for your summer vacation! — Naked Security.
• Sanas demo.
• Sanas Raises $32M for Breakthrough AI Technology for Real-Time Accent Translation — Sanas press release.
• This 6-Million-Dollar AI Changes Accents as You Speak — IEEE Spectrum.
• Call centre workers can use AI to mimic your accent on the phone — New Scientist.
• A little less accent, a little more customer service — ComputerWorld.
• What Is Accent Reduction? — Accent Advisor.
• Compound pejoratives on Reddit – from 'buttface' to 'wankpuffin' — Colin Morris.
• Melissa computer virus — Wikipedia.

In this special edition of the "Smashing Security" podcast, computer security veterans Graham Cluley and Carole Theriault welcome back author and journalist Jamie Bartlett - host of "The Missing CryptoQueen" podcast.

Jamie tells us about his new book, which shares more details about the disappearance of cryptocurrency scammer Dr Ruja Ignatova, and the subsequent hunt by law enforcement.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• The Missing CryptoQueen podcast — BBC.
• The Missing CryptoQueen book — Penguin.
• Missing Cryptoqueen: FBI adds Ruja Ignatova to top ten most wanted — BBC News.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
• Cyber Security Inside podcast -bringing you the most important and timely security topics as well as other industry experts for insightful conversations.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• Official Disneyland Instagram Account Hacked This Morning! — The Disney blog.
• Disneyland social media accounts hacked, offensive messages posted — Hot for Security.
• We Got the Phone the FBI Secretly Sold to Criminals — Vice.
• Parents Sue TikTok, Saying Children Died After Viewing ‘Blackout Challenge’ — The New York Times.
• Lawmakers Want Social Media Companies to Stop Getting Kids Hooked — Wired.
• How Social Media Tricks Us Into Thinking We Are Paying Attention — Forbes.
• Facebook could be sued for addicting children under California bill — Ars Technica.
• Kids Are Using Social Media More Than Ever, Study Finds — New York Times.
• 2021 Facebook leak — Wikipedia.
• California Parents Could Soon Sue for Social Media Addiction — Gizmodo.
• Absurd Trolley Problems.
• Weird or Confusing.
• Google Quick, Draw!
• Unfinished London — Jay Foreman on YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

A hacked university might have made a profit after paying a cryptocurrency ransom, China suffers possibly the biggest data breach in history, and Reuters investigates digital mercenaries.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• Dutch university paid $220,000 ransom to hackers after Christmas attack — Graham Cluley.
• Remarkable development in investigation into Maastricht University cyberattack — Maastricht University.
• Dutch University profits from returned ransomware payment — The Register.
• Favorable exchange rate on a fake cryptoexchange — Kaspersky.
• Tweet from @cz_binance about mega-leak.
• Vast Cache of Chinese Police Files Offered for Sale in Alleged Hack — Wall Street Journal.
• How mercenary hackers sway litigation battles — Reuters.
• Countering hack-for-hire groups — Google.
• The business of hackers-for-hire threat actors — TechRepublic.
• Fransdita Muafidin on Instagram.
• Giant Cats Disturbing Civilization — Geeks are sexy.
• Watch Good Luck to You, Leo Grande — Hulu.
• Good luck to you Leo Grande (Trailer) — YouTube.
• This is Love podcast.
• Cain's Jawbone — Wikipedia.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft's facial recognition tech no longer wants to know how you're feeling.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford from The Host Unknown podcast.

Plus don't miss our featured interview with Bitwarden founder and CTO Kyle Spearrin.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• LockBit 3.0 introduces the first ransomware bug bounty program — Bleeping Computer.
• Fake copyright infringement emails install LockBit ransomware — Bleeping Computer.
• Why US women are deleting their period tracking apps — The Guardian.
• Privacy not included — Mozilla Foundation.
• The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant — Vice.
• Microsoft is removing emotion recognition features from its facial recognition tech — NBC News.
• Top 10 Emotional AI Examples in 2022 & Reasons for Success — AI Multiple.
• Analysis of Speech Features for Emotion Detection: A Review — IEEE Xplore.
• Microsoft's framework for building AI systems responsibly — Microsoft.
• The Swedish chemist shop sketch — As performed by Mel Smith and Rowan Atkinson on Not the Nine O'Clock News.
• Alley Cat — Wikipedia.
• Play Alley Cat — Internet Archive.
• Alley Cat Remeow Edition — Game Jolt.
• reMarkable.
• SOLAR podcast.

Internet-connected jacuzzis find themselves in hot water, and a Google engineer claims that their AI has developed feelings.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Episode links:

• Hot Tub Time Machine trailer — YouTube.
• Hacking into the worldwide Jacuzzi SmartTub network — Eaton Works.
• SmartTub — Apple iOS App Store.
• SmartTub — Google Play store.
• Hot tub hack reveals washed-up security protection — BBC News.
• Google engineer Blake Lemoine thinks its LaMDA AI has come to life — The Washington Post.
• Google engineer put on leave after saying AI chatbot has become sentient — The Guardian.
• AI's most convincing conversations are not what they seem — The Register.
• Blake Lemoine's blog.
• Van Gogh Bristol Exhibition: The Immersive Experience.
• Van Gogh: The Immersive Experience — YouTube.
• The Inquiry — BBC World Service.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide - the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden - Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Drata - Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.

Support...

How did a saxophonist sneak sensitive information in and out of the Soviet Union? How might an Apple AirTag have led to murder? And isn't the world of cryptocurrency and blockchain doing just great?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Visit https://www.smashingsecurity.com/279 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all.
• 
  
• Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today.
• Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only...

Trouble brews with the Tim Hortons app, Mandiant gets in a tussle with a Russian ransomware gang, and should good faith security researchers be at risk of prosecution?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Visit https://www.smashingsecurity.com/278 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Geoff White.

Sponsored By:

• Snyk: Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.
• 
  
• Get started right now, with a free forever account, at snyk.co/smashing
• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source

Ransom acts of kindness are top of our mind, as we also explore how bad bots are hogging more and more of the internet's activity, and look at how deepfakes could be a good thing after all.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].

Visit https://www.smashingsecurity.com/277 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Ray [REDACTED].

Sponsored By:

• Bitwarden: A password manager is an important tool for generating and saving secure credentials for every online account. Bitwarden makes it easy to stay secure and for businesses to share logins with team members and departments. Open source with published 3rd party security audits, Bitwarden is transparent and secure, utilizing end-to-end and zero knowledge encryption with source code that can be scrutinized by all.
• 
  
• Learn how Bitwarden can help you do business faster and more securely at bitwarden.com/smashing and start a free business plan trial today.
• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.

Support Smashing Security

Links:

• Popcorn Time ransomware invites you to get ‘nasty’ to recover your files — Graham Cluley.

A browser extension bug let malicious websites spy on webcams, hackers threaten the global food supply chain, and Michael Fish (not that one...) hacked into his female classmates' online accounts, hunting for nude photos and videos.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Visit https://www.smashingsecurity.com/276 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mark Stockley.

Sponsored By:

• GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.
• 
  
• Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.
• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.
• Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems.
• 
  
• It can even tell you which machines are missing endpoint protection, from your local network to the cloud.
• 
  
• Sign up

A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up to?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dr Jessica Barker.

Plus don't miss our featured interview with Rumble's Chris Kirsch.

Visit https://www.smashingsecurity.com/275 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Chris Kirsch and Jessica Barker.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.
• 
  
• Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.
• Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems.
• 
  
• It can even tell you which machines are missing endpoint protection, from your local network to the cloud.
• 
  

Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

And don't miss our featured interview with Artur Kane of GoodAccess.

Visit https://www.smashingsecurity.com/274 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Artur Kane.

Sponsored By:

• GoodAccess: GoodAccess - Free Business Cloud VPN for up to 100 Users.
• 
  
• Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.
• Rumble: Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems.
• 
  
• It can even tell you which machines are missing endpoint protection, from your local network to the cloud.
• 
  
• Sign up for a free trial and build your asset inventory in minutes. Get your trial at rumble.run
• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card...

We find out why calls to Dublin airport's noise complaints line have soared, and Carole quizzes Graham to celebrate World Password Day.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

And don't miss our special featured interview with Clint Dovholuk of NetFoundry.

Visit https://www.smashingsecurity.com/273 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Clint Dovholuk.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.
• 
  
• Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.
• 
  
• No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.
• 
  
• Learn more and try it for yourself at netfoundry.io/smashingsecurity/

Support Smashing Security

Links:

Members of The Bored Ape Yacht Club get that sinking feeling, a face unwittingly launches hundreds of romance scams, and is an as-yet unseen Kim Kardashian sex tape a load of old Roblox?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the BBC's cyber correspondent Joe Tidy.

Visit https://www.smashingsecurity.com/272 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Joe Tidy.

Sponsored By:

• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.
• NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.
• 
  
• Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.
• 
  
• No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.
• 
  
• Learn more and try it for yourself at netfoundry.io/smashingsecurity/

Support Smashing Security

Links:

A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia... or has it?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Visit https://www.smashingsecurity.com/271 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dave Bittner.

Sponsored By:

• NetFoundry: NetFoundry's OpenZiti is an open source, free and easy way for the world to embed zero trust networking into anything.
• 
  
• Embed SDKs inside your app, tunnelers to run on all major operating systems, or deploy an Edge Router for any cloud.
• 
  
• No networking engineering skills required. No more pain of inbound ports, VPNs, complex firewall rules, public DNS, and more.
• 
  
• Learn more and try it for yourself at netfoundry.io/smashingsecurity/
• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.

Support Smashing Security

Links:

Pulchritudinous women with glossy long hair are targeting Israeli officials via Facebook - but why? Scammers have found a new way to gain access to your most sensitive information - but how? And armchair detectives are helping investigating cold cases involving DNA - but should they?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/270 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.
• 
  
• Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashing

Support Smashing Security

Links:

• How Barbie's body size would look in real life — Daily Mail.

There's monkey business involving cryptocurrency thieves and MailChimp, a stalker exploits his ex-partner's CCTV cameras, and what are the naughty words Amazon doesn't want its staff using?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.

Visit https://www.smashingsecurity.com/269 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Zoë Rose.

Sponsored By:

• Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.
• 
  
• Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashing
• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.

Support Smashing Security

Links:

• Trezor wallets hacked? Don’t be duped by phishing attack email — Graham Cluley.
• Tweet by Trezor.

Strange goings-on on LinkedIn, Ukraine publishes a list of alleged Russian FSB agents, and police in Pittsburgh investigate an odd report of an active shooter.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Visit https://www.smashingsecurity.com/268 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Geoff White.

Sponsored By:

• Keeper Security: Keeper Security’s enterprise password management platform locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization.
• 
  
• Sign up for a Keeper free trial for your organization today, and get a free 3-year personal plan, at keepersecurity.com/smashing
• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.

Support Smashing Security

Links:

• North Korea tests its ‘largest intercontinental ballistic missile’ — YouTube.
• LinkedIn Professional Community Policies — LinkedIn.

A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid being virtually kidnapped.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

Visit https://www.smashingsecurity.com/267 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Anna Brading.

Sponsored By:

• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.
• Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it too
• 
  
• Countless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process.
• 
  
• Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drata

Support...

Germany tells consumers to stop using Kaspersky anti-virus products, OSINT reveals a secret government department (with help from an Apple AirTag), and the UK says it's taking a hard line on cyberflashing.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Kirsch.

Visit https://www.smashingsecurity.com/266 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Chris Kirsch.

Sponsored By:

• Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it too
• 
  
• Countless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process.
• 
  
• Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drata
• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.

The most famous policeman in Nigeria is in hot water over his links to Hushpuppi, has your Amazon Echo been talking to itself, and can an AI girlfriend save your marriage?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus don't miss our featured interview with Jason Meller of Kolide.

Visit https://www.smashingsecurity.com/265 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Jason Meller.

Sponsored By:

• Drata: Is your organization finding it difficult to achieve compliance and scale its security posture? As G2’s highest rated cloud compliance software, Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR & HIPAA compliance and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata is also the only compliance automation platform with a private tenant database. That’s like having your cake and securing it too
• 
  
• Countless security professionals from companies including Notion, FullStory, & BambooHR have shared how crucial it has been to have Drata as a trusted partner in the compliance process.
• 
  
• Listeners of Smashing Security can get 10% off Drata and waived implementation fees at smashingsecurity.com/drata
• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.

Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.

Visit https://www.smashingsecurity.com/264 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Jessica Barker.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.

Support Smashing Security

Links:

• Three ways you can help the people of Ukraine from the UK — The Guardian.
• How You Can Help Ukraine — London City Hall.
• Ukrainian Astronomers Named a Star 'Putin Is a D**khead' — The Atlantic.
• Video of hacked EV charger — AutoEnterprise on Facebook.
• Explanation for EV charger outage — Rosseti on Facebook.

Ooh la la! Horreur Wi-Fi en France! Some folks have experienced the drawbacks of Web 3.0 as their NFTs are stolen, and should computers own the copyright over the art they produce?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

And don't miss our featured interview with Sean Herbert of baramundi.

Visit https://www.smashingsecurity.com/263 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Mark Stockley and Sean Herbert.

Sponsored By:

• Kolide: At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.
• 
  
• Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.
• 
  
• Try Kolide Free for 14 Days; no credit card required.
• baramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.
• 
  
• Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.
• 
  
• Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecurity

Support Smashing Security

Links:

How does Microsoft hope to defeat the macro terror? How is the UK Government trying to influence the public's opinion on end-to-end encryption? And what is MoviePass hoping to do with your eyeballs?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.

Visit https://www.smashingsecurity.com/262 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Thom Langford.

Sponsored By:

• Kolide: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• 
  
• Kolide is perfect for organizations that want to move beyond a traditional lock-down model and move to one where employees are educated about security and device management while fixing nuanced problems. We call this approach Honest Security.
• 
  
• You can try Kolide on an unlimited number of devices with all its features for free and without a credit card for 14 days.
• baramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.
• 
  
• Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.
• 
  
• Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecurity

Support Smashing Security

Links:

• Macros from the internet are blocked by default in...

Who's wearing the pyjamas while they take down North Korea's internet? Is it a case of cop or cosplay in Oregon? And what's to fear about the metaverse?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Visit https://www.smashingsecurity.com/261 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dave Bittner.

Sponsored By:

• 1Password: 1Password Families makes sharing passwords, logins, credit cards and more a (romantic) walk in the park. From now until February 28th, when you sign up for - or upgrade your individual account to - a 1Password Families membership, you’ll get $20 off the entire year!
• 
  
• Learn more at smashingsecurity.com/love1password
• baramundi: Optimize your IT processes with the baramundi Management Suite and make optimal use of resources by automating time-consuming routine tasks.
• 
  
• Stay in control and maximize your productivity by automating routine tasks. The Unified Endpoint Management Software can be installed and implemented quickly, is intuitive to use, has a modular structure and offers a high level of usability and transparency.
• 
  
• Try out the free 30-Day full version for yourself today at baramundi.com/smashingsecurity

Support Smashing Security

Links:

• Space Station Photos Show North Korea at Night, Cloaked in Darkness — National Geographic.
• North Korea Hacked Him. So He Took Down Its Internet — Wired.

Who's that new guy working at your company, and why don't you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/260 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: Secure online payments and grow your business with Brex and 1Password.
• 
  
• Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks.
• 
  
• 1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States.
• 
  
• Learn more at smashingsecurity.com/brex
• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and try it for free at...

Wordle - good or bad for the world? Whatever your opinion, at least someone wants to spoil players' fun. Meanwhile, we take a look at the threat mobile phones can pose to your mental health.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Visit https://www.smashingsecurity.com/259 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• 1Password: Secure online payments and grow your business with Brex and 1Password.
• 
  
• Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks.
• 
  
• 1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States.
• 
  
• Learn more at smashingsecurity.com/brex
• Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...
• 
  
• Listeners who mail in referencing Smashing Security get a 10% discount on their order!
• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes...

Carole's still on jury service, but the show must go on! We take a look at how some Tesla owners are at risk of having their expensive cars remotely hijacked, and why YouTubers are up in arms over NFTs.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Visit https://www.smashingsecurity.com/258 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and try it for free at uptycs.com
• 1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.
• 
  
• Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.
• 
  
• Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s...

Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors? Which pot contains an elephant? And why has Graham been listening to podcasts about pest control marketing?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Visit https://www.smashingsecurity.com/257 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and try it for free at uptycs.com
• 1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.
• 
  
• Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.
• 
  
• Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you

After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your sleeping girlfriend's facial recognition.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined by Mark Stockley for our last episode of the year!

Visit https://www.smashingsecurity.com/256 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mark Stockley.

Sponsored By:

• 1Password: The first annual 1Password “State of Access” benchmark study illuminates the grave dangers unwittingly posed by checked-out, apathetic employees — including security professionals.
• 
  
• Burned-out employees are 3 times more likely to say security rules and policies “aren’t worth the hassle,” and nearly half of burned-out security professionals say it’s unrealistic for companies to be aware of and manage all apps and devices that employees use.
• 
  
• Read the report and find out what you can do at 1password.com/resources.
• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and

"Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.

Visit https://www.smashingsecurity.com/255 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dinah Davis.

Sponsored By:

• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and try it for free at uptycs.com
• 1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure?
• 
  
• 100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.
• 
  
• That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.
• 
  
• Act fast! This deal is only...

Cryptocurrency traders suffer a hamster-related loss, beware of charity scammers this holiday season, and do you have the patience to sit through Peter Jackson's eight-hour Beatles documentary?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo this week.

Visit https://www.smashingsecurity.com/254 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
• 
  
• Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
• 
  
• Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
• 
  
• Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
• 
  
• Find out more and try it for free at uptycs.com
• 1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure?
• 
  
• 100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.
• 
  
• That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.
• 
  
• Act fast! This deal is only good

Heating systems are left vulnerable to attack in the high courts, cybercrime unicorns have become a reality (but what are they?), over 15 Terabytes of NFTs are made available for anyone to download ... and Carole reveals her Pick of the Year.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen.

Visit https://www.smashingsecurity.com/253 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mikko Hyppönen.

Sponsored By:

• Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...
• 
  
• Listeners who mail in referencing Smashing Security get a 10% discount on their order!
• Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.
• 
  
• Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform.
• 
  
• Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.
• 
  
• Learn more and request a demo at perimeter81.com
• 1Password: 1Password 8 for Windows has been reimagined to feel right at home on the world's most popular desktop operating system.
• 
  

Booking.com got hacked five years ago, and didn't tell its customers... but now we know who might have been behind it. Bossware rears its ugly head again in the workplace, spying on employees. And did you receive a warning email from the FBI?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the "Power Corrupts" podcast.

Plus we have a featured interview with Perimeter 81 co-founder and CEO Amit Bareket.

Visit https://www.smashingsecurity.com/252 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Amit Bareket and Brian Klaas.

Sponsored By:

• Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.
• 
  
• Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform.
• 
  
• Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.
• 
  
• Learn more and request a demo at perimeter81.com
• Qualys: Qualys was one of the first SaaS security companies, and delivers continuous, critical security intelligence via its Qualys Cloud Platform and integrated Cloud Apps.
• 
  
• Its powerful solutions empower organisations to streamline and consolidate their security and compliance solutions in a single platform and achieve greater business agility, better outcomes and substantial cost savings.
• 
  
• Qualys recently announced three new solutions designed to address today’s challenges faced by enterprises: Ransomware Risk Assessment, Cybersecurity Asset Management, and Zero Touch...

Fishing fanatics find themselves in deep water, Teslas go haywire after an update, and is there actually some good news about IoT?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ken Munro.

Visit https://www.smashingsecurity.com/251 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Ken Munro.

Sponsored By:

• 1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.
• 
  
• Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.
• 
  
• Work securely from home or in the office. 1Password allows secure access to logins and important resources anywhere you work.
• 
  
• Instantly deploy, grant and revoke access to shared vaults. You can securely add new team members and recover locked-out user accounts.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• Qualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.
• 
  
• Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career.
• 
  
• To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegas

A game about Squid Game pulls the rug from under cryptocurrency investors in what appears to be a scam, PayPal hackers use a devious trick to break into 2FA-protected accounts, and have you received a job offer that's too good to be true?

All this and much much more is discussed in this celebratory edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dr Jessica Barker.

Plus don't miss our featured interview with the CEO and president of Qualys, Sumedh Thakar.

Oh, and huge thanks to Darknet Diaries' Jack Rhysider, F-Secure's Mikko Hyppönen, The Cyberwire's Dave Bittner, and Host Unknown's Andrew Agnês, Thom Langford, and Javvad Malik for their special contributions to this episode.

Visit https://www.smashingsecurity.com/250 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Andrew Agnês, Dave Bittner, Jack Rhysider, Javvad Malik, Jessica Barker, Mikko Hyppönen, Sumedh Thakar, and Thom Langford.

Sponsored By:

• Qualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.
• 
  
• Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career.
• 
  
• To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegas
• 1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.
• 
  
• Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.
• 
  
• Nov 03, 2021

Ransomware attackers have got hurt feelings, what does Netflix know about you, and why are schoolkids stealing lavatory seats?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by 1Password's Matt Davey from the "Random but Memorable" podcast.

Visit https://www.smashingsecurity.com/249 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Matt Davey.

Sponsored By:

• Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...
• 
  
• Listeners who mail in referencing Smashing Security get a 10% discount on their order!
• 1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.
• 
  
• Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.
• 
  
• Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.
• 
  
• Visit 1Password University for free online security resources, made for everyone.

Support Smashing Security

Links:

A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place for facial recognition?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Visit https://www.smashingsecurity.com/248 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dave Bittner.

Sponsored By:

• 1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.
• 
  
• Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.
• 
  
• Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.
• 
  
• Visit 1Password University for free online security resources, made for everyone.

Support Smashing Security

Links:

• Missouri teachers’ Social Security numbers at risk on state agency’s website — St Louis Post-Despatch.
• Missouri governor vows criminal prosecution of reporter who found flaw in state website — Missouri Independent.

A married couple are accused of selling nuclear sub secrets, Facebook continues to make young lives a misery, and a school hacker lets loose one heck of a prank.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/247 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Maryland Nuclear Engineer and Spouse Arrested on Espionage-Related Charges — US Department of Justice.
• Couple charged with leaking US nuclear sub designs — The Register.
• Facebook will add new safety features, notably for teens, after whistleblower leak — CNBC.
• Unfollow Everything cease-and-desist letter from Facebook — Louis Barclay.
• IoT Hacking and Rickrolling My High School District — WhiteHoodHacker.
• Board Game Arena — Play board games online from your browser.
• Foundation — Official Trailer — YouTube.
• Foundation — Apple TV.

Facebook suffers a massive (and very public) failure, Britain announces plans for counter-attacking nation states in cyberspace, and there's a tragic story related to ransomware.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Kirsch.

And don't miss our featured interview with Attivo Network's Carolyn Crandall.

Visit https://www.smashingsecurity.com/246 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Carolyn Crandall and Chris Kirsch.

Sponsored By:

• 1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.
• 
  
• Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.
• 
  
• Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.
• 
  
• Visit 1Password University for free online security resources, made for everyone.
• Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.
• 
  
• Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.
• 
  
• Learn more and kick...

While Julian Assange was killing time in the Ecuador's embassy in London, the CIA were trying to dream up ways to kill him, and urine trouble if you put your trust in an IoT lavatory.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody at all.

Visit https://www.smashingsecurity.com/245 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com

Support Smashing Security

Links:

• Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks — Yahoo News.
• The seven-year itch: Assange's awkward stay in the embassy — The Guardian.
• Assange Held Legal Meetings in Ladies' Toilet Due to Paranoia: Report — Business Insider.

How much do you trust the people who work at your VPN provider? How are folks fighting facial recognition? And what on earth is Ray-Ban thinking getting into bed with Facebook?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Visit https://www.smashingsecurity.com/244 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mark Stockley.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com

Support Smashing Security

Links:

• Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government — Department of Justice.
• DarkMatter.
• Ex-NSA cyberspies reveal how they helped hack foes of UAE — Reuters.
• Daniel Gericke and ExpressVPN – Official Response — ExpressVPN.

A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Visit https://www.smashingsecurity.com/243 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Thom Langford.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.
• 
  
• Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.
• 
  
• Learn more and kick credential attacks to the curb, by visiting attivonetworks.com

Support...

ProtonMail finds itself in a privacy pickle, the big problem with Facebook's algorithmic amplification, and strange things are happening on Banksy's website.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Visit https://www.smashingsecurity.com/242 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dave Bittner.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.

Support Smashing Security

Links:

• ProtonMail logged IP address of French activist after order by Swiss authorities — TechCrunch.
• Important clarifications regarding arrest of climate...

How to find your match on the Bumble dating app, convicted criminals make money out of cryptocurrency, and there are concerns about data in Afghanistan.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/241 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team.
• 
  
• Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.
• 
  
• Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.
• Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.

Support Smashing Security

Links:

• Vulnerability in Bumble dating app reveals any user's exact location — Robert Heaton.
• How Tinder keeps your exact location (a bit) private — Robert Heaton.
• The Taliban Have Seized U.S. Military Biometrics Devices — The Intercept.

A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer.

All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC cybersecurity correspondent Joe Tidy.

Visit https://www.smashingsecurity.com/240 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Joe Tidy.

Sponsored By:

• 1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team.
• 
  
• Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.
• 
  
• Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.
• Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.
• 
  
• Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.
• 
  
• Learn more and kick credential attacks to the curb, by visiting attivonetworks.com

Support Smashing Security

Links:

• We Broke Into A Bunch...

The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes (who has a very controversial Pick of the Week...)

Visit https://www.smashingsecurity.com/239 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: John Hawes.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com

Support Smashing Security

Links:

• Thousands of Wikipedia Pages Vandalized With Giant Swastikas — Gizmodo.
• Video of Wikipedia defacement — Twitter.
• Scottish Wikipedia.
• Um, almost the entire Scots Wikipedia was written by someone with no idea of the language – 10,000s of articles — The Register.

Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.

Visit https://www.smashingsecurity.com/238 to check out this episode’s show notes and episode links.

We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Paul Ducklin.

Sponsored By:

• 1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team.
• 
  
• Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.
• 
  
• Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.
• Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.
• 
  
• Visit smashingsecurity.com/offsec to learn more!

Support Smashing Security

Links:

• DEF CON masks and vaccination FAQ.
• Hacking DEF CON 29 — Reznok.
• Tweet by Jeff Moss (Dark Tangent)...

Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a "Freedom Phone" be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.

Visit https://www.smashingsecurity.com/237 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Thom Langford.

Sponsored By:

• KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?
• 
  
• Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.
• 
  
• Plus, see how you stack up against your peers with the new phishing industry benchmarks.
• 
  
• Find out more at knowbe4.com/freetest
• Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.
• 
  
• Visit smashingsecurity.com/offsec to learn more!
• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless...

How did investigators ask a romance scammer out on a date, smart homes continue to play dumb, and is it time for social media sites to do more about racist football fans?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.

Visit https://www.smashingsecurity.com/236 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Zoe Kleinman.

Sponsored By:

• Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.
• 
  
• Visit smashingsecurity.com/offsec to learn more!
• Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.
• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try...

A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and author Chris Stokel-Walker.

Visit https://www.smashingsecurity.com/235 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Chris Stokel-Walker.

Sponsored By:

• Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.
• 1Password: Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers?
• 
  
• 1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (mis)management is the next big cybersecurity threat.
• 
  
• Learn more by reading the full report at 1password.com/resources
• KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?
• 
  
• Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.
• 
  
• Plus, see how you stack up against your peers with the new phishing industry benchmarks.
• 
  

Microsoft warns about a hacking gang that is far from cuddly, algorithms rather than managers are firing people, and our guest receives a surprising email from "Amazon"...

And you will NOT want to miss checking out a very special "Pick of the week"!

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Bisson.

Visit https://www.smashingsecurity.com/234 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: David Bisson.

Sponsored By:

• 1Password: Did you know that almost two thirds of all IT workers admit to reusing enterprise secrets between different projects, creating a potential gateway for attackers?
• 
  
• 1Password’s new research report, "Hiding in Plain Sight", reveals the breadth and depth of mismanaged business secrets like code, passwords, credentials, and keys, and that secrets (mis)management is the next big cybersecurity threat.
• 
  
• Learn more by reading the full report at 1password.com/resources

Support Smashing Security

Links:

• Cozy Bear — Wikipedia.
• Bears in the Midst: Intrusion Into the Democratic National Committee — Crowdstrike.
• Coronavirus: Russian cyber spies attempting to steal vaccine research from Britain, US and Canada — Sky News.
• New Nobelium activity — Microsoft Security Response Center.
• Smashing Security episode 214: "Lockdown love scams, SolarWinds, and a data deletion bungle."

We take a look at why Peloton is being accused of ransomware-like behaviour, how one man lost $250,000 in a romance scam, and how a chap called Weiner has found himself in a political pickle.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.

Plus we have a featured interview with KnowBe4 expert Roger Grimes. Don't miss it!

Visit https://www.smashingsecurity.com/233 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Andrew Agnês and Roger A Grimes.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• JumpCloud: JumpCloud’s Directory Platform makes it easier to solve today's IT challenges by unifying device and user management through a single pane of glass.
• 
  
• With JumpCloud securely managing your users and their devices, doing common things like onboarding and offboarding remote workers is easy.
• 
  
• Try JumpCloud for free today at smashingsecurity.com/jumpcloud and help your organization move to a modern, secure hybrid work model.
• Jun 23, 2021

Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/232 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• Deep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides and the like, and creates brand new files with just the good stuff (and none of the bad). It is a great way of handling brand new threats coming into organisations via the web, email or file sharing and can run alongside your existing anti-virus.
• 
  
• Threat Removal gives you the good stuff by delivering files that are 100% threat-free, fully functional and fully revisable.
• 
  
• Visit deep-secure.com/smashingsecurity for more information, and set up your free trial today.

Criminals are caught in a encrypted chat trap, should you trust Apple's repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

And don't miss our featured interview with Dr Simon Wiseman, the CTO of Deep Secure.

Visit https://www.smashingsecurity.com/231 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Dave Bittner and Simon Wiseman.

Sponsored By:

• KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?
• 
  
• Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.
• 
  
• Plus, see how you stack up against your peers with the new phishing industry benchmarks.
• 
  
• Find out more at knowbe4.com/freetest
• Deep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides and the like, and creates brand new files with just the good stuff (and none of the bad). It is a great way of handling brand new threats coming into organisations via the web, email or file sharing and can run alongside your existing anti-virus.
• 
  
• Threat Removal gives you the good stuff by delivering files that are 100% threat-free, fully functional and fully revisable.
• 
  
• Visit deep-secure.com/smashingsecurity for more information, and set up your free trial today.
• 1Password: Around 80% of business data breaches result from weak or...

The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by "Lola."

Visit https://www.smashingsecurity.com/230 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sponsored By:

• 1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.
• 
  
• 1Password makes the secure thing to do the easiest thing to do.
• 
  
• Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• JumpCloud: JumpCloud’s Directory Platform makes it easier to solve today's IT challenges by unifying device and user management through a single pane of glass.
• 
  
• With JumpCloud securely managing your users and their devices, doing common things like onboarding and offboarding remote workers is easy.
• 
  
• Try JumpCloud for free today at smashingsecurity.com/jumpcloud and help your organization move to a modern, secure hybrid work model.
• Deep Secure: Deep Secure Threat Removal takes incoming poisoned Word documents, boobytrapped PowerPoint slides...

A big cheese ends up in jail, a Japanese dating site spills the dirt after a hack, and we learn all about the right to repair.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Roberts from The Security Ledger.

Plus don't miss our featured interview with Javvad Malik from KnowBe4.

Visit https://www.smashingsecurity.com/229 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Javvad Malik and Paul F Roberts.

Sponsored By:

• KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack? Find out what percentage of your employees are at risk with KnowBe4's free phishing security test. Plus, see how you stack up against your peers with the new phishing industry benchmarks. Find out more at knowbe4.com/freetest
• OneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic. As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies. OneLogin's message? You're not alone. Attend their live event on Weds May 26, "Keeping the Mind Clear and the Company Secure" at smashingsecurity.com/oneloginiamokay
• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Cheese Is Addictive As Drug: Dairy Product Triggers Brain Region Linked To Addiction — Tech Times.

The Colonial Pipeline attack has shone light on the activities of the Darkside ransomware gang, we take a skeptical look at cryptocurrencies and the blockchain, and Eufy security cameras suffer an embarrassing security failure.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Rory Cellan-Jones.

Plus don't miss our featured interview with Vanessa Pegueros of OneLogin.

Visit https://www.smashingsecurity.com/228 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Rory Cellan-Jones and Vanessa Pegueros.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.
• Skiff: We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately?
• 
  
• Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even Skiff - can see what you've created.
• 
  
• Skiff is offering listeners of Smashing Security early access. Sign up now: skiff.org/smashing
• OneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic.
• 
  
• As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies.
• 
  

Facebook says it's sticking up for the little guys as it picks a fight with Apple, there are testing times on the trains, and Twitter takes a tip.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].

Visit https://www.smashingsecurity.com/227 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Ray [REDACTED].

Sponsored By:

• 1Password: Introduce your family to better online security and safer browsing habits with 1Password.
• 
  
• Share more than passwords — save logins, documents, credit cards, and more, accessible on all your devices.
• 
  
• Sharing is made simple. Keep personal logins private, and easily share access to what they need.
• 
  
• Recover 1Password access for family members so they never get locked out.
• 
  
• Find out more and try 1Password free for 14 days at 1Password.com
• OneLogin: According to the OneLogin IAMokay Mental Health Survey, more than 77% of technology leaders have said that their work-related stress increased due to the COVID-19 pandemic.
• 
  
• As a result, CISOs and IT executives have been under ever-increasing pressure - leading to deteriorating mental health, addiction issues, and even suicidal thoughts and tendencies.
• 
  
• OneLogin's message? You're not alone. Attend their live event on Weds May 26, "Keeping the Mind Clear and the Company Secure" at smashingsecurity.com/oneloginiamokay
• Skiff: We store more personal information on our devices than we do in our homes. Where do you go...

How did the SCAM cryptocurrency become a success? Why is Google allowing government rip-off ads to still appear on search results? And why on earth is everyone suddenly spending millions of dollars on NFTs?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David McClelland.

Visit https://www.smashingsecurity.com/226 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: David McClelland.

Sponsored By:

• Skiff: We store more personal information on our devices than we do in our homes. Where do you go online when you want to write or share something privately?
• 
  
• Skiff is the first collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators - no one else, not even Skiff - can see what you've created.
• 
  
• Skiff is offering listeners of Smashing Security early access. Sign up now: skiff.org/smashing
• KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?
• 
  
• Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.
• 
  
• Plus, see how you stack up against your peers with the new phishing industry benchmarks.
• 
  
• Find out more at knowbe4.com/freetest
• 1Password: Introduce your family to better online security and safer browsing habits with 1Password.
• 
  
• Share more than passwords — save logins, documents, credit cards, and more, accessible on all your...

Google loses its domain in Argentina, how do gripe sites make their dough, and has John Deere solved the cybersecurity problem?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Visit https://www.smashingsecurity.com/225 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mark Stockley.

Sponsored By:

• 1Password: The 1Password you know and love, now for all your company secrets
• 
  
• 1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed.
• 
  
• Visit 1password.com/secrets/ to learn more.

Support Smashing Security

Links:

• Smashing Security Christmas LIVE STREAM — Including Mark Stockley and his chickens.
• How a WhatsApp status loophole is aiding cyberstalkers — Traced.
• Google Argentina's domain name bought by man for £2 — BBC News.
• Hacker breaks into Google Palestine homepage in protest of Maps depiction — Firstpost.
• Google Security Rewards - 2015 Year in Review — Google Online Security Blog.
• Microsoft forgets to renew hotmail.co.uk domain — The Register.

Facebook has managed to do the seemingly impossible - and had a data breach about its handling of a data breach. Meanwhile, we chat to the host of the brand new podcast about North Korea's hackers targeting the rest of the world, and discuss if an intern can be trusted to monitor your security.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White of "The Lazarus Heist" podcast.

Plus! Don't miss our featured interview with Duo's Helen Patton.

Visit https://www.smashingsecurity.com/224 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Geoff White and Helen Patton.

Sponsored By:

• 1Password: The 1Password you know and love, now for all your company secrets
• 
  
• 1Password protects secrets like logins and credit cards. Secrets Automation protects secrets in your company infrastructure – like API tokens, application keys, and private certificates – and supplies them when and where they’re needed.
• 
  
• Visit 1password.com/secrets/ to learn more.
• Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.
• 
  
• Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.

Support Smashing Security

Links:

Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/223 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.
• Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.
• 
  
• Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.

Support Smashing Security

Links:

• Lessons of the SolarWinds hack — Article by Marcus Willett, IISS.
• Insurers defend covering ransomware payments — BBC News.
• Cyber insurance giant CNA hit by ransomware attack — Graham Cluley.
• FatFace pays out $2...

Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook's latest data fiasco, and some less-than-brilliant April Fool's tricks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.

Visit https://www.smashingsecurity.com/222 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Nina Schick.

Sponsored By:

• Duo: While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications - so you can stay focused on what you do best.
• 
  
• Proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.
• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Stolen Data of 533 Million Facebook Users Leaked Online — Business Insider.
• Mark Zuckerberg is on Signal — Dave Walker on Twitter.
• The Facebook Phone Numbers Are Now Searchable in Have I Been Pwned — Troy Hunt.
• Facebook isn’t...

FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house... virtually.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Visit https://www.smashingsecurity.com/221 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Thom Langford.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• FatFace would like everyone to keep its data breach “strictly private and confidential” — Graham Cluley.
• Retailer FatFace pays $2m ransom to Conti cyber criminals — Computer Weekly.
• Streisand effect — Wikipedia.
• 'We have your porn collection': The rise of extortionware — BBC News.
• Mobikwik Data Breach: Data of 10 crore Mobikwik users for sale on dark web, say cybersecurity experts — The Economic Times.
• Mobikwik data breach said to be largest KYC leak, personal data of 3.5 million users up for sale on dark web — India Today.

PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London's police not happy about Sci Hub?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Alex Eckelberry.

Visit https://www.smashingsecurity.com/220 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Alex Eckelberry.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.
• Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.
• 
  
• Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.

Support Smashing Security

Links:

• Hackers cannot post Facebook comments on your behalf without you seeing it — AFP Fact Check.
• Does a Facebook Hack 'Hurt and Offend' Friends? — Snopes.
• Stop sending mail you later regret — Gmail blog.
• April Fools Check: Did Google Really Release Mail Goggles? — TechCrunch.

How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Yvonne Eskenzi.

Visit https://www.smashingsecurity.com/219 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Yvonne Eskenzi.

Sponsored By:

• CrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.
• Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.
• 
  
• Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
• 1Password: Check out 1Password's podcast "Random but Memorable" for lighthearted security advice and banter with hosts Matt, Anna, and Michael.
• 
  
• Listen to the "Random but Memorable" show in your favourite podcast app to hear the latest about security horror stories, data breaches, password hacking, and more.

Support Smashing Security

Links:

• Chris Farley makes an energetic entrance to the David Letterman show — YouTube.
• Cheer —

Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Visit https://www.smashingsecurity.com/218 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Dave Bittner.

Sponsored By:

• Sailpoint: SailPoint Identity Security can help you enable your business and manage the cyber risk associated with the explosion of technology access in the cloud enterprise – ensuring each worker has the right access to do their job – no more, no less.
• 
  
• Gain unmatched visibility and intelligence while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
• 1Password: Check out 1Password's podcast "Random but Memorable" for lighthearted security advice and banter with hosts Matt, Anna, and Michael.
• 
  
• Listen to the "Random but Memorable" show in your favourite podcast app to hear the latest about security horror stories, data breaches, password hacking, and more.

Support Smashing Security

Links:

• John McAfee 'disguised as Guatemalan street hawker with a limp' — The Telegraph.
• John McAfee Wanted for Murder — Gizmodo.
• John McAfee says he infected laptops with malware, spied and stole passwords from Belize officials — Naked...

Actor, presenter and writer Robert Llewellyn, famous for playing the part of Kryten in the science-fiction comedy "Red Dwarf," joins us as we discuss robots gone rogue, electric vehicle nightmares, and creepy companions.

All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Robert Llewellyn - famous for "Fully Charged," "Scrapheap Challenge," and as Kryten on "Red Dwarf."

Visit https://www.smashingsecurity.com/217 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Robert Llewellyn.

Sponsored By:

• 1Password: 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it.
• 
  
• Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household.
• 
  
• For more details visit www.1password.com/switch50

Support Smashing Security

Links:

• 'Drunk' robot vacuums spark complaints from owners — BBC News.
• Roomba S9+ weird behaviour on version 3.10.8 — Reddit.
• Time lapse video of i7+ attempting to return to clean base after 3.12.8 update — Reddit.
• Robot vacuum cleaners can eavesdrop on your conversations, researchers reveal — Bitdefender BOX blog.
• The Hidden...

World-chess-champion-turned-activist Garry Kasparov returns to the show as we discuss a romance scammer with plenty of time on his hands, the surge in sextortion, and how social media is being swamped with claims of fake snow.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Garry Kasparov.

Visit https://www.smashingsecurity.com/216 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Garry Kasparov.

Sponsored By:

• 1Password: 1Password offers seamless syncing across all your computers and mobile devices, so you can store and access unlimited passwords from anywhere at any time. Only you have the keys to decrypt your data and sensitive information – 1Password doesn’t know it, doesn’t share it, and doesn’t sell it.
• 
  
• Protect your whole family and get 50% off when you sign up for a 1Password Family account – make your home a 1Password household.
• 
  
• For more details visit www.1password.com/switch50

Support Smashing Security

Links:

• Dating apps scam committed by criminal from inside prison — BBC News.
• File on 4 - The Dangers of Dating Apps — BBC Sounds.
• Playboy Magazine, November 1989 — Including Garry Kasparov's interview and sexy photo shoot.
• Sextortion email scams — Avast.
• Has Fake Snow Been Falling on the US? — Snopes.
• TikTok Users Are Trying (and Failing) to Prove the Snow in Texas Is Fake — Daily Beast.

The FBI is hoping that its hunt for Capitol rioters will go viral, a cryptocurrency con lets its perpetrator live the high life... for a while, and just what does Facebook have against cows and a team of cricketers?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Zoe Kleinman.

Visit https://www.smashingsecurity.com/215 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Zoe Kleinman.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.
• Recorded Future: Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligence
• 
  
• They share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversaries
• 
  
• Whether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security Intelligence gives you a fresh take from a variety of industry experts

Support Smashing Security

Links:

• The FBI Wants You To Make These Photos Of Capitol Insurrectionists Go Viral — Huffington Post.
• Capitol Violence — FBI.
• Sedition Hunters.
• Boston Bombing: The Anatomy of a Misinformation Disaster — The...

Fingerprints and DNA records have been deleted from the UK's police database, the SolarWinds hack continues to wreak havoc and raise questions, and we have some advice for how to fall in love safely under lockdown...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Professor Alan Woodward.

Visit https://www.smashingsecurity.com/214 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Alan Woodward.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Police probes compromised after computer records deleted — BBC News.
• Home Office admits 15,000 people deleted from police records — The Guardian.
• Home Office admits 'coding error' wiped 15,000 police records — IT Pro.
• Boris Johnson adviser quits after being overruled on Priti Patel bullying report — The Guardian.
• UK's families put on fraud alert — BBC News.
• Security Advisory — SolarWinds.
• Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources — Reuters.
• A Second SolarWinds Hack Deepens Third-Party Software...

Mensa - the social club for people with high IQs - is accused of not being so smart about security, an Indian TV journalist gets an unbelievable job offer from Harvard, and we take a look at what's being going on with GameStop short selling.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Visit https://www.smashingsecurity.com/213 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Mark Stockley.

Sponsored By:

• Recorded Future: Recorded Future's podcast, Inside Security Intelligence, takes a deep dive into the world of cyber threat intelligence
• 
  
• They share stories from the trenches and the operations floor, giving you the lowdown on established and emerging adversaries
• 
  
• Whether it's the SolarWinds breach, 5G conspiracy theories, or Russian election interference, Inside Security Intelligence gives you a fresh take from a variety of industry experts
• CrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.
• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Two British Mensa directors quit over cyber security concerns — Financial Times.

Google warns security researchers that North Korean hackers are pretending to be their buddies, sensitive information connected to Coronavirus testing is available for sale in the Netherlands, and is a Peeping Tom at your home security provider spying on you through CCTV?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Visit https://www.smashingsecurity.com/212 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:

• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Illegale handel in privégegevens miljoenen Nederlanders uit coronasystemen GGD — RTL News.
• Video conference of EU Defence Ministers where a Dutch journalist gatecrashed the system — YouTube.
• John van den Heuvel — Wikipedia.
• Dutch COVID-19 patient data sold on the criminal underground — ZDNet.
• Smashing Security episode 175: Zoom deepfakes, Zardoz, and 'Rona tracing.
• Bonus: Smashing Security After Dark #2 - Zardoz commentary. — Smashing Security on Patreon.
• New campaign targeting security researchers — Google Threat Analysis Group (TAG).

Your privacy may be at risk if you're on Fleek, hackers not only steal COVID-19 vaccine data but then tamper with it to spread mistrust, and the Bitcoin bungles keep on coming...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ron Eddings from the Hacker Valley Studio podcast.

Visit https://www.smashingsecurity.com/211 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Ron Eddings.

Sponsored By:

• 1Password: 1Password for Families is the safest way to share logins, passwords, credit cards and other important information with the people who matter most. Use 1Password everywhere, from your Chromebook to your Apple Watch.
• 
  
• Until March 31, if you purchase a $50 gift card you’ll get $10 towards any YubiKey 5 Series by Yubico – the security key that provides strong two-factor authentication with a simple touch.
• 
  
• Find out more at https://1password.com/giftcards
• Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.
• 
  
• For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.
• 
  
• Get it now at smashingsecurity.com/recordedfuture

Support Smashing Security

Links:

• Report: X-Rated Social Media App Exposes Users in Massive Data Breach —...

Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

And don't miss our featured interview with CrowdSec's Philippe Humeau.

Visit https://www.smashingsecurity.com/210 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Dave Bittner and Philippe Humeau.

Sponsored By:

• CrowdSec: CrowdSec is open-source and crowd-powered software enabling you to detect and block attacks. While sharing with its user community, you contribute to improve its efficiency and make the internet safer.
• 1Password: With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now.

Support Smashing Security

Links:

• Smashing Security's Christmas live stream — YouTube.
• Smashing Security 199: A few tech cock-ups, and one cock lock-up.
• Taking a screwdriver to unlock your IoT sex toy is nuts — Graham Cluley.
• Zip tie guy Twitter thread.
• FBI Arrests Man Who Carried Zip Ties Into Capitol — The New York Times.
• SmartDot radiation-protection phone stickers 'have no effect' — BBC News.

Watch out for Santas wearing hoodies! A rogue employee takes down WebEx for thousands of people, and Apple forces apps to show a privacy health warning.

All this and much much more is discussed in the final episode of the "Smashing Security" podcast for 2020, with computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

And don't miss our special featured interview with Kroll's Mari DeGrazia.

Visit https://www.smashingsecurity.com/209 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Maria Varmazis and Mari DeGrazia.

Sponsored By:

• Kroll: Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security.
• 
  
• See how Responder works at smashingsecurity.com/kroll
• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.

Support Smashing Security

Links:

• Smashing Security Christmas Party live stream! — YouTube.
• Engineer admits he wiped 456 Cisco WebEx VMs from AWS after leaving the biz, derailed 16,000 Teams accounts — The...

Was hidden treasure found with help from a hack? What security lessons can be learnt from a controversial police raid in Florida? And are you ready for safer online get-togethers this Christmas?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

And don't miss our special featured interview with Mimecast's Max Linscott.

Visit https://www.smashingsecurity.com/208 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Anna Brading and Max Linscott.

Sponsored By:

• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
• CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.
• 
  
• Learn more and try it for yourself at culture.ai/smashing
• Mimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).
• 
  
• Grab your...

Fears are raised about cyber bioterrorists, there's a widespread blackout for IoT devices caused by a cloud cock-up, and what role do strippers play in a revamp of the United States's computer crime laws?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

And don't miss our featured interview with Steve Salinas of Deep Instinct, discussing ransomware.

Visit https://www.smashingsecurity.com/207 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: Mark Stockley and Steve Salinas.

Sponsored By:

• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
• CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.
• 
  
• Learn more and try it for yourself at culture.ai/smashing
• Deep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!
• 
  
• 
  
• Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be...

Author and broadcaster Tim Harford joins us as we discuss the merits of robotic canine security guards, deepfakes, and the curious tale of an art forgery.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

And don't miss our special featured interview with James Moore from CultureAI.

Visit https://www.smashingsecurity.com/206 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guests: James Moore and Tim Harford.

Sponsored By:

• CultureAI: CultureAI isn't just another security awareness training provider. It helps you measure and improve every end-user's cyber security behaviour, providing a management system for IT, Security and Awareness teams.
• 
  
• Learn more and try it for yourself at culture.ai/smashing
• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.

Support Smashing Security

Links:

• How To Make The World Add Up — Tim Harford.
• Computerized canines to join Team Tyndall — Tyndall Air Force Base.
• Computerized canines semi-autonomous robot dogs into their patrolling regimen to join Team Tyndall — YouTube.

Watch out for a whole different type of shoulder-surfing, researchers uncover the CostaRicto hackers-for-hire gang, and we take a peek at who is behind Parler.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Cochran from the Hacker Valley Studio podcast.

Visit https://www.smashingsecurity.com/205 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Chris Cochran.

Sponsored By:

• Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.
• 
  
• For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.
• 
  
• Get it now at smashingsecurity.com/recordedfuture
• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.

Support Smashing Security

Links:

• Hackers could now know what people type on Zoom video call by evaluating the shoulder...