We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault.

Then we time-hop to the post-quantum scramble: "harvest-now, decrypt later", Microsoft's 2033 quantum-safe pledge, and whether your printer will survive the update apocalypse.

All this, plus a gloriously dodgy URL “shadyfier,” and turning the iconic iMac G4 into a modern media hub.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Thom Langford.

EPISODE LINKS:

• DOM-based Extension Clickjacking: Your Password Manager Data at Risk - Marek Tóth.
• Major password managers can leak logins in clickjacking attacks - Bleeping Computer.
• Microsoft to Make All Products Quantum Safe by 2033 - Infosecurity Magazine.
• Shady URL.
• DockLite G4 - Juicy Crumb.
• I perfected the iMac G4 - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

In episode 431 of the "Smashing Security" podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills.

Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins.

And for something a little different, we peek into the Internet Archive’s dystopian Wayforward Machine and take a detour to Mary Shelley’s resting place in Bournemouth.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Allan "Ransomware Sommelier" Liska.

Episode links:

• Crypto Influencer Sentenced to Prison for Multi-Million Dollar “Cryptojacking” Scheme - US Department of Justice.
• Ransomware crews don't care about your endpoint security – they've already killed it - The Register.
• Way Forward Machine - The Internet Archive.
• Mary Shelley’s grave - Atlas Obscura.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Proton Drive - Protect your files with end-to-end encryption in Switzerland’s secure cloud — only on Proton Drive.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment, and somehow walks free... only to get booted back Down Under.

Plus: flow states, Bob Mortimer, and the joys of pretending to carry an owl around on a cushion.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Cheltenham Doughnut - Wikipedia.
• Summer placements - GCHQ.
• Spy school dropout: GCHQ intern jailed for swiping classified data - The Register.
• Former GCHQ intern jailed for taking top secret files home - Crown Prosecution Service.
• United States government says it will deport Australian hacker David Kee Crees  - ABC News.
• Australian national known as “DR32” sentenced in U.S. federal court  – DataBreaches.
• ICE takes steps to deport the Australian hacker known as “DR32” – DataBreaches.
• Aussie Travel Cover has hundreds of thousands of records stolen in hacking, policy holders not informed - ABC News.
• Australian cybercriminal to be deported from US - Information Age.
• Government sites hit by Aussie Travel Cover hacker - ZDNET.
• Abdilo, Australia-based computer hacker, live streams attack on US education sites - ABC News.
• Bob Mortimer's Pet Owl - YouTube.
• And Away… by Bob Mortimer - Simon & Schuster.
• Flow by Mihaly Csikszentmihaly -  HarperCollins.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare - Uncover the latest threats across the dark web and Telegram. Start your free trial today.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• SpyHide couldn’t hide forever - Maia arson crimew.
• Spyhide stalkerware is spying on tens of thousands of phones - ​TechCrunch.
• Coalition against Stalkerware.
• Use Google Play Protect to help keep your apps safe and your data private - Google.
• Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News.
• A Complete History of the Barbie Movie - Vanity Fair.
• 20 Things You Probably Didn't Know About Barbie - Readers Digest.
• Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek.
• How scammers are using ‘Barbie’ craze to steal personal information - The Hill.
• ‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter.
• Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee.
• History vs Hollywood.
• Weird: The Al Yankovic story - History vs Hollywood.
• The News Meeting - Tortoise podcasts.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• Hunters – A SOC platform, built to empower your security team to reduce risk, complexity and costs.
• Moonlock - The cybersecurity wing of MacPaw. Developers of CleanMyMac X antimalware tech, Moonlock Engine.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 90210 plastic surgeon Dr Gary Motykie.
• Dr Gary Motykie videos - YouTube.
• More plastic surgery patients have their nude photos and information leaked - DataBreaches.net.
• Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register.
• Hundreds of thousands of US military e-mails wind up in Mali - Le Monde.
• Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times.
• WormGPT: a generative AI tool to compromise business emails - CSO Online.
• WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext.
• “Who shat on the floor at my wedding?”
• Futurama - Wikipedia.
• Radiooooo.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• ClearVPN - Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The UK Covid-19 Inquiry.
• Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.
• Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.
• The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.
• Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.
• Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.
• Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.
• Musicless music video of Lionel Richie’s “Hello” - YouTube.
• Musicless music video of Rolling Stones performing live in 1964 - YouTube.
• Intrigue: Burning Sun - BBC podcast.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Russian commander shot dead after posting runs on Strava running app - Kyiv Post.
• Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News.
• How synthetic media, or deepfakes, could soon change our worldeing deepfake scam ad on Facebook - 60 Minutes on YouTube.
• Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer.
• Fears grow of deepfake ID scams following Progress hack - Ars Technica.
• “Deep Fake Neighbour Wars”: ITV’s comedy shows how AI can transform popular culture -The Conversation.
• ”My Old School” - BBC Scotland.
• ”My Old School” trailer - YouTube.
• MP doesn’t know whether she attended Downing St Party - YouTube.
• ”Non-Censored” with Rosie Holt podcast - Audioboom.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide - Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• Sysdig - Is your cloud secure? Not without runtime insights! Sysdig delivers the industry's ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) - powered by runtime insights - to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly?

Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny".

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Pornhub Is Being Accused of Illegal Data Collection - Wired.
• StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn.
• The Password Game - Neal.fun.
• The True Cost of a Free TV - Wired.
• Telly dual-screen TV first look: it’s free and may be the future - The Verge.
• Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger.
• How rampant abuse by fintech fueled covid relief fraud - The Washington Post.
• 'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News.
• "We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News.
• ‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes.
• “Jury Duty” TV series - Wikipedia.
• “Jury Duty” trailer - YouTube.
• Spray Cork: What Is It? - Build with Rise.
• CorkSol.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer.
• Example of UPS SMS phishing message related to Lego order - Twitter.
• Another example of a Lego-related UPS phishing message - Twitter.
• Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice.
• How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley.
• Bad adverts leave people scratching their heads - MSN.
• How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro.
• Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist.
• Unraveling an AI Scam with AI - Imperva.
• 100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread.
• 97+ ChatGPT Statistics & User Numbers In June 2023 (New Data)  - Nerdy Nav.
• “Speed Cubers” - Netflix.
• Trailer for “Speed Cubers” - YouTube.
• KBDcraft.
• ”How to Win Friends and Disappear People” - Qcode Podcasts.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Google sues alleged scammer over fake business and review scheme - The Verge.
• Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.
• Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.
• Keep Connected - ages 10–14 - Keep Connected.
• The Metaverse Police: A VR content moderator shares his insights - Mixed News.
• “Untold: The Girlfriend Who Didn't Exist” - Netflix.
• Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro.
• Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express.
• The US Is Openly Stockpiling Dirt on All Its Citizens - Wired.
• I don’t care about cookies browser plugin.
• MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News.
• BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News.
• Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch.
• BBC and British Airways affected by data breach at payroll company Zellis - The Record.
• BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian.
• Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant.
• MOVEit Transfer and MOVEit Cloud Vulnerability - Progress.
• MOVEit announces second vulnerability; Minnesota schools agency breached with original bug - The Record.
• An Update on the Steps We are Taking to Protect MOVEit Customers  - Ipswitch.
• Spider-Man: Across the Spider-Verse - IMDB.
• Spider-Man: Across the Spider-Verse trailer - YouTube.
• The Muppets Mayhem - Disney+.
• The Muppets Mayhem trailer - YouTube.
• NT-USB microphone - Rode.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Hunters - A SOC platform, built to empower your security team to reduce risk, complexity and costs.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus - don't miss our featured interview with Max Power of Bitwarden.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register.
• “Breaking the code: Cyber Secrets Revealed” - ABC.
• Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News.
• Toll-free Hijack Alert (misdial scam) - AT&T.
• “Connected: the hidden science of everything” - Netflix.
• “Connections” with James Burke - YouTube.
• “I wanna marry Harry” reality show    - Wikipedia.
• “Space cadets” reality show - Wikipedia.
• Unreal: A Critical History of Reality TV - Apple Podcasts.
• Famous Studios - Famous Studios website.
• Unreal: A Critical History of Reality TV - BBC Sounds.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Plus don't miss our featured interview with David Ahn of Centripetal.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 8 new top-level domains for dads, grads and techies - Google.
• Tweet by Citizen Lab’s John Scott-Railton - Twitter.
• File Archiver in the browser - mr.d0x.
• A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.
• Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.
• Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.
• Two boys killed in Cardiff crash which was followed by riot are named - Sky News.
• Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.
• Black Butterflies - Netflix.
• Black Butterflies trailer - YouTube.
• “The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.
• Science Vs - Gimlet Media Podcast.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of the "Smashing Security" podcast obviously.

Graham explains how a Singaporean bug-hunter cracked Google’s defences and could brute-force your full phone number. Meanwhile, Carole dives into a chilling scam where ICE impersonators used fear, spoofed numbers, and... Apple gift cards to extort terrified migrants.

Plus: Nazis, door safety, and the age-old struggle of telling Ralph Fiennes from Liam Neeson.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Bruteforcing the phone number of any Google user - Brutecat.
• Leaking the phone number of any Google user - YouTube.
• Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account - The Hacker News.
• Google fixes flaw that could unmask YouTube users' email addresses - Bleeping Computer.
• ICE Scammers Are On The Rise: What To Do  - Newsweek.
• Student visa holder tricked by fake ICE agent scam, loses thousands  - Newsweek.
• Conspiracy - IMDB.
• Schindler’s List - IMDB.
• Dutch Reach car door opening method - The AA.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare - Uncover the latest threats across the dark web and Telegram. Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Man convicted of blackmail and other offences - SEROCU.
• EU hits Meta with record €1.2B privacy fine - Politico.
• Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.
• iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.
• Fraudster pleads guilty to £100m iSpoof scam - BBC News.
• 300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security.
• "John Was Trying to Contact Aliens" - Netflix.
• Sleep mask - Amazon.
• Blackout blind with suction cups - Amazon.
• Jewish Matchmaking - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Vote for "Smashing Security" in the European Security Blogger Awards.
• Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.
• Fraud Strategy: stopping scams and protecting the public - UK Gov.
• Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.
• Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.
• How Many People Use Social Media in 2023? - Oberlo.
• Scam social media quizzes dupes people into revealing personal details - ITV News.
• Where are you most likely to be scammed: phone, text or social media? - This is Money.
• Major bank calls out Meta for huge rise in scams on its platforms -  This is Money.
• The Legend of Zelda: Tears of the Kingdom - Nintendo.
• ScanSnap SV600 - Fujitsu.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Outpost24 – Understand your shadow IT risk with a free attack surface analysis.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden.

Plus don't miss our featured interview with Outpost24's John Stock.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Introducing Twitter Circle, a new way to Tweet to a smaller crowd - Twitter.
• Twitter Circles Is Broken, Revealing Nudes Not Meant For The General Public - Buzzfeed News.
• Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout - The Register.
• What is Hostile or Warlike?:  An in-depth look at the Merck war exclusion decision and its shortfalls - Kennedys Law.
• Eurovision voting scandal: Six juries cheated and voted for each other - EuroVision World.
• Eurovision: MP seeks assurances contest voting will be protected from Russian threats - Sky News.
• Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week - Daily Mail.
• Cyber security experts hope to protect Eurovision voting from possible Russian threat - ITV News.
• The technology of the Eurovision Song Contest - Technology and Engineering.
• Cyber security experts hope to protect Eurovision voting from possible Russian threat - Eurovision News.
• Eurovision voting scandal: Six juries cheated and voted for each other - Eurovision News.
• Eurovision 2023: Tickets for Liverpool sell out after huge demand - BBC News.
• Eurovision 2023: Hotel phishing scam targets song contest fans - BBC News.
• “My Lovely Horse”, Father Ted’s Eurosong contest entry 1996 - YouTube.
• Doctor Who: Tony Hadoke’s Time Travels podcast.
• Toby Hadoke.
• MyBuilder.
• Carole Theriault art gallery - Carole Theriault’s art website. 
• Carole Theriault and John Hawes exhibition - Oxfordshire Artweeks. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Outpost24 – Understand your shadow IT risk with a free attack surface analysis.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Hackers steal emails, private messages from hookup websites - TechCrunch.
• Scam Interceptors - BBC.
• ‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammers - The Guardian.
• Did BBC break the law by using a botnet to send spam? - Naked Security.
• How a horse whisperer can help engineers build better robots - Science Daily.
• How Scientists Are Using AI to Talk to Animals - Scientific American.
• “I don’t know”, sung by 76-year-old Paul McCartney - YouTube.
• “I don’t know”, sung by AI Paul McCartney - YouTube.
• AI makes Paul McCartney’s voice youthful - The Daily Beatle.
• “New”, sung by the AI Beatles - YouTube.
• AI Freddie Mercury sings “Yesterday” - YouTube.
• The Evaporated - Campside Media.
• Tetris - Apple TV+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Outpost24 - Understand your shadow IT risk with a free attack surface analysis.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats - Graham Cluley.
• Lizard Squad Member: Why I Took Down Xbox and PlayStation - Sky News on YouTube.
• Hacker Charged With Extorting Online Psychotherapy Service - Krebs on Security.
• Finland’s Most-Wanted Hacker Nabbed in France - Krebs on Security.
• Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.
• Hackers can find your home on Strava even if you use privacy settings, researchers find - Yahoo Sports.
• Iron Bianca hashtag on TikTok - TIkTok.
• Investigators warn of fake suicide scams on social media platforms - MSN News.
• How did Iron Bianca die? Tribute Pours In As Tiktok Star Passed Away - PBK News.
• Spill-the-Tea-007 TikTok Channel - TikTok.
• Mike Bolhius Private Investigator - Mike Bolhius homepage.
• Paint trailer - YouTube.
• Bob Ross: Happy Accidents, Betrayal & Greed - Netflix.
• Star Trek: Picard - Paramount Plus.
• The Diplomat - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• hCaptcha – hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

(Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!)

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Countering Threats Posed by the Chinese Government Inside the US - Speech by the FBI’s Christopher Wray.
• Criminals Pose as Chinese Authorities to Target US-based Chinese Community - FBI.
• FBI: How fake Xi cops prey on Chinese nationals in the US - The Register.
• Special Report: Tesla workers shared sensitive images recorded by customer cars - Reuters.
• 303: Secret Roomba snaps, Christmas cab scams, and the future of AI - Smashing Security.
• Lawsuit: Tesla must be punished for “tasteless” sharing of car-camera images - Ars Technica.
• Customer Privacy Notice - Tesla.
• Tesla hit with class action lawsuit over alleged privacy intrusion - Reuters.
• Tesla About Autopilot - Tesla.
• “Wet Nellie” - Wikipedia.
• Device Orchestra - YouTube.
• “Smoke on the Water”, as performed by Device Orchestra - YouTube.
• “Eye of the Tiger”, as performed by Device Orchestra - YouTube.
• Cabin Camera - Tesla.
• Colin from Accounts - Amazon Prime.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Uber driver info stolen yet again: This time from law firm - The Register.
• Letter from law firm Genova Burns to impacted Uber drivers (PDF)
• Tweet by FBI Denver - Twitter.
• FBI warns against using public phone charging stations - CNBC.
• 'Juice Jacking': The Dangers of Public USB Charging Stations - FCC.
• Stop! Don’t charge your phone this way - Seattle Times.
• This Seemingly Normal Lightning Cable Will Leak Everything You Type - Vice.
• Cybersecurity Myths You Might Still Believe – Debunked! - CXO Today.
• China to require 'security assessment' for new AI products - France24.
• Cybercrime: be careful what you tell your chatbot helper…- The Guardian.
• 12 Jobs that AI will never replace - In Hunt World.
• ChatGPT Fabricates Sexual Harassment Scandal, Names Real US Law Professor As Accused - Republic World.
• Insurable cyberattacks? - Caveat podcast.
• UBI board game - Board Game Geek.
• The Eye, The Pyramid, The Map: The Psychogeography of ‘The World According to Ubi’ - We Are The Mutants.
• They Finally Let Me Into Abbey Road Studios! - Rick Beato, YouTube.
• Robot Wars: Episode 5 Battle Recaps 2017 - BBC Two, YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• hCaptcha – hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• These Men's Rights Activists Literally Worship Elon Musk - Buzzfeed News.
• Florida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed' - WESH.
• Florida principal resigns after sending $100K to scammer posing as Elon Musk - NY Post.
• Afroman - Will You Help Me Repair My Door - YouTube.
• Official Music Video for Because I Got High performed by Afroman - YouTube. 
• Police sue rapper Afroman for using footage of home raid in his music videos - The Guardian.
• Afroman Complaint - Adams County Court.
• Afroman Got Raided by Cops, So He Put Them in His Music Video - Vice.
• Afroman - Wikipedia.
• Afroman sued by seven officers who raided his home - NME.
• Afroman Isn’t Worried About a Police Lawsuit Over His Music Videos - Rolling Stone.
• Afroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!! - TMZ.
• Afroman I'm Missin' $400 In Cash After Raid... Thinks Cops Swiped It - TMZ.
• Atlas Obscura.
• Oak Beams, New College Oxford - Atlas Obscura. 
• BeyerDynamic DT 770 PRO Headphones - BeyerDynamic. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Tweet by Euler Finance confirming security breach - Twitter.
• Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk.
• Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian.
• Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk.
• President Biden kind of mostly bans commercial spyware from US govt - The Register.
• Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times.
•  Utah’s social media for kids law could be coming to a state near you - Vox.
• Utah Governor Spencer Cox signs a landmark social media bill - YouTube.
• RRR - Netflix.
• RRR trailer - YouTube.
• RRR Naatu Naatu dance scene - YouTube.
• Best films of 2022 in the UK, No 7: RRR - The Guardian.
• He Died with a Felafel in His Hand - Wikipedia.
• Swarm - Amazon Prime.
• Night of the Lepus - Wikipedia.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• hCaptcha - hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.  Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security.
• Google Pixel exploit reverses edited parts of screenshots - The Verge.
• Tweet by researcher Simon Aarons - Twitter.
• aCropalypse demo.
• Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors.
• Android phones can be hacked just by someone knowing your phone number - Graham Cluley.
• BBC advises staff to delete TikTok from work phones - BBC News.
• TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News.
• TikTok banned from official Welsh government phones - BBC News.
• Danish public broadcaster advises staff against using TikTok - BBC News.
• Canada bans TikTok on government devices - BBC News.
• European Commission bans TikTok on staff devices - BBC News.
• New bill would ban TikTok in the US but it faces long odds - BBC News.
• A Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless' - Entrepreneur.
• Retired Colorado teacher left homeless and broke after scammers hijack house sale - MSN.
• Homebuyers scammed out of nearly $200,000 - YouTube.
• Stolen life savings Vickie and Sarah Ragle - Go Fund Me.
• The Play That Goes Wrong.
• The Goes Wrong Show 90 Degrees clip - YouTube.
• The Goes Wrong Show Series One - Amazon Prime.
• Poo Pays.
• MiniPresso NS2 - Wacaco.
• Restart Podcast - BBC.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

A bizarre case of political impersonation, where Trump’s top aide Susie Wiles is cloned (digitally, not biologically — we think), and high-ranking Republicans start getting invitations to link up with "her" on Telegram to share their Trump pardon wishlists. Was it a deepfake? Or just someone with a halfway decent impression and access to a shady data broker?

Meanwhile, we take a worryingly familiar journey into the mental health crisis in the UK — and how TikTok is stepping in with advice like “eat an orange in the shower” to cure your anxiety. Spoiler: it won’t. But it might make your bathroom smell nice.

Plus: a nostalgic tech support tale involving a CRT monitor, a wooden door, and an unexpected shade of brown.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Federal Authorities Probe Effort to Impersonate White House Chief of Staff - Wall Street Journal.
• FBI probes effort to impersonate White House chief of staff Susie Wiles, sources say - CBS News.
• The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic.
• The Trump campaign is still being hacked - Popular Information.
• The Big Mental Health Report - Mind.
• Mental Health Pressures - British Medical Association. 
• More than half of top 100 mental health TikToks contain misinformation, study finds  - The Guardian.
• ‘They thought they were doing good but it made people worse’: why mental health apps are under scrutiny - The Guardian.
• How to find therapy or counselling - Mind.
• Carole in the shower with an orange? - Twitter.
• Matter - modern read-later app for iPhone, iPad, and web.
• Techie fixed a ‘brown monitor’ by closing a door - The Register.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Harmonic - Let your teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. Harmonic Security gives you full control and stops leaks so your teams can innovate confidently.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

The twisted tale of the two Teslas, and a deepfake sandwich.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News.
• A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone.
• Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag.
• Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN.
• Spot the Deepfake - Microsoft.
• Sholay trailer - YouTube.
• Sholay: Review of the monumental Indian epic - YouTube.
• Rent or buy Sholay - YouTube Movies.
• Jazz Pianist Brad Mehldau Plays The Beatles - NPR.
• Brad Mehldau - Brad Mehldau website.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

Plus don’t miss our featured interview with Jason Meller of Kolide.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC.
• Canada grandma helps stop fraud scheme targeting senior citizens - BBC News.
• A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal.
• Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN.
• Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR.
• 9 millionaires and billionaires with the most bizarre spending habits - Business Insider.
• Phishing still the leading way attackers breach security controls: IBM - IT World Canada.
• New White House cyber strategy picks a fight with ransomware - AXIOS. 
• Happy Valley - BBC.
• My 80s TV.
• Everything Everywhere All at Once - IMDB.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!
• Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business.  As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Wiretapping Italian police tune in to hear their secrets being sold - The Times.
• Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.
• Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.
• Protests grow in Italy over the wiretapping of journalists - Independent.
• How I Broke Into a Bank Account With an AI-Generated Voice - Vice.
• TikTok under investigation by Canadian privacy authorities - BBC.
• The UN's cyber crime treaty could be a privacy disaster - IT Pro.
• TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.
• “Check It Out” episode about nuclear war from July 1980 - YouTube.
• The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.
• Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.
• Fleishman is in Trouble - Disney+
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!
• Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Testing Meta Verified to Help Creators Establish Their Presence - Meta.
• As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.
• A pre-match message from Will Ferrell - QPR Twitter account.
• BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.
• Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.
• ‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.
• Replika homepage - Replika.
• Click and Drag - xkcd.
• 1110: Click and Drag - Explain xkcd.
• xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”
• Only Murders in the Building - Disney Plus.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!
• SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice.
• AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice.
• Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice.
• ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice.
• My Strange Day With Bing’s New AI Chatbot - Wired.
• We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company.
• How social media affects teen mental health: a missing link - Nature.
• California bill to let parents sue social media gets second try - Bloomberg.
• How to protect children from big tech companies - Wall Street Journal.
• Three out of four parents say social media is a major distraction for students, according to new study - Phys.org.
• Remarks of President Joe Biden – State of the Union address as prepared for delivery - The White House.
• Why the past 10 years of American life have been uniquely stupid - The Atlantic.
• Now Mesa public schools are also declaring that they have failed in educating their children by suing social media - Techdirt.
• Seattle school district files laughably stupid lawsuit against basically every social media company for… ‘being a public nuisance’ - Techdirt.
• The evidence just doesn’t support any of the narratives about the harms of social media - Techdirt.
• Vasectomy - NHS.
• Birth of BASIC documentary - YouTube.
• Zero Waste Club reusable coffee filter - Peace with the Wild.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust.
• SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Plus don't miss our featured interview with SecurEnvoy's Chris Martin.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.
• SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now.

Episode links:

• Ubiquiti tells customers to change passwords after security breach - ZD Net.
• “No way out” trailer - YouTube.
• Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica.
• Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender.
• Final Thoughts on Ubiquiti - Krebs on Security.
• Former Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For Ransom - Department of Justice.
• Dutch Police Read Messages of Encrypted Messenger 'Exclu' - Vice.
• Shock and applause for Apple Watch's chilling real-life emergency call ad - Campaign Live. 
• 911 call made from Apple Watch of Washington woman buried alive released - Yahoo! News.
• Apple Watch 8 series save yet another life - Live Mint.
• Some first responders are asking iPhone users to disable Emergency SOS and crash detection due to influx of false positives - 9to5mac.
• Emergency SOS via satellite available today on the iPhone 14 lineup in the US and Canada - Apple.
• Inoreader.
• ”The Social Life of Animals” by Ashley Ward - Amazon.
• Black Butterflies - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Artis Pabriks.
• ‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World.
• 'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News.
• Amazon Warns Employees to Beware of ChatGPT - Gizmodo. 
• ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. 
• ChatGPT raises red flags by acing MBA exam.
• ChatGPT passes exams from law and business schools - CNN. 
• I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. 
• Real estate agents say they can’t imagine working without ChatGPT now - CNN. 
• Science journals ban listing of ChatGPT as co-author on papers - The Guardian. 
• Blakes 7 Bot - an automated bot that posts lines of dialogue from Blakes 7.
• Yarn - Find video clips by quotes.
• The New Gurus Podcast - BBC Sounds. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust.
• Sealit – Zero Trust Data Protection: protect, share, and monitor confidential emails and files – without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit’s special offer to “Smashing Security” listeners.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.

Episode links:

• The Complete Idiot's Guide to Writing Erotic Romance - Amazon.
• The Many Ingenious Ways People in Prison Use (Forbidden) Cell Phone - The Marshall Project.
• How Did They Run an Elaborate “Sextortion” Scam From Prison? Cellphones - The Marshall Project.
• Alarm Over Death Row Cell Phone Threats - CBS News.
• How to completely own an airline in 3 easy steps - Maia arson crimew.
• U.S. airline accidentally exposes ‘No Fly List’ on unsecured server - Daily Dot.
• Cyber-crime gangs' earnings slide as victims refuse to pay - BBC. 
• Ransomware Revenue Down As More Victims Refuse to Pay - ChainAnalysis.
• Leaked Ransomware Docs Show Conti Helping Putin From the Shadows - Wired. 
• Luxe Listings Sydney trailer - YouTube.
• Luxe Listing Sydney - Wikipedia.
• Matt Shearer WBZ - Twitter.
• Hot Skull - Netflix. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Carole is in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information.

Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Operation Protect the Innocent - LA Police Department.
• A Police App Exposed Secret Details About Raids and Suspects - Wired.
• ODIN Intelligence website is defaced as hackers claim breach - TechCrunch.
• Norton LifeLock says thousands of customer accounts breached - TechCrunch.
• Ugh! Norton LifeLock password manager accounts accessed by hackers - Graham Cluley.
• Reports: Twitter’s sudden third-party client lockouts were intentional - Ars Technica.
• Spring app - Twitter.
• Spring app - Mac App Store.
• Mona app - Mastodon.
• Tulsa King trailer - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• DigiCert - DigiCert's Trust Lifecycle Manager sets a new bar for unified management of digital trust.

Support the show:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Someone called OxShagger thinks he has come up with the perfect Valentine's surprise for Oxford students, but is the way he has gone about "bookworms with benefits" really a good idea? Robot security guards are trundling the streets of - you guessed it - America. And a writer of paranormal bully romances (no, we don't know what that means either) returns from the grave...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.

Warning: This podcast may contain nuts, adult themes, and rude language.

Sponsored by:

• Bitwarden - Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.
• ManageEngine PAM360 - A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.
• NordLayer - NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.

Episode links:

• Dating site for horny Oxford students slammed for privacy violations - Cherwell.
• OxShag will not be running this term as creator says they ‘made some poor choices’ - The Oxford Tab.
• Dysfunctional: OxShag to shut down amid controversy - Cherwell.
• Oxford University dating website for staff and students shut down after ‘huge data breach’ - The Times.
• CES 2023 Robots: Humanoid Helpers, Coding Pups and Farming Planters - CNet.
• One of America's most hated companies hired a security robot. It didn't go well - ZDNet.
• Robot security downtown getting lots of attention, KHON2 News - YouTube.
• 4 New Contracts for 8 Machines to Kick Off New Year at Knightscope - Knightscope.
• Why was Susan Meachen bullied in 2020? - Reddit.
• Fan outrage at Susan Meachen, the romance novelist accused of faking her death - BBC. 
• The Book Community Thought This Author Died. Now, It Seems Her Suicide Was a Hoax - Rolling Stone. 
• Vampire Survivors - Steam.
• Vampire Survivors trailer - YouTube.
• Vampire Survivors, a cheap, minimalistic indie game, is my game of the year - Ars Technica.
• Rewind.
• Rewind support article on the importance of consent - Rewind.
• Air Lounger - Orsen.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Why is a cute Star Wars fan website now redirecting to the CIA? How come Cambodia has become the world's hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum?

All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Allan Liska.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• How I found a Star Wars website made by the CIA - Ciro Santilli on YouTube.
• How the CIA failed Iranian informants in its secret war with Tehran - Reuters.
• Isis and al-Qaeda sending coded messages through eBay, pornography and Reddit - Independent.
• Games Without Frontiers: Investigating Video Games as a Covert Channel - IEEE.
• General David Petraeus used clever Gmail trick during affair - Network World.
• Cambodia is home to world’s most powerful criminal network: report - SCMP.
• How to protect yourself from suspicious messages and scams- WhatsApp.
• Is WhatsApp Safe? Tips for Staying Secure - WhatsApp.
• Hacked on WhatsApp – how to stay safe when using the messaging app - BBC.
• Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp - The Hacker News.
• Kon-Tiki: The Epic Raft Journey Across the Pacific - YouTube.
• Still Standing with Jonny Harris - CBC.
• Niki de Saint Phalle & Jean Tinguely - Myths & Machines - Hauser & Wirth.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management– Secure every sign-in for every app on every device.
• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Beware your Roomba's roving eye, the Finns warn of AI threats around the corner, and watch out when hailing a taxi cab in Dublin...

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? - MIT Technology Review.
• Building Smart Robots Requires Responsible Development - Roomba CEO Colin Angle on LinkedIn.
• OpenAI predicts biz can break a billion in revs by 2024 - The Register.
• The security threat of AI-enabled cyberattacks (PDF) - The Finnish Transport and Communications Agency, Traficom.
• Ireland Christmas weather ‘roller-coaster’ amid new ‘Beast from the East’ threat - Irish Mirror.
• Christmas revellers warned about sophisticated taxi scam as €300,000 is stolen from victims - MSN. 
• Taxi cab scam has cleaned out €300,000 from bank accounts of victims - Irish Independent. 
• “La Cabina” - YouTube.
• “Last and First Men” by Olaf Stapledon - Wikipedia.
• ”The other side of night” by Adam Hamdy - Pan MacMillan Press. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus - don't miss our featured interview with Rico Acosta, IT manager at Bitwarden.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Smashing Security 229: Dating leaks, right to repair, and a stinky bishop - Smashing Security.
• Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall - The Register.
• Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickers - NCA.
• What does the Lensa AI app do with my self-portraits and why has it gone viral? - The Guardian. 
• Lensa, the AI portrait app, has soared in popularity. But many artists question the ethics of AI art - NBC News.
• I Uploaded Photos of Myself to the New Lensa A.I. Portrait Generator. The Results Were Stunning, Strange… and Super Creepy - Artnet.
• People keep sharing their AI-generated portraits: What to know about Lensa, and why some push back on it - USA Today.
• How Is Everyone Making Those A.I. Selfies? - New York Times. 
• Lensa AI: Security concerns regarding app behind colourful selfies on social media - The National News.
•  ‘Magic Avatar’ App Lensa Generated Nudes From My Childhood Photos - Wired. 
• Celebrities Are Obsessed With This Amazing New AI Portrait App - Hello Giggles. 
• This AI Self-Portrait App is Taking Over the Internet - Medium.
• Wednesday Shows Off Her Moves - YouTube.
• ‘Wednesday’ faces backlash over Jenna Ortega’s COVID dance scene - NME.
• Channel Television Disco Dancin' Final - YouTube.
• Sticky Pickles.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

An AI chatbot is causing a stir - both impressing and terrifying users in equal measure. A security researcher discovers that a "smart" cam that doesn't use the internet is err.. using the internet. And university students revolt over under-the-belt surveillance.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• While anticipation builds for GPT-4, OpenAI quietly releases GPT-3.5 - TechCrunch.
• OpenAI upgrades GPT-3, stunning with rhyming poetry and lyrics - Ars Technica.
• GPT-3.5 finds a security vulnerability - Twitter.
• Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - YouTube.
• OpenAI's new ChatGPT bot: 10 dangerous things it's capable of - Bleeping Computer.
• What GPT-3.5 really thinks about us humans - Twitter.
• We asked GPT-3.5 to write a story about the “Smashing Security” hosts - Twitter.
• GPT-Chat - OpenAI.
• Researcher Paul Moore questions Eufy about its privacy - Twitter.
• Eufy’s “local storage” cameras can be streamed from anywhere, unencrypted - Ars Technica.
• Eufy privacy statement - Eufy.
• ‘NO’: Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them - Vice. 
• Max Von Himmel Twitter Feed - Twitter. 
• It’s Not Science, Just Surveillance (and it's Under Your Desk) - TWC newsletter. 
• Northeastern University - Northeastern University homepage. 
• Space Management Platform - Spaceti homepage. 
• Twitter is going great!
• Pennyworth - IMDB.
• BBC Maestro.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems).

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original show co-host Vanja Švajcer.

What an amazing 6 years of bickering it has been… thanks to all of you who have tuned in, appeared on the show, or supported us! 🙏

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Smashing Security #001: “One cup, two hotel guests” - YouTube.
• Whoopi Goldberg Quitting Twitter: “As Of Tonight I’m Done” - Deadline.
• Stephen Fry Joins Celebrity Twitter Exodus, Says “Goodbye” With Scrabble Message - Deadline.
• Twitter Users Warned Not To Delete Their Accounts - Here’s Why - Forbes
• How to deactivate your account - Twitter.
• InterPlanetary File System - Wikipedia.
• Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns - Cisco Talos.
• Decentralized IPFS networks forming the 'hotbed of phishing' - The Register.
• UK police arrest 120 in largest-ever cyber fraud crackdown - Computer Weekly. 
• Grote spoofingdienst uit de lucht gehaald door internationale samenwerking - Politie.nl.
• Received a text from the Metropolitan Police about iSpoof? - Cel solicitors.
• iSpoof' service dismantled, main operator and 145 users arrested - Bleeping Computer.
• iSpoof: What is iSpoof and how did police take down scam call site linked to 200,000 victims? - The Scotman.
• Listen to the message the Met Police left on the iSpoof gang’s Telegram channel - Twitter.
• Scrotum Concealment - Spy Museum.
• The CIA's Fake Scrotum That Hid a Radio - YouTube.
• Blitzed! (2020) - IMDB.
• Watch Blitzed: The 80s Blitz Kids Story -  NOW TV.
• Bob Dylan on the Songs That Captivate and Define Us - New York Times. 
• Bob Dylan Gets Tangled Up in Book Autograph Controversy- New York Times. 
• Bob Dylan apologises for machine-printed 'signatures' - BBC News.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes of AMTSO.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Larry David promotes FTX in Superbowl ad - YouTube.
• Crypto giant FTX collapses into bankruptcy - BBC News.
• FTX's new CEO: "Never in my career have I seen such a complete failure" - CBS News.
• Tom Brady, Giselle Bündchen, Larry David & Steph Curry Caught In FTX Crypto Fallout With Class Action Suit - Deadline.
• Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 milion - Reuters.
• Tweet showing Sam Bankman-Fried deepfake scam - Twitter.
• FTX Founder Deepfake Offers Refund to Victims in Verified Twitter Account Scam - Vice.
• Crypto.com CEO admits company accidentally sent 320,000 ETH ($416 million) to another crypto exchange a few weeks prior - Web3 is going great.
• Sandia studies vulnerabilities of electric vehicle charging infrastructure - Sandia Labs.
• Review of Electric Vehicle Charger Cybersecurity Vulnerabilities, Potential Impacts, and Defenses - MDPI.
• Shocker: EV charging infrastructure is seriously insecure - The Register.
• Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device - Microsoft.
• Gaming for everyone, everywhere: our view on the Activision Blizzard acquisition - Microsoft.
• Video gaming market leaders - Statistics & Facts - Statista.
• Microsoft says UK influenced by Sony in probing Activision Blizzard deal - Reuters.
• Can Big Tech Get Bigger? Microsoft Presses Governments to Say Yes -New York Times.
• Microsoft Reveals Sony’s Activision Deal Is Blocking ‘Call Of Duty’ From Game Pass - Forbes.
• EU to launch advanced Microsoft-Activision probe - Politico.
• Microsoft / Activision Blizzard merger inquiry - Gov.uk.
• Microsoft Buying Activision Blizzard Might Be Good For Gamers, But Bad for Developers - Time.
• A Day in London 1930s in colour - YouTube.
• Ancient Apocalypse - Netflix.
• Ancient Apocalypse is the most dangerous show on Netflix - The Guardian.
• How to Draw Large Pictures with Da Vinci Eye -Youtube.
• Da Vinci Eye: AR Art Projector - Apple app store. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Pentera – Pentera’s Automated Security Validation Platform is designed to help teams increase their security posture against modern day threats across the entire attack surface. Evaluate your security readiness with continuous and consistent autonomous testing with granular visibility into every execution along the way.
• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Plus don't miss our featured interview with Pentera's Shakel Ahmed talking about automating continuous cyber defence validation.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Graham offers Dave Bittner some advice on “Welcome Datacomp”... in 1995! - Usenet.
• Elon Musk apologises to users for Twitter being slow - Twitter.
• Former Twitter employee doesn’t think Elon Musk knows what he’s talking about - Twitter.
• Eric Frohnhoefer says Elon Musk is wrong - Twitter.
• Twitter engineer calls out Elon Musk for technical BS in unusual career move - The Register.
• Elon Musk says that he is turning off microservices “bloatware” - Twitter.
• Twitter’s SMS Two-Factor Authentication Is Melting Down - Wired.
• Elon only trusts Elon - Platformer.
• Elon’s paranoid purge - Platformer.
• Google to pay nearly $400 million over deceptive location tracking practices - The Record.
• Follow Smashing Security on Mastodon.
• South Bay Man Pleads Guilty to Participating in a Multimillion-Dollar Real Estate Scam Involving Fake Open Houses at Not-for-Sale Homes - Justice.gov.
• A South Bay man accepted hundreds of offers from open houses. But the homes weren’t for sale - LA Times. 
• The typing of the Regex.
• Fesshole - Twitter.
• If Books Could Kill - Apple Podcasts. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Pentera – Pentera’s Automated Security Validation Platform is designed to help teams increase their security posture against modern day threats across the entire attack surface. Evaluate your security readiness with continuous and consistent autonomous testing with granular visibility into every execution along the way.
• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a guest this week.

Warning: This podcast may contain nuts, adult themes, some snorting, and rude language.

Episode links:

• Mastodon: What you need to know for your security and privacy - Graham Cluley.
• Follow Graham Cluley on Mastodon.
• Hushpuppi: Notorious Nigerian fraudster jailed for 11 years in US - BBC. 
• Influencer involved in $1.1 million Qatar school financing scam jailed - Alarabiya. 
• Influencer ‘Ray Hushpuppi’ jailed over plan to launder $300m - The Guardian. 
• Hushpuppi’s wife, Imams write judge as US court sentences fraudster today - Premium Times.
• Living trailer - YouTube.
• Kleo - Netflix. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Twitter has a new chief twit in the form of Elon Musk and he's causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Warning: This podcast may contain nuts, adult themes, dolphin noises, and rude language.

Episode links:

• Twitter employees are sleeping on the office floor to meet Elon Musk’s deadlines - The Verge.
• Elon Musk shows what being Chief Twit is all about across weird weekend - The Register.
• Pranksters pretending to be laid-off Twitter employees leave San Francisco HQ - YouTube.
• Twitter Limits Content-Enforcement Work as US Election Looms - Bloomberg.
• Twitter’s Yoel Roth comments on the firm’s trust and safety staff having their access to moderation and enforcement tools frozen - Twitter. 
• Paul Pelosi Conspiracy Theory Trends on Twitter After Elon Musk Pushes It - Rolling Stone.
• Yoel Roth describes how Twitter will warn users of misleading information - Twitter.
• Yoel Roth describes “surge in hateful conduct on Twitter” - Twitter.
• The Demise of Digg: How an Online Giant Lost Control of the Digital Crowd - Harvard.
• Follow Graham on Mastodon.
• How tech is helping us talk to animals - Vox.
• “The Sounds of Life: How Digital Technology Is Bringing Us Closer to the Worlds of Animals and Plants” - Book by Karen Bakker.
• Project CETI - The Cetacean Translation Initiative. Not to be mixed-up with Project SETI.
• The Dark Side Of VR - The Intercept. 
• The Metaverse Is the Ultimate Surveillance Tool - Vice. 
• What I Learned From Diving Headfirst Into The Metaverse - CNN. 
• Zuckerberg thinks the metaverse is the future of work. So what will this look like? - Smart Company. 
• Is the Metaverse Really the Future of Work? An Unbiased Investigation - Gizmodo.
• How to Turn Off the “Sign in with Google” Prompt on Websites - How-To Geek.
• Julia Davis and the Russian Media Monitor - Twitter.
• Weiner Staatsoper Opera House.
• Emojis instead of emotions in Simon Stone's Traviata in Vienna  – BackTrack.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Akamai – Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails?  And what the flip is nano-targeting?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by fan favourite Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

No contortionists were hurt during the making of this episode.

Episode links:

• Memorandum of sentencing of Bryan Wilson - United States District Court Western District Court of Kentucky at Louisville.
• Accurint for Law Enforcement - LexisNexis.
• LexisNexis illegally collected and sold people's personal data, lawsuit alleges - CBS News.
• Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos - Bitdefender.
• Congress should consider enhancing protections around scores used to rank consumers (PDF) - Government Accountability Office. 
• Online Shoppers Beware: Scammers Most Likely to Impersonate DHL - Check Point.
• Why Am I Seeing That Political Ad? Check Your ‘Trump Resistance’ Score  - New York Times.
• I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too - New York Times.
• Mixed Idioms.
• Apollo Remastered.
• Cosmic Background.
• Death of an Artist - Pushkin podcasts.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Someone's election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by runZero's Chris Kitsch.

Plus don't miss our featured interview with Akamai's Patrick Sullivan talking about how retailers can better thwart bots this holiday season.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The rundown on becoming runZero: What I learned rebranding a company - Chris Kirsch on the runZero blog.
• Tweet by Melissa Shusterman - Twitter.
• Apple AirTag Used To Find Over 100 Stolen Democratic Campaign Signs, Police Say - Forbes.
• Wie eine russische Firma ungestört Deutschland hackt - ZDF Magazin Royale on YouTube.
• German cybersecurity chief investigated over Russia ties - AP News.
• German cybersecurity chief sacked following reports of Russia ties - The Guardian. 
• Fraudster swindled Virgin Trains out of £116,000 in 'sophisticated' scam - MSN. 
• Virgin Trains worker, 37, swindled rail firm out of £116,000 in 'delay and repay' compensation scam by photoshopping tickets to exploit flaw in system - Daily Mail. 
• Train delays:How to claim if it's late or cancelled - Money Saving Expert.
• How many trains arrive on time - Gov.uk.
• Employee swindled Virgin Trains out of £116,000 in delay and repay compensation scam - Birmingham Mail. 
• Fat Bear Week 2022.
• ‘Fat Bear Week’ Hit By Voter-Fraud Attempt - Rolling Stone.
• PimEyes - Face search engine.
• The Fear of God: 25 Years of the Exorcist - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Akamai – Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society's most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account - and how a parental control accidentally saved the day.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Dinah Davis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 418 - I’m a teapot - MDN Web Docs.
• 2025 Iberian Peninsula blackout - Wikipedia.
• What could have caused the major power outage in Spain and Portugal? Experts weigh in - Euro News.
• Spain investigates cyber weaknesses in blackout probe - Financial Times.
• Report on Working Conditions at INCIBE, the company Investigating the blackout - El Cierre Digital.
• My Teen's Instagram Account was Hacked - Dinah Davis.
• We Got Her Account Back, Here’s What the Forensics Revealed - Dinah Davis.
• 'Significant amount' of private data stolen in Legal Aid hack  - BBC News.
• Civil legal aid: millions still without access to justice - The Law Society.
• Civil representation - Legal aid data - GOV.UK.
• Legal aid statistics England and Wales bulletin Oct to Dec 2024  - GOV.UK.
• Funding for justice down 22% since 2010 - Bar Council. 
• The Assembly - ITV.
• The Assembly review – this celebrity interview show is going to be massive - The Guardian.
• The Assembly: Inside the most groundbreaking TV show of the year - The Independent.
• David Tennant gets emotional from neurodivergent musicians - YouTube.
• OceanMan.
• All the Colours of the Dark by Chris Whitaker - Orion Books. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit pig-butchering scams.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo again this week.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC.
• Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter.
• Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian.
• Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News.
• Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian.
• ZÈRTZ game.
• ZÈRTZ - Wikipedia.
• GIPF project - Wikipedia.
• The Capture - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Has new UK prime minister Liz Truss been careless with her mobile phone, and hear the most extraordinary story of corporate cyberstalking.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody for reasons that will become obvious.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths - Graham Cluley.
• Two Former eBay Executives Sentenced to Prison for Cyberstalking - US Department of Justice.
• Jonathan Pie: Welcome to Britain. Everything is Terrible -  NYT Opinion.
• UK Supermarket’s Loans-for-Groceries Offer Attracts Huge Take Up - Bloomberg.
• Liz Truss' mobile number is being sold online for £6.49 - Daily Mail.
• How to Cook a Soft Boiled Egg Perfectly Every Time - YouTube.
• 11 Best Twitter Bots to Follow to Boost Productivity - Gadgetshouse.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• Akamai - Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Anti-porn "shameware" apps take a privacy pounding, is your image already being used by AI, and deepfake danger continues to deepen.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps - WIRED.
• Covenant Eyes.
• Sick and tired of trying to quit porn? You’re not alone - Covenant Eyes promotional video.
• Fortify.
• AI Is Probably Using Your Images and It's Not Easy to Opt Out - Vice.
• ISIS Executions and Non-Consensual Porn Are Powering AI Art - Vice.
• Have I been trained?
• The Deepfake Danger: When It Wasn’t You On That Zoom Call - CSO Online.
• Deepfake Audio Has A Tell – Researchers Use Fluid Dynamics To Spot Artificial Imposter Voices - The Conversation. 
• Deephy: On Deepfake Phylogeny - Cornell University.
• On The Horizon: Interactive And Compositional Deepfakes - Microsoft. 
• Detect DeepFakes: How to counteract misinformation created by AI - MIT University. 
• New Deepfake Threats Loom, Says Microsoft’s Chief Science Officer - Venture Beat.
• The Joy of Sets - BBC Archive.
• Steam Deck.
• Am I Being Unreasonable? - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
• Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
• The Cyber Security Inside podcast – Relevant cybersecurity topics in clear, easy-to-understand language. With every episode, you’ll walk away smarter about cybersecurity, and have fun while you’re at it!

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.