Smashing Security

Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:T-Mobile customer reports privacy breach - Twitter.T-Mobile US exposes some customer data – but don't call it a breach - The Register.T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer.Connectivity Source - Despite appearances, don’t confuse it with T-Mobile.ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes.If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times.They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone.The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media.Egg crack challenge,the last baby is so cute - YouTube.Trailer for “The Deepest Breath” - YouTube.“The Deepest Breath” - Netflix.Naked Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE...

Do you know what data your car is collecting about you? Do you think it's right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Plus don't miss our featured interview with Gigamon's Mark Jow.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Yikes! My sex video has been uploaded to YouPorn, apparently - Graham Cluley.1 million YouPorn users exposed; data breach required no security penetration - Computer World article from 2012.The YouPorn Sextortion Email Spam Campaign Explained - MalwareTips.BMW deems drivers worthy of warmth, ends heated car seat subscription - The Register.Hackers crack Tesla software to get free features - The Independent.It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy  - Mozilla Foundation.Car Companies: Stop Your Huge Data Collection Programs  - Mozilla Foundation.Programming language inventor or serial killer? - Vole.wtf.Rask - AI video localisation.Verbalate - Video translation and lip sync software.The Following Events Are Based on a Pack of Lies review - The Guardian.The Following Events Are Based on a Pack of Lies - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14...

Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865.Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...)All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Tweet by Jameson Lopp.Bitcoin user’s costly error leads to record transaction fee of $510,000 - Cryptoslate.Root Admin User: When Do Common Usernames Pose a Threat? - GovInfoSecurity.Dave’s conversation with Crosstalk’s Chris Sherwood - Hacking Humans podcast.Passkey authentication - Wikipedia.Passkeys: Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins - FIDO Alliance.Test your mental image ability - Aphantasia.How to create your own personal deepfake - Axios.Deepfakes are being used for good – here’s how - Connecting Research - University of Reading.Six things you need to know about deepfakes - BBC Radio 4.Mitigating Aphantasia with Generative Reality - Medium.Ethical Deepfake Maker - Synthesia.HeyGen deepfakes - HeyGen.Deepfakes are being used for good – here's how - The Conversation.Search engines required to stamp out AI-generated images of child abuse under Australia’s new code  - The Guardian.Induction Hob with Rotary Controls - Cookology.Top 10 WTF Mr Blobby Moments - YouTube.a...

AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with Alex Lawrence, principal security architect at Sysdig.Warning: This podcast may contain nuts, adult themes, and rude language. May? Who are we kidding...Episode links:199: A few tech cock-ups, and one cock lock-up - Smashing Security.Smart male chastity lock cock-up - Pen Test Partners.“My sexual urges are so out of control I’m considering buying a chastity cage” - Dear Deidre, The Sun.Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed - TechCrunch.Dispatch pauses AI sports writing program - Axios.Would Your Partner Cheat? These ‘Testers’ Will Give You an Answer - The New York Times.Loyalty Test.Nitpick: Why don’t induction hobs have knobs?Longevity… simplified - book by Dr Howard J Luks.Oxford Art Society Open Exhibition 2023.Carole Theriault art website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or a...

Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich's head, and how Graham is refusing to call Twitter "X".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer - Forbes.Stranger sent dick pics so I convinced him he was dying - YouTube.Creeps Airdropping Dick Pics Is the Latest Air Travel Nightmare - Vice.Airdrop scam tokens - Trezor.Brother of Criminal Bitcoin Mixing CEO Pleads Guilty to Stealing 712 Bitcoins From IRS - CoinDesk.Blue-tick scammers target consumers who complain on X - The Guardian.Infinite Mac.Classic Mac OS - Wikipedia.Perplexity AI - chatbot.CrazyGames.Braingle. 40 Weirdest Things on Amazon That People Actually Love to Buy - Good Housekeeping.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Beyond Identity – Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or

Surely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:One in three young people falling prey to ‘text pests’ as ICO calls for victims to come forward - ICO.My pizza order turned into a terrifying ordeal after creepy delivery driver stole my data & I was sent sinister messages - The Sun.Share your experience of unwanted contact after giving your personal information to a business for a legitimate reason - ICO.IoT, wearables and the new health insurance paradigm - IT-Online.Top 10 Innovative Wearable IoT Devices - IOT Design Pro.Explosive Growth Forecasted: IoT in Healthcare Market Set to Reach US$ 952.3 Billion by 2032 with a Remarkable CAGR of 18.0% - PharmiWeb.Sweat it out: Novel wearable biosensor for monitoring sweat electrolytes for use in healthcare and sports -Science Daily.New Apple Watch X Leaked: MAJOR Redesign & Magnetic Band System! -YouTube.Wearables | Privacy & security guide - Mozilla Foundation.5 trending wearables in 2023 to look out for - Ignitec.Internet of Things Becomes Greater Focus for Pharma -Health Leaders media.Hospitals are selling treasure troves of medical data — what could go wrong? - The Verge.Opt out of sharing your health records - NHS.Legal lullabies - Drift asleep listening to Instagram's terms of service.The Sound: Mystery of Havana Syndrome.Smashing Security merchandise (t-shirts, mugs,...

AI chatbots are under fire in Las Vegas, the secrets of hackers' passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:100,000 Hackers Exposed from Top Cybercrime Forums - Hudson Rock.Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer - Hudson Rock.People coaxed AI into saying 9+10=21 and giving instructions for spying — it shows how these systems are prone to flaws and bias - Business Insider.These Women Tried to Warn Us About AI - Rolling Stone.Chatbots: Why does White House want hackers to trick AI? - BBC News.I, Claudius - BBC iPlayer.Drama Connections: I, Claudius - BBC documentary from 2005, on YouTube.'Painkiller' Review: Netflix Series Fails To Capture Opioid Crisis - Variety.”Painkiller” trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Beyond Identity - Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

Razzlekhan, the self-proclaimed Crocodile of Wall Street, pleads guilty to the biggest crypto laundering scheme in history, and just how safe are you typing while on a Zoom call?Meanwhile, Graham rants about public EV chargers.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:With Nvidia Eye Contact, you’ll never look away from a camera again - Ars Technica.“A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” - Technical paper (PDF).New acoustic attack steals data from keystrokes with 95% accuracy - Bleeping Computer.Bitfinex users to share 36% of bitcoin losses after hack - BBC News.Bitfinex’s Latest News & Updates - BitFinex blog.Heather R. Morgan - Wikipedia.Razzlekhan and husband guilty of $4.5bn Bitcoin launder - BBC News.Record-high seizure of $4bn in stolen Bitcoin - BBC News.‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan - The Guardian.”Versace Bedouin” music video by Razzlekhan - YouTube.“Pho King Badd Bhech” music video by Razzlekhan - YouTube.SWARCO - Nit Pick of the Week.Esim Holafly  - Holafly.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SpyHide couldn’t hide forever - Maia arson crimew.Spyhide stalkerware is spying on tens of thousands of phones - ​TechCrunch.Coalition against Stalkerware.Use Google Play Protect to help keep your apps safe and your data private - Google.Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News.A Complete History of the Barbie Movie - Vanity Fair.20 Things You Probably Didn't Know About Barbie - Readers Digest.Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek.How scammers are using ‘Barbie’ craze to steal personal information - The Hill.‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter.Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee.History vs Hollywood.Weird: The Al Yankovic story - History vs Hollywood.The News Meeting - Tortoise podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Hunters – A SOC platform, built to empower your security team to reduce risk, complexity and costs.a...

Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:90210 plastic surgeon Dr Gary Motykie.Dr Gary Motykie videos - YouTube.More plastic surgery patients have their nude photos and information leaked - DataBreaches.net.Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register.Hundreds of thousands of US military e-mails wind up in Mali - Le Monde.Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times.WormGPT: a generative AI tool to compromise business emails - CSO Online.WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext.“Who shat on the floor at my wedding?”Futurama - Wikipedia.Radiooooo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN - Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie’s “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via a...

Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Russian commander shot dead after posting runs on Strava running app - Kyiv Post.Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News.How synthetic media, or deepfakes, could soon change our worldeing deepfake scam ad on Facebook - 60 Minutes on YouTube.Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer.Fears grow of deepfake ID scams following Progress hack - Ars Technica.“Deep Fake Neighbour Wars”: ITV’s comedy shows how AI can transform popular culture -The Conversation.”My Old School” - BBC Scotland.”My Old School” trailer - YouTube.MP doesn’t know whether she attended Downing St Party - YouTube.”Non-Censored” with Rosie Holt podcast - Audioboom.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide - Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig - Is your cloud secure? Not without runtime insights! Sysdig delivers the industry's ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) - powered by runtime insights - to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on

Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly?Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Pornhub Is Being Accused of Illegal Data Collection - Wired.StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn.The Password Game - Neal.fun.The True Cost of a Free TV - Wired.Telly dual-screen TV first look: it’s free and may be the future - The Verge.Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger.How rampant abuse by fintech fueled covid relief fraud - The Washington Post.'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News."We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News.‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes.“Jury Duty” TV series - Wikipedia.“Jury Duty” trailer - YouTube.Spray Cork: What Is It? - Build with Rise.CorkSol.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!

UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer.Example of UPS SMS phishing message related to Lego order - Twitter.Another example of a Lego-related UPS phishing message - Twitter.Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice.How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley.Bad adverts leave people scratching their heads - MSN.How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro.Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist.Unraveling an AI Scam with AI - Imperva.100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread.97+ ChatGPT Statistics & User Numbers In June 2023 (New Data)  - Nerdy Nav.“Speed Cubers” - Netflix.Trailer for “Speed Cubers” - YouTube.KBDcraft.”How to Win Friends and Disappear People” - Qcode Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source...

There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Google sues alleged scammer over fake business and review scheme - The Verge.Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.Keep Connected - ages 10–14 - Keep Connected.The Metaverse Police: A VR content moderator shares his insights - Mixed News.“Untold: The Girlfriend Who Didn't Exist” - Netflix.Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the a...

There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro.Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express.The US Is Openly Stockpiling Dirt on All Its Citizens - Wired.I don’t care about cookies browser plugin.MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News.BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News.Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch.BBC and British Airways affected by data breach at payroll company Zellis - The Record.BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian.Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant.MOVEit Transfer and MOVEit Cloud Vulnerability - Progress.MOVEit announces second vulnerability; Minnesota schools agency breached with original bug - The Record.An Update on the Steps We are Taking to Protect MOVEit Customers  - Ipswitch.Spider-Man: Across the Spider-Verse - IMDB.Spider-Man: Across the Spider-Verse trailer - YouTube.The Muppets Mayhem - Disney+.The Muppets Mayhem trailer - YouTube.a...

Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Max Power of Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register.“Breaking the code: Cyber Secrets Revealed” - ABC.Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News.Toll-free Hijack Alert (misdial scam) - AT&T.“Connected: the hidden science of everything” - Netflix.“Connections” with James Burke - YouTube.“I wanna marry Harry” reality show    - Wikipedia.“Space cadets” reality show - Wikipedia.Unreal: A Critical History of Reality TV - Apple Podcasts.Famous Studios - Famous Studios website.Unreal: A Critical History of Reality TV - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with David Ahn of Centripetal.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:8 new top-level domains for dads, grads and techies - Google.Tweet by Citizen Lab’s John Scott-Railton - Twitter.File Archiver in the browser - mr.d0x.A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.Two boys killed in Cardiff crash which was followed by riot are named - Sky News.Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.Black Butterflies - Netflix.Black Butterflies trailer - YouTube.“The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.Science Vs - Gimlet Media Podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud...

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Man convicted of blackmail and other offences - SEROCU.EU hits Meta with record €1.2B privacy fine - Politico.Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.Fraudster pleads guilty to £100m iSpoof scam - BBC News.300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security."John Was Trying to Contact Aliens" - Netflix.Sleep mask - Amazon.Blackout blind with suction cups - Amazon.Jewish Matchmaking - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Vote for "Smashing Security" in the European Security Blogger Awards.Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.Fraud Strategy: stopping scams and protecting the public - UK Gov.Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.How Many People Use Social Media in 2023? - Oberlo.Scam social media quizzes dupes people into revealing personal details - ITV News.Where are you most likely to be scammed: phone, text or social media? - This is Money.Major bank calls out Meta for huge rise in scams on its platforms -  This is Money.The Legend of Zelda: Tears of the Kingdom - Nintendo.ScanSnap SV600 - Fujitsu.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 – Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on a...