Smashing Security

Don't minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield.Plus - don't miss our featured interview with Push Security founder and CEO Adam Bateman.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:XtraVue Trailer demo - YouTube.Nvidia sued after video call mistake showed 'stolen' data - BBC News.Valeo v. Nvidia complaint - DocumentCloud.Fake BBC news article using Jane Wakefield’s name - Twitter.Report a fraudulent webpage to Google Safe Browsing - Google.Meta's EU ad-free subscription faces early privacy challenge - Yahoo!Meta to offer ad-free subscription in Europe in bid to keep tracking other users - TechCrunch.Meta’s EU ad-free subscription faces early privacy challenge - TechCrunch.Facebook and Instagram to Offer Subscription for No Ads in Europe - Facebook. noyb files GDPR complaint against Meta over “Pay or Okay”  - NOYB. Big Mac index 2023 - Statista.Euro aea wages 2023 - Take-profit.org.Boat Story review - The Guardian.GlasgowGPT - the world's first Scottish artificial intelligence chatbot.Gergely Orosz uncovers fake female speakers at a tech conference - Twitter. Eliza-May Austin shares her experiences of being invited to speak at tech conferences - LinkedIn. 

Who gets to decide who should be CEO of OpenAI? ChatGPT or the board? Plus a ransomware gang goes a step further than most, reporting one of its own data breaches to the US Securities and Exchange Commission.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims - 404.AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC - DataBreaches.net.SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies - US Securities and Exchange Committee.OpenAI announces leadership transition - OpenAI.The Fear and Tension That Led to Sam Altman’s Ouster at OpenAI - The New York Times.Emergency Pod: Sam Altman is Out at Open AI - The New York Times.What We Know About Sam Altman’s Ouster From OpenAI  - The New York Times.Ousted OpenAI C.E.O. Makes Plans for New Artificial Intelligence Company - The New York Times.Microsoft Hires Sam Altman Hours After OpenAI Rejects His Return - The New York Times.In the battle to bring ousted founder Sam Altman back to OpenAI, Microsoft and Satya Nadella hold the trump cards - Fortune.Rate your resignation letter - Twitter account.Suella Braverman’s resignation letter - Twitter.Analysis of letter by Dame Andrea Jenkyns - Twitter.Thread about letter from Dame Andrea Jenkyns - Twitter.The Future by Naomi Alderman review - The Guardian.The Future by Naomi Alderman - Harper Collins.a...

Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Bored Ape NFT Partygoers Blame UV Lights For Burned Eyes And Skin - Kotaku.Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked - The Register.Raft Suffers $3.3M Exploit That Drove Down Stablecoin 50%, but Hacker Likely Lost Money on Attack - CoinDesk.Leaderboard Comparing LLM Performance at Producing Hallucinations when Summarizing Short Documents - Github.Cut the Bull…. Detecting Hallucinations in Large Language Models - Vectara.Chatbots May ‘Hallucinate’ More Often Than Many Realize - The New York Times.Bing's ChatGPT-Powered Search Has a Misinformation Problem - Vice.ChatGPT gets code questions wrong 52% of the time - The Register.FreeTube.The Wonderful Story of Henry Sugar - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via

A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI - The Register.Zandra Ellis criminal complaint (PDF).Rent-A-Hitman: Your Point & Click Solution! - YouTube.It’s shockingly easy to buy sensitive data about US military personnel - MIT Technology Review.This Guy Trolls His TikTok Haters By Getting Tattoos of Them - Vice.Man Gets Back at Trolls Online With Revenge Tattoos - MSN.The Beatles - “Now and Then” music video - YouTube.“The Last of Us” piano scene, episode 3 - YouTube.Celeritas podcast.Pick of the week archive - Smashing Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via

Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Art Musings - Gratuitous plug for Carole’s new podcast with Sally Anne-Stewart.Smashing Security #344: What’s cooking at Booking.com? And a podcast built by AI - Smashing Security.Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley.Scammers try to trick Graham again via Booking.com - Twitter.'Thieves used fake Booking.com emails to steal £1,000 from me before my wedding' - The Mirror. Includes gratuitous mention of Graham’s hunt for aubergines.Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests - Akamai.Did AI Write Product Reviews? Gannett Says No - The New York Times.Is my co-worker AI? Bizarre product reviews leave Gannett staff wondering - The Verge.How to spot a fake review - Which?Lonely Water - Public information film from 1973.Scarred for Life Volume 1: The 1970s - Lulu.Scarred for Life Volume 2: Television in the 1980s - Lulu.Scarred for Life Twitter account.Say More with Dr? Sheila - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

Ahoy! There's trouble in the South China Seas as Filipino organisations fail to secure their systems, we take a close look at Google IP protection, and we take a look at just how so much genetic profile data leaked out of 23andMe.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Philippines’ cybersecurity failures exposed as hackers leak state secrets, people’s data - South China Morning Post.IT admins are just as culpable for weak password use - Outpost24.Google Chrome wants to hide your IP address - MalwareBytes.The 23andMe data breach reveals the vulnerabilities of our interconnected data - The Conversation.23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews - Wired.Worried about the 23andMe hack? Here's what you can do - Washington Post.Paris Police 1905 - BBC iPlayer.British Hen Welfare Trust.Art Musings - Art Musings podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or a...

How hunting for an aubergine could be all it takes for you to hand your credit card details over to a scammer, and just how good is a podcast entirely built by AI?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Support Alie Hothersall’s fundraising for Mind - JustGiving.Fraudsters target Booking.com customers claiming hotel stay could be cancelled - Graham Cluley.Security.txt - A proposed standard which allows websites to define security policies.Develop AI launches a completely synthetic podcast - Develop AI. Develop AI podcast.Is It Legal To Pay - The err.. https version of a map of which countries allow you to pay ransom demands.Licorice Pizza - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more!Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories"

Dream girlfriends, AI love scams, and an alleged spy who is said to have made a series of blunders.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Former Soldier Indicted for Attempting to Pass National Defense Information to People’s Republic of China - US Department of Justice.‘Dream’ AI Girlfriend Randomly Turns Into Nude Jennifer Lopez, Has Four Legs - 404 Media.LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT - Avast Threat Labs.5 Signs Your Tinder Match Is a Scam Bot - LifeWire.Support Alie Hothersall’s fundraising for Mind - JustGiving.“The Last Action Heroes” by Nick de Semlyen - Pan Macmillan.Life Kit  - NPR.Tom Hanks has made a complaint - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Devo – Register now to join Devo and other cybersecurity industry professionals on October 18 for sessions and panels focused on de-stressing, SOC career development, and more!Moonlock — cybersecurity wing of MacPaw. Developers of the antimalware tech in CleanMyMac X — Moonlock Engine.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or

Is a deepfake Tom Hanks better than the real thing? Who has been attacking the British Royal Family's website, and why? And how can you protect your vehicle from the spate of keyless car thefts?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Plus don't miss our featured interview with Devo CISO Kayla Williams.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The disturbing uncanny valley of Robert Zemeckis film 'Polar Express' - Far Out magazine.Tom Hanks warns of deepfake video promoting dental plan - Instagram.Fuming Tom Hanks says he had nothing to do with that AI dental ad clone of him - The Register.Tom Hanks warns dental plan ad image is AI fake - BBC News.Robin Williams’ Daughter Zelda Criticizes Use of AI to Re-create His Voice: “I Find It Personally Disturbing” - Hollywood Reporter.Bruce Willis denies selling rights to his face - BBC News.Deepfake Bruce Willis in Russian telecoms advert - YouTube.Could you get "carhacked"? The growing risk of keyless vehicle thefts and how to protect yourself - CBS News.Keyless car theft: What is a relay attack, how can you prevent it, and will your car insurance cover it? - Leasing.com.Testing Phone-Sized Faraday Bags - Matt Blaze.Famous DDoS attacks - Cloudflare.The sinister Russian hackers who've claimed responsibility for crashing Buckingham Palace website - Daily Mail.King Charles rebukes Russia's 'horrifying' invasion of Ukraine in unprecedented speech - Express.Visually, how much paper would a GB and a TB of data fill in terms of physical size? - Quora.“The shop around the corner” - Wikipedia.

Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:T-Mobile customer reports privacy breach - Twitter.T-Mobile US exposes some customer data – but don't call it a breach - The Register.T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer.Connectivity Source - Despite appearances, don’t confuse it with T-Mobile.ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes.If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times.They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone.The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media.Egg crack challenge,the last baby is so cute - YouTube.Trailer for “The Deepest Breath” - YouTube.“The Deepest Breath” - Netflix.Naked Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE...

Do you know what data your car is collecting about you? Do you think it's right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Plus don't miss our featured interview with Gigamon's Mark Jow.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Yikes! My sex video has been uploaded to YouPorn, apparently - Graham Cluley.1 million YouPorn users exposed; data breach required no security penetration - Computer World article from 2012.The YouPorn Sextortion Email Spam Campaign Explained - MalwareTips.BMW deems drivers worthy of warmth, ends heated car seat subscription - The Register.Hackers crack Tesla software to get free features - The Independent.It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy  - Mozilla Foundation.Car Companies: Stop Your Huge Data Collection Programs  - Mozilla Foundation.Programming language inventor or serial killer? - Vole.wtf.Rask - AI video localisation.Verbalate - Video translation and lip sync software.The Following Events Are Based on a Pack of Lies review - The Guardian.The Following Events Are Based on a Pack of Lies - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14...

Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865.Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...)All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Tweet by Jameson Lopp.Bitcoin user’s costly error leads to record transaction fee of $510,000 - Cryptoslate.Root Admin User: When Do Common Usernames Pose a Threat? - GovInfoSecurity.Dave’s conversation with Crosstalk’s Chris Sherwood - Hacking Humans podcast.Passkey authentication - Wikipedia.Passkeys: Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins - FIDO Alliance.Test your mental image ability - Aphantasia.How to create your own personal deepfake - Axios.Deepfakes are being used for good – here’s how - Connecting Research - University of Reading.Six things you need to know about deepfakes - BBC Radio 4.Mitigating Aphantasia with Generative Reality - Medium.Ethical Deepfake Maker - Synthesia.HeyGen deepfakes - HeyGen.Deepfakes are being used for good – here's how - The Conversation.Search engines required to stamp out AI-generated images of child abuse under Australia’s new code  - The Guardian.Induction Hob with Rotary Controls - Cookology.Top 10 WTF Mr Blobby Moments - YouTube.a...

AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with Alex Lawrence, principal security architect at Sysdig.Warning: This podcast may contain nuts, adult themes, and rude language. May? Who are we kidding...Episode links:199: A few tech cock-ups, and one cock lock-up - Smashing Security.Smart male chastity lock cock-up - Pen Test Partners.“My sexual urges are so out of control I’m considering buying a chastity cage” - Dear Deidre, The Sun.Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed - TechCrunch.Dispatch pauses AI sports writing program - Axios.Would Your Partner Cheat? These ‘Testers’ Will Give You an Answer - The New York Times.Loyalty Test.Nitpick: Why don’t induction hobs have knobs?Longevity… simplified - book by Dr Howard J Luks.Oxford Art Society Open Exhibition 2023.Carole Theriault art website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or a...

Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich's head, and how Graham is refusing to call Twitter "X".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer - Forbes.Stranger sent dick pics so I convinced him he was dying - YouTube.Creeps Airdropping Dick Pics Is the Latest Air Travel Nightmare - Vice.Airdrop scam tokens - Trezor.Brother of Criminal Bitcoin Mixing CEO Pleads Guilty to Stealing 712 Bitcoins From IRS - CoinDesk.Blue-tick scammers target consumers who complain on X - The Guardian.Infinite Mac.Classic Mac OS - Wikipedia.Perplexity AI - chatbot.CrazyGames.Braingle. 40 Weirdest Things on Amazon That People Actually Love to Buy - Good Housekeeping.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Beyond Identity – Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or

Surely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:One in three young people falling prey to ‘text pests’ as ICO calls for victims to come forward - ICO.My pizza order turned into a terrifying ordeal after creepy delivery driver stole my data & I was sent sinister messages - The Sun.Share your experience of unwanted contact after giving your personal information to a business for a legitimate reason - ICO.IoT, wearables and the new health insurance paradigm - IT-Online.Top 10 Innovative Wearable IoT Devices - IOT Design Pro.Explosive Growth Forecasted: IoT in Healthcare Market Set to Reach US$ 952.3 Billion by 2032 with a Remarkable CAGR of 18.0% - PharmiWeb.Sweat it out: Novel wearable biosensor for monitoring sweat electrolytes for use in healthcare and sports -Science Daily.New Apple Watch X Leaked: MAJOR Redesign & Magnetic Band System! -YouTube.Wearables | Privacy & security guide - Mozilla Foundation.5 trending wearables in 2023 to look out for - Ignitec.Internet of Things Becomes Greater Focus for Pharma -Health Leaders media.Hospitals are selling treasure troves of medical data — what could go wrong? - The Verge.Opt out of sharing your health records - NHS.Legal lullabies - Drift asleep listening to Instagram's terms of service.The Sound: Mystery of Havana Syndrome.Smashing Security merchandise (t-shirts, mugs,...

AI chatbots are under fire in Las Vegas, the secrets of hackers' passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:100,000 Hackers Exposed from Top Cybercrime Forums - Hudson Rock.Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer - Hudson Rock.People coaxed AI into saying 9+10=21 and giving instructions for spying — it shows how these systems are prone to flaws and bias - Business Insider.These Women Tried to Warn Us About AI - Rolling Stone.Chatbots: Why does White House want hackers to trick AI? - BBC News.I, Claudius - BBC iPlayer.Drama Connections: I, Claudius - BBC documentary from 2005, on YouTube.'Painkiller' Review: Netflix Series Fails To Capture Opioid Crisis - Variety.”Painkiller” trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Beyond Identity - Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

Razzlekhan, the self-proclaimed Crocodile of Wall Street, pleads guilty to the biggest crypto laundering scheme in history, and just how safe are you typing while on a Zoom call?Meanwhile, Graham rants about public EV chargers.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:With Nvidia Eye Contact, you’ll never look away from a camera again - Ars Technica.“A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” - Technical paper (PDF).New acoustic attack steals data from keystrokes with 95% accuracy - Bleeping Computer.Bitfinex users to share 36% of bitcoin losses after hack - BBC News.Bitfinex’s Latest News & Updates - BitFinex blog.Heather R. Morgan - Wikipedia.Razzlekhan and husband guilty of $4.5bn Bitcoin launder - BBC News.Record-high seizure of $4bn in stolen Bitcoin - BBC News.‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan - The Guardian.”Versace Bedouin” music video by Razzlekhan - YouTube.“Pho King Badd Bhech” music video by Razzlekhan - YouTube.SWARCO - Nit Pick of the Week.Esim Holafly  - Holafly.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SpyHide couldn’t hide forever - Maia arson crimew.Spyhide stalkerware is spying on tens of thousands of phones - ​TechCrunch.Coalition against Stalkerware.Use Google Play Protect to help keep your apps safe and your data private - Google.Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News.A Complete History of the Barbie Movie - Vanity Fair.20 Things You Probably Didn't Know About Barbie - Readers Digest.Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek.How scammers are using ‘Barbie’ craze to steal personal information - The Hill.‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter.Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee.History vs Hollywood.Weird: The Al Yankovic story - History vs Hollywood.The News Meeting - Tortoise podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Hunters – A SOC platform, built to empower your security team to reduce risk, complexity and costs.a...

Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:90210 plastic surgeon Dr Gary Motykie.Dr Gary Motykie videos - YouTube.More plastic surgery patients have their nude photos and information leaked - DataBreaches.net.Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register.Hundreds of thousands of US military e-mails wind up in Mali - Le Monde.Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times.WormGPT: a generative AI tool to compromise business emails - CSO Online.WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext.“Who shat on the floor at my wedding?”Futurama - Wikipedia.Radiooooo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN - Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie’s “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via a...