Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call.

Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick.

All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.

EPISODE LINKS:

• Major data leak forum dismantled in global action against cybercrime forum - Europol.
• Ericsson blames vendor vishing slip-up for breach exposing thousands of records - The Register.
• How hackers bypassed MFA with a $120 phishing kit – until law enforcement  shut them down - Hot for Security.
• Wikipedia hit by self-propagating JavaScript worm that vandalized pages - Bleeping Computer.
• FBI arrests crypto thief accused of stealing $46 million from seized government wallet - Tom’s Hardware.
• Twitter thread by ZachXBT about John Daghita’s arrest - Twitter.
• Asterix - Wikipedia.
• Robin Hobb.
• The Complete Farseer trilogy - Harper Collins.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

In this episode, we unravel the jaw-dropping tale of a defence contractor caught selling zero-day exploits to a Russia-linked broker.

Plus: are nation states quietly poisoning AI models to bend reality itself? We explore how “foreign information manipulation interference” could target not just social media users, but the large language models we increasingly trust for answers — and what that might mean for truth, trust, and the future of online influence.

All this, and much more, in episode 457 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Carl Miller.

EPISODE LINKS:

• Large-Scale Online Deanonymization with LLMs - Simon Lermen.
• Hacked Prayer App Sends ‘Surrender’ Messages to Iranians Amid Israeli and US Strikes - Wired.
• “Stay safe out there gamers”: Streamers say Amazon just made Wishlists a doxxing risk - Daily Dot.
• Apple alerts exploit developer that his iPhone was targeted with government spyware - TechCrunch.
• Former General Manager for U.S. Defense Contractor Sentenced to 87 Months for Selling Stolen Trade Secrets to Russian Broker - US Department of Justice.
• Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools - US Department of Treasury.
• Inside the story of the US defense contractor who leaked hacking tools to Russia - TechCrunch.
• ​​Hundreds of English-language websites link to pro-Kremlin propaganda - Guardian.
• The Incredible Shrinking Man - Internet Archive.
• “The Immortalists” by Aleks Kortoski - Penguin Books.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

In this episode, we unravel how a website designed to preserve history may have trashed its own credibility - and how Wikipedia responded when trust went out the window.

Plus a ransomware gang shoots itself in the foot with a classic case of buffoonery, accidentally corrupting the very keys victims would need to decrypt their data. When even the criminals can’t unlock your files, what happens next?

All this, a surprisingly zen Pick of the Week, and a gloriously splenetic rant against web forms, on episode 456 of the award-winning "Smashing Security" podcast, with cybersecurity veteran Graham Cluley and special guest Paul Ducklin.

EPISODE LINKS:

• This App Will Detect People Wearing Smart Glasses Near You - Lifehacker.
• Patients listed as dead after major NZ health app MediMap hacked - 1News.
• Why fake AI videos of UK urban decline are taking over social media - BBC News.
• FBI orders domain registrar to reveal who runs mysterious Archive.is site - Ars Technica.
• Archive.today CAPTCHA page executes DDoS; Wikipedia considers banning site - Ars Technica.
• Archive.today is directing a DDOS attack against my blog - Gyrovague.
• Critical buffer overflow bug - in ESXi ransomware - SolCyber.
• Yoga with Adriene - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and critical infrastructure really become geopolitical leverage? And is anyone actually building a Plan B?

Plus we explore if Meta is quietly plotting to turn its smart glasses into face-recognising surveillance specs? With reports of internal memos suggesting they plan to launch controversial features while everyone’s distracted by political chaos, we ask: is this innovation really wanted by the public... or something far creepier?

All of this, and much more, in episode 455 of the award-winning "Smashing Security" podcast with cybersecurity veteran Graham Cluley, joined this week by journalist and author James Ball.

EPISODE LINKS:

• IcedID malware developer fakes his own death to escape the FBI - Risky Business.
• Sex toys maker Tenga says hacker stole customer information - TechCrunch.
• Dutch police arrest man for "hacking" after accidentally sending him confidential files - Hot for Security.
• Meta Plans to Add Facial Recognition Technology to Its Smart Glasses - New York Times.
• Trading Sovereignty for Scale? The Costs of the US - UK Tech Prosperity Deal - Just Security.
• Just Mercy - Wikipedia.
• Just Mercy trailer - YouTube.
• Bryan Stevenson’s TED talk: We need to talk about an injustice - YouTube.
• The Residence - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Passwork - a reliable secrets manager and password management solution.
• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

We dig into Moltbook, the “AI-only” social network that sent Twitter into a meltdown, attracted breathless talk of the singularity, and turned out to be far less Terminator and far more humans role-playing as bots.

Plus we discuss why "vibe coding" your app might be a catastrophically bad idea, when security researchers can easily peek inside rifle through your private messages, API keys, and databases.

Also this week we learn that pro-Russian hackers are circling the Winter Olympics - or is it the Jamaican Bobsleigh team?

All this and more is discussed in episode 454 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Iain Thomson.

EPISODE LINKS:

• AI Agents Created Their Own Religion, Crustafarianism, On An Agent-Only Social Network - Forbes.
• I Infiltrated Moltbook, the AI-Only Social Network Where Humans Aren’t Allowed - Wired.
• 'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says - Reuters.
• Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics - The Record.
• Italy says railways hit by 'serious sabotage' as Winter Olympics begin - BBC News.
• EpsteIN - GitHub.
• Private Eye.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Meter - Network infrastructure for the enterprise. Get a free personalised demo.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Passwork - a reliable secrets manager and password management solution.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Sloppy redaction leads to explosive claims, and difficult reputational consequences for cybersecurity vendors, and we learn how trust - once cracked - can be almost impossible to fully restore.

Elsewhere, the spotlight turns to insider threat in the age of AI, after a senior US cybersecurity official uploads sensitive government material into the public version of ChatGPT. Oops.

All this, and much more, in episode 453 of Smashing Security with cybersecurity veteran Graham Cluley and special guest Tricia Howard.

EPISODE LINKS:

• Notepad++ hijacked to serve malware in targeted attacks - Notepad++.
• Porn-quitting app caught leaking users’ sexual habits - 404 Media.
• MicroWorld Technologies’ eScan anti-virus update turned into a malware delivery system - Morphisec.
• Jmail.World.
• Informant told FBI that Jeffrey Epstein had a ‘personal hacker’ - Techcrunch.
• Confidential informant statement given to FBI - US Department of Justice.
• Post by Graham Cluley - LinkedIn.
• Trump’s acting cyber chief uploaded sensitive files into a public version of ChatGPT - Politico.
• We are Lady Parts - Channel 4.
• We are Lady Parts trailer - YouTube.
• “Bashir with a good beard” by We are Lady Parts - YouTube.
• “Voldermort under my headscarf” by We are Lady Parts - YouTube.
• Doctor Who: The Shakespeare Notebooks - Penguin.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Passwork - a reliable secrets manager and password management solution.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus, we go looking for professional hitmen online - only to uncover uncomfortable questions about why some crimes attract customers but very few complaints.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Joe Tidy.

EPISODE LINKS:

• Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch - The Register.
• Russian state hackers likely behind wiper malware attack on Poland’s power grid - The Record.
• US charges 31 more suspects linked to ATM malware attacks - Bleeping Computer.
• Dark web arrests in Romania linked to portal which offered services including murder - ROCU.
• Romanian scammers ran fake hitman-for-hire site, lured desperate perpetrators as 'incompetent assassins' - Fox News.
• This Fake Hitman Site Is the Most Elaborate, Twisted Dark Web Scam Yet - VICE.
• Unlikely Assassin, The Murder of Amy Allwine - Rooster.
• Saudi dissident awarded $4.1 million by UK court for hacking, assault 'by Saudi Arabia' - Reuters.
• Stalkerware: The software that spies on your partner - BBC News.
• Using 'stalkerware' to spy on a colleague's phone - YouTube.
• “Polite Society” trailer - YouTube.
• Elegoo Saturn 3 3D printer - Elegoo.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Passwork - a reliable secrets manager and password management solution.
• Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus we discuss how researchers uncovered a creepy flaw that lets attackers hijack wireless headphones, listen in on calls, inject audio, and even turn your earbuds into a stalking device - all without you noticing.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Ray [REDACTED]

EPISODE LINKS:

• Tennessee Man Pleads in Hacking U.S. Supreme Court, AmeriCorps, and VA Health System - US Department of Justice.
• Paris Hilton’s hacker sentenced to 57 months in prison - Graham Cluley.
• WhisperPair.
• One Tap To Hijack Them All - A Security Analysis of the Google Fast Pair Protocol - YouTube.
• Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking - Wired.
• Line of Duty - Wikipedia.
• Line of Duty - BBC iPlayer.
• Forgive the haters - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

And we dig into Grok, Elon Musk’s AI chatbot, after it started generating sexualised images of women and children - raising uncomfortable questions about guardrails, accountability, and why playing the censorship card doesn’t make the problem go away.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Monica Verma.

EPISODE LINKS:

• Free Speech Union website down after alleged funders exposed by trans hackers - Pink News.
• Illinois Man Charged in Snapchat Hacking Investigation - US Dept of Justice.
• Hackers get hacked, as BreachForums database is leaked - Hot for Security.
• Post by Malwarebytes - Bluesky.
• Post by Instagram - Twitter.
• Instagram denies breach amid claims of 17 million account data leak - Bleeping Computer.
• Ofcom asks X about reports its Grok AI makes sexualised images of children - BBC News.
• Musk’s Grok blocked by Indonesia, Malaysia over sexualized images in world first - CNN.
• Elon Musk shares AI images of Starmer in bikini in row over grim Grok deepfakes - Mirror.
• Soul Music - BBC Sounds.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto.

Then Lesley "hacks4pancakes" Carhart delivers a reality check on the dire cybersecurity jobs market for juniors: why entry-level roles are evaporating, how automated CV screening is chewing candidates up, and what hopeful newcomers (and weary veterans) can do about it.

Plus, Graham talks to ThreatLocker CEO Danny Jenkins about why misconfigurations are behind an uncomfortable number of breaches, how default-deny security actually works in practice, and why detecting attacks after they’ve started is already too late.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Lesley Carhart.

EPISODE LINKS:

• Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet - Hackread.
• Ilya Lichtenstein, Bitcoin hacker behind massive crypto theft, credits Trump for early prison release - CNBC.
• How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection - Securonix.
• A scammer's guide: How cybercriminals plot to rob a target in a week - Reuters.
• Game of Wool: Britian’s Best Knitter - Channel 4.
• Game of Wool trailer - YouTube.
• Earthrise One: Melbourne's Premier Sci-Fi Escape Room Adventure.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each.

And because it's the last show before the Christmas break, there's also a Pick of the Week that veers from cosy rom-com comfort to pointy-polygon nostalgia. 

All this, and more, in episode 448 of the "Smashing Security" podcast with Graham Cluley, and special guest Danny Palmer.

🎅 🎄 Thanks to everyone for listening to "Smashing Security" during 2025 - we look forward to being back in your ear'oles in early January. Stay safe! 🎅 🎄

EPISODE LINKS:

• Password manager provider fined £1.2m by ICO for data breach affecting up to 1.6 million people in the UK - ICO.
• Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg.
• Russian ban on Roblox gaming platform sparks rare protest - Reuters.
• Once upon an exploit: how fake audiobook led to Kindle takeover - Cybernews.
• Four years later, Irish health service offers €750 to victims of ransomware attack - Bitdefender.
• When Harry Met Sally - Wikipedia.
• When Harry Met Sally trailer - YouTube.
• Tomb Raider 1-3 Remastered review - you were never going to smooth these games out - Eurogamer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the French crown jewels in broad daylight, exploiting our assumptions about what "looks normal" - the same kind of bias we’re now baking into security AIs.

Plus, Graham chats with Rob Edmondson from CoreView about why misconfigurations and over-privileged accounts can make Microsoft 365 dangerously vulnerable.

All this, and more, in episode 447 of the "Smashing Security" podcast with Graham Cluley, and special guest Jenny Radcliffe.

EPISODE LINKS:

• Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware - The Record.
• US Posts $10 Million Bounty for Iranian Hackers - Security Week.
• Infostealer has entered the chat - Kaspersky.
• Dave Portnoy posts a photo of his lawn (including a manatee-shaped mailbox) - Twitter.
• Elon Musk’s Grok AI Is Doxxing Home Addresses of Everyday People - Futurism.
• Elon Musk’s Grok Is Providing Extremely Detailed and Creepy Instructions for Stalking - Futurism.
• How the Louvre thieves exploited human psychology to avoid suspicion – and what it reveals about AI - The Conversation.
• Outrageous (TV series) - Wikipedia.
• Outrageous trailer - YouTube.
• Man charged with theft after allegedly swallowing Fabergé pendant in jewellery store - The Guardian.
• Free Microsoft 365 Tenant Security Scanner - CoreView.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.
• CoreView - Benchmark your Microsoft 365 tenant security against the Center for Internet Security (CIS) controls. 

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Plus, Graham rants about recipe sites that won’t shut up, and there's even more love for Lily Allen's album "West End Girl" album.

All this and more is discussed in episode 446 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Rik Ferguson.

EPISODE LINKS:

• Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin - The Register.
• 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign - Koi.
• Uncovering a Calendly-themed phishing campaign targeting business ad manager accounts - Push Security.
• Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ - Krebs on Security.
• Jonathan Ross email goof highlights Twitter security issue - Graham Cluley.
• VIDEO: Mark Zuckerberg’s password choices are dadada-dumb! - Graham Cluley.
• Password to Louvre’s video surveillance system was 'Louvre', according to employee - ABC News.
• Just the Recipe.
• West End Girl - Wikipedia.
• West End Girl - Spotify.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• 1Password - Take the first step to better security by securing your team’s credentials.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, we look at how a worker at a cybersecurity firm allegedly leaked internal information to a hacking gang - raising big questions about insider threats.

Plus: Frankenstein on Netflix, Vine nostalgia, and why Barney the Dinosaur may be the true criminal mastermind behind it all.

All this and more is discussed in episode 445 of the “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Dan Raywood.

EPISODE LINKS:

• Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix - Acronis.
• Tokyo Court Finds Cloudflare Liable For Manga Piracy in Long-Running Lawsuit - TorrentFreak.
• Former Google chief accused of spying on employees through account ‘backdoor’ - LA Times.
• Bogus zombie apocalypse warnings undermine US emergency alert system - Ars Technica.
• 2013 EAS Zombie Hoax - Emergency Alert System Wiki.
• The 1987 Max Headroom incident - YouTube.
• Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings - Ars Technica.
• ESPN 97.5 Houston Victim Of Barix Hack - Radio Insight.
• ESPN Houston apologises to viewers - Facebook.
• CrowdStrike fires ‘suspicious insider’ who passed information to hackers - TechCrunch.
• Frankenstein official trailer - YouTube.
• Frankenstein - Netflix.
• Vine: Six Seconds that changed the world - Global Player.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

In episode 444 of "Smashing Security" we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning.

And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career.

All this and more is discussed in episode 444 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.

Plus - don't miss our featured interview with Snehal Antani from Horizon3.ai!

EPISODE LINKS:

• A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers - Wired.
• British hacker must repay £4m after hijacking celebrity Twitter accounts - BBC News.
• Cloudflare experiences a massive outage - LifeHacker.
• Protecting our Merchants: Standing up to Extortion - Checkout.
• A miracle: A company says sorry after a cyber attack - and donates the ransom to cybersecurity research - Hot for Security.
• Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware - The Hacker News.
• Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests - Akamai.
• Doctor Who Animation: Daleks' Master Plan - The Nightmare Begins. Part 1 - YouTube.
• Doctor Who Animation: Daleks' Master Plan - The Nightmare Begins. Part 2 - YouTube.
• Being Eddie - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, will agentic AI replace your co-hosts before you can say "EDR for robots"? and why you should still read books.

All this, plus Lily Allen's new album and Claude Code come up for discussion in episode 443 of the "Smashing Security" podcast, with special guest Ron Eddings.

EPISODE LINKS:

• ‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones - TechCrunch.
• Cyber insurers paid out over twice as much for UK ransomware attacks last year - The Register.
• Lost iPhone? Don’t fall for phishing texts saying it was found - Bleeping Computer.
• Tinder to use AI to get to know users, tap into their Camera Roll photos - TechCrunch.
• Facebook’s AI can now suggest edits to the photos still on your phone - TechCrunch.
• Berkshire warns of AI deepfakes impersonating Warren Buffett - Reuters.
• West End Girl - Wikipedia.
• West End Girl - Spotify.
• Claude Code.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Plus when ransomware negotiators turn to the dark side, what could possibly go wrong?

All this and more is discussed in episode 442 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Dave Bittner.

EPISODE LINKS:

• Alleged Meduza Stealer malware admins arrested after hacking Russian org - Bleeping Computer.
• Tap-and-Steal: The Rise of NFC Relay Malware on Mobile Devices - Zimperium.
• Postcode Lottery's lucky dip turns into data slip as players draw each other's info - The Register.
• Chinese Ministry of State Security MSS WeChat post - WeChat.
• China blames US for cyber break-in, claims America is world's biggest bit burglar - The Register.
• Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says - Chicago Sun Times.
• MicroMacro: Crime City.
• Star Wars 3.5 foot animated LED R2-D2 - Home Depot.
• TrackaLacker.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, researchers have found they could poke around an FIA driver portal to pull up the personal details of Formula 1 megastars.

Plus: Graham’s “Pick of the Week” turns CAPTCHA hell into a delightfully deranged browser game that will make you question vegetables, geometry, and your life choices, while Danny takes a trip to ancient Africa...

All this and more is discussed in episode 441 of "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Danny Palmer.

EPISODE LINKS:

• Baohuo, the gray eminence. Android backdoor hijacks Telegram accounts, gaining complete control over them - Dr Web.
• Cyberattack on Russia’s food safety agency reportedly disrupts product shipments - The Record.
• Dissecting YouTube's malware distribution network - Check Point.
• 31 Defendants, Including Members and Associates of Organized Crime Families and National Basketball Association Coach Chauncey Billups, Charged in Schemes to Rig Illegal Poker Games - US Department of Justice.
• How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA - Wired.
• Every Formula 1 driver on the grid just had their passport and license details leaked - but it could have been so much worse - TechRadar.
• I’m not a robot - Neal.fun.
• Can I Beat The CAPTCHA Game? - YouTube.
• An African History of Africa by Zeinab Badawi - Penguin.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.
• SecAlerts - SecAlerts makes your job easier by matching vulnerabilities to your software, using information as soon as it’s released. Use code SMASHING for 50% off a year subscription.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Plus: Graham reveals his new-found superpower with Keyboard Maestro, and Scott describes a slick new way to whip up beautiful how-to videos with Screen Studio.

All this and more is discussed in episode 440 of "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Scott Helme.

EPISODE LINKS:

• What caused the AWS outage - and why did it make the internet fall apart? - BBC News.
• China blames US for cyber break-in, claims America is world's biggest bit burglar - The Register.
• Nintendo allegedly hacked by Crimson Collective hacking group - screenshot shows leaked folders, production assets, developer files, and backups - Tom’s Hardware.
• Romanian inmate hacks into prison IT system, modifies sentences for others - Romania Insider.
• New Version of PCI DSS Designed to Tackle Emerging Payment Threats - Infosecurity Magazine.
• What is Magecart? How this hacker group steals payment card data - CSO.
• Keyboard Maestro.
• Screen Studio.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• ANON - Find, monitor and remove data about yourself online. Manage your digital footprint with ease. Use code SMASHING for a 25% discount.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile we dig into the bit we don't talk about enough: the human cost of defending companies from hackers - stress, burnout, and how better leadership culture can help make security teams safer and saner.

Plus we say a heartfelt "la di dah" to Diane Keaton, and tune in to a freshly re-released slice of pre-Fleetwood Mac history for the music-obsessed amongst us. 

All this and more is discussed in episode 439 of "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and his special guest Annabel Berry.

EPISODE LINKS:

• Cyber-attacks rise by 50% in past year, UK security agency says - The Guardian.
• What does the end of free support for Windows 10 mean for its users? - The Guardian.
• Satellites found exposing unencrypted data, including phone calls and some military comms - TechCrunch.
• Anatomy of a Hacktivist Attack: Russian-Aligned Group Targets OT/ICS - Forescout.
• Caught in the act: Ransomware attack sticks to our AI-created honeypot - Forescout.
• Human Performance in Security Operations: A Survey on Burnout, Wellbeing and Flow State Among Practitioners - NDSS Symposium.
• State of the Security Profession 23/24 - Chartered Institute of Information Security.
• Leading Cyber.
• Mental Health in Cybersecurity Foundation.
• “Play it Again, Sam” - IMDB.
• “Play it Again, Sam” clip - YouTube.
• “Buckingham Nicks” - Spotify.
• Fleetwood Mac - Silver Springs (Live, 1997) - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

If anything we've discussed today has resonated with you, or if you're going through a tough time, please know you are not alone. There is always someone ready to listen, without judgment. Here are a few of the available resources:

• Shout - text 85258 (24x7)
• Samaritans - tel 116123 (24x7)
• Suicide prevention - tel 0800 689 5652 (6pm - 3.30am)
• SANEline - tel 0300 304 7000 (4.30pm - 10.30pm)

SPONSORS:

• SecAlerts - SecAlerts makes your job easier by matching vulnerabilities to your software, using information as soon as it’s released. Use code SMASHING for 50% off a year subscription.
• ANON - Find, monitor and remove data about yourself online. Manage your digital footprint with ease. Use code SMASHING for a 25% discount.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

We talk about how something as ordinary as a web page could turn your mouse into a surprisingly nosey neighbour, and why ransomware gangs need to think carefully about their reputation.

Meanwhile, Graham reveals a baked potato hack that might just change your life, and we take an unexpected detour to South America for a bit of literary adventure involving inflatable pigs.

All this and more is discussed in episode 438 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and his special guest Geoff White.

EPISODE LINKS:

• Discord users' data stolen by hackers in third-party data breach - Bitdefender.
• North Korean hackers increasingly targeting wealthy crypto holders - BBC News.
• Scattered Lapsus$ Hunters offering $10 in Bitcoin to 'endlessly harass' execs - The Register.
• Vacanti mouse - Wikipedia.
• Mic-E-Mouse.
• Invisible Ears at Your Fingertips: Acoustic Eavesdropping via Mouse Sensors - Arvix.
• Mic-E-Mouse Pipeline Demonstration - YouTube.
• Hackers say they have deleted children's pictures and data after nursery attack backlash - BBC News.
• Baked Potato - Wikipedia.
• “At the Tomb of the Inflatable Pig: Travels through Paraguay” - Penguin.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get $1000 off.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

And we discuss why data breach communications still default to "we take security seriously" while quietly implying "assume no breach" - until the inevitable walk-back.

Plus, we take a look at ITV's phone-hacking drama with David Tennant, and take a crack at decoding the history of the Rosetta Stone.

Hear all this and more in episode 437 of the "Smashing Security" podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Paul Ducklin.

EPISODE LINKS:

• Harrods suffers new data breach exposing 430,000 customer records - Bleeping Computer.
• Caméras dissimulées : la CNIL sanctionne la Samaritaine - CNIL.
• ‘Total internet blackout’ in Afghanistan sparks panic after Taliban vowed to stamp out immoral activities - CNN.
• ForcedLeak: AI Agent risks exposed in Salesforce AgentForce - Noma.
• The Hack - itvX.
• The Hack - YouTube.
• The Rosetta Stone: The Story of the Decoding of Hieroglyphics - Amazon.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• SecAlerts - SecAlerts makes your job easier by matching vulnerabilities to your software, using information as soon as it’s released. Use code SMASHING for 50% off a year subscription.
• ANON - Find, monitor and remove data about yourself online. Manage your digital footprint with ease. Use code SMASHING for a 25% discount.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

But it’s not all doom and gloom - unless you count your kitchen appliances turning into ad billboards.

All this and more is discussed in episode 436 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and his special guest Zoë Rose.

EPISODE LINKS:

• EU cyber agency says airport software held to ransom by criminals - BBC News.
• Teenagers charged over cyber attack on TfL costing millions of pounds - Sky News.
• Teen arrested on suspicion of Vegas Strip attack that cost $100M - SF Gate.
• Paris: cyber-attack hits Natural History Museum, cancels exhibition - Sortira Paris.
• Cybersécurité : le Grand Palais et plusieurs musées dont le Louvre victimes d’une attaque par rançongiciel - Le Parisien.
• "Des pièces de collection nationale": le directeur du Muséum d'histoire naturelle de Paris indique que les pépites d'or volées ont "une valeur inestimable" - BFMTV.
• Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit - Security Week.
• Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware - Wiz.
• 180+ NPM Packages Hit in Major Supply Chain Attack - Ox.
• Samsung confirms ads will now be shown on its $1,800+ fridges - UniLad.
• Bosch Cordless Multifunction Tool - Bosch.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORED BY:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive lures can short-circuit scepticism just as effectively as fear.

Plus, the UK's ICO says students are increasingly hacking their own schools.

Meanwhile, Graham heads to 1960s Oxford with Endeavour, while Jenny investigates the Wirral’s mysterious "Catman".

All this, and more, in episode 435 of the "Smashing Security" podcast.

EPISODE LINKS:

• Shai-Hulud Worm Compromises npm Ecosystem in Supply Chain Attack - Unit 42.
• Jaguar Land Rover extends production shutdown after cyber-attack - The Guardian.
• AI-Driven Deepfake Military ID Fraud Campaign by Kimsuky APT - Genians.
• Israel says suspected Iranian hackers targeted actors in phishing attack - Iran International.
• Iranian Educated Manticore Targets Leading Tech Academics - Check Point.
• Children hacking their own schools for 'fun', watchdog warns - BBC News.
• Endeavour - ITVx.
• Crowds armed with torches hunt the “cat man” every night - Liverpool Echo.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get $1000 off!
• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, over in Silicon Valley, one AI wunderkind managed to turn a $7 million payday into a career-ending lawsuit by allegedly walking trade secrets straight out the door as he jumped ship for a rival.

All this and much more is discussed in episode 434 of the award-winning “Smashing Security” podcast with computer security veteran Graham Cluley, joined this week by special guest Lianne Potter. Hear them they chew over catastrophic fast-food security, insider threats with extra fries, and why even the biggest brains in AI can't stop themselves from doing something utterly stupid.

EPISODE LINKS:

• We Hacked Burger King: How Authentication Bypass Led to Drive-Thru Audio Surveillance - Internet archive wayback machine.
• DMCA notice - Bobdahacker.
• xAI sues former engineer, alleging he stole trade secrets after being paid $7M - San Francisco Standard.
• xAI vs Xuechen Li - Court documents.
• Classic Reload.
• Digger - Classic Reload.
• Kingdom of Kroz - Classic Reload.
• The Bad Movie Bible - YouTube.
• Shark Attack 3: Megalodon - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORED BY:

• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.
• Vanta - Expand the scope of your security program with market-leading compliance automation... while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, new research from Anthropic reveals that hackers have already used AI agents to break into networks, steal passwords, sift through stolen data, and even write custom ransom notes. In other words, one hacker with an AI helper can work like an entire team of cybercriminals.

Plus: a joyous geek detour into keyboard history, and the most diabolically annoying, fully functional AI-generated CAPTCHA that you will love to inflict on your friends.

EPISODE LINKS:

• LegalPwn: Abusing Legal Disclaimers to Trigger Prompt Injections - Pangea Labs.
• LegalPwn: Tricking LLMs by burying badness in lawyerly fine print - The Register.
• LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code - HackRead.
• One long sentence is all it takes to make LLMs misbehave - The Register.
• Londoners give up eldest children in public Wi-Fi security horror show - The Guardian.
• Targeted social engineering is en vogue as ransom payment sizes increase - Coveware.
• State of Malware 2025 - ThreatDown.
• Cybercrime in the Age of AI - ThreatDown.
• Threat Intelligence Report: August 2025 - Anthropic.
• The Day Return Became Enter - Marcin Wichary.
• Ethan Mollick’s terrible AI-generated CAPTCHAs - Twitter.
• The very worst AI-generated CAPTCHA? - Claude.ai.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORED BY:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Then we time-hop to the post-quantum scramble: "harvest-now, decrypt later", Microsoft's 2033 quantum-safe pledge, and whether your printer will survive the update apocalypse.

All this, plus a gloriously dodgy URL “shadyfier,” and turning the iconic iMac G4 into a modern media hub.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Thom Langford.

EPISODE LINKS:

• DOM-based Extension Clickjacking: Your Password Manager Data at Risk - Marek Tóth.
• Major password managers can leak logins in clickjacking attacks - Bleeping Computer.
• Microsoft to Make All Products Quantum Safe by 2033 - Infosecurity Magazine.
• Shady URL.
• DockLite G4 - Juicy Crumb.
• I perfected the iMac G4 - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins.

And for something a little different, we peek into the Internet Archive’s dystopian Wayforward Machine and take a detour to Mary Shelley’s resting place in Bournemouth.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Allan "Ransomware Sommelier" Liska.

Episode links:

• Crypto Influencer Sentenced to Prison for Multi-Million Dollar “Cryptojacking” Scheme - US Department of Justice.
• Ransomware crews don't care about your endpoint security – they've already killed it - The Register.
• Way Forward Machine - The Internet Archive.
• Mary Shelley’s grave - Atlas Obscura.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Proton Drive - Protect your files with end-to-end encryption in Switzerland’s secure cloud — only on Proton Drive.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Dave Bittner from The Cyberwire.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Invitation Is All You Need: Invoking Gemini for Workspace Agents with a Simple Google Calendar Invite - SafeBreach.
• Invitation attack curses - YouTube.
• Invitation attack opens shutters - YouTube.
• Guy Gives Himself 19th Century Psychiatric Illness After Consulting With ChatGPT - 404 Media.
• Superman (2025) trailer - YouTube.
• Billy Joel: And so it goes - HBO Max.
• Billy Joel: And so it goes trailer - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Proton - Break free from Gmail. You should be able to choose what happens to your data. With Proton, only you can read your emails.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

There have been some lovely messages of support sent through for Carole, and indeed for me too. Thank you very much to all of you - it's really heart-warming to hear how much the last 428 episodes have meant to you all, and how much you want the show to go on.

And so - as I said last week - it will carry on. Next week there will be a regular edition of "Smashing Security" with a special guest well known to all of you, and I plan to carry on as normal every week with guests after that...

This week though I felt like I needed to catch my breath, and take a break. But I didn't want to leave you without something to listen to...

So, here is a special edition of "Smashing Security" with a couple of clips from recent episodes of its sister show "The AI Fix", which I co-host with Mark Stockley.

If you enjoy "The AI Fix," please do follow it in your favourite podcast apps and tell your friends!

Until next week, cheerio bye bye.

Episode links:

• The AI Fix.
• The AI Fix on Apple Podcasts.
• The AI Fix on Spotify.
• The AI Fix on Pocketcasts.
• The AI Fix on Overcast.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Plus, Carole takes us down memory lane as she hangs up her co-host mic after 428 glorious episodes. Expect tea, tears, and Tom Lehrer.

All this is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Update regarding cybersecurity incident - Tea.
• Hackers steal images from women's dating safety app that vets men - BBC News.
• A Second Tea Breach Reveals Users’ DMs About Abortions and Cheating - 404 Media.
• American musical satirist Tom Lehrer dies at 97 - BBC News.
• Tom Lehrer website.
• Tom Lehrer sings The Elements, live in Copenhagen, 1967 - YouTube.
• Tom Lehrer sings “New Math” (animated) - YouTube.
• Carole’s Substack.
• Libby - Library app.
• Shokz UK.
• Two Birds Yoga - YouTube.
• Thermapen.
• BBC Sounds.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, Carole unpacks a painfully awkward tale of amour fou, as a 76-year-old Belgian man drives 476 miles to meet his dream woman... only to be greeted by her very-much-still-husband at the gate.

Plus: Sky Arts painting competitions get a thumbs up, Mark Zuckerberg never loses at board games, and the scandalous Facebook memoir Meta tried to silence.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Teen arrested for 'smishing scam' using technology never before seen in New Zealand - RNZ.
• Op Orca — smishing scam smashed - New Zealand police.
• SMS blasting incidents are rising - Risky Bulletin.
• Bangkok busts SMS Blaster sending 1 million scam texts from a van - Bleeping Computer.
• Police warn of SMS scams as ‘blaster’ is used to send thousands of texts - The Guardian.
• Reports of SMS Messages Sent by Fake Base Stations - Commsrisk.
• Keeping your Android device safe from text message fraud - Google Security blog.
• What is Paris syndrome? How culture shock can kill a trip - The Independent.
• Belgian man crushed after driving nearly 500 miles to meet French model he believed was his 'future wife' - Fox News. 
• French is the language of love: myth, reality, and romance - ICLS.
• Romance scam victim travels 700km 'to marry French beauty queen' - BBC News.
• Un homme se présente chez moi pour être mon futur mari… - YouTube. 
• Sky Artist of the Year.
• Careless People  - The Guardian Bookshop. 
• Careless People: We read the book that Mark Zuckerberg doesn’t want you to read - Slate. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?

Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Schoolboy hacks into city's tram system - The Telegraph.
• Caboose - Wikipedia.
• Neil Smith discusses his findings - Twitter thread.
• End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
• The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
• Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
• X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post. 
• Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
• Elon Musk Announces Sensuous Grok AI Companion - Mashable.
• Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone. 
• Learn DMARC.
• TASKMASTER SUPERMAX+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers impersonating bail bond agents to fleece desperate families.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Call of Duty: WWII trailer - YouTube.
• Warning: Do NOT Play COD WWII on PC Gamepass - YouTube.
• 2017 Wichita swatting - Wikipedia.
• Call of Duty: WW2 on PC Game Pass yanked offline amid reports security exploits are leaving players with screens full of smut - Eurogamer.
• Common Bail Bond Scams and How to Avoid Them - US Attorneys.
• Can I Check out Another Person's Criminal Record? - Nolo. 
• Belton Bail Bond Testimonials.
• ‘They know everything’: Families of inmates at Sumner County Jail targeted in bail scam - Nashville WKRN.
• Latest scam targets NJ families of those who were recently arrested, demanding bail - New Jersey 1050.
• John & Paul: A Love Story in Songs by Ian Leslie review – let it be the new gold standard in Beatles studies - The Guardian.
• Introducing 'John & Paul: A Love Story In Songs' - Ian Leslie.
• Charles Paris mysteries - BBC Radio 4.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, Carole checks the rear-view mirror on the driverless car industry. Whatever happened to those million Tesla robotaxis Elon Musk promised by 2020? Spoiler: they’re here — sort of — but they sometimes drive into oncoming traffic.

Plus: Leighton House, heatwave survival gadgets, and an unflushable toilet situation (not what you think).

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Mexican drug cartel hacker spied on FBI official’s phone to track and kill informants, report says - TechCrunch.
• Audit of the Federal Bureau of Investigation's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - US Department of Justice Office of the Inspector General.
• Tesla driver tells police he was using 'self-drive' system when his car hit a parked police vehicle - AP News.
• ‘Lidar is lame’: why Elon Musk’s vision for a self-driving Tesla taxi faltered - The Guardian.
• Tesla invited influencers to test its robotaxi. Here's what they had to say - USA Today Europe.
• Elon Musk Hails 'Successful' Tesla Robotaxis Launch in Austin Amid Reported Glitches - eWEEK.
• A Fatal Tesla Crash Shows the Limits of Full Self-Driving - Bloomberg.
• The Arab Hall at Leighton House.
• Spandau Ballet’s “Gold” - shot at Leighton House!
• Shark FlexBreeze Fan With InstaCool Mist Attachment - Shark.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, Carole exposes the AI-generated remote hiring threat. Could your next coworker be a North Korean hacker with a perfect LinkedIn?

And BBC cyber correspondent Joe Tidy joins us to talk about "Ctrl-Alt-Chaos", his new book diving into the murky world of teenage hackers, ransomware gangs, and the strange motivations that lie behind digital mayhem.

Plus: competitive pond husbandry, dead slugs, Hitster the board game, and a shoutout to the AI startup that hijacked Graham's SEO.

All this and more is discussed in episode 423 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault - it's like a cauldron of life... but for cybersecurity.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Operation Endgame.
• Ctrl+Alt+Chaos.
• Lizard Squad Member: Why I Took Down Xbox and PlayStation - YouTube.
• Reckoning With the Rise of Deepfakes - The Regulatory Review.
• Deepfake interviews: Navigating the growing AI threat in recruitment and organizational security - Fast Company. 
• Why Your Hiring Process is Now a Cybersecurity Vulnerability - Pindrop.
• Best Practices for Defeating Deepfake Candidate Fraud - Dice Hiring.
• Phanpy - A minimalistic opinionated Mastodon web client.
• How to make a mini pond - Gardener’s World.
• Hitster board game.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare- Uncover the latest threats across the dark web and Telegram. Start your free trial today.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus: flow states, Bob Mortimer, and the joys of pretending to carry an owl around on a cushion.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Cheltenham Doughnut - Wikipedia.
• Summer placements - GCHQ.
• Spy school dropout: GCHQ intern jailed for swiping classified data - The Register.
• Former GCHQ intern jailed for taking top secret files home - Crown Prosecution Service.
• United States government says it will deport Australian hacker David Kee Crees  - ABC News.
• Australian national known as “DR32” sentenced in U.S. federal court  – DataBreaches.
• ICE takes steps to deport the Australian hacker known as “DR32” – DataBreaches.
• Aussie Travel Cover has hundreds of thousands of records stolen in hacking, policy holders not informed - ABC News.
• Australian cybercriminal to be deported from US - Information Age.
• Government sites hit by Aussie Travel Cover hacker - ZDNET.
• Abdilo, Australia-based computer hacker, live streams attack on US education sites - ABC News.
• Bob Mortimer's Pet Owl - YouTube.
• And Away… by Bob Mortimer - Simon & Schuster.
• Flow by Mihaly Csikszentmihaly -  HarperCollins.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare - Uncover the latest threats across the dark web and Telegram. Start your free trial today.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Graham explains how a Singaporean bug-hunter cracked Google’s defences and could brute-force your full phone number. Meanwhile, Carole dives into a chilling scam where ICE impersonators used fear, spoofed numbers, and... Apple gift cards to extort terrified migrants.

Plus: Nazis, door safety, and the age-old struggle of telling Ralph Fiennes from Liam Neeson.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Bruteforcing the phone number of any Google user - Brutecat.
• Leaking the phone number of any Google user - YouTube.
• Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account - The Hacker News.
• Google fixes flaw that could unmask YouTube users' email addresses - Bleeping Computer.
• ICE Scammers Are On The Rise: What To Do  - Newsweek.
• Student visa holder tricked by fake ICE agent scam, loses thousands  - Newsweek.
• Conspiracy - IMDB.
• Schindler’s List - IMDB.
• Dutch Reach car door opening method - The AA.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare - Uncover the latest threats across the dark web and Telegram. Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Meanwhile, we take a worryingly familiar journey into the mental health crisis in the UK — and how TikTok is stepping in with advice like “eat an orange in the shower” to cure your anxiety. Spoiler: it won’t. But it might make your bathroom smell nice.

Plus: a nostalgic tech support tale involving a CRT monitor, a wooden door, and an unexpected shade of brown.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Federal Authorities Probe Effort to Impersonate White House Chief of Staff - Wall Street Journal.
• FBI probes effort to impersonate White House chief of staff Susie Wiles, sources say - CBS News.
• The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic.
• The Trump campaign is still being hacked - Popular Information.
• The Big Mental Health Report - Mind.
• Mental Health Pressures - British Medical Association. 
• More than half of top 100 mental health TikToks contain misinformation, study finds  - The Guardian.
• ‘They thought they were doing good but it made people worse’: why mental health apps are under scrutiny - The Guardian.
• How to find therapy or counselling - Mind.
• Carole in the shower with an orange? - Twitter.
• Matter - modern read-later app for iPhone, iPad, and web.
• Techie fixed a ‘brown monitor’ by closing a door - The Register.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Harmonic - Let your teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. Harmonic Security gives you full control and stops leaks so your teams can innovate confidently.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Allan Liska.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• How I found a Star Wars website made by the CIA - Ciro Santilli on YouTube.
• How the CIA failed Iranian informants in its secret war with Tehran - Reuters.
• Isis and al-Qaeda sending coded messages through eBay, pornography and Reddit - Independent.
• Games Without Frontiers: Investigating Video Games as a Covert Channel - IEEE.
• General David Petraeus used clever Gmail trick during affair - Network World.
• Cambodia is home to world’s most powerful criminal network: report - SCMP.
• How to protect yourself from suspicious messages and scams- WhatsApp.
• Is WhatsApp Safe? Tips for Staying Secure - WhatsApp.
• Hacked on WhatsApp – how to stay safe when using the messaging app - BBC.
• Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp - The Hacker News.
• Kon-Tiki: The Epic Raft Journey Across the Pacific - YouTube.
• Still Standing with Jonny Harris - CBC.
• Niki de Saint Phalle & Jean Tinguely - Myths & Machines - Hauser & Wirth.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management– Secure every sign-in for every app on every device.
• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Dinah Davis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 418 - I’m a teapot - MDN Web Docs.
• 2025 Iberian Peninsula blackout - Wikipedia.
• What could have caused the major power outage in Spain and Portugal? Experts weigh in - Euro News.
• Spain investigates cyber weaknesses in blackout probe - Financial Times.
• Report on Working Conditions at INCIBE, the company Investigating the blackout - El Cierre Digital.
• My Teen's Instagram Account was Hacked - Dinah Davis.
• We Got Her Account Back, Here’s What the Forensics Revealed - Dinah Davis.
• 'Significant amount' of private data stolen in Legal Aid hack  - BBC News.
• Civil legal aid: millions still without access to justice - The Law Society.
• Civil representation - Legal aid data - GOV.UK.
• Legal aid statistics England and Wales bulletin Oct to Dec 2024  - GOV.UK.
• Funding for justice down 22% since 2010 - Bar Council. 
• The Assembly - ITV.
• The Assembly review – this celebrity interview show is going to be massive - The Guardian.
• The Assembly: Inside the most groundbreaking TV show of the year - The Independent.
• David Tennant gets emotional from neurodivergent musicians - YouTube.
• OceanMan.
• All the Colours of the Dark by Chris Whitaker - Orion Books. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• MetaCompliance - MetaCompliance's Security Awareness Planner is your free 12-month roadmap to reduce risk and build a culture of cyber awareness.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus! Don't miss our featured interview with Drata's Matt Hillary.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Ledger secures Discord after hacker bot tried to steal seed phrases - CoinTelegraph.
• Binance Founder CZ Warns: Ledger Discord Hack Targets Recovery Phrases - CoinPedia.
• Ledger confirms physical scam letters requesting seed phrase in fake security upgrade - The Block.
• Physical addresses of 270K Ledger owners leaked on hacker forum - Bleeping Computer.
• Criminals are mailing altered Ledger devices to steal cryptocurrency - Bleeping Computer.
• New Hello Pervert Email Attack Warning — ‘I Know Where You Live’ - Forbes.
• ‘Hello pervert’: the sextortion scam claiming to have videoed you - The Guardian.
• "Hello Pervert" Email Is A Total Scam - What You Need To Know - Malware Tips.
• Scam email sent from my own email address - Microsoft Community.
• Thunderbolts* review: 'The greatest Marvel offering in years' - BBC.
• Limelight, Exemplar - BBC Radio 4.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan!
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus! Don't miss our featured interview with Jon Cho of Dashlane.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Why is the M&S cyber attack chaos taking so long to resolve? - BBC News.
• M&S 'had no plan' for cyber attacks, insider claims, with 'staff left sleeping in the office amid paranoia and chaos' - Sky News.
• Hackers target the Co-op as police probe M&S cyber attack - BBC News.
• Harrods latest retailer to be hit by cyber attack - BBC News.
• Alleged ‘Scattered Spider’ Member Extradited to US - Krebs on Security.
• British 'ringleader' of hacking group 'behind M&S cyber attack' fled his home after 'masked thugs burst in and threatened him with blowtorches' - Daily Mail.
• Incidents impacting retailers – recommendations - NCSC.
• Ex-Disney employee gets 3 years in the clink for goofy attacks on mousey menus - The Register. 
• United States of America V Michael Sheuer - Plea Agreement - US District Court PDF.
• The Tall Guy - IMDB.
• At 99, David Attenborough shares strongest message for the ocean - Oceanographic magazine.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan!
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus! Move over Nigerian princes — the WASPI scams are here. Fraudsters are now targeting UK women born in the 1950s, exploiting pension injustice for phishing gain.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Cybersecurity Firm CEO Charged with Installing Malware on a Hospital Computer - HIPAA Journal.
• Edmond cybersecurity CEO accused in major hack at hospital - YouTube.
• Jeffrey Bowie’s post on LinkedIn - Wayback Machine.
• Martin Lewis issues scam warning as fraudsters use him to target WASPI women - Metro News.
• ‘Waspi’ women warned over fake compensation websites - The Guardian.
• WASPI campaigners warn of "dangerous" spike in fake compensation scams - Financial Reporter.
• National Trust.
• Wallet Creator - iOS App Store.
• DIY Dubai chocolate: Ravneet Gill’s recipe for crunchy pistachio chocolate - The Guardian.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management – Secure every sign-in for every app on every device.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Elusive Comet advisory - Security Alliance.
• Mitigating Elusive Comet Zoom remote control attacks - Trail of Bits.
• Aureon Capital: The Fake VCs who Almost Hacked Me - David Z Morris.
• Requesting or giving Remote Control - Zoom knowledgebase article.
• Has Bryan Johnson’s anti-aging experiment backfired? Biohacker spending $2 million-a-year admits to a costly misstep - Economic Times.  
• How Blueprint Founder Bryan Johnson Sought Control Via Confidentiality Agreements - The New York Times.
• Anti-aging mogul Bryan Johnson claims NY Times preparing ‘hit piece’ about alleged use of prostitutes, drugs - NY Post.
• KOReader - document reader for E Ink devices.
• Killing Thatcher: The IRA, the Manhunt and the Long War on the Crown - Bookshop.org.
• The Urge - Our history of addiction by Carl Erik Fisher.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management – Secure every sign-in for every app on every device.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Sell your forum accounts - PRODAFT.
• International Scammers Steal Over $1 Trillion in 12 Months in Global State of Scams Report 2024 - Gasa.org.
• Why Nigeria's internet scammers are 'role models' - BBC News.
• 28-year-old fraudster surrenders to EFCC, confesses to romance scams - Punch Newspapers.
• Black Box - BBC iPlayer.
• Black Box trailer - YouTube.
• Katherine Ryan Battleaxe Tour - LW Theatres. 
• Louis Theroux Interviews - Series 1: 5. Katherine Ryan - BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan!
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus! Don't miss our featured interview with Josh Donelson of Material and Tony Albano from Google, about detection and response in today's AI-driven world.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic.
• Here Are the Attack Plans That Trump’s Advisers Shared on Signal - The Atlantic.
• How the Atlantic’s Jeffrey Goldberg got added to the White House Signal group chat - The Guardian.
• From convenience to compromise: The rising threat of quishing scams - Fast Company.
• Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - Hacker News.
• QR Code Statistics 2024: Trends & Use Cases - QR Code.
• Honey Garlic Scallop Kabobs - Heinz.
• With QR Code Redemption Set to Surge to 5.3 Billion in 2025, Cybercriminals will Increase Their Quishing Attacks - Wealth & Finance International.
• Chess Masters: The End Game - BBC iPlayer.
• Cribbage Classic - iOS app store.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• 1Password Extended Access Management – Secure every sign-in for every app on every device.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus! Don't miss our featured interview with Alastair Paterson, CEO and co-founder of Harmonic Security, discussing how companies can adopt Generative AI without putting their sensitive data at risk.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• A Sneaky Phish Just Grabbed my Mailchimp Mailing List - Troy Hunt.
• Thunderbird breach notice.
• Opération Cactus - Le Groupement d’Intérêt Public Action contre la Cybermalveillance.
• Cancer patient lost life savings to whisky barrel scammers - BBC. 
• How to spot an investment scam - Saga Money.
• More than £612 million was lost to investment fraud in the UK last year - City of London Police. 
• Adolescence - Netflix.
• Behind the scenes of Adolescence - YouTube.
• Thames Water: Inside the Crisis - BBC iPlayer.
• Who let the BBC inside Thames Water? - The New Statesman.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Harmonic - Let your teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. Harmonic Security gives you full control and stops leaks so your teams can innovate confidently.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• O2’s AI granny Daisy unveils what she’s learnt from her time on the phone to scammers – and what you can do to ruin their day - O2.
• Lenny - The Telemarketing Troll.
• I Built a Bot Army that Scams Scammers - Kitboga on YouTube.
• Takeaways From Our Money Laundering Investigation - The New York Times.
• Infiltrating scammer networks with the world’s top fraud fighters - YouTube.
• Open Street Map - Open Street Map.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• This is the FBI, open up. China's Volt Typhoon is on your network - The Register.
• Landlord recorded nude videos of woman tenant with cameras hidden in bedroom smoke detectors, lawsuit says - The Independent.
• Landlord arrested after tenant discovers hidden camera in rented room - PBSO.
• Hidden Cameras: What Travelers Need to Know - The New York Times.
• Shakespeare insults t-shirt - Royal Shakespeare Company.
• OAS Exhibitions - Oxford Art  Society.
• Carole’s “Rusty Sage” - Bluesky.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
• Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 'We wanted to help': Students arrested after exposing FreeHour security flaw - Times of Malta.
• Medusa ransomware gang demands $2M from UK private health services provider - DataBreaches.net.
• Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - DataBreaches.net.
• HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply - DataBreaches.net.
• Security firm leaves more than five billion records exposed on unsecured database - Graham Cluley.
• After threatening me with legal action, Keepnet Labs finally issues statement over data breach - Graham Cluley.
• Sophos apologises for going legal on school techies - The Register.
• Mail Scam Targeting Corporate Executives Claims Ties to Ransomware - IC3.
• One of the nastiest ransomware groups around may have a whole new way of doing things - TechRadar.
• Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear - GuidePoint Security.
• Severance - Apple TV+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Palo Alto Networks - Get the 2025 Unit 42 Global Incident Response report to discover emerging threat trends, attacker tactics and expert recommendations to safeguard your business.
• Tripwire Enterprise - Set up a demo of Tripwire Enterprise to see how you can simultaneously harden your systems and automate compliance.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus - don't miss our featured interview with Acronis CISO Gerald Beuchelt!

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• HP deliberately adds 15 minutes waiting time for telephone support calls - The Register.
• HP mandated 15-minute wait time for callers - why that was good news for criminals - Bob Sullivan.
• How vulnerable people are trafficked to fuel a global cyber scam industry - ABC News.
• Hundreds of foreigners freed from Myanmar's scam centres - BBC News.
• 'I need help': Freed from Myanmar's scam centres, thousands are now stranded - BBC News.
• Some foreigners pulled out of Myanmar scam centres face struggle to get home - Yahoo! News.
• 'Pig Butchering' Scam: How China's 'Broken Tooth' stole over $75 bn from global investors using crypto currencies - The Economic Times.
• Scunthorpe problem - Wikipedia.
• Scunthorpe Sans font.
• Sociopath: A Memoir by Patric Gagne - Goodreads.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Acronis - Integrated cybersecurity, data protection and endpoint management built for MSPs.
• Threat Vector - The podcast from Palo Alto Networks that gives you timely analysis of current security trends and challenges.
• Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Incident Update: Unauthorized Activity Involving ETH Cold Wallet - Bybit.
• Bybit Launches Recovery Bounty Program with Rewards up to 10% of Stolen Funds - Bybit.
• ZachXBT links Bybit hack to Lazarus Group - Twitter.
• Online Safety Act: explainer - GOV.UK
• These Are The 10 Most Complained-About TV Moments In Ofcom's History - Ofcom. 
• Ofcom to push for better age verification, filters and 40 other checks in new online child safety code - TechCrunch.
• UK’s internet watchdog toughens approach to deepfake porn - TechCrunch.
• Girlguiding research exposes alarming online harms facing girls - Charity Today News.
• Ofcom's approach to implementing the Online Safety Act - Ofcom. 
• Women's abuse online: 'I get trolled every second, every day' - BBC. 
• Amanda’s funniest moments in Motherland - YouTube.
• Amandaland - BBC iPlayer.
• Cassandra Sci-Fi Thriller limited series - Netflix. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
• Scanner.dev provides a new technology offering fast search and threat detections for security data in S3 helping teams reduce the total cost of ownership of their SIEM by up to 90%. Try the interactive playground at scanner.dev/demo

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

PLUS! Don't miss our featured interview with Cliff Crosland of Scanner.dev

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Russian National And Bitcoin Exchange Charged In 21-Count Indictment For Operating Alleged International Money Laundering Scheme And Allegedly Laundering Funds From Hack Of Mt. Gox - US Dept of Justice.
• BTC-e Operator Pleads Guilty to Money Laundering Conspiracy - US Dept of Justice.
• US releases Russian cybercriminal as part of exchange for teacher Marc Fogel - The Guardian.
• Lloyds Bank issues urgent warning over Taylor Swift ticket scams - Lloyds.
• Warning after more than 120k people queue for Black Sabbath Villa Park tickets as fans say 'scam' - Birmingham Live.
• ‘Don’t buy tickets for Beyoncé’ - Minister Gayton McKenzie warns South Africans of concert scam - Independent Online.
• Beyonce Cowboy Carter tour fake tickets scam: Ticketmaster warns fans - USA Today.
• Singapore ticket scam queen jailed for three years after conning 76 Taylor Swift fans of S$110,000 - Malaysia News. 
• Did Ozzy Osbourne really eat a bat? - Rock and Roll Garage.
• How to stop hiccups - Graham Cluley.
• The Telepathy Tapes podcast.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
• Scanner.dev provides a new technology offering fast search and threat detections for security data in S3 helping teams reduce the total cost of ownership of their SIEM by up to 90%. Try the interactive playground at scanner.dev/demo
• Harmonic - Stop data leaks, not innovation. Zero-touch data protection for the GenAI era.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in episode 404 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Jane Wakefield.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• SEC's Twitter account hacked to say Bitcoin ETFs approved - Hot for Security.
• Twitter says it’s not its fault the SEC’s account got hacked - Graham Cluley.
• SEC Twitter hack blamed on SIM swap attack - Hot for Security.
• The SEC’s X account got hacked by a 25-year-old who went by ‘AGiantSchnauzer’ and got paid in Bitcoin, feds say - Fortune.
• Pupils share conspiracy theories for fun, with girls ‘more susceptible’ - The Times.
• AI chatbots unable to accurately summarise news, BBC finds - BBC News.
• US-led cybersecurity coalition vows to not pay hackers' ransom demands - TechCrunch.
• 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments - Chain Analysis.
• Ransomware: proposals to increase incident reporting and reduce payments to criminals - GOV.UK.
• The 2024 Ransomware Landscape: ‘Looking back on another painful year’ - IT Wire.
• The Space Doctor’s Big Idea by Randall Munroe - The New Yorker.
• Reading guide: Creation Lake by Rachel Kushner - Booker Prizes.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
• Tripwire Enterprise - Set up a demo of Tripwire Enterprise to see how you can simultaneously harden your systems and automate compliance.
• Scanner.dev provides a new technology offering fast search and threat detections for security data in S3 helping teams reduce the total cost of ownership of their SIEM by up to 90%. Try the interactive playground at scanner.dev/demo

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ZachXBT’s thread - Twitter.
• Coinbase employee tells users not to use a VPN or ad blocker - Twitter.
• What PowerSchool won’t say about its data breach affecting millions of students - TechCrunch.
• QR code - Wikipedia.
• Reed–Solomon error correction - Wikipedia.
• Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express.
• Scam alert: QR code on an unexpected package - Consumer Advice
• New Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog.
• What You Must Know Before Scanning a QR Code - AARP.
• “More” - Niall Conlon.
• “Money Men” by Dan McCrum - Penguin Books.
• Bitter Orange Marmalade Recipe - Ballymaloe Cooking School.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!
• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
• Cortex Symphony 2025 - Ready to transform your cybersecurity? Register now to see the future of security innovation with exclusive insights, demos, and stories from pros.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations - CloudSEK.
• British Museum forced to partly close after alleged IT attack by former employee - The Guardian.
• Chart: What Do You Want to be When You Grow Up?- Statista.
• Tikked off: What happens when TikTok fame fades - Vox.
• Influencer burnout is real - Vox.
• Influencer slammed for staging fake kidnapping plot because she was ‘bored’ - Mirror Online.
• "Mom influencer" Katie Sorensen sentenced to jail for falsely claiming couple tried to kidnap her kids at a crafts store - CBS News.
• Stock market influencer on the way to Coldplay concert kidnapped by data theft gang - The New Indian Express.
• Raycast.
• “Thank Goodness You’re Here” video game.
• The We Society Podcast - Academy of Social Sciences. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!
• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Plus - don't miss our featured interview with Avery Pennarun of Tailscale.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Report from Corriere Di Bologna newspaper.
• Caro Musk, assumi subito l’hacker quindicenne di Cesena – Il Foglio.
• 15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun – Hot for Security.
• 90-year-old immigrant could lose Brooklyn home after deed theft scam, family says – CBS News.
• Protect your home. Spot the signs of deed theft – Better Business Bureau.
• Woman Charged for Scheme to Defraud Elvis Presley’s Family – DOJ.
• Home Title Theft: How To Protect Yourself – Forbes Advisor.
• Here’s How Scammers in America Can Take the Title to Your Home Without You Knowing It – Moneywise.
• Could a Criminal Use Deed Fraud to Steal Your Entire Home? – AARP.
• Could Fraudsters Steal Your Home From Under Your Nose? – HomeOwners Alliance.
• Wizard Zines.
• Listen for the Lie – Amazon.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!
• 1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Player of Games - Grimes.
• ‘Path of Exile 2’ Players Call Bulls**t on Elon Musk’s Video Game Stream - Gizmodo.
• Elon Musk "Playing" Path of Exile 2 - YouTube.
• Elon Musk is Lying About Being Good at Video Games - YouTube.
• Elon Musk Streams His ”Totally Not Boosted” ‘Path of Exile 2’ Character, Proves He Has No Idea What He’s Doing - Vice.
• Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters - 404 Media.
• Inside the Black Box of Predictive Travel Surveillance - WIRED.
• Average Number of Smart Devices in a Home 2025 - Consumer Affairs.
• Global IoT and non-IoT connections 2010-2025 - Statista.
• U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review. 
• How the Internet of Things will be good for the planet - Thales Group.
• The ‘Worst in Show’ CES products put your data at risk and cause waste, privacy advocates say - AP News.
• The CES worst in show awards lampoon AI everthing - The Register.
• The Worst Devices of CES 2025!! - YouTube. 
• This Could Be Your AI Robot Girlfriend - For $175,000 - Forbes.
• Pick of the week! archive - Smashing Security.
• Elton John: Never too late - Disney Plus.
• Apple News.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Tripwire Enterprise - Set up a demo of Tripwire Enterprise to see how you can simultaneously harden your systems and automate compliance.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss what you should do with your old, no-longer-wanted technology.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Exposing the Honey Influencer Scam - MegaLag on YouTube.
• The Honey Scam: Explained - Marques Brownlee on YouTube.
• 14 million people don’t know how to erase their data from an old device - ICO. 
• Electronics hoarding habit among Brits and Americans - SellCell.
• Practical advice for online and electronic devices - ICO. 
• How to factory reset your Google Pixel phone - Google. 
• How to factory reset your iPhone, iPad, or iPod touch - Apple. 
• Reset your Android device to factory settings - Google. 
• Erase your Mac and reset it to factory settings  - Apple.
• Reset your PC - Microsoft.
• How do I perform a factory reset on my Samsung mobile device? -  Samsung.
• Kagi search engine.
• Battery Heated Clothing - Fieldsheer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest jam-packed edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of "The AI Fix" podcast.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• CAPTCHAs from hell - Reddit.
• “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising - Guardio.
• AI Safety Clock Ticks Closer To ‘Midnight,’ Signifying Rising Risk - Forbes.
• Krispy Kreme admits there's a hole in its security - The Register. 
• Nutritional and Allergen Information - Krispy Kreme. 
• &UDM=14.
• Does one line fix Google? - Tedium.
• ElevenLabs.
• The GCHQ Christmas Challenge 2024 - GCHQ.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.
• ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Accused Kitchener hacker unmasked after threatening woman online - The Waterloo Region Record.
• Canadian Man Arrested in Snowflake Data Extortions - Krebs on Security.
• Who wants to be next? - Bluesky post by Allison Nixon.
• Crypto Trader Kills His Mum For £500k After Going Into Debt To Maintain 'Perfect Lifestyle' - IB Times. 
• Autopsy reveals injuries on body of Colleen Rebelo’s body after alleged murder - Australia News.
• Influencer Marketing Statistics 2024 - Artios.
• BLACKkKLANSMAN trailer - YouTube.
• A Soft Murmur.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.
• ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Korea arrests CEO for adding DDoS feature to satellite receivers - Bleeping Computer.
• Data on our minds: affective computing at work - IFOW. 
• How Much Does 'Bossware' Really Curb Remote Work Slacking? - Inc. 
• MN8 – 2 Channel EEG Headphones - Emotiv.
• Commercial EEG Headsets for Enterprises - Emotiv.
• ‘Bossware’ computer tracking devices harm workers’ wellbeing, says report - The Times.
• Your Company’s Bossware Could Get You in Legal Trouble - 1Password.
• The Abandoned, Apocalyptic Architecture of One Bold 1970s Retail Chain - Atlas Obscura.
• Bankrupt - BEST Products Co. - YouTube.
• Defunct BEST Products Store Architecture Documentary - YouTube.
• Play Winning Cribbage - Amazon.
• Cribbage Classic - iOS App Store.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.
• ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• KC Man Indicted for Computer Hacking - Department of Justice.
• DNA testing company vanishes along with its customers’ genetic data - Malwarebytes.
• DNA firm holding highly sensitive data 'vanishes' without warning - BBC News.
• Australia proposes 'world-leading' ban on social media for children under 16 - Reuters.
• The government has introduced laws for its social media ban. But key details are still missing - The Conversation.
• Australia's under-16 social media age ban legislation excludes messaging apps - YouTube.
• Australia’s plan to ban children from social media popular but problematic - PBS News.
• Which Countries Are Considering Social Media Bans For Teens? - Newsweek.
• Graham’s previous encounter with hobs with knobs - Smashing Security.
• “The Day of the Jackal” trailer - YouTube.
• "Anora” trailer  - YouTube. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• 'You are under digital arrest': Inside a scam looting millions from Indians - BBC News.
• Digital Arrest Scam: How You Can Stay Safe - YouTube.
• Tamil Nadu Professor Placed Under Digital Arrest, Duped of Rs 10 Lakh - YouTube.
• 'Mann Ki Baat' episode 115 - India Prime Minister Narendra Modi.
• “My YouTube Channel Got Deleted Last Night..” - Bitz on YouTube.
• NCA shuts down major fraud platform responsible for 1.8 million scam calls - National Crime Agency.
• O2 launches free anti-scam caller identification for millions of customers - O2. 
• AI Scambaiters: O2 creates AI Granny to waste scammers’ time - YouTube.
• “StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams - Guardio.
• Graham Cluley on Bluesky.
• Maria Varmazis on Bluesky.
• Dan Da Dan - Netflix.
• Butter by Asako Yuzuki - Harper Collins.
• 'Butter' book review: Meditations on murders - The Guardian.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Bluesky, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus Bengal cat lovers in Australia should be on their guard, as your furry feline friends might be leading you into a dangerous trap., and there's yet more headaches for troubled 23andMe.

All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.

Plus don't miss our featured interview with Paul Fryer from BlackBerry.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• FBI issues warning as crooks ramp up emergency data request scams - The Register.
• Optimistic father of LAPSUS$ hacking suspect says he’s going to try to stop him using computers - Graham Cluley.
• LAPSUS$: GTA 6 hacker handed indefinite hospital order - BBC News.
• This Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him - Wall Street Journal.
• Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign - Sophos.
• Struggling DNA-testing site 23andMe to lay off 40% of its workers - BBC News.
• Remember That DNA You Gave 23andMe? - The Atlantic.
• Big Pharma Would Like Your DNA - The Atlantic.
• Addressing Data Security Concerns - Action Plan - 23andMe Blog.
• YTCH - YouTube-like cable TV.
• Space: 1999 opening titles - YouTube.
• Space: 1999 - Wikipedia.
• Wicked movie: Mattel 'deeply regrets' porn site misprint on dolls - BBC News.
• The Wicked Movie - Official Wicked Movie site.
• Mattel's 'Wicked' Movie Dolls Mistakenly List Porn Site on Packaging - Variety.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, Bluesky, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Massive hack-for-hire scandal rocks Italian political elites - Politico.
• Dossieraggi, i contatti con il Mossad e i dati passati al Vaticano. “Aiutiamo la Chiesa contro la Russia o no?” - La Repubblica.
• That position you just applied for might be a 'ghost job' that'll never be filled - The Register.
• Ghost jobs: why do 40% of companies advertise positions that don’t exist? - The Guardian.
• Job boards are still rife with 'ghost jobs'. What's the point? - BBC.
• How To Spot Ghost Jobs And Make Your Job Search More Efficient - Forbes.
• What Are Ghost Jobs and How Can You Avoid Them? - Tech.co
• That job you applied for might not exist. Here's what's behind a boom in "ghost jobs." - CBS News.
• The Coming Storm - BBC Radio 4.
• Things fell apart - BBC Sounds.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flashpoint - Access the industry’s best threat data and intelligence.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Smashing Security #063: Carole’s back.
• Privacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared online - We Live Security.
• Smashing Security #330: Deepfake Martin Lewis, and a deadly jog in the park.
• How Emmanuel Macron can be tracked - Le Monde.
• How Emmanuel Macron can be tracked - YouTube.
• The Pentagon Wants to Use AI to Create Deepfake Internet Users - Intercept.
• Is AI eroding democracy ahead of the US election? - BBC News.
• Fooled twice: People cannot detect deepfakes but think they can - PMC.
• Detect Fakes - Kellogg Northwestern.
• DON'T LET AI STEAL YOUR VOTE! - YouTube.
• Deepfakes fool more than half of Americans, UVU study shows - KLS News radio.
• Crocodiles Of The World.
• Here's How Long You Should Be Able To Stand On 1 Leg By Age - Huffington Post.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• SolarWinds Sunburst supply chain attack - Wikipedia.
• Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.
• SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.
• Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.
• Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.
• 67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.
• A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.
• US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.
• Watch “Undercover: Exposing the Far Right” - Channel 4.
• Undercover film exposing UK far-right activists pulled from London festival - The Guardian.
• Kermode and Mayo’s Take - YouTube.
• The Fear of God: 25 Years of the Exorcist – BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• WP Engine is not WordPress - WordPress.
• Secure Custom Fields - ​​WordPress.
• Tweet from Advanced Custom Fields.
• Advisory: Advanced Custom Fields changes - Tim Nash.
• WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly - The Register.
• Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer.
• The Internet Archive is still down but will return in ‘days, not weeks’ - The Verge.
• Dimsdale podcasts - OTR radio drama comedy and more.
• Jeff Goldblum’s furiously fun Greek gods drama is a masterpiece - The Guardian.
• KAOS - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flashpoint - Access the industry’s best threat data and intelligence.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• We hacked a robot vacuum — and could watch live through its camera - ABC News.
• Their Uber Driver Crashed. A Pizza Order Unraveled Their Injury Lawsuit - NY Times.
• A court blocks a couple from suing Uber over a crash, citing terms and conditions - NPR.
• Taken for a Ride: Parents Can't Sue Uber Over Crash After Daughter's Uber Eats Order - Law.inc
• New Jersey Court Bars Uber Crash Victims from Lawsuit, Citing App Agreement - The Legal Journal.
• Couple Seriously Injured in Uber Crash Blocked From Court by Uber Eats Terms - The Insurance Journal.
• Disney axes bid to stop wrongful death lawsuit over Disney+ terms - BBC.
• Sherwood - BBC iPlayer.
• Chocolate Guinness Cake - Nigella.
• The Best Banana Cake I've Ever Had - Sally's Baking Addiction.
• My Favorite Carrot Cake Recipe - Sally's Baking Addiction.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• SentinelOne - secure and protect every aspect of your cloud in real-time.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice.
• Sophos punts anti-virus for Klingons - The Register.
• Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury.
• Kaspersky says Uncle Sam snubbed its verification proposal - The Register.
• Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV  - PC Mag. 
• Kaspersky software replaced by 'UltraAV' on some US PCs -   The Register.
• Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky.
• US bans Kaspersky antivirus software for alleged Russian links - BBC News.
• Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security.
• MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database.
• 100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• SentinelOne - secure and protect every aspect of your cloud in real-time.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ZachXBT’s thread on Twitter.
• Indictment Charges Two in $230 Million Cryptocurrency Scam - Department of Justice.
• Two men arrested one month after $230 million of cryptocurrency stolen from a single victim - Bitdefender.
• Skylar Harrison tells her handbag story - TikTok.
• Social media’s role in fueling extremism and misinformation in a divided political climate - PBS News.
• Misinformation on social media - statistics & facts - Pew Research.
• Social Media and News Fact Sheet, 2024  - Pew Research Center.
• "Hyperactive" by Lasse Gjertsen - YouTube.
• Cribbage JD - Play Online - Cardsjd.
• Paddlers Cribbage - L.L. Bean.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• SentinelOne - secure and protect every aspect of your cloud in real-time.
• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and Demi Moore is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

(This episode was recorded before the former US President survived a second assassination attempt)

Episode links:

• TFL cybersecurity incident announcement.
• TFL Employee Hub.
• DICK'S shuts down email, locks employee accounts after cyberattack - Bleeping Computer.
• MGM Resorts shuts down IT systems and slot machines go quiet following "cybersecurity incident" - Hot for Security.
• Teenage suspect in MGM Resorts hack arrested in Britain - The Record.
• Arrest made in NCA investigation into Transport for London cyber attack - NCA.
• Donald Trump Prepares to Unveil World Liberty Financial, a Cryptocurrency Business  - The New York Times.
• Behind the Trump Crypto Project Is a Self-Described ‘Dirtbag of the Internet’ - Bloomberg. 
• Cryptocurrency price on July 22: Bitcoin hits $68,000 level, Dogecoin, Avalanche surge up to 11% - The Economic Times.
• Trump vows to make US ‘world capital of crypto,’ taps Musk for new task force - CoinTelegraph.
• What bankers need to know about Trump's World Liberty Financial - Yahoo! Finance. 
• Bitcoin soars to two-week high after Trump attack - Reuters.
• Trump pitches himself as 'crypto president' at San Francisco tech fundraiser -  Reuters.
• Aave fork on Blast mistakenly liquidated $26m - Crypto news. 
• Crypto Talk With Chase Hero - Ep.7 (The Watchers) - YouTube. 
• Tamdrum.
• ”Inside Out” by Demi Moore - HarperCollins. 
• THE SUBSTANCE trailer - YouTube. 
• Demi's Big Moment - Vanity Fair. 
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Flashpoint - Access the industry’s best threat data and intelligence.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Ukrainian detained for allegedly installing CCTV cameras to aid Russian attacks - The Record.
• Russia calls for restrictions on surveillance cameras, dating apps in cities under attack from Ukraine - The Record.
• Christo and Jeanne-Claude art projects.
• North Carolina Musician Charged With Music Streaming Fraud Aided By Artificial Intelligence - United States Department of Justice.
• Man Arrested for Creating Fake Bands With AI, Then Making $10 Million by Listening to Their Songs With Bots - The Futurist.
• Kobo Clara BW ereader - Kobo.
• Cocaine Bear: Why? - The Atlantic.
• Cocaine Bear Official trailer - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Plus - don't miss our featured interview with Maya Levine of Sysdig.

All this, and a very bad Cockney accent, in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Mail Theft Suspect Apprehended Using AirTag - Santa Barbara County Sheriff’s Office.
• Google and Apple deliver support for unwanted tracking alerts in Android and iOS - Google Security blog.
• Apple and Google deliver support for unwanted tracking alerts in iOS and Android - Apple.
• Barclays Scams Bulletin: Men more likely to fall victim to romance scams, while women lose more money - Barclays.
• 3 men trapped by same woman: Journalist on modus operandi of dating app scams -  India Today. 
• Mumbai club under fire for 'dating scam' after man gets Rs 61,000 bill - India News.
• Romance scams in 2024 + online dating statistics - Norton.
• Tips for romance scams - Better Business Bureau.
• What to know about romance scams - Consumer Advice.
• The Godfather club dating app scam in Mumbai - YouTube.
• What accent does Butcher have in ‘The Boys’? - NME.
• Shokz bone conduction headphones - Shokz.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management - Secure every sign-in for every app on every device.
• Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.
• Material Security – email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

In episode ten of The AI Fix, Graham attempts to say "quinoa", Mark draws a line in the amper-sand, ChatGPT becomes an expert in solar panels and bomb disposal, and our hosts watch a terrifying trailer for a creepy new AI friend.

Graham discovers that the world of AI cookery is a soggy, limey mess, and learns an unusual trick for making a great mojito, while Mark pits his co-host against the cleverest AI brains in the world.

Episode links:

• OpenAI starts rollout of Advanced Voice Mode.
• UK Government shelves £1.3bn UK tech and AI plans.
• Friend trailer.
• Artificial intelligence has hard time with accents.
• Netherlands court uses ChatGPT to decide things.
• Argentina will use AI to ‘predict future crimes’ but experts worry for citizens’ rights.
• Twitter thread on crockpot cookbook.
• Get ready for AI to rip off your favorite cookbooks.
• ‘One of the most disgusting meals I’ve ever eaten’: AI recipes tested.
• This cookbook author was a best-seller on Amazon — but she may not even be human.
• ARC Prize.
• ARC Prize leaderboard.
• On the Measure of Intelligence research paper by François Chollet.

The AI Fix

The AI Fix podcast is presented by Graham Cluley and Mark Stockley.

Learn more about the podcast at theaifix.show, and follow us on Twitter at @TheAIFix.

Never miss another episode by following us in your favourite podcast app. It's free!

Like to give us some feedback or sponsor the podcast? Get in touch.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity journalist and the author of “Dark Wire”, Joseph Cox.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• How a single IT update caused global havoc - BBC News.
• Anti-Virus Software Sees Self as Malware, Deletes Itself - NBC News report about Sophos snafu in 2012.
• Tweet about CrowdStrike outage by Kaspersky - Twitter.
• “Dark Wire” by Joseph Cox.
• Inside the Biggest FBI Sting Operation in History - WIRED.
• Trump shooter's online activity shows searches of rally site, use of encrypted platforms, officials say - CBS News.
• Mass Surveillance - Privacy International.
• 338 sites internet frauduleux de revente de billets recensés à quelques semaines du début de la compétition - France Info.
• From wiretapping to geolocation data collection: AI mass surveillance for the Paris Olympics draws privacy concerns - Fast Company.
• Heading to the Paris Olympics? Don't Fall for These Scams - PC Mag.
• AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - Scientific American.
• AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - The Conversation.
• Paris 2024: Medal table predictions, facts, opening day schedule and records that could be broken - Euronews.
• Paris Olympics 2024: Your ultimate guide - The Telegraph.
• Breaking at the Olympic Qualifier Series - Official Olympics website.
• White Rabbit museum, Barcelona.
• White Rabbit - YouTube.
• Microsoft Flight Simulator - XBOX.
• Niceaunties.
• Auntlantis by Niceaunties - YouTube. 
• The Weird and Wonderful Art of Niceaunties - TED.
• "The AI Fix" - podcast with Graham Cluley and Mark Stockley.
• "Sticky Pickles" - podcast with Carole Theriault and Maria Varmazis.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• mWISE – Don’t miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver.
• Sysdig - Secure your cloud in real time. Detect, investigate, and respond to threats at cloud speed.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Killed by Google.
• Squarespace Enters Definitive Agreement to Acquire Google Domains Assets - Squarespace.
• A Squarespace Retrospective, or How to Coordinate an Industry-Wide Incident Response - Security Alliance.
• Trump shooting: all seven conspiracy theories examined - The Telegraph.
• Fact-checking the wild conspiracy theories related to the attempted Trump assassination - PBS News.
• We fact-checked some of the rumors spreading online about the Trump assassination attempt - Reuters.
• Minutes after Trump shooting, misinformation started flying. Here are the facts - AP News.
• Joy Reid suggests Trump couldn't 'avoid the consequences' of his own rhetoric after assassination attempt - Fox News.
• The Gunshots Rang Out. Then the Conspiracy Theories Erupted Online - New York Times.
• Trump assassination attempt – News, Research and Analysis - The Conversation.
• Douglas is Cancelled - ITV.
• Douglas Is Cancelled review – you might hate this show for daring to exist - The Guardian.
• Klappbollerwagen 'Cruiser' - PinoLino.
• Videos for Cats to Watch -  YouTube.
• Cat TV for Cats to Watch -  YouTube.
• Entertainment for Cats - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• mWISE – Don’t miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Plus don't miss our featured interview with Jason Meller of 1Password.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Outcome, a hot tech startup, misled advertisers with manipulated information, sources say - Wall Street Journal.
• Three Former Executives Sentenced for $1B Corporate Fraud Scheme - US Department of Justice.
• Graham dancing - TikTok.
• Students Target Teachers in Group TikTok Attack, Shaking Their School - The New York Times.
• “Thank you very much indeed”
• Presumed Innocent — Official Trailer - Youtube.
• Presumed Innocent - Apple TV+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• mWISE - Don't miss the cybersecurity conference built by practitioners, for practitioners. mWISE runs September 18 – 19 2024 in Denver.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast (co-hosted with Graham!).

Talk about nepotism.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Hoos Out Tonight? Dundee medical student launches new app which reveals ‘hot’ pubs - The Courier.
• ‘It’s completely invasive’: New app lets you spy on SF bars to see if they’re poppin’ - San Francisco Standard.
• Florida Man Convicted in Violent Crypto Theft Spree - Crypto Daily.
• Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree - Wired.
• Man charged over creation of ‘evil twin’ free WiFi networks to access personal data  - Australian Federal Police.
• Police allege 'evil twin' in-flight Wi-Fi used to steal info - The Register.
• Australian charged for ‘Evil Twin’ WiFi attack on plane - Bleeping Computer.
• Suno - make a song about anything.
• The AI Fix podcast - hosted by Graham Cluley and Mark Stockley.
• Putty Pals - Nintendo Switch.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Eleanor Dallaway.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Julian Assange lands in Australia a free man - BBC News.
• Smashing Security episode 245: The Julian Assange assassination plot, and IoT toilets.
• Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks - Yahoo News.
• Surprise! WikiLeaks won’t just hand over details of zero-day vulnerabilities to tech firms - Graham Cluley.
• Tubthumping (Q3 2021 Issue) - Infosecurity Magazine.
• Infosecurity Magazine suffering ‘significant’ DDoS attack - Cybernews.
• Infosecurity Magazine is Back Online! - Infosecurity Magazine.
• YouTube now lets you report AI deepfakes of yourself - MSN.
• Two private schools face police probe over claims pupils used AI to 'create deepfake porn images of up to a dozen girls' - Daily Mail. 
• We're calling on the next government to protect women and girls from 
• image-based abuse - Glamour Magazine. 
• Deepfakes as a Security Issue: Why Gender Matters - WiisGlobal.
• AI poses disproportionate risks to women - Brookings.
• 'Violating and dehumanising': How AI deepfakes are being used to target women - Euronews.
• Snapshot Paper - Deepfakes and Audiovisual Disinformation - GOV.UK.
• Government cracks down on ‘deepfakes’ creation - GOV.UK.
• Je chie dans la seine.
• Paris Olympics Poop Protest Postponed After French Officials Refuse To Swim In Sewage Water - Brobible.
• 'I’m not a cat': lawyer gets stuck on Zoom kitten filter during court case - YouTube.
• Guy Goma: 'Greatest' case of mistaken identity on live TV ever? - BBC News on YouTube.
• ‘It’s just Bernie being Bernie’ — How a photo of Sanders wearing mittens at Inauguration Day went viral - CNBC News.
• HiKeep Hand Exercise Balls - Amazon.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter of the "Compromising Positions" podcast.

Plus don't miss our featured interview with Abhishek Agrawal, CEO of Material Security.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Cyber attacks update - NHS Dumfries & Galloway.
• J Paul Getty - Wikipedia.
• Cyber expert urges against 'panic' over NHS data leak - BBC News.
• “Don’t panic” - Corporal Jones from Dad’s Army - YouTube.
• All households in Scottish region to get alert about hackers publishing stolen medical data - The Record.
• Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers - Wired.
• Man ludicrously blames Apple for his wife catching him communicating with prostitutes - Apple Insider.
• Businessman sues Apple after wife finds ‘deleted’ iPhone messages to prostitute - LBC.
• ‘Tech made me do it’ is no excuse for adultery - The Times.
• Is it DNS?
• “My name is Barbra” - Amazon.
• ”I'm Glad My Mom Died” by Jennette McCurdy - Simon & Schuster.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Material Security – email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Graham’s video thanking people for voting for “Smashing Security” - Twitter.
• iOS 18 makes iPhone more personal, capable, and intelligent than ever - Apple.
• Apple's new iOS 18 feature is being called 'a cheater's paradise' - Daily Mail.
• 2 Accused In Internet Extortion Scheme Against Boss - Patch.
• District Attorney: Ex-police officer turned model among duo arrested in Orange County - Westchester News.
• Former N.Y. cop, internet model Ally Thueson arrested for extortion - NY Daily News. 
• Extortion - FindLaw.
• Smile politely, nod awkwardly: greeting people you barely know - University Times.
• How to pass people in hallway without awkwardness? - Reddit.
• How Long Should a Great Kiss Last? - Psychology Today.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management - Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Riding Baidu's self-driving robo-taxi - YouTube.
• Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving - Research paper.
• Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard - The Register.
• Gang of Hackers Tries to Steal Baidu’s Driverless Car Secrets - Bloomberg.
• Rapper Sean Kingston agrees to return to Florida, where he and mother are charged with $1M in fraud - AP News.
• Sean Kingston Extradited From California to Florida in Fraud and Theft Case - Entertainment Tonight.
• Rapper Sean Kingston, his mother arrested on fraud charges after SWAT raid at his Southwest Ranches home - Sun Sentinel.
• What is fraudulent use of personal identification information? - Pumphrey Law.
• Google’s AI really is that stupid, feeds people answers from The Onion - AV Club.
• Some of Google’s “best” AI search results - Twitter.
• Google Rolls Back A.I. Search Feature After Flubs and Flaws - NY Times.
• Sure, Google’s AI overviews could be useful – if you like eating rocks - The Guardian.
• Citymapper.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• Material - email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Microsoft's new Windows 11 Recall is a privacy nightmare - Bleeping Computer.
• Statement in response to Microsoft Recall feature - ICO.
• Arizona woman charged in North Korean IT worker scheme that raised millions - CNN.
• Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea - US Department of Justice.
• New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers - FTC website.
• Who’s who in scams: a spring roundup - FTC.
• Udio.
• Geoff's Labyrinth ext v2 - Graham’s AI song about Geoff White’s book “Rinsed”.
• “Nuclear War” by Annie Jacobsen - Amazon.
• The Patient - Disney+.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
• Kiteworks – Step into the future of secure managed file transfer with Kiteworks.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes.

Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale.
• The worst sales promotion in history - The Hustle.
• Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media.
• UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security.
• £200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley.
• Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired.
• OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. 
• How the voices for ChatGPT were chosen - OpenAI.
• As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News.
• What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times.
• Scarlett Johansson’s Statement About Her Interactions With Sam Altman - The New York Times.
• Kin TV series - Wikipedia.
• Portal connecting Dublin and New York 'reawakens' under new restrictions after 'inappropriate behaviour' - Sky News.
• How to cook the perfect chicken rendang – recipe - The Guardian.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Sonrai’s Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• ‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts - TechCrunch.
• Cheerleader's mom created deepfake videos to allegedly harass her daughter's rivals - ABC News.
• Bucks County mom doctored videos to harass girls on daughter's cheerleading sqaud, prosecutors say - Philly Voice.
• Spone v. Reiss, Civil Action 23-0147 - Casetext.
• Mother 'used deepfake to frame cheerleading rivals' - BBC News.
• She was accused of faking an incriminating video of teenage cheerleaders. She was arrested, outcast and condemned. The problem? Nothing was fake after all - The Guardian.
• Parkrun - Wikipedia.
• Parkrun UK.
• Oxfordshire Artweeks 2024 - Artweeks homepage. 
• Carole’s art website - carole.wtf
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kiteworks – Step into the future of secure managed file transfer with Kiteworks.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company - US Department of Justice.
• United States vs Vincent Cannady (PDF) - US Department of Justice.
• LockBit leader unmasked and sanctioned - NCA.
• Romance fraudster defrauded women of £80,000 - BBC News.
• 15 of the Most Trustworthy Accents in the UK Revealed - Country Living.
• Omoton phone car mount - Omoton.
• Stories are weapons by Annalee Newitz - WW Norton.
• All the Beauty in the World: A Museum Guard's Adventures in Life, Loss and Art by Patrick Bringley - Penguin.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kiteworks – Step into the future of secure managed file transfer with Kiteworks.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• New laws to protect consumers from cyber criminals come into force in the UK - UK Government.
• Mirai - Wikipedia.
• Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.
• Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.
• 5 scams you need to know about in 2024 - Which? News.
• How fraudsters are getting fake articles onto Facebook - BBC News.
• Five Scams To Beware In 2024 - Forbes Advisor UK.
• Eerie ‘breathing’ mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun.
• How to spot fraud - UK Government.
• Etymology Monday: David Crystal on the word ‘gaggle’ - Literary Minded.
• Moon - Wikipedia.
• Baby Reindeer - Netflix.
• Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Sonrai’s Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• When a breach goes from 25 documents to 1.3 terabytes… - Graham Cluley.
• Leicester street lights stuck on all day due to cyber attack - Leicester Mercury.
• Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned - Washington Post.
• AI deepfakes threaten to upend global elections. No one can stop them - Washington Post.
• Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today.
• Why Elections Take So Long in India - The New York Times.
• How A.I. Tools Could Change India’s Elections  - The New York Times.
• Bollywood deepfakes fuel AI election meddling fears in India - GG2.
• World Explained: How India's politicians are using AI to reach voters in the world’s most populous country - The Scotsman.
• 12 Angry Men - Wikipedia.
• VIA Rail.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Sonrai's Cloud Permissions Firewall - A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Animal Crossing with Garry Kasparov - Smashing Security.
• Gary Barlow - Wikipedia.
• I was catfished by a fake Gary Barlow on Facebook - Daily Mail.
• Video shows Clark County man charged with murder confront Uber driver - Springfield News.
• Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail.
• Boxfit classes - Better.
• Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kiteworks – Step into the future of secure managed file transfer with Kiteworks.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff - Politico.
• How I was targeted in the Westminster honeytrap - BBC News.
• The Westminster honeytrap plotter tried to catch me too - The Times.
• How Westminster WhatsApp ‘honey trapper’ targeted party conference season - Politico.
• William Wragg quits Commons roles over Westminster honeytrap - BBC News.
• A new prescription - The Economist.
• Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register.
• ‘The Drew Barrymore Show’ Targeted by Fraudsters in Celebrity Scamming Effort  - Yahoo! News.
• ‘Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety.
• Guy Fieri Calls Drew Barrymore “Gangster” For Talking With Her “Mouth Full Of Food” On ‘The Drew Barrymore Show’ - Decider. 
• Beware The Fake Drew Barrymore Le Creuset Cookware Giveaway Scam - Malware Tips.
• Carmen - Royal Opera House.
• Mandy - BBC iPlayer.
• Anita de Monte Laughs Last - Bloomsbury.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Kiteworks – Step into the future of secure managed file transfer with Kiteworks.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
• Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!