Smashing Security

Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly?Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Pornhub Is Being Accused of Illegal Data Collection - Wired.StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn.The Password Game - Neal.fun.The True Cost of a Free TV - Wired.Telly dual-screen TV first look: it’s free and may be the future - The Verge.Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger.How rampant abuse by fintech fueled covid relief fraud - The Washington Post.'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News."We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News.‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes.“Jury Duty” TV series - Wikipedia.“Jury Duty” trailer - YouTube.Spray Cork: What Is It? - Build with Rise.CorkSol.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer.Example of UPS SMS phishing message related to Lego order - Twitter.Another example of a Lego-related UPS phishing message - Twitter.Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice.How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley.Bad adverts leave people scratching their heads - MSN.How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro.Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist.Unraveling an AI Scam with AI - Imperva.100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread.97+ ChatGPT Statistics & User Numbers In June 2023 (New Data)  - Nerdy Nav.“Speed Cubers” - Netflix.Trailer for “Speed Cubers” - YouTube.KBDcraft.”How to Win Friends and Disappear People” - Qcode Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Google sues alleged scammer over fake business and review scheme - The Verge.Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.Keep Connected - ages 10–14 - Keep Connected.The Metaverse Police: A VR content moderator shares his insights - Mixed News.“Untold: The Girlfriend Who Didn't Exist” - Netflix.Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro.Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express.The US Is Openly Stockpiling Dirt on All Its Citizens - Wired.I don’t care about cookies browser plugin.MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News.BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News.Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch.BBC and British Airways affected by data breach at payroll company Zellis - The Record.BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian.Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant.MOVEit Transfer and MOVEit Cloud Vulnerability - Progress.MOVEit announces second vulnerability; Minnesota schools agency breached with original bug - The Record.An Update on the Steps We are Taking to Protect MOVEit Customers  - Ipswitch.Spider-Man: Across the Spider-Verse - IMDB.Spider-Man: Across the Spider-Verse trailer - YouTube.The Muppets Mayhem - Disney+.The Muppets Mayhem trailer - YouTube.NT-USB microphone - Rode.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Hunters - A SOC platform, built to empower your security team to reduce risk, complexity and costs.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Max Power of Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register.“Breaking the code: Cyber Secrets Revealed” - ABC.Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News.Toll-free Hijack Alert (misdial scam) - AT&T.“Connected: the hidden science of everything” - Netflix.“Connections” with James Burke - YouTube.“I wanna marry Harry” reality show    - Wikipedia.“Space cadets” reality show - Wikipedia.Unreal: A Critical History of Reality TV - Apple Podcasts.Famous Studios - Famous Studios website.Unreal: A Critical History of Reality TV - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with David Ahn of Centripetal.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:8 new top-level domains for dads, grads and techies - Google.Tweet by Citizen Lab’s John Scott-Railton - Twitter.File Archiver in the browser - mr.d0x.A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.Two boys killed in Cardiff crash which was followed by riot are named - Sky News.Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.Black Butterflies - Netflix.Black Butterflies trailer - YouTube.“The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.Science Vs - Gimlet Media Podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Man convicted of blackmail and other offences - SEROCU.EU hits Meta with record €1.2B privacy fine - Politico.Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.Fraudster pleads guilty to £100m iSpoof scam - BBC News.300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security."John Was Trying to Contact Aliens" - Netflix.Sleep mask - Amazon.Blackout blind with suction cups - Amazon.Jewish Matchmaking - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Vote for "Smashing Security" in the European Security Blogger Awards.Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.Fraud Strategy: stopping scams and protecting the public - UK Gov.Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.How Many People Use Social Media in 2023? - Oberlo.Scam social media quizzes dupes people into revealing personal details - ITV News.Where are you most likely to be scammed: phone, text or social media? - This is Money.Major bank calls out Meta for huge rise in scams on its platforms -  This is Money.The Legend of Zelda: Tears of the Kingdom - Nintendo.ScanSnap SV600 - Fujitsu.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 – Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden.Plus don't miss our featured interview with Outpost24's John Stock.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Introducing Twitter Circle, a new way to Tweet to a smaller crowd - Twitter.Twitter Circles Is Broken, Revealing Nudes Not Meant For The General Public - Buzzfeed News.Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout - The Register.What is Hostile or Warlike?:  An in-depth look at the Merck war exclusion decision and its shortfalls - Kennedys Law.Eurovision voting scandal: Six juries cheated and voted for each other - EuroVision World.Eurovision: MP seeks assurances contest voting will be protected from Russian threats - Sky News.Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week - Daily Mail.Cyber security experts hope to protect Eurovision voting from possible Russian threat - ITV News.The technology of the Eurovision Song Contest - Technology and Engineering.Cyber security experts hope to protect Eurovision voting from possible Russian threat - Eurovision News.Eurovision voting scandal: Six juries cheated and voted for each other - Eurovision News.Eurovision 2023: Tickets for Liverpool sell out after huge demand - BBC News.Eurovision 2023: Hotel phishing scam targets song contest fans - BBC News.“My Lovely Horse”, Father Ted’s Eurosong contest entry 1996 - YouTube.Doctor Who: Tony Hadoke’s Time Travels podcast.Toby Hadoke.MyBuilder.Carole Theriault art gallery - Carole Theriault’s art website. Carole Theriault and John Hawes exhibition - Oxfordshire Artweeks. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 – Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hackers steal emails, private messages from hookup websites - TechCrunch.Scam Interceptors - BBC.‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammers - The Guardian.Did BBC break the law by using a botnet to send spam? - Naked Security.How a horse whisperer can help engineers build better robots - Science Daily.How Scientists Are Using AI to Talk to Animals - Scientific American.“I don’t know”, sung by 76-year-old Paul McCartney - YouTube.“I don’t know”, sung by AI Paul McCartney - YouTube.AI makes Paul McCartney’s voice youthful - The Daily Beatle.“New”, sung by the AI Beatles - YouTube.AI Freddie Mercury sings “Yesterday” - YouTube.The Evaporated - Campside Media.Tetris - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 - Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy