Smashing Security

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Wiretapping Italian police tune in to hear their secrets being sold - The Times.Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.Protests grow in Italy over the wiretapping of journalists - Independent.How I Broke Into a Bank Account With an AI-Generated Voice - Vice.TikTok under investigation by Canadian privacy authorities - BBC.The UN's cyber crime treaty could be a privacy disaster - IT Pro.TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.“Check It Out” episode about nuclear war from July 1980 - YouTube.The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.Fleishman is in Trouble - Disney+Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Testing Meta Verified to Help Creators Establish Their Presence - Meta.As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.A pre-match message from Will Ferrell - QPR Twitter account.BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.Replika homepage - Replika.Click and Drag - xkcd.1110: Click and Drag - Explain xkcd.xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”Only Murders in the Building - Disney Plus.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice.AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice.Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice.ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice.My Strange Day With Bing’s New AI Chatbot - Wired.We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company.How social media affects teen mental health: a missing link - Nature.California bill to let parents sue social media gets second try - Bloomberg.How to protect children from big tech companies - Wall Street Journal.Three out of four parents say social media is a major distraction for students, according to new study - Phys.org.Remarks of President Joe Biden – State of the Union address as prepared for delivery - The White House.Why the past 10 years of American life have been uniquely stupid - The Atlantic.Now Mesa public schools are also declaring that they have failed in educating their children by suing social media - Techdirt.Seattle school district files laughably stupid lawsuit against basically every social media company for… ‘being a public nuisance’ - Techdirt.The evidence just doesn’t support any of the narratives about the harms of social media - Techdirt.Vasectomy - NHS.Birth of BASIC documentary - YouTube.Zero Waste Club reusable coffee filter - Peace with the Wild.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust. SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with SecurEnvoy's Chris Martin.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now.Episode links:Ubiquiti tells customers to change passwords after security breach - ZD Net.“No way out” trailer - YouTube.Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica.Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender.Final Thoughts on Ubiquiti - Krebs on Security.Former Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For Ransom - Department of Justice.Dutch Police Read Messages of Encrypted Messenger 'Exclu' - Vice.Shock and applause for Apple Watch's chilling real-life emergency call ad - Campaign Live. 911 call made from Apple Watch of Washington woman buried alive released - Yahoo! News.Apple Watch 8 series save yet another life - Live Mint.Some first responders are asking iPhone users to disable Emergency SOS and crash detection due to influx of false positives - 9to5mac.Emergency SOS via satellite available today on the iPhone 14 lineup in the US and Canada - Apple.Inoreader.”The Social Life of Animals” by Ashley Ward - Amazon.Black Butterflies - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Artis Pabriks.‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World.'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News.Amazon Warns Employees to Beware of ChatGPT - Gizmodo. ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. ChatGPT raises red flags by acing MBA exam.ChatGPT passes exams from law and business schools - CNN. I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. Real estate agents say they can’t imagine working without ChatGPT now - CNN. Science journals ban listing of ChatGPT as co-author on papers - The Guardian. Blakes 7 Bot - an automated bot that posts lines of dialogue from Blakes 7.Yarn - Find video clips by quotes.The New Gurus Podcast - BBC Sounds. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust. Sealit – Zero Trust Data Protection: protect, share, and monitor confidential emails and files – without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit’s special offer to “Smashing Security” listeners.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.Episode links:The Complete Idiot's Guide to Writing Erotic Romance - Amazon.The Many Ingenious Ways People in Prison Use (Forbidden) Cell Phone - The Marshall Project.How Did They Run an Elaborate “Sextortion” Scam From Prison? Cellphones - The Marshall Project.Alarm Over Death Row Cell Phone Threats - CBS News.How to completely own an airline in 3 easy steps - Maia arson crimew.U.S. airline accidentally exposes ‘No Fly List’ on unsecured server - Daily Dot.Cyber-crime gangs' earnings slide as victims refuse to pay - BBC. Ransomware Revenue Down As More Victims Refuse to Pay - ChainAnalysis.Leaked Ransomware Docs Show Conti Helping Putin From the Shadows - Wired. Luxe Listings Sydney trailer - YouTube.Luxe Listing Sydney - Wikipedia.Matt Shearer WBZ - Twitter.Hot Skull - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Carole is in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information.Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Operation Protect the Innocent - LA Police Department.A Police App Exposed Secret Details About Raids and Suspects - Wired.ODIN Intelligence website is defaced as hackers claim breach - TechCrunch.Norton LifeLock says thousands of customer accounts breached - TechCrunch.Ugh! Norton LifeLock password manager accounts accessed by hackers - Graham Cluley.Reports: Twitter’s sudden third-party client lockouts were intentional - Ars Technica.Spring app - Twitter.Spring app - Mac App Store.Mona app - Mastodon.Tulsa King trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.ManageEngine PAM360 – A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.DigiCert - DigiCert's Trust Lifecycle Manager sets a new bar for unified management of digital trust. Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Someone called OxShagger thinks he has come up with the perfect Valentine's surprise for Oxford students, but is the way he has gone about "bookworms with benefits" really a good idea? Robot security guards are trundling the streets of - you guessed it - America. And a writer of paranormal bully romances (no, we don't know what that means either) returns from the grave...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Andrew Agnês.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden - Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager. ManageEngine PAM360 - A fully functional privileged access management suite that offers a holistic picture of all the privileged devices, users, and credentials in the IT infrastructure. From managing and governing access to all your enterprise resources to automating the access management life cycle in your organization, PAM360 does it all.NordLayer - NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.Episode links:Dating site for horny Oxford students slammed for privacy violations - Cherwell.OxShag will not be running this term as creator says they ‘made some poor choices’ - The Oxford Tab.Dysfunctional: OxShag to shut down amid controversy - Cherwell.Oxford University dating website for staff and students shut down after ‘huge data breach’ - The Times.CES 2023 Robots: Humanoid Helpers, Coding Pups and Farming Planters - CNet.One of America's most hated companies hired a security robot. It didn't go well - ZDNet.Robot security downtown getting lots of attention, KHON2 News - YouTube.4 New Contracts for 8 Machines to Kick Off New Year at Knightscope - Knightscope.Why was Susan Meachen bullied in 2020? - Reddit.Fan outrage at Susan Meachen, the romance novelist accused of faking her death - BBC. The Book Community Thought This Author Died. Now, It Seems Her Suicide Was a Hoax - Rolling Stone. Vampire Survivors - Steam.Vampire Survivors trailer - YouTube.Vampire Survivors, a cheap, minimalistic indie game, is my game of the year - Ars Technica.Rewind.Rewind support article on the importance of consent - Rewind.Air Lounger - Orsen.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Beware your Roomba's roving eye, the Finns warn of AI threats around the corner, and watch out when hailing a taxi cab in Dublin...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? - MIT Technology Review.Building Smart Robots Requires Responsible Development - Roomba CEO Colin Angle on LinkedIn.OpenAI predicts biz can break a billion in revs by 2024 - The Register.The security threat of AI-enabled cyberattacks (PDF) - The Finnish Transport and Communications Agency, Traficom.Ireland Christmas weather ‘roller-coaster’ amid new ‘Beast from the East’ threat - Irish Mirror.Christmas revellers warned about sophisticated taxi scam as €300,000 is stolen from victims - MSN. Taxi cab scam has cleaned out €300,000 from bank accounts of victims - Irish Independent. “La Cabina” - YouTube.“Last and First Men” by Olaf Stapledon - Wikipedia.”The other side of night” by Adam Hamdy - Pan MacMillan Press. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Rico Acosta, IT manager at Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security 229: Dating leaks, right to repair, and a stinky bishop - Smashing Security.Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall - The Register.Operation Venetic: Pet dog and accidental selfies help convict international drugs traffickers - NCA.What does the Lensa AI app do with my self-portraits and why has it gone viral? - The Guardian. Lensa, the AI portrait app, has soared in popularity. But many artists question the ethics of AI art - NBC News.I Uploaded Photos of Myself to the New Lensa A.I. Portrait Generator. The Results Were Stunning, Strange… and Super Creepy - Artnet.People keep sharing their AI-generated portraits: What to know about Lensa, and why some push back on it - USA Today.How Is Everyone Making Those A.I. Selfies? - New York Times. Lensa AI: Security concerns regarding app behind colourful selfies on social media - The National News. ‘Magic Avatar’ App Lensa Generated Nudes From My Childhood Photos - Wired. Celebrities Are Obsessed With This Amazing New AI Portrait App - Hello Giggles. This AI Self-Portrait App is Taking Over the Internet - Medium.Wednesday Shows Off Her Moves - YouTube.‘Wednesday’ faces backlash over Jenna Ortega’s COVID dance scene - NME.Channel Television Disco Dancin' Final - YouTube.Sticky Pickles.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy