Smashing Security

A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats - Graham Cluley.Lizard Squad Member: Why I Took Down Xbox and PlayStation - Sky News on YouTube.Hacker Charged With Extorting Online Psychotherapy Service - Krebs on Security.Finland’s Most-Wanted Hacker Nabbed in France - Krebs on Security.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Hackers can find your home on Strava even if you use privacy settings, researchers find - Yahoo Sports.Iron Bianca hashtag on TikTok - TIkTok.Investigators warn of fake suicide scams on social media platforms - MSN News.How did Iron Bianca die? Tribute Pours In As Tiktok Star Passed Away - PBK News.Spill-the-Tea-007 TikTok Channel - TikTok.Mike Bolhius Private Investigator - Mike Bolhius homepage.Paint trailer - YouTube.Bob Ross: Happy Accidents, Betrayal & Greed - Netflix.Star Trek: Picard - Paramount Plus.The Diplomat - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!hCaptcha – hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.Start your free trial today.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.(Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!)Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Countering Threats Posed by the Chinese Government Inside the US - Speech by the FBI’s Christopher Wray.Criminals Pose as Chinese Authorities to Target US-based Chinese Community - FBI.FBI: How fake Xi cops prey on Chinese nationals in the US - The Register.Special Report: Tesla workers shared sensitive images recorded by customer cars - Reuters.303: Secret Roomba snaps, Christmas cab scams, and the future of AI - Smashing Security.Lawsuit: Tesla must be punished for “tasteless” sharing of car-camera images - Ars Technica.Customer Privacy Notice - Tesla.Tesla hit with class action lawsuit over alleged privacy intrusion - Reuters.Tesla About Autopilot - Tesla.“Wet Nellie” - Wikipedia.Device Orchestra - YouTube.“Smoke on the Water”, as performed by Device Orchestra - YouTube.“Eye of the Tiger”, as performed by Device Orchestra - YouTube.Cabin Camera - Tesla.Colin from Accounts - Amazon Prime.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Uber driver info stolen yet again: This time from law firm - The Register.Letter from law firm Genova Burns to impacted Uber drivers (PDF)Tweet by FBI Denver - Twitter.FBI warns against using public phone charging stations - CNBC.'Juice Jacking': The Dangers of Public USB Charging Stations - FCC.Stop! Don’t charge your phone this way - Seattle Times.This Seemingly Normal Lightning Cable Will Leak Everything You Type - Vice.Cybersecurity Myths You Might Still Believe – Debunked! - CXO Today.China to require 'security assessment' for new AI products - France24.Cybercrime: be careful what you tell your chatbot helper…- The Guardian.12 Jobs that AI will never replace - In Hunt World.ChatGPT Fabricates Sexual Harassment Scandal, Names Real US Law Professor As Accused - Republic World.Insurable cyberattacks? - Caveat podcast.UBI board game - Board Game Geek.The Eye, The Pyramid, The Map: The Psychogeography of ‘The World According to Ubi’ - We Are The Mutants.They Finally Let Me Into Abbey Road Studios! - Rick Beato, YouTube.Robot Wars: Episode 5 Battle Recaps 2017 - BBC Two, YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!hCaptcha – hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.Start your free trial today.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:These Men's Rights Activists Literally Worship Elon Musk - Buzzfeed News.Florida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed' - WESH.Florida principal resigns after sending $100K to scammer posing as Elon Musk - NY Post.Afroman - Will You Help Me Repair My Door - YouTube.Official Music Video for Because I Got High performed by Afroman - YouTube. Police sue rapper Afroman for using footage of home raid in his music videos - The Guardian.Afroman Complaint - Adams County Court.Afroman Got Raided by Cops, So He Put Them in His Music Video - Vice.Afroman - Wikipedia.Afroman sued by seven officers who raided his home - NME.Afroman Isn’t Worried About a Police Lawsuit Over His Music Videos - Rolling Stone.Afroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!! - TMZ.Afroman I'm Missin' $400 In Cash After Raid... Thinks Cops Swiped It - TMZ.Atlas Obscura.Oak Beams, New College Oxford - Atlas Obscura. BeyerDynamic DT 770 PRO Headphones - BeyerDynamic. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Tweet by Euler Finance confirming security breach - Twitter.Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk.Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian.Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk.President Biden kind of mostly bans commercial spyware from US govt - The Register.Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times. Utah’s social media for kids law could be coming to a state near you - Vox.Utah Governor Spencer Cox signs a landmark social media bill - YouTube.RRR - Netflix.RRR trailer - YouTube.RRR Naatu Naatu dance scene - YouTube.Best films of 2022 in the UK, No 7: RRR - The Guardian.He Died with a Felafel in His Hand - Wikipedia.Swarm - Amazon Prime.Night of the Lepus - Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!hCaptcha - hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.  Start your free trial today.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security.Google Pixel exploit reverses edited parts of screenshots - The Verge.Tweet by researcher Simon Aarons - Twitter.aCropalypse demo.Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors.Android phones can be hacked just by someone knowing your phone number - Graham Cluley.BBC advises staff to delete TikTok from work phones - BBC News.TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News.TikTok banned from official Welsh government phones - BBC News.Danish public broadcaster advises staff against using TikTok - BBC News.Canada bans TikTok on government devices - BBC News.European Commission bans TikTok on staff devices - BBC News.New bill would ban TikTok in the US but it faces long odds - BBC News.A Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless' - Entrepreneur.Retired Colorado teacher left homeless and broke after scammers hijack house sale - MSN.Homebuyers scammed out of nearly $200,000 - YouTube.Stolen life savings Vickie and Sarah Ragle - Go Fund Me.The Play That Goes Wrong.The Goes Wrong Show 90 Degrees clip - YouTube.The Goes Wrong Show Series One - Amazon Prime.Poo Pays.MiniPresso NS2 - Wacaco.Restart Podcast - BBC.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

The twisted tale of the two Teslas, and a deepfake sandwich.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News.A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone.Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag.Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN.Spot the Deepfake - Microsoft.Sholay trailer - YouTube.Sholay: Review of the monumental Indian epic - YouTube.Rent or buy Sholay - YouTube Movies.Jazz Pianist Brad Mehldau Plays The Beatles - NPR.Brad Mehldau - Brad Mehldau website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC.Canada grandma helps stop fraud scheme targeting senior citizens - BBC News.A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal.Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN.Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR.9 millionaires and billionaires with the most bizarre spending habits - Business Insider.Phishing still the leading way attackers breach security controls: IBM - IT World Canada.New White House cyber strategy picks a fight with ransomware - AXIOS. Happy Valley - BBC.My 80s TV.Everything Everywhere All at Once - IMDB.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business.  As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Wiretapping Italian police tune in to hear their secrets being sold - The Times.Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.Protests grow in Italy over the wiretapping of journalists - Independent.How I Broke Into a Bank Account With an AI-Generated Voice - Vice.TikTok under investigation by Canadian privacy authorities - BBC.The UN's cyber crime treaty could be a privacy disaster - IT Pro.TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.“Check It Out” episode about nuclear war from July 1980 - YouTube.The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.Fleishman is in Trouble - Disney+Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Testing Meta Verified to Help Creators Establish Their Presence - Meta.As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.A pre-match message from Will Ferrell - QPR Twitter account.BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.Replika homepage - Replika.Click and Drag - xkcd.1110: Click and Drag - Explain xkcd.xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”Only Murders in the Building - Disney Plus.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacy