Smashing Security

Anti-porn "shameware" apps take a privacy pounding, is your image already being used by AI, and deepfake danger continues to deepen.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps - WIRED.Covenant Eyes.Sick and tired of trying to quit porn? You’re not alone - Covenant Eyes promotional video.Fortify.AI Is Probably Using Your Images and It's Not Easy to Opt Out - Vice.ISIS Executions and Non-Consensual Porn Are Powering AI Art - Vice.Have I been trained?The Deepfake Danger: When It Wasn’t You On That Zoom Call - CSO Online.Deepfake Audio Has A Tell – Researchers Use Fluid Dynamics To Spot Artificial Imposter Voices - The Conversation. Deephy: On Deepfake Phylogeny - Cornell University.On The Horizon: Interactive And Compositional Deepfakes - Microsoft. Detect DeepFakes: How to counteract misinformation created by AI - MIT University. New Deepfake Threats Loom, Says Microsoft’s Chief Science Officer - Venture Beat.The Joy of Sets - BBC Archive.Steam Deck.Am I Being Unreasonable? - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.The Cyber Security Inside podcast – Relevant cybersecurity topics in clear, easy-to-understand language. With every episode, you’ll walk away smarter about cybersecurity, and have fun while you’re at it!Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Researchers reveal how your eyeglasses could be leaking secrets when you're on video conferencing calls, we take a look at the recent data breaches involving Uber and Grand Theft Auto 6, and we cast an eye at what threats may be around the corner...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.Plus - don't miss our featured interview with Sal Aurigemma, the faculty director of the Master of Science in Cyber Security program at the University of Tulsa.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:“Iain Exotic”, Iain Thomson’s dress-up homage to Joe Exotic, the Tiger King - Twitter.“Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing” - Research paper by Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, and Kevin Fu.“We saved you a seat in chat” - Rather large text on the Twitch website.Stalker zoomed in on Japanese idol’s eyes to find out where she lived - Graham Cluley.Uber is looking for more security staff - Twitter.Uber explains how it was pwned this month, points finger at Lapsus$ gang - The Register.Uber’s hacker *irritated* his way into its network, stole internal documents - Graham Cluley.Security update - Uber.Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist - The Register.Cybersecurity Awareness Month - CISA. The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats - ZDNet.U.S. Government Spending Billions on Cybersecurity - Hacker News.The Mitchells vs The Machines trailer - YouTube.The Mitchells vs The Machines - Netflix.NASA is ready to knock an asteroid off course with its DART spacecraft - New Scientist.DART’s Small Satellite Companion Takes Flight Ahead of Impact - NASA.Search and find UK Defibrillator Locations near you now - HeartSafe.Apply for a part funded Public Access Defibrillator - British Heart Foundation.Defibrillator guide for first time buyers - St John’s Ambulance. Every school will have a life-saving defibrillator by 22/23 - Gov.UK.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Pentera - Pentera’s Automated Security Validation Platform is designed to help teams increase their security posture against modern day threats across the entire attack surface. Evaluate your security readiness with continuous and consistent autonomous testing with granular visibility into every execution along the way. Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

How could your inkjet printer finally help you make some money, why is it so hard to share our health data even if we want to, and what result do you want to see from the Elon Musk vs Twitter bunfight?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rory Cellan-Jones.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Dynamic Cartridge Security - disable please - Angry customers complain on HP support forum.Update now! Many HP printers affected by three critical security vulnerabilities - MalwareBytes.HP will pay customers for blocking non-HP ink cartridges in EU - Bleeping Computer.HP and Euroconsumers settle on Dynamic Security - Euroconsumers.Ink cartridges are a scam - YouTube.Why printer ink is so expensive - Insider.Trying to print something - YouTube.UK Biobank - why won't GPs share data? - Rory’s Always On Newsletter.Another data sharing fiasco - Rory's Always On Newsletter.Tweet by Kate Bingham - Twitter.The Twitter Whistleblower Needs You to Trust Him - Time.Twitter denies whistleblower payout violates Musk’s takeover deal - MSN.Elon Musk earns a split decision in Delaware court - The New York Times.Twitter’s whistleblower has pitched up at a very inconvenient moment - The Guardian.Damning claims about Twitter’s bots and security lapses are ‘a false narrative,’ says CEO - The Verge. The Spectator’s Guide to the Elon Musk–Twitter Fight - Slate. Don't F*** with Paste - Firefox browser addonDon't F*** with Paste - Chrome browser extension.Stasi Museum, Berlin.How to with John Wilson - BBC.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.The Cyber Security Inside podcast -  Relevant cybersecurity topics in clear, easy-to-understand language. With every episode, you’ll walk away smarter about cybersecurity, and have fun while you’re at it!Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘The least safe day’: rollout of gun-detecting AI scanners in schools has been a ‘cluster,’ emails show - Motherboard.Gun detection AI the latest tech to make schools less safe - TechDirt.The unproven, invasive surveillance technology schools are using to monitor students - ProPublica. NYC Mayor considering a subway security system that can’t differentiate between a laptop and a handgun - Motherboard.Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire - Brian Krebs.USA vs Patrick McGovern-Allen (PDF) - Court Listener.Reports of romance scams hit record highs in 2021 - FTC.Meeting you was a fake: Investigating the increase in romance fraud during COVID-19 - Academic Research.This dating app fought scammers with bots… hilarity ensued - TechCrunch.She was 69. He Was Young, Hunky,,, and a Fraud - The Daily Beast.Gladbeck: The Hostage Crisis trailer  – YouTube.Watch Gladbeck: The Hostage Crisis - Netflix.The Ocean Cleanup.We flooded our dating app with bots… to scam scammers  - Medium.Craiyon.Carole’s attempt to ask Craiyon to draw Liz Truss eating a giant cupcake of Europe.Is this Graham eating a banana?  Craiyon seems to think so.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.SolCyber – SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

We're back from our summer break as we ask how did a cryptomining campaign stay unspotted for years, quiz special guest and infosec rockstar Mikko Hyppönen about his book, and ponder what spiders teach us about misinformation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The 20 Funniest Finnish Expressions (and How To Use Them) - Matador Network.Sophos punts anti-virus for Klingon - The Register.Helsinki named Klingon-speaking capital of the world – Naked Security.Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications - Check Point Research.If It's Smart It's Vulnerable - Book by Mikko Hyppönen.Psychological inoculation improves resilience against misinformation on social media -Science Advances.Let’s flatten the infodemic curve - WHO.The global spread of misinformation on spiders - Current Biology.A Journey Into Misinformation on Social Media - The New York Times.Google Looks to Vaccination to Combat Misinformation In Searches - The New York Times.Spiders Are Caught in a Global Web of Misinformation - The New York Times.The rock-paper-scissors/tortilla wrap game.DEF CON: The Documentary.Smashing Security Painting competition – Carole.wtf.Open Exhibition, Summer 2022 - Oxford Art Society.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Gigamon - Gigamon is the leading deep observability company. Download their latest report into the state of ransomware to learn why deep observability is the new frontier for tackling the ransomware crisis.Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Pornhub has a problem, the UK's Co-op supermarket is accused of big brother tactics, and we take a look at a security researcher's attempt to reveal the true identify of hackers.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:On security researcher's newsletter, exposing cybercriminals behind ransomware — CyberScoop.‘Imma Make U Dig Ur Own Grave’: He Doxes Ransomware Hackers and Gets Death Threats in Return — Vice.Intrusion Truth - Five Years of Naming and Shaming China’s Spies — Kim Zetter.Who Is 'Intrusion Truth,' Group Exposing Alleged Chinese Hackers? — Daily Dot.The Leopards Eating People's Faces Party meme — Know Your Meme.Tweet by Bill Ackman.Judge Refuses Visa’s Request to Escape Pornhub-Related Lawsuit — The New York Times.How to Prevent and Handle Robberies and Theft in Retail — Vend Retail Blog.Abuse of shopworkers is on the rise – coronavirus brought it to our attention and now we need to act — The Conversation.‘Tackling violence and abuse in retail must be one of the industry’s highest priorities’ — Retail Week.Convenience store spy cameras face legal challenge — BBC News.Looking back at the career of Bernard Cribbins — YouTube.Tribute to David Warner — YouTube.Webb Compare — John Christensen.Support Maria Varmazis on the Pan-Mass Challenge.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Gigamon - Gigamon is the leading deep observability company. Download their latest report into the state of ransomware to learn why deep observability is the new frontier for tackling the ransomware crisis.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Uber may not face prosecution over its handling of a 2016 data breach - but its former chief security head does; how to defend your digital devices' data while on vacation, and how to change your accent with artificial intelligence.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.Plus don't miss our featured interview with Ian Farquhar of Gigamon.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Uber Enters Non-Prosecution Agreement Related to 2016 Data Breach — US Department of Justice.Former Uber Security Chief Joe Sullivan Must Face Driver Fraud Charges — Bloomberg.Uber to pay $148 million in data breach settlement — TechCrunch.Uber paid hackers $100,000 to keep data breach quiet — Graham Cluley.Uber CISO's trial underscores the importance of truth, transparency, and trust — CSO Online.7 cybersecurity tips for your summer vacation! — Naked Security.Sanas demo.Sanas Raises $32M for Breakthrough AI Technology for Real-Time Accent Translation — Sanas press release.This 6-Million-Dollar AI Changes Accents as You Speak — IEEE Spectrum.Call centre workers can use AI to mimic your accent on the phone — New Scientist.A little less accent, a little more customer service — ComputerWorld.What Is Accent Reduction? — Accent Advisor.Compound pejoratives on Reddit – from 'buttface' to 'wankpuffin' — Colin Morris.Melissa computer virus — Wikipedia.Dedham Hall.3D capture of Carole Theriault — Polycam.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden– Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.SolCyber – SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less?Gigamon - Gigamon is the leading deep observability company. Download their latest report into the state of ransomware to learn why deep observability is the new frontier for tackling the ransomware crisis.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

In this special edition of the "Smashing Security" podcast, computer security veterans Graham Cluley and Carole Theriault welcome back author and journalist Jamie Bartlett - host of "The Missing CryptoQueen" podcast.Jamie tells us about his new book, which shares more details about the disappearance of cryptocurrency scammer Dr Ruja Ignatova, and the subsequent hunt by law enforcement.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:The Missing CryptoQueen podcast — BBC.The Missing CryptoQueen book — Penguin.Missing Cryptoqueen: FBI adds Ruja Ignatova to top ten most wanted — BBC News.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Cyber Security Inside podcast -bringing you the most important and timely security topics as well as other industry experts for insightful conversations.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Official Disneyland Instagram Account Hacked This Morning! — The Disney blog.Disneyland social media accounts hacked, offensive messages posted — Hot for Security.We Got the Phone the FBI Secretly Sold to Criminals — Vice.Parents Sue TikTok, Saying Children Died After Viewing ‘Blackout Challenge’ — The New York Times.Lawmakers Want Social Media Companies to Stop Getting Kids Hooked — Wired.How Social Media Tricks Us Into Thinking We Are Paying Attention — Forbes.Facebook could be sued for addicting children under California bill — Ars Technica.Kids Are Using Social Media More Than Ever, Study Finds — New York Times.2021 Facebook leak — Wikipedia.California Parents Could Soon Sue for Social Media Addiction — Gizmodo.Absurd Trolley Problems.Weird or Confusing.Google Quick, Draw!Unfinished London — Jay Foreman on YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.The Secure Developer – A conversational and insightful podcast, that bridges the gap between dev and sec, from Snyk.SolCyber - SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

A hacked university might have made a profit after paying a cryptocurrency ransom, China suffers possibly the biggest data breach in history, and Reuters investigates digital mercenaries.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Episode links:Dutch university paid $220,000 ransom to hackers after Christmas attack — Graham Cluley.Remarkable development in investigation into Maastricht University cyberattack — Maastricht University.Dutch University profits from returned ransomware payment — The Register.Favorable exchange rate on a fake cryptoexchange — Kaspersky.Tweet from @cz_binance about mega-leak.Vast Cache of Chinese Police Files Offered for Sale in Alleged Hack — Wall Street Journal.How mercenary hackers sway litigation battles — Reuters.Countering hack-for-hire groups — Google.The business of hackers-for-hire threat actors — TechRepublic.Fransdita Muafidin on Instagram.Giant Cats Disturbing Civilization — Geeks are sexy.Watch Good Luck to You, Leo Grande — Hulu.Good luck to you Leo Grande (Trailer) — YouTube.This is Love podcast.Cain's Jawbone — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy