Smashing Security

A FaceTime bug allows callers to see and hear you before you answer the phone, Facebook's Nick Clegg tries to convince us the social network is changing its ways, and IoT hacking is big in Japan.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Smashing Security on Reddit.Apple has a huge privacy ad at CES 2019 — CNBC.Apple races to fix FaceTime bug that lets you spy on someone *before* they pick up your call — Graham Cluley.Tweet about teen who found FaceTime issue — Tweet from MGT7.iPhone Facetime Hack (EMBARRASSING!) Caught Slippin — YouTube (NSFW).A discussion with Nick Clegg — Facebook Brussels.Facebook pledges to do more on self-harm — BBC News.World Happiness Report — Wikipedia.2020 Olympics: Japanese chains scrap porn magazines — BBC News. Japan’s Cybersecurity Strategy (PDF).Govt. to access home devices in security survey — NHK.Japan plans to hack into millions of its citizens’ connected devices — MIT Technology Review.Alphaville - Big In Japan (Official Music Video) — YouTube.Teletext — YouTube.Teletext generator — Teletext the World.The teletext versions of Graham, Carole, and John Hawes — Twitter.Cosmic Eye — YouTube.ChronoZoom.Putting Time In Perspective — Wait But Why.Cows: Small Or Far Away? | Father Ted — YouTube.Jonathan Pie's American Pie — BBC Three.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Business email compromise evolves to target your company's payroll, how the world's largest gold coin was stolen from a Berlin museum, and are internet giants feeling the heat yet over data security?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by people hacker Jenny Radcliffe.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jenny Radcliffe.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceSupport Smashing SecurityLinks:Smashing Security on RedditBusiness Email Compromise Scams Have Netted $12.5 Billion, Says FBI — Bitdefender.The 2 Investigators: Theft By 'Business Email Compromise' — YouTube.The Secret of My Success Soundtrack - "Oh yeah" by Yello — YouTube.How one company lost $44 million through an email scam — Tripwire.BEC Gangs Focus on Executives for Payroll Diversion Scams — Agari.Daring robbery: Rare gold coin worth millions stolen from Berlin’s Bode Museum — YouTube.Trial begins for 4 accused in gold coin heist — CBC.Four men go on trial for giant gold coin heist from Berlin museum — The Guardian.The CNIL’s restricted committee imposes a financial penalty of 50 Million euros against Google — CNIL.Portuguese hospital appeals GDPR fine — IT Governance blog.German chat site faces fine under GDPR after data breach — We Live Security.First GDPR fine issued by Austrian data protection regulator — Freshfields Digital.F.T.C. Is Said to Be Considering Large Facebook Fines — The New York TImes.The Office Quest Game.Office Quest - Nintendo Switch Official Trailer — YouTube.Radioactive wild boars rampaging around Fukushima nuclear site — The Independent.Maniac — Netflix.Waking Up Podcast #145 - The Information War — Sam Harris.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoë Rose.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mirai Botnet DDoS (Sky News) — YouTube.Massive Cyber Attack Knocks Out Access To Websites (CNBC) — YouTube.Download the Mirai source code, and you can run your own IoT botnet — Graham Cluley.The makers of the Mirai IoT-hijacking botnet are sentenced — Tripwire State of Security.Danny Kaye — Wikipedia."Wonderful Copenhagen" — Danny Kaye from the movie "Hans Christian Andersen".International hacker-for-hire jailed for cyber attacks on Liberian telecommunications provider — National Crime Agency.Courts Hand Down Hard Jail Time for DDoS — Krebs on Security.Liberian ISP sues rival for hiring hacker to attack its network — ZDNet..gov security falters during U.S. shutdown — Netcraft.TLS Certificates for Many .gov Domains Not Renewed Due to Government Shutdown — Security Week.Owlet.Snuza.These ‘extreme baby monitors’ claim to track your child’s breathing, heartbeat and every movement — MarketWatch.Fisher-Price’s wearable baby monitor is an unreliable rash machine — Engadget.Threema - Seriously secure messaging.Africa by Toto to play 'for all eternity' in Namib desert — YouTube.Africa by Toto to play on eternal loop 'down in Africa' — BBC News."The Brain: The Story of You" by David Eagleman — Amazon."The Coddling of the American Mind: How Good Intentions and Bad Ideas Are Setting Up a Generation for Failure" by Greg Lukianoff — Amazon.How Trigger Warnings Are Hurting Mental Health on Campus — The Atlantic.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you."The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.Download it for free at smashingsecurity.com/intelligenceLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Dad pays girl $200 to give up Facebook — YouTube.How much is social media worth? Estimating the value of Facebook by paying users to stop using it — PLOS.Being paid to quit Facebook — Graham Cluley.This account has been hijacked (temporarily)! — Insinia.Security firm hijacks high-profile Twitter accounts — BBC News.'Serious' Twitter flaw allows hackers to post on other people's accounts — Computer Weekly.Twitter is Broken — The AntiSocial Engineer.About Twitter's SMS PIN feature — Twitter.How to Tweet via text message — Twitter.Earn $2,000,000 by remotely jailbreaking an iPhone — Graham Cluley.Zerodium Offers $2 Million for iOS Hacks, $1 Million for Chat App Exploits — Security Week.Life as a bug bounty hunter: a struggle every day, just to get paid — MIT Technology Review.Yahoo changes bug bounty policy following 't-shirt gate' — ZDNet.Equifax Was Warned — Motherboard.Remove Background from Image - remove.bg.'Tidying Up With Marie Kondo' Is a Quiet Delight — The Atlantic.Tidying Up with Marie Kondo | Official Trailer — YouTube.Bear Brook podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Dave Bittner from The Cyberwire.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Smashing Security: We're sponsoring ourselves this week! Get in touch at studio@smashingsecurity.com if you're interested in partnering with us for a future episode of the show.Support Smashing SecurityLinks:PewDiePie printer hackers strike again — BBC News.ASCII art attack — Smashing Security episode 007.TheHackerGiraffe — Patreon.Buying PewDiePie a $1M Billboard in Times Square! — YouTube.I Bought Every Billboard In My City For This — YouTube.PewDiePie Billboards in INDIA | T-Series vs PewDiePie — YouTube.WSJ website defaced by PewDiePie fan in ongoing YouTube subscribers battle — ZDNet.Disney Severs Ties With YouTube Star PewDiePie After Anti-Semitic Posts — Wall Street Journal.TheHackerGiraffe comments on WSJ defacement — Twitter.Cockwomble definition — Urban Dictionary.The Wombles Season 1 — YouTube.YouTube is reading text in users’ videos — Naked Security.Google is Scanning for (and Crawling) URLs in Your Private YouTube Videos — Austin Burk.Santa's Little Helpers — Reddit.Posts about Christmas Grinches — Reddit.You're a Mean One, Mr. Grinch — Flearoy.Paul McCartney at O2 Arena, London — YouTube.Ronnie Wood praised by fans as he catches TUBE home after joining Paul McCartney on stage — Daily Mail.Paul McCartney Carpool Karaoke — YouTube.Wild Thing podcast.Analysis, The Replication Crisis — BBC Radio Four.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

The curious case of George Duke-Cohan, Huawei's CFO finds herself in hot water, and the crazy world of mobile phone mental health apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mikko Hyppönen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Three years in jail for teenager who spammed out school bomb threats, and made hoax call about hijacked plane — Graham Cluley.Schools bomb hoaxes: Bodycam shows George Duke-Cohan arrest — BBC News.Bomb Threat Hoaxer, DDos Boss Gets 3 Years — Krebs on Security.Estonian DDoS revenge worm crafter jailed — The Register.Canada could be at risk of ‘nasty’ retaliation from China — Vancouver Star.Bad news for scammers. Huawei executive Meng Wanzhou has been released on bail — Graham Cluley.Child advice chatbots fail to spot sexual abuse — BBC News.Alibaba already has a voice assistant way better than Google’s — MIT Technology Review.Making a Murderer — Netflix.Making a Murderer lawyer Kathleen Zellner is true crime's new star — BBC News.Rebutting a Murderer podcast — Spreaker.DOOM (Shareware Episode) — Internet Archive.Doom (1993 video game) — Wikipedia.Points of Egress — Love + Radio.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won't believe who was behind a sextortion scam that targeted over 400 members of the US military.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoë Rose.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Military criminal investigative organizations crack down on sextortion ring targeting service members — NCIS.Scam iOS apps promise fitness, steal money instead — WeLIveSecurity.Mastercard, Microsoft to Advance Digital Identity Innovations — Mastercard press release.China's Surveillance State Should Scare Everyone — The Atlantic.Mastercard and Microsoft to jointly develop universal digital ID technology — IT Pro.A Victorian point and click adventure game — Bertram Fiddle.Bertram Fiddle: A Bleaker Predicklement Trailer — YouTube.Oura Ring sleep and activity tracker.Learn how Oura ring works.Marriott warns of hack. 500 million Starwood hotel guests' personal data could be exposed — Graham Cluley.Marriott breach: What to do when hackers steal your passport number — CNet.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.And don't miss our special bonus interview about passwords with Rachael Stockton of LastPass, sponsors of this week's show.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Rachael Stockton.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:A new bank scam using Google Maps loophole — The Hindu.Google’s sorry that this crudely offensive image of the Apple logo turned up in Maps — The Washington Post.‘Edwards Snow Den’ infiltrates the White House on Google Maps — The Washington Post.The FBI Created a Fake FedEx Website to Unmask a Cybercriminal — Motherboard.what3words | Addressing the world.When the FBI rather than the fraudsters make a fake FedEx website — Graham Cluley.Fingerlings — YouTube.Lawmakers introduce bill to stop bots from ruining holiday shopping — CNET.The Internet Arcade.Alley Cat — The Internet Arcade.On November 26th, a mole will land on Mars — The Oatmeal.Why did Apple remove the iPhone headphone jack? — Fast Company.A simple, cheap and very reliable solution for phones without headphone jack — Reddit.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:Smashing Security: We're sponsoring ourselves this week! Get in touch at studio@smashingsecurity.com if you're interested in partnering with us for a future episode of the show.Support Smashing SecurityLinks:How I Went From Tesla Delivery Hell To Tesla Giving Me Control Of Their Site Forums With Over 1.5 Million Tesla Account Contacts — DansDeals.com.Customer Complains About Tesla Forums, Tesla Accidentally Gives Him Control Over Them — Motherboard.A Guy Emailed 246 Nicoles Trying To Find The One He Met At A Bar And Now They're All Friends — Buzzfeed News.Facebook exodus: 44 percent of American users ages 18-29 have deleted app — CNBC.How Facebook employees reacted to NYT report on leadership, scandals — Business Insider.Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis — New York Times.Facebook’s top execs ‘make tobacco executives look like Mister Rogers’ — Recode.Facebook Morale, Hurt by Share Drop, Suffers Another Hit — Bloomberg.“I Hope It Cracks Who She Is Wide Open”: Inside Silicon Valley, Many Have Long Known Sheryl Sandberg Isn’t a Saint — Vanity Fair.Now eight parliaments are demanding Zuckerberg answers for Facebook scandals — TechCrunch.The Beatles - Glass Onion (2018 Mix) — YouTube.The Beatles (White Album) 50th Anniversary Edition — The Beatles.American Animals.Krissy Brierre-Davis (@krissys_kitchen) — Twitter.iPhone hack: Thousands of people just discovered the 'life-changing' space bar trick — The Independent.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Does your employer want to turn you into a cyborg? Was this phishing test devised by an evil genius? And how did a cinema chain get scammed out of millions, time and time again...?Oh, and the subject of erasable pens comes up again.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Scott Helme.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Scott Helme.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Cinema Chain Sees Bad Movie Script Play Out As It Loses Millions In Email Scam — Martijn Grooten writes on Forbes.Internet con men ripped off Pathe NL for €19m in sophisticated fraud — DutchNews.nl.Court documents describing the scam — It's in Dutch. Don't ask us to translate it.Tweet from InfoSecSherpa describing diabolical phishing test.BBC Click on Twitter: "Could you be paying for things using just your hand?" — Scott Helme is filmed getting an implant.The future prospects of embedded microchips in humans as unique identifiers: the risks versus the rewards (PDF) — University of Wollongong, Australia.Alarm over talks to implant UK employees with microchips — The Guardian.I, Tonya trailer — YouTube.Rocketbook.Introducing Rocketbook Everlast — YouTube.Bohemian Rhapsody Performed in 42 Styles — YouTube.Open Culture.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)