Smashing Security

Politician admits to hacking a rival's website, T-Mobile Austria ends up in a Twitter security storm, and siren systems are hit by a Rick Astley attack.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Spoof blogger attacks Harman siteHarman hack horror has blog backing BorisHarriet Harman resigns!Boris Johnson left hanging on zip wire during Olympic eventHow to Hack Harriet HarmanTop Conservative MP tipped as a future Prime Minister admits hacking into Labour MP's websiteBafflement over Tory MP's admission she hacked Harriet Harman's websiteHarriet Harman accepts Tory MP Kemi Badenoch's hacking apologyThe lax computer security of British MPs - as detailed in their own tweetsT-Mobile Austria thread on TwitterT-Mobile Stores Part of Customers' Passwords In Plaintext, Says It Has 'Amazingly Good' SecuritySirenJackEmergency alert systems used across the US can be easily hijackedResearchers Rickrolled Emergency Alert Sirens in Proof-of-Concept HackBertram Fiddle - A Victorian point and click adventure gameAdventures of Bertram Fiddle: Episode 1 for iOSAdventures of Bertram Fiddle: Episode 1 for AndroidAdventures of Bertram Fiddle: Episode 1 on Steamsecurity.txt - A proposed standard which allows websites to define security policiesWild Wild CountryHROOME Modern Cute Dog LampSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

Grindr, MyFitnessPal, and Panera Bread. They've all had data breach scares of varying degrees this week. Some handled the security breaches well, some didn't. We took a look at how well different firms are respecting your data privacy.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who don't have a special guest this week.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Grindr Is Letting Other Companies See User HIV Status And Location DataGrindr Will Now Remind You To Get Tested For HIVGrindr to stop sharing HIV status with third partiesHackers steal data of 150 million MyFitnessPal app usersMyFitnessPal Security Issue FAQSmashing Security: Passwords - a Smashing Security splinterPanerabread.com Leaks Millions of Customer RecordsNo, Panera Bread Doesn’t Take Security SeriouslyDon't blame Panera Bread's security guy just because he used to work at EquifaxViking seafarers may have navigated with legendary crystalsBBC Fooled By Brexit Emoji April Fools Prank On AirSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

Endangering your friends online, the fibs told by VPN vendors, developments from the world of cryptomining, and Carole shares an animated GIF with Mikko and Graham.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen from F-Secure.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Mikko Hyppönen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mikko's adventure game "Paha Juttu" at the Finnish Game MuseumDownload the Paha Juttu Commodore 64 floppy image file (d64)Commodore 64 online emulator (load a d64 file into this)Mat Johnson's tweet about Facebook logging his phone calls and textsFact Check: Your Call and SMS HistoryWho and What Is Coinhive?100+ VPNs & Their Logging Policy (What Logs Are Kept by Who?)Which VPN Services Keep You Anonymous in 2018?‘Lone DNC Hacker’ Guccifer 2.0 Slipped Up and Revealed He Was a Russian Intelligence OfficerHideMyAss defends role in LulzSec hack arrestTLDRLegal - Software Licenses Explained in Plain EnglishSome Very Entertaining Plastic, Emulated at the ArchiveHandheld HistoryThis is what the Internet Archive's building looks likeCERT-EU News MonitorYou've never seen anyone climb a wall like this before...Smashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

It’s not fair to describe what happened at Facebook and Cambridge Analytica as a data breach - it’s much worse than that. An autonomous Uber vehicle kills a pedestrian. And sextortion continues to be a serious problem.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by researcher Scott Helme.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Scott Helme.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breachRevealed: Trump’s election consultants filmed saying they use bribes and sex workers to entrap politiciansCambridge Analytica's grab of 50 million Facebook users' dataCambridge Analytica controversy: Was there a Facebook data breach?Martijn Grooten's GDPR jokeHow To Change Your Facebook Settings To Opt Out of Platform API SharingUber Halts Autonomous Car Tests After Fatal Crash in Arizona Warning from police: scammers solicit nude photos for blackmailWarning 'sextortion' on the rise as models used in online blackmail scamsWest Australians targeted on social media in ‘sextortion’ scamStartPage Web SearchIntroducing Cloudflare WorkersThe brand new Security Headers Cloudflare WorkerPGN Piano on YouTubeMove Forward Guitar on YouTubeFretjam on YouTubeSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

How come Apple's Mac App Store authorised a buggy app that mined for cryptocurrency in the background? How can a Mosquito attack steal data from an air-gapped computer? And is China keeping score on its social media-loving citizens?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest John Hawes.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:There’s a currency miner in the Mac App Store, and Apple seems OK with itA Surreptitious Cryptocurrency Miner in the Mac App Store?MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange DataMOSQUITO earbuds: Jumping air-gaps via speaker-to-speaker communication - YouTubeWould you choose a partner based on their 'citizen score'?China eyes 'black tech' to boost security as parliament meetsBig data meets Big Brother as China moves to rate its citizensHow WeChat came to rule China The Rubik's Contraption0.38 Second Rubik's Cube Solve - YouTubeStatista - The Statistics Portal for Market Data, Market Research and Market StudiesBob Ross - WikipediaIs there a way to stop certain video suggestions on Youtube? I watched like 3 flat earth videos so I could have a good laugh, and now 90% of the recommended videos are from flattardsSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

If aliens did contact us would it be safe to open the email? Why would MoviePass track film lovers after they leave the cinema? Would you know how to get around Malaysia when your car rental website lets you down? And will Graham please stop talking about text adventure games?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by journalist (and possible spy) James Thomson.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: James Thomson.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Eurozine discusses disinformation and democracyMalware from Space Interstellar communication. IX. Message contamination is impossible (PDF)MoviePass CEO proudly says the app tracks your location before and after moviesCEO Mitch Lowe Says MoviePass Will Reach 5 Million Subs by End of YearMoviePass Privacy PolicyGET LAMP: The text adventure documentaryLeather Goddesses of PhobosGET LAMP: The Text Adventure Documentary - YouTubeInfocom: The Documentary - YouTubeJacaranda Jim - retro text adventure game by GrahamHumbug - retro text adventure game for MS-DOS by GrahamWarrington Cycle CampaignCycle Facility of the Month July 2017#WeThePeople LIVE podcastSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

Incognito mode on your browser not as private as you think, consumer spyware companies get hacked, Graham is accused of "multitasking" in his hotel room, and Carole champions the students of Parkland, Florida.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who recorded without a special guest this week.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How to go 'Incognito' on your web browser, and what it meansYour private browsing isn’t as incognito as you want it to beVeil is private browsing for the ultra-paranoidHacker Strikes ‘Stalkerware’ Companies, Stealing Alleged Texts and GPS Locations of CustomersSpy on Your Valentine Using Spy SoftwareHow stalking has been made easier by the internet and social networksTrailer NiteFlorida student to NRA and Trump: 'We call BS' - YouTubeMarch for our livesEmma González on TwitterFlorida Student Who Gave Emotional Gun Control Speech Now Has More Followers Than NRASmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest The CyberWire's Dave Bittner.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dave Bittner.Sponsored By:Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrMetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:FSLabs' A320 installer seems to include a Chrome password extraction toolFlight Simulator Add-On Tried to Catch Pirates By Installing Password-Stealing Malware on Their ComputersA320-X DRM clarification - Flight Sim Labs ForumsFlightSimLabs Alleged Malware Analysis – Luke GormanA320-X DRM - what happened - Flight Sim Labs ForumsLawsuits threaten infosec research - just when we need it mostFacebook plans to use U.S. mail to verify IDs of election ad buyersFacebook’s secret weapon in the fight against foreign meddling? PostcardsFact-Checking a Facebook Executive’s Comments on Russian InterferencePunycode - WikipediaIDN Safe for ChromeIDN Safe for FirefoxIDN Safe for OperaFirefox users - Spot phishing URL's more easily by enabling Show PunycodePrivacy.com — (Dave's recommendation, not ours)How to remove your credit card information from your iPhoneChange or remove your Apple ID payment information - Apple SupportSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrSupport Smashing SecurityLinks:Government websites hijacked by cryptomining pluginRussian nuclear scientists arrested for allegedly hijacking supercomputer to mine BitcoinsNow that's taking the p... Sewage plant 'hacked' to craft crypto-coinsSalon website gives you a choice: turn off your ad blocker or let us mine cryptocurrenciesCoinhive review: Embeddable JavaScript Crypto Miner - 3 days inSmashing Security 059: An intro to Bitcoin and BlockchainYouTube Kids app still showing disturbing videosSomething is wrong on the internet – James BridleAmazon Echo Dot ad cleared over cat food orderBroadcast Code - ASASarah Huckabee Sanders warns Twitter about Amazon Echo after 2-year-old orders $80 Batman toyCat Food (Amazon Echo Commercial) - YouTubeDinosaur ChessThe Furby Organ, A Musical Instrument Made From Furbies - YouTubeWintergatan - Marble Machine (music instrument using 2000 marbles) - YouTubePoppy introduces a plant - YouTubePoppy is a disturbing internet meme seen by millions. Can she become a pop sensation?Smashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest HaveIBeenPwned's Troy Hunt.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Troy Hunt.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGRapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrSupport Smashing SecurityLinks:Namecheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-DomainsThat’s not how security works, security is not obscurityUpdate on Recent Hosting Breach - Namecheap BlogHave I been pwned? Pwned PasswordsHow Long is Long Enough? Minimum Password Lengths by the World's Top SitesCenter for Humane TechnologyAdam Alter: Why our screens make us less happyEx Facebook, Google Employees Launch Anti-Tech CampaignSocial Networking Sites and Addiction: Ten Lessons Learned'Fiction is outperforming reality': how YouTube's algorithm distorts truthAlphaGo movieIn Two Moves, AlphaGo and Lee Sedol Redefined the FutureUbiquiti NetworksBasic Crepe Batter RecipeGateau de crepesSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)