Smashing Security

On May 4th 2000, the Love Bug virus (also known as ILOVEYOU or LoveLetter) rapidly spread around the world, clogging up email systems. Computer security veterans Graham Cluley and Carole Theriault are joined this week by special guest John Hawes for a trip down memory lane.  Show notes: Memories of the Love Bug worm - Naked Security "Subject: I Love You" movie trailer - YouTube   Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers' PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again.All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Michael Hucks from PC Matic.Show notes: Webroot antivirus goes bananas, starts trashing Windows system files - The Register. Webroot causes massive headaches after falsely flagging Windows files as malicious - Graham Cluley. Tweet by Webroot user Bob Ripley - @M5_Driver. W32.Trojan.Gen false positive - advice for home users - Webroot. W32.Trojan.Gen false positive - advice for business users - Webroot. Most millennials regularly stream pirated content, survey finds - Torrent Freak. Malware, data theft, and scams: researchers expose risks of free livestreaming websites - Ku Leuven. File sharer hit with $675,000 fine - Digital Trends. Ashley Madison blackmail roars back to life - ZDNet. Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Michael Hucks.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Hotel malware has been stealing guests' payment card details... again, should businesses relay delay rolling out vulnerability patches, and Burger King's Whopper TV ad campaign tries to take advantage of viewers' Google Home devices with predictable results. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin. Show notes: InterContinental Hotels Group (IHG) Notifies Guests of Payment Card Incident at IHG-Branded Franchise Hotel Locations in the Americas Region - IHG. Affected hotel look-up tool - IHG. Been to one of these 1170 IHG hotels? Your credit card details may have been stolen by malware - Bitdefender. Microsoft patches Word zero-day booby-trap exploit - Naked Security. Microsoft zero-day vulnerability was being exploited for cyber-espionage - Graham Cluley. The Shadow Brokers - Wikipedia. Burger King's 'OK Google' sad ad saga somehow gets worse - The Register. Burger King Connected Whopper ad - YouTube. Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Spyware companies are filmed plotting to break global sanctions to ship surveillance and spying equipment to dodgy authoritarian regimes, an unsecured database exposed diabetics’ sensitive data, and a massive data breach leaves hundreds of thousands of current and former Wonga customers at risk. All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Lisa Vaas. Show notes: Spyware firms in breach of global sanctions - Al Jazeera. Al Jazeera Investigations - Spy Merchants - YouTube. Mounties admit to using cellphone-snooping ‘stingrays’ - Sophos Naked Security. A huge trove of patient data leaks, thanks to telemarketers' bad security - ZDNet. Leak of diabetic patients’ data highlights risks of giving info to telemarketers - DataBreaches.net. Unsecured database exposed diabetics’ sensitive data - Sophos Naked Security. Fraudsters Target People With Diabetes - AARP. Wonga.com TV advert - YouTube. Wonga security incident FAQ - Wonga.com. Wonga data breach puts up to 245,000 UK current and former customers at risk - Graham Cluley.   Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Lisa Vaas.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Don't let an internet-enabled sex toy make your most private moments oh-so-public. Samsung's wannabe-Android-killer is found lacking.  And did you hear about the firm that is micro-chipping its employees?  All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest John Hawes. Show notes: Vulnerable Wi-Fi dildo camera endoscope. Yes really - Pen Test Partners Samsung's Android Replacement Is a Hacker's Dream - Motherboard Companies start implanting microchips into workers' bodies - LA Times This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: John Hawes.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

What can you do to better protect your online email accounts?In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin tips on how to defend your Gmail/Yahoo/Hotmail/Outlook/etc account.SHOW NOTES:Passwords - a Smashing Security splinter How to better protect your Google account with two-step verification and Google Authenticator - Graham CluleyHow to protect your Yahoo account with two-step verification (2SV) - Graham CluleyNIST declares the age of SMS-based 2-factor authentication over - TechCrunchThe lesson we all must learn from the Celebgate nude photo hack - Graham Cluley Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Alex Eckelberry.SHOW NOTES: Sorry for the Nazi spam from my Twitter account - Graham Cluley Newsweek reporter Kurt Eichenwald on Fox News, 15 December 2016 - YouTube Maryland man arrested for cyberstalking - US Dept of Justice US man held for sending flashing tweet to epileptic writer - BBC News Epilepsy site hacked with seizure images - CBS News How to really pronounce GIF - howtoreallypronouncegif.com Gif's inventor says ignore dictionaries and say 'Jif' - BBC News How to disable animated GIFs in different web browsers - The Windows Club How to disable autoplaying videos on Twitter - Twitter This is the email that hacked Hillary Clinton’s campaign chief - Bitdefender Hot for Security Fry all the things! USB Kill zaps tons of computing devices - Graham Cluley UK flight ban on electronic devices announced - BBC News Electronics banned from cabins on some Middle Eastern and African flights to U.S. - CNN Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Alex Eckelberry.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Graham Cluley, Carole Theriault and special guest Nick FitzGerald discuss the latest news from the world of computer security. SHOW NOTES: Preinstalled Malware Targeting Mobile Users - CheckPoint Chinese Android smartphone comes with malware pre-installed - Graham Cluley WikiLeaks says it will work with software vendors to fix CIA zero-day exploits... but when? - Graham Cluley Kaspersky launches a range of perfumes to, er, defend your odour - The Register Toilet hackers could snoop on your poop, steal data of a "personal nature" - Graham Cluley Beauty blogger Scarlett London launches Threat de Toilette in bid to stop youngsters oversharing online - The Sun Jackie Chan and Eugene Kaspersky - YouTube Packin' the K music video - YouTube   This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Thanks to Recorded Future for their support.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Nick FitzGerald.Support Smashing Security

Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control? Computer security veterans Graham Cluley, Carole Theriault and special guest Paul Ducklin discuss. SHOW NOTES: Nintendo Classic Mini WikiLeaks says it releases files on CIA cyber spying tools The CIA didn't break Signal or WhatsApp, despite what you've heard After NSA hacking exposé, CIA staffers asked where Equation Group went wrong Apple, Samsung Respond To Wikileaks Claims Of CIA Hacking Programs Twitter reactions to the WikiLeaks CIA data dump Is the CIA's Weeping Angel spying on TV viewers? Satan ransomware: old name, new business model 3 (free) things that journalists can do right now to protect their data and their sources at the border The US Gov Can Download the Entire Contents of Your Computer at Border Crossings What Are Your Rights if Border Agents Want to Search Your Phone? Stop Fabricating Travel Security Advice  This episode of Smashing Security is sponsored by Foursys - check out their free end-user cybersecurity training kit - it's everything you need to roll out infosecurity best practice training (right from your desk). Grab it now from https://www.foursys.co.uk/toolkit Thanks to Foursys for sponsoring this episode of Smashing Security. Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Support Smashing Security

A creepy teddybear leaks two million voicemail messages, Windows 10 pushes you into only installing vetted apps, and Boeing warns 36,000 employees their personal information could have been exposed after a worker sends a spreadsheet to his wife.All this and more is discussed by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault.SHOW NOTES: Announcing the first SHA1 collision Tavis Ormandy: Cloudflare Reverse Proxies are Dumping Uninitialized Memory Incident report on memory leak caused by Cloudflare parser bug List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak Quantifying the impact of "CloudBleed" CloudPets commercial Data from connected CloudPets teddy bears leaked and ransomed, exposing kids' voice messages Microsoft slaps Apple Gatekeeper-like controls on Windows 10: Install only apps from store Boeing Notifies 36,000 Employees Following Breach  This episode of Smashing Security is sponsored by NetFort - https://www.netfort.com/ NetFort LANGuardian is easy-to-use network traffic and security monitoring software that tells you what is really happening on your network - no specialist hardware required!Check out the demo of LANGuardian and download a free trial from https://www.netfort.com/. Mention "Smashing Security" and you'll save 20% off your order!Thanks to NetFort for sponsoring this episode of Smashing Security.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security