Smashing Security

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie’s “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Russian commander shot dead after posting runs on Strava running app - Kyiv Post.Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News.How synthetic media, or deepfakes, could soon change our worldeing deepfake scam ad on Facebook - 60 Minutes on YouTube.Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer.Fears grow of deepfake ID scams following Progress hack - Ars Technica.“Deep Fake Neighbour Wars”: ITV’s comedy shows how AI can transform popular culture -The Conversation.”My Old School” - BBC Scotland.”My Old School” trailer - YouTube.MP doesn’t know whether she attended Downing St Party - YouTube.”Non-Censored” with Rosie Holt podcast - Audioboom.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide - Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig - Is your cloud secure? Not without runtime insights! Sysdig delivers the industry's ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) - powered by runtime insights - to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Just how much do porn websites know about your sexual peccadillos? How are Barbie dolls involved in identity scams? And would you trust a completely free telly?Oh, and Graham has some opinions to share about "Indiana Jones and the Dial of Destiny".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Matt Davey from the "Random but Memorable" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Pornhub Is Being Accused of Illegal Data Collection - Wired.StopDataPorn brings Pornhub to court for abusing users’ personal data with GDPR complaints - StopDataPorn.The Password Game - Neal.fun.The True Cost of a Free TV - Wired.Telly dual-screen TV first look: it’s free and may be the future - The Verge.Swindlers Used Barbie Dolls to Rob COVID Relief Program - The Messenger.How rampant abuse by fintech fueled covid relief fraud - The Washington Post.'Biggest fraud in a generation': The looting of the Covid relief plan known as PPP - NBC News."We Are Not the Fraud Police": How Fintechs Facilitated Fraud in the Paycheck Protection Program - Fox News.‘The Dial Of Destiny’ Is Now The Worst-Reviewed ‘Indiana Jones’ Movie - Forbes.“Jury Duty” TV series - Wikipedia.“Jury Duty” trailer - YouTube.Spray Cork: What Is It? - Build with Rise.CorkSol.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

UPS delivers some smishing advice (but have they kept something under wraps?), we ask ChatGPT to take a long hard look at itself, and we debate what the penalty should be for taking national secrets home with you.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's sole founder Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:UPS discloses data breach after exposed customer info used in SMS phishing - Bleeping Computer.Example of UPS SMS phishing message related to Lego order - Twitter.Another example of a Lego-related UPS phishing message - Twitter.Former FBI Analyst Sentenced for Retaining Classified Documents - US Department of Justice.How The Intercept might have helped unmask Reality Winner to the NSA - Graham Cluley.Bad adverts leave people scratching their heads - MSN.How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT - Trend Micro.Which Jobs Will Be Most Impacted by ChatGPT? - Visual Capitalist.Unraveling an AI Scam with AI - Imperva.100,000 Hacked ChatGPT Accounts Discovered on Dark Web - Hackread.97+ ChatGPT Statistics & User Numbers In June 2023 (New Data)  - Nerdy Nav.“Speed Cubers” - Netflix.Trailer for “Speed Cubers” - YouTube.KBDcraft.”How to Win Friends and Disappear People” - Qcode Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Google sues alleged scammer over fake business and review scheme - The Verge.Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.Keep Connected - ages 10–14 - Keep Connected.The Metaverse Police: A VR content moderator shares his insights - Mixed News.“Untold: The Girlfriend Who Didn't Exist” - Netflix.Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Declassified files reveal ‘large number’ of security scares at Windsor Castle - Metro.Intruder at Windsor: Security 400 scared of unpleasant Andrew' to turn away fantasist - Express.The US Is Openly Stockpiling Dirt on All Its Citizens - Wired.I don’t care about cookies browser plugin.MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News.BBC, BA and Boots issued with ultimatum by cyber gang Clop - BBC News.Ukrainian police arrest multiple Clop ransomware gang suspects - TechCrunch.BBC and British Airways affected by data breach at payroll company Zellis - The Record.BA, Boots and BBC staff details targeted in Russia-linked cyber-attack - The Guardian.Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft - Mandiant.MOVEit Transfer and MOVEit Cloud Vulnerability - Progress.MOVEit announces second vulnerability; Minnesota schools agency breached with original bug - The Record.An Update on the Steps We are Taking to Protect MOVEit Customers  - Ipswitch.Spider-Man: Across the Spider-Verse - IMDB.Spider-Man: Across the Spider-Verse trailer - YouTube.The Muppets Mayhem - Disney+.The Muppets Mayhem trailer - YouTube.NT-USB microphone - Rode.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Hunters - A SOC platform, built to empower your security team to reduce risk, complexity and costs.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Max Power of Bitwarden.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Australian cyber-op attacked ISIL with the terrifying power of Rickrolling - The Register.“Breaking the code: Cyber Secrets Revealed” - ABC.Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminals - MSN News.Toll-free Hijack Alert (misdial scam) - AT&T.“Connected: the hidden science of everything” - Netflix.“Connections” with James Burke - YouTube.“I wanna marry Harry” reality show    - Wikipedia.“Space cadets” reality show - Wikipedia.Unreal: A Critical History of Reality TV - Apple Podcasts.Famous Studios - Famous Studios website.Unreal: A Critical History of Reality TV - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with David Ahn of Centripetal.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:8 new top-level domains for dads, grads and techies - Google.Tweet by Citizen Lab’s John Scott-Railton - Twitter.File Archiver in the browser - mr.d0x.A Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT? - Reason.Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crash - Wales Online.Cardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crash - Sky News.Two boys killed in Cardiff crash which was followed by riot are named - Sky News.Cardiff riots: social media rumours about crash started unrest, says police commissioner - The Guardian.Black Butterflies - Netflix.Black Butterflies trailer - YouTube.“The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter Zeihan - Amazon.Science Vs - Gimlet Media Podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Man convicted of blackmail and other offences - SEROCU.EU hits Meta with record €1.2B privacy fine - Politico.Police text 70,000 victims in UK's biggest anti-fraud operation - BBC News.iSpoof fraudster guilty of £100m scam sentenced to 13 years - BBC News.Fraudster pleads guilty to £100m iSpoof scam - BBC News.300: Interplanetary file systems, iSpoof, and don’t delete Twitter - Smashing Security."John Was Trying to Contact Aliens" - Netflix.Sleep mask - Amazon.Blackout blind with suction cups - Amazon.Jewish Matchmaking - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Centripetal - Centripetal's CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Vote for "Smashing Security" in the European Security Blogger Awards.Re-Victimization from Police-Auctioned Cell Phones - Krebs on Security.Fraud Strategy: stopping scams and protecting the public - UK Gov.Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested - Hacker News.Social media firms should reimburse online fraud victims, say UK bankers - The Guardian.How Many People Use Social Media in 2023? - Oberlo.Scam social media quizzes dupes people into revealing personal details - ITV News.Where are you most likely to be scammed: phone, text or social media? - This is Money.Major bank calls out Meta for huge rise in scams on its platforms -  This is Money.The Legend of Zelda: Tears of the Kingdom - Nintendo.ScanSnap SV600 - Fujitsu.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Outpost24 – Understand your shadow IT risk with a free attack surface analysis.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy