Smashing Security18 Joulu 2025

The Kindle that got pwned

Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card.

Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each.

And because it's the last show before the Christmas break, there's also a Pick of the Week that veers from cosy rom-com comfort to pointy-polygon nostalgia.

All this, and more, in episode 448 of the "Smashing Security" podcast with Graham Cluley, and special guest Danny Palmer.

🎅 🎄 Thanks to everyone for listening to "Smashing Security" during 2025 - we look forward to being back in your ear'oles in early January. Stay safe! 🎅 🎄

EPISODE LINKS:

Password manager provider fined £1.2m by ICO for data breach affecting up to 1.6 million people in the UK - ICO.
Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg.
Russian ban on Roblox gaming platform sparks rare protest - Reuters.
Once upon an exploit: how fake audiobook led to Kindle takeover - Cybernews.
Four years later, Irish health service offers €750 to victims of ransomware attack - Bitdefender.
When Harry Met Sally - Wikipedia.
When Harry Met Sally trailer - YouTube.
Tomb Raider 1-3 Remastered review - you were never going to smooth these games out - Eurogamer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Privacy & Opt-Out: https://redcircle.com/privacy

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(470)

High-speed train hacks and homicidal lawnmowers

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative...

20 Touko 55min

How ShinyHunters hacked the world's biggest universities

Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused t...

13 Touko 1h 4min

Meta sees everything, Copy Fail, and a deepfake gets hired

Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1...

6 Touko 1h 2min

This developer wanted to cheat at Roblox. It cost millions

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach ...

29 Huhti 1h 4min

Rockstar got hacked. The data was junk. The secrets it revealed were not

A company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 2...

22 Huhti 51min

This AI company leaked its own code. It's also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $60...

15 Huhti 50min

LinkedIn is spying on you, and you agreed to nothing

LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you're job hunting, what religion you are, and whether you have AD...

8 Huhti 41min

This man hid $400 million in a fishing rod. Then it vanished

A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. There's just one small problem: the access co...

1 Huhti 45min