006: A romantic ransomware hotel break

Chuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb scammer.All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Chief executive of collapsed crypto fund HyperVerse does not appear to exist - The Guardian.Crypto hedge fund CEO may not exist; probe finds no record of identity - Ars Technica.BUSTED: Fake HyperVerse CEO Who Stole $1.3 Billion Unmasked! - YouTube.Hyperverse’s Steven Reece Lewis outed as Steve Harrison - Behind MLM.HyperVerse crypto promoter ‘Bitcoin Rodney’ arrested and charged in US - The Guardian.GenAI could make KYC effectively useless - TechCrunch.Airbnb Grifter Busted for $7.5 Million 'Bait-and-Switch' Scam, Feds Say - The Daily Beast.I Accidentally Uncovered a Nationwide Scam Run by Fake Hosts on Airbnb - Vice.Percentage Point vs. Percent Difference - Macroption.“Is Math Real?” - Book by Eugenia Cheng.“Julia” trailer - YouTube.Watch Before We Die - Channel 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

10 Tammi 202448min

Piers Morgan is less than happy after a judgement that there is "no doubt" he knew phone hacking was going on at the Daily Mirror, and a shopper comes a-cropper just before Christmas.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Piers Morgan denies knowing of phone hacking after judge rules he did - The Guardian.I've never told anyone to hack a phone - Piers Morgan tells Laura Kuenssberg - BBC News.Piers Morgan interviewed by BBC’s Amol Rajan about phone hacking at Daily Mirror - BBC News.Piers Morgan will find many ways to deny phone hacking – but how long before his number is up? - Archie Bland’s article in The Guardian.Piers Morgan tells Charlotte Church how to stop her mobile phone from being hacked - YouTube.I'm sorry, Macca, for introducing you to this monster - Piers Morgan describes in the Daily Mail a voicemail he heard between Paul McCartney and Heather Mills.The human cost of phone hacking - Graham Cluley.Eudesignhouse.shop Review – Unmasking the Store Closing Scam - MyAntiSpyware.Whois Domain Lookup.Myth Maker: The Lost Legacy of Donald Cotton - SoundCloud.15 virtual Christmas party games to play this festive season - Country Living.21 Virtual Christmas Games To Play On Zoom With Adults - Team Building.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

20 Joulu 202344min

A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Fuzzy Duck - Wikipedia.Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit.Rule 34 - Wikipedia.We are (temporarily) offline - InflateVids on Patreon.Fast Company’s Apple News access hijacked to send an obscene push notification - The Verge.Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ - Vice.The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin.Russian influence and cyber operations adapt for long haul and exploit war fatigue - Microsoft.How Zelensky became Hollywood man of the hour - The Guardian.Nigel Farage wishes Hugh Janus a happy birthday - YouTube.Don Johnson - Cameo.Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register.Winning hearts and minds - Military Wiki.AdGuard Home - GitHub.Garmin Edge 130 Plus - Garmin.Garmin Connect IQ - Garmin.The Thermapen.Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool - Amazon.Small Silicone Spatulas - Amazon.3 Pcs Rubber Jar Gripper Pads - Amazon.Marble Dough Roller - Amazon.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Push Security – Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

13 Joulu 202356min

Hacking fears are raised at Western Europe's most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Why Facebook Is Rebranding Itself as Meta - INSEAD.Windscale fire - Wikipedia.Sellafield nuclear site hacked by groups linked to Russia and China - The Guardian.Response to a news report on cyber security at Sellafield - UK Government.Response to Guardian news article - Office for Nuclear Regulation.Common Facebook Marketplace scams and how to avoid them - Comparitech.Advice from Google on how to remove malware and unsafe software from Android devices - Google.New Report Reveals Truths About How Teens Engage with Pornography - Common Sense Media.‘A lot of it is actually just abuse’- Young people and pornography - Children's Commissioner for England.Implementing the Online Safety Act: Protecting children from online pornography - Ofcom.UK age assurance guidance for porn sites gives thumbs up to AI age checks, digital ID wallets and more - TechCrunch.Demotivational posters."Her Time: How Trailblazing Women Scientists Decoded the Hidden Universe," by Shohini Ghos.Meet Your Second Wife - Saturday Night Live sketch, YouTube.‘Modern Love Podcast’: Our 34-Year Age Gap Didn’t Matter, Until It Did - New York Times.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Push Security – Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

6 Joulu 202359min

Don't minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams?All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield.Plus - don't miss our featured interview with Push Security founder and CEO Adam Bateman.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:XtraVue Trailer demo - YouTube.Nvidia sued after video call mistake showed 'stolen' data - BBC News.Valeo v. Nvidia complaint - DocumentCloud.Fake BBC news article using Jane Wakefield’s name - Twitter.Report a fraudulent webpage to Google Safe Browsing - Google.Meta's EU ad-free subscription faces early privacy challenge - Yahoo!Meta to offer ad-free subscription in Europe in bid to keep tracking other users - TechCrunch.Meta’s EU ad-free subscription faces early privacy challenge - TechCrunch.Facebook and Instagram to Offer Subscription for No Ads in Europe - Facebook. noyb files GDPR complaint against Meta over “Pay or Okay” - NOYB. Big Mac index 2023 - Statista.Euro aea wages 2023 - Take-profit.org.Boat Story review - The Guardian.GlasgowGPT - the world's first Scottish artificial intelligence chatbot.Gergely Orosz uncovers fake female speakers at a tech conference - Twitter. Eliza-May Austin shares her experiences of being invited to speak at tech conferences - LinkedIn. Boat Story - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Push Security - Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

29 Marras 20231h 4min

Who gets to decide who should be CEO of OpenAI? ChatGPT or the board? Plus a ransomware gang goes a step further than most, reporting one of its own data breaches to the US Securities and Exchange Commission.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims - 404.AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC - DataBreaches.net.SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies - US Securities and Exchange Committee.OpenAI announces leadership transition - OpenAI.The Fear and Tension That Led to Sam Altman’s Ouster at OpenAI - The New York Times.Emergency Pod: Sam Altman is Out at Open AI - The New York Times.What We Know About Sam Altman’s Ouster From OpenAI - The New York Times.Ousted OpenAI C.E.O. Makes Plans for New Artificial Intelligence Company - The New York Times.Microsoft Hires Sam Altman Hours After OpenAI Rejects His Return - The New York Times.In the battle to bring ousted founder Sam Altman back to OpenAI, Microsoft and Satya Nadella hold the trump cards - Fortune.Rate your resignation letter - Twitter account.Suella Braverman’s resignation letter - Twitter.Analysis of letter by Dame Andrea Jenkyns - Twitter.Thread about letter from Dame Andrea Jenkyns - Twitter.The Future by Naomi Alderman review - The Guardian.The Future by Naomi Alderman - Harper Collins.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

22 Marras 202343min

Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Bored Ape NFT Partygoers Blame UV Lights For Burned Eyes And Skin - Kotaku.Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked - The Register.Raft Suffers $3.3M Exploit That Drove Down Stablecoin 50%, but Hacker Likely Lost Money on Attack - CoinDesk.Leaderboard Comparing LLM Performance at Producing Hallucinations when Summarizing Short Documents - Github.Cut the Bull…. Detecting Hallucinations in Large Language Models - Vectara.Chatbots May ‘Hallucinate’ More Often Than Many Realize - The New York Times.Bing's ChatGPT-Powered Search Has a Misinformation Problem - Vice.ChatGPT gets code questions wrong 52% of the time - The Register.FreeTube.The Wonderful Story of Henry Sugar - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

15 Marras 202336min

A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI - The Register.Zandra Ellis criminal complaint (PDF).Rent-A-Hitman: Your Point & Click Solution! - YouTube.It’s shockingly easy to buy sensitive data about US military personnel - MIT Technology Review.This Guy Trolls His TikTok Haters By Getting Tattoos of Them - Vice.Man Gets Back at Trolls Online With Revenge Tattoos - MSN.The Beatles - “Now and Then” music video - YouTube.“The Last of Us” piano scene, episode 3 - YouTube.Celeritas podcast.Pick of the week archive - Smashing Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!Panoptica – Panoptica is a cloud native application security solution connecting developer and security teams to their organization’s biggest cloud threats from code to production.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

8 Marras 20231h 4min