Smashing Security

Students are being spied on as they do online exams, how did a televised football match reveal the truth about artificial intelligence, and what on earth is the Canny Lumpsucker vulnerability?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford from The Host Unknown podcast.Plus don't miss the second part of our featured interview with LastPass's Dalia Hamzeh.Visit https://www.smashingsecurity.com/203 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dalia Hamzeh and Thom Langford.Sponsored By:Kroll: Rapidly detecting a threat is meaningless without the ability to respond with confidence. Kroll responds to over 2,000 cyber incidents every year and is uniquely positioned to bring that capability and expertise 24x7 with Responder. Kroll Responder merges hunting, detection, containment and remediation to deliver best-in-class endpoint security.See how Responder works at smashingsecurity.com/krollMimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your copy at smashingsecurity.com/mimecasthubLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vulnonym: Stop the Naming Madness! — Carnegie Mellon University Software Engineering Institute.Vulnonym — A bot generating names for CVE IDs.Thrangrycat — Not better known as 😾😾😾.Soccer match ruined when AI-controlled camera mistakes ref’s bald head for ball — SB Nation.Students Are Rebelling Against Eye-Tracking Exam Surveillance Tools — Motherboard.Proctorio sues UBC staff member for tweets sharing ‘confidential’ information about the software — The Ubyssey.ProctorU confirms data breach after database leaked online — Bleeping Computer.Proctorio CEO releases student’s chat logs, sparking renewed privacy concerns — The Ubyssey.Some news about proctoring at the University of Calgary — Reddit.My wife has proctored (webcam monitored) online classes. We live in a studio apartment, so I’m relegated to the bathroom. Rate my setup. — Reddit.How Many Potatoes Does It Take To Run DOOM? — YouTube.Raspberry Pi 400: the $70 desktop PC.Raspberry Pi 400: New All-in-One Pi! — YouTube.All Tilted Room Sketches — Shaun Micallef on YouTube.The Goes Wrong Show - Series 1: 6. 90 Degrees — BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

4 Marras 20201h 10min

Voting machines are under the microscope, scammers are posing as rap stars, and American politician AOC isn't the only one who's been getting into the Among Us game.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.Plus don't miss the first part of our featured interview with LastPass's Dalia Hamzeh.Visit https://www.smashingsecurity.com/202 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dalia Hamzeh and James Thomson.Sponsored By:Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureImmersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Rapper scammers admit faking association with musical group in conspiracy to cheat hotels, bank, limo service — US Department of Justice.This U.S. Election Could Be the Most Secure Yet. Here’s Why — The New York Times on YouTube.Report: Ransomware disables Georgia county election database — AP.Pity the nation: Americans’ choice of president on November 3 will affect Slovaks too. — Slovak Spectator article by James Thomson.AOC’s Among Us livestream hints at Twitch’s political power — MIT Technology Review.AOC makes explosive Twitch debut with over 435,000 Among Us viewers — Ars Technica.A massive spam attack is ruining public 'Among Us' games — Engadget.AOC Among Us FULL STREAM — YouTube.Among Us Has A Cheating Problem — Kotaku.Trump News Today | What The Fuck Just Happened Today?‎WTF Just Happened Today — Apple Podcasts.No Filter — Book by Sarah Frier.Fake Instagram follower services slapped with lawsuit — HOTforSecurity.From Our Own Correspondent — BBC Radio 4.From Our Own Correspondent Podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

28 Loka 20201h 12min

The Darkside ransomware gang thinks it's a modern-day Robin Hood when it donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Tim Hwang.Plus don't miss our featured interview with Recorded Future's Levi Gundert.Visit https://www.smashingsecurity.com/201 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Levi Gundert and Tim Hwang.Sponsored By:Recorded Future: Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and dark web sources.For up-to-the-minute security intelligence that can help you make fast and confident security decisions, install the free browser extension Recorded Future Express.Get it now at smashingsecurity.com/recordedfutureLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingSupport Smashing SecurityLinks:Smashing Security celebration livestream — YouTube.Ransomware gang donates part of ransom demands to charity organizations — ZDNet.Mysterious 'Robin Hood' hackers donating stolen money — BBC News.Donate Bitcoin - Give to Help Build Wells and Water Projects — The Water Project.Donate cryptocurrency to Children InternationalAd Tech Could Be the Next Internet Bubble — Wired.Subprime Attention Crisis: Advertising and the Time Bomb at the Heart of the Internet — A book by Tim Hwang.Miso Robotics unveils its next-gen robot kitchen assistant — VentureBeat.Flippy — Miso Robotics.Miso Robotics Flippy Robot flips burgers like it's its job — YouTube.Flippy the burger-flipping robot too good, fired after one day — Naked Security.Cybersecurity a Must for Safe IIoT Robots — Robotics Online.How to Improve Cybersecurity for Robots — RIA Robotics Blog.Airplane Mode — Steam.Enjoy a 6-hour flight in real-time with economy class sim Airplane Mode from tomorrow — Eurogamer.Airplane Mode: Live Action Trailer — YouTube.Airplane Mode Gameplay — YouTube.Gef the Talking Mongoose — Wikipedia.Gef! The Strange Tale of an Extra-Special Talking Mongoose — MIT Press.Dirty Diana — QCODE.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

21 Loka 20201h 12min

We're in celebratory mood as we celebrate our 200th episode, but there's still time to discuss Fatima the ballerina who the UK government wants to become a cybersecurity expert, why women are quitting the tech industry, and a smartwatch which might be putting your kids at risk.Plus don't miss our featured interview with Mimecast's Michael Madon.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/200 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Michael Madon.Sponsored By:Mimecast: Mimecast's State of Email Security 2020 report helps you understand the most pervasive threats and how they attack organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).Grab your copy at smashingsecurity.com/mimecasthubLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingSupport Smashing SecurityLinks:Join us on the Smashing Security LIVE STREAM! — We'll be live at 8pm UK Thursday 15 October (3pm Eastern).Fury over Government campaign suggesting ballet dancer could retrain in cyber security — London Evening Standard.Dying swan or lame duck? Why 'Fatima' the ballerina's next job was tripping up the government — The Guardian."For those worried about Fatima she’s almost certainly not called Fatima and almost certainly will never work in cyber. The image is from a US photographer based in Atlanta, Georgia." — Ciaran Jenkins on Twitter.The Vocabularist: How we use the word cyber — BBC News.Resetting Tech Culture: 5 strategies to keep women in tech (PDF) — Accenture and Girls Who Code.Exposing covert surveillance backdoors in children’s smartwatches — Mnemonic.Undocumented backdoor that covertly takes snapshots found in kids’ smartwatch — Ars Technica.Introducing the Xplora GO — YouTube.Commerce Department to Add Two Dozen Chinese Companies with Ties to WMD and Military Activities to the Entity List — U.S. Department of Commerce.Skribbl — Free Multiplayer Drawing & Guessing Game.Hades — Super Giant Games.Sticky Pickles — A new podcast by Carole Theriault and Anna Brading.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

14 Loka 20201h 11min

An internet-connected adult toy could leave its users encaged, the official NHS COVID-19 contact-tracing app alarms users, and would you be happy if a robot interviewed you for a job?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Zoe Kleinman.Visit https://www.smashingsecurity.com/199 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Smashing Security LIVE STREAM!CellMate chastity cage (Short model) — QIUI.Smart male chastity lock cock-up — Pen Test Partners.NHS Covid-19 app: 12m downloads - and lots of questions — BBC News.Hubert+1 - Add more to your team.Predictive Hire - Bias-free interviews.I Got a Job at an Amazon Warehouse Without Talking to a Single Human — Ryan Fan, OneZero.Tengai demo — YouTube.John Lennon at 80 - episode one. — BBC Sounds.John Lennon at 80 - episode two. — BBC Sounds.Sean Lennon's full conversation with Julian Lennon. — BBC Sounds.Sean Lennon's full conversation with Elton John. — BBC Sounds.Sean Lennon's full conversation with Paul McCartney. — BBC Sounds.John Lennon at the BBC: From The Beatles’ early days to his final interview — BBC Sounds.Television set — Wikipedia.Perspective — YouTube.Broad Canvas — Oxford art supplies store.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

7 Loka 202055min

Coffee machines catching ransomware, Blacklight shines a torch on website tracking, and a woman is freaked out that a complete stranger can turn off her home's security system.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.And don't miss our featured interview with Greg Jensen from Oracle, who talks all about five free reports he has put together for listeners about cloud security.Visit https://www.smashingsecurity.com/198 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Dave Bittner and Greg Jensen.Sponsored By:Oracle: Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business.Read the free reports at smashingsecurity.com/oraclereportLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Trojan Room coffee pot — Wikipedia.Trojan Room Coffee Machine — Department of Computer Science and Technology, Cambridge University.Reversing the Smarter Coffee IoT Machine Protocol to Make Coffee Using the Terminal — Evil Socket.The Fresh Smell of ransomed coffee — Martin Hron, Avast Threat Labs.When coffee makers are demanding a ransom, you know IoT is screwed — Ars Technica.What a hacked coffee machine looks like — YouTube.Blacklight — The Markup.What They Know … Now — The Markup.Smart Home Security Market Share, Size & Forecast to 2024 — Market data forecast.Smart home penetration rates — Statista.New homeowner 'freaked out' when stranger took control of her security system — CBC News.Confirmed: 2 Billion Records Exposed In Massive Smart Home Device Breach — Forbes.John Miles - Music — YouTube.You Can't Unhear This — YouTube.The Mystery Singer in All You Need Is Love — YouTube.New Climate Maps Show a Transformed United States — ProPublica.‎Hank the Cowdog — Apple Podcasts.Matthew Mcconaughey Lincoln MKZ Commercials compilation — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

30 Syys 20201h 7min

Why are Zoom and Twitter making some people disappear? How are Counter-Strike: Global Offensive cheats getting their just desserts? And the founder of a anti cyber-fraud firm is charged with fraud.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/197 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Package Thief vs. Glitter Bomb Trap — YouTube.CSGO Cheaters trolled by fake cheat software — YouTube.This Hacker Creates Fake Cheats That Make Cheaters Jump Off Buildings In-Game — Vice.Tweet by Colin Madland.Which will the Twitter algorithm pick: Mitch McConnell or Barack Obama? — Tweet by @bascule.GrahamOrCarole? — Twitter.Founder And CEO Of Cyberfraud Prevention Company Arrested And Charged With Securities Fraud Scheme — Department of Justice press release.Founder of Anti Cyber Fraud Company Charged With Fraud — Vice.Founder of cyber fraud startup ironically facing fraud charges — Gizmodo.Interview with NS8's Adam Rogas — YouTube.Mission to the Unknown Recreation - Doctor Who — YouTube.The making-of Mission to the Unknown — YouTube.Trillion Trees.Criminal: UK — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

23 Syys 202052min

Kalashnikov unveils its "smart" shotgun, San Diego struggles with its street lights, and a researcher reveals how he found a way to hack every Tesla on the planet.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David McClelland.Visit https://www.smashingsecurity.com/196 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingSupport Smashing SecurityLinks:Kalashnikov smart shotgun - MP-155 Ultima.Kalashnikov reveals first Russian-made smart shotgun MP-155 Ultima — YouTube.Mike Jernigan, blind veteran, uses a TrackingPoint system to land a 300+ yard shot — YouTube.See how a self-aiming sniper rifle can be remotely hacked — Hot for Security.Tesla Network Vulnerability Report - 2017-03-24 (Annotated) — Google Docs.The Big Tesla Hack: A hacker gained control over the entire fleet, but fortunately he's a good guy — Electrek.Smart Streetlights Program — City of San Diego.Cops Tap Smart Streetlights Sparking Controversy and Legislation — IEEE Spectrum.Mayor orders San Diego's Smart Streetlights turned off until surveillance ordinance in place — The San Diego Union-Tribune.Mayor was right to shut off Smart Streetlights — The San Diego Union-Tribune.Hints of life on Venus — University of Manchester."This Is Paris - The Real Story of Paris Hilton" — YouTube.“This is Paris” is a quixotic redemption story about what it means to be a human and a brand at once — Salon.com.Moriarty's Game: A Killer in the Hive.Castolog - a podcast recommendation podcast — That's Not Canon Productions.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

16 Syys 202054min