Revolting receipts, a Twitter fandango, and shopkeeper cyber tips

While Julian Assange was killing time in the Ecuador's embassy in London, the CIA were trying to dream up ways to kill him, and urine trouble if you put your trust in an IoT lavatory.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody at all.Visit https://www.smashingsecurity.com/245 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks — Yahoo News.The seven-year itch: Assange's awkward stay in the embassy — The Guardian.Assange Held Legal Meetings in Ladies' Toilet Due to Paranoia: Report — Business Insider.Julian Assange smeared faeces on walls of Ecuadorian embassy, interior minister claims — The Independent.Julian Assange: Why Ecuador ended his stay in London embassy — BBC News.Julian Assange dragged from Ecuadorean embassy — BBC News.The smart toilet era is here! Are you ready to share your analprint with big tech? — The Guardian.Assume Nothing - Hack Attack — BBC Sounds.The Art Museum — Phaidon.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

29 Sep 202136min

How much do you trust the people who work at your VPN provider? How are folks fighting facial recognition? And what on earth is Ray-Ban thinking getting into bed with Facebook?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/244 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government — Department of Justice.DarkMatter.Ex-NSA cyberspies reveal how they helped hack foes of UAE — Reuters.Daniel Gericke and ExpressVPN – Official Response — ExpressVPN.Trust, but verify: An in-depth analysis of ExpressVPN's terrible, horrible, no good, very bad week — ZDNet.Facebook debuts its Ray-Ban Stories smart sunglasses — TechCrunch.Facebook warned over ‘very small’ indicator LED on smart glasses, as EU DPAs flag privacy concerns — TechCrunch.Mark Zuckerberg introduces Ray-Ban Stories — YouTube.Computer Vision Dazzle Camouflage — CV Dazzle.Researchers Defeated Advanced Facial Recognition Tech Using Makeup — Vice.Dodging Attack Using Carefully Crafted Natural Makeup — YouTube.How to Play the Piano by James Rhodes — Amazon UK.Music and the inner self, TEDx talk by James Rhodes — YouTube.Yamaha P-45 — Thomann.Origins: How the Earth Shaped Human History by Lewis Dartnell — Amazon UK.Life Lines — BBC Radio 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

22 Sep 202151min

A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Visit https://www.smashingsecurity.com/243 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comAttivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport Smashing SecurityLinks:Fake Walmart news release claimed it would accept cryptocurrency — BBC News.Alerts and story on Walmart to accept Litecoin payments withdrawn — Reuters.NOTICE TO DISREGARD - Walmart Inc. — Globe NewswireWalmart Statement in Response to Fake Litecoin Press Release — Walmart.Litecoin Foundation ‘Screwed Up,’ Lee Says of Walmart Snafu — Bloomberg.Walmart-Litecoin Pact Hoax Jolts Crypto Market — YouTube.Official statement from Litcoin Foundation — Twitter.Apple rushes to block 'zero-click' iPhone spyware — BBC News.Pegasus: Spyware sold to governments 'targets activists' — BBC News.Smashing Security #237: NuNa, NuNu, NaNa — Podcast episode where we previously discussed NSO Group's activities.The rise and fall of Theranos: so many lessons in a drop of blood — The Conversation.Theranos Didn’t Just Harm Investors — Bloomberg.Theranos founder Elizabeth Holmes 'lied and cheated', trial hears — BBC News.Theranos Founder Elizabeth Holmes Is on Trial. Silicon Valley Is Watching — Wired.#susanalbumparty: The ad campaigns that accidentally (or not) launched filthy hashtags — BBC.‎Bad Blood: The Final Chapter — Apple Podcasts."The Trip" trailer — YouTube.TraffickCam.101 Great Cuss/Swear Word Alternatives — WeHaveKids.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

15 Sep 202148min

ProtonMail finds itself in a privacy pickle, the big problem with Facebook's algorithmic amplification, and strange things are happening on Banksy's website.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/242 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comPrivacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:ProtonMail logged IP address of French activist after order by Swiss authorities — TechCrunch.Important clarifications regarding arrest of climate activist — ProtonMail.Information for Law Enforcement Authorities — ProtonMail.Tweet by Andy Yen, founder of ProtonMail.Why Facebook Won’t Stop Pushing Propaganda — Mother Jones.Fake Banksy NFT sold through artist's website for £244k — BBC News.A fake Banksy sold for $330K is a perfect symbol of a wild NFT market — The Next Web.Banksy was warned about website flaw before NFT hack scam — BBC News.McCartney 3,2,1 - Trailer — YouTube.Classic Albums — BBC Four.Backyard Coaster POV | Little Thunder — YouTube.Inside the Most Impressive Backyard Roller Coaster I've Ever Seen: Little Thunder — Coaster 101.Pre-owned Rides for sale.Netflix Drops Trailer for New Norwegian Vampire Comedy Post Mortem: No One Dies in Skarnes — Netflix.Post Mortem: No One Dies in Skarnes — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

8 Sep 202156min

How to find your match on the Bumble dating app, convicted criminals make money out of cryptocurrency, and there are concerns about data in Afghanistan.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/241 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:Vulnerability in Bumble dating app reveals any user's exact location — Robert Heaton.How Tinder keeps your exact location (a bit) private — Robert Heaton.The Taliban Have Seized U.S. Military Biometrics Devices — The Intercept.A U.S.-built biometric system sparks concerns for Afghans — NBC News.This is the real story of the Afghan biometric databases abandoned to the Taliban — MIT Technology Review.Sweden must give Bitcoin worth €1.3 million back to drug dealers after costly legal misstep — Euronews.Miles Davis: Birth of the Cool — Netflix.What We Do in the Shadows — BBC iPlayer.Watch What We Do in the Shadows — Hulu.Radio Garden.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

1 Sep 202147min

A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer.All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC cybersecurity correspondent Joe Tidy.Visit https://www.smashingsecurity.com/240 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Tidy.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport Smashing SecurityLinks:We Broke Into A Bunch Of Android Phones With A 3D-Printed Head — Forbes.Wake up this morning and see this on my 3D printer (I use octoprint and now I’m scared) — Reddit.What’s *THAT* on my 3D printer? Cloud bug lets anyone print to everyone — Naked Security.A detailed analysis of the security incident last night — The Spaghetti Detective.The PewDiePie Hackers: Could hacking printers ruin your life? — BBC News.The $600 million Poly Network hacker's Q&A — Twitter.Crypto hacker offered reward after $600m heist — BBC News.Hackers steal nearly $100m in Japan crypto heist — BBC News.Altsbit Crypto Exchange Gets Hacked, 'Almost All Funds' Are Gone — Bitcoinist.Bitpoint Exchange Hacked for $32 Million in Cryptocurrency — CoinDesk.Coincheck: World's biggest ever digital currency 'theft' — BBC News.The Inside Story of Mt. Gox, Bitcoin's $460 Million Disaster — Wired.Buying a pink NFT cat was a crypto nightmare — BBC News.Hearings Continue In Case Of Wealthy Robotics Founder Sued By His Wife For ‘Indefensible’ Sale Price Of His Startup — Forbes.Google ‘founder’ created revenge site against estranged wife — New York Post.Billionaire investor who helped launch Google is accused of 'divorce terrorism' in bitter break-up — Daily Mail.Cracker (British TV series) — Wikipedia.Cracker — BritBox.K&F Concept 4K WiFi 30MP Trail Camera Game Camera with 940nm Infrared Outdoor IP66 Waterproof Hunting Infrared Night Vision Camera — K&F Concept.Keeping the Wolf Out — BBC Radio 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

25 Aug 202151min

The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes (who has a very controversial Pick of the Week...)Visit https://www.smashingsecurity.com/239 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Thousands of Wikipedia Pages Vandalized With Giant Swastikas — Gizmodo.Video of Wikipedia defacement — Twitter.Scottish Wikipedia.Um, almost the entire Scots Wikipedia was written by someone with no idea of the language – 10,000s of articles — The Register.Protection policy — Wikipedia.Austrian soldier imprisoned for showing photos of swastika tattoo on testicle — Jewish News.Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain — IOT Inspector.TikTok adds more safety features for teens — CNET.TikTok Vigilante Group the Great Londini Has Made Hunting Down Trolls Its Mission — Insider.Who is TikTok’s masked vigilante? — BBC News.News Bunny — Wikipedia.Nestflix.The Movies That Made Us — Netflix.The School of Life — YouTube.How Not to be Boring — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

18 Aug 202151min

Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.Visit https://www.smashingsecurity.com/238 to check out this episode’s show notes and episode links.We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!Support Smashing SecurityLinks:DEF CON masks and vaccination FAQ.Hacking DEF CON 29 — Reznok.Tweet by Jeff Moss (Dark Tangent) thanking Reznok.PetitPotam proof-of-concept tool — GitHub.Windows “PetitPotam” network attack – how to protect against it — Naked Security.Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands — Bitdefender.The Trigan Empire — Wikipedia.The Rise and Fall of The Trigan Empire: Volume 1 — Treasury British Comics Shop.Tangle Teezer — If you want to be a Fashion Captain, like Duck.Modern Love trailer — YouTube.Modern Love (TV series) — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

28 Jul 202153min