Smashing Security16 Apr 2025

Hacking the hackers... with a credit card?

A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you?

And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Sell your forum accounts - PRODAFT.
International Scammers Steal Over $1 Trillion in 12 Months in Global State of Scams Report 2024 - Gasa.org.
Why Nigeria's internet scammers are 'role models' - BBC News.
28-year-old fraudster surrenders to EFCC, confesses to romance scams - Punch Newspapers.
Black Box - BBC iPlayer.
Black Box trailer - YouTube.
Katherine Ryan Battleaxe Tour - LW Theatres.
Louis Theroux Interviews - Series 1: 5. Katherine Ryan - BBC iPlayer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan!
Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(474)

AI gets hacked, and BitLocker gets bypassed

What if your AI coding assistant could be tricked into stealing your own company's secrets - by reading a single booby-trapped bug report? No phishing email. No malware. No password ever stolen. Just ...

17 Jun 1h 12min

This AI worm just rewrote its own rules

Researchers at the University of Toronto have built a worm that thinks for itself. Using free off-the-shelf AI models it works out how to break into each new computer it encounters, and hijacks the po...

10 Jun 46min

This AI security flaw might be impossible to fix

A website called "UK visa portal" has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They wer...

3 Jun 57min

What your Oura ring won't tell you

CISA, the US government agency whose entire job is keeping America's critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile...

27 Mai 53min

High-speed train hacks and homicidal lawnmowers

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative...

20 Mai 55min

How ShinyHunters hacked the world's biggest universities

Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused t...

13 Mai 1h 4min

Meta sees everything, Copy Fail, and a deepfake gets hired

Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1...

6 Mai 1h 2min

This developer wanted to cheat at Roblox. It cost millions

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach ...

29 Apr 1h 4min