Smashing Security

The Gadget Show's Jon Bentley joins us to discuss the mystery of a Facebook friend you never requested, software updates for the Mercedes S-Class, and risks in the online classroom.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jon Bentley.Visit https://www.smashingsecurity.com/195 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jon Bentley.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingDeep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented.Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Say hello to to the latest weird viral Facebook hoax: ‘Selene Delgado Lopez’ — Mashable.Veja Quem é Selene Delgado Lopez - a Fantasma do Facebook — YouTube.The 10 most important innovations in the New Mercedes-Benz S‑Class! — Exhibit.Mercedes Revs mbrace2 With Cloud Updates — Wired.San Leandro schools stepping up online security after latest Zoombomb — San Francisco Chronicle.‘Zoombombers’ using porn to troll students across US — Miami Herald.Schoolgirl is robbed during a Zoom lesson in Ecuador — Daily Mail.Digital Education: The cyberrisks of the online classroom — SecureList.E-safety for schools — NSPCC Learning.A robot wrote this entire article. Are you scared yet, human? — The Guardian.Smart heater for water & milk — Heatle.Autopia: The Future of Cars by Jon Bentley — Amazon.Rayvolt Cruzer V3 E-Bike — CostCo.Harry Hill's TV Burp - Gadget Show Competition Prizes — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

9 Sep 202050min

A Bitcoin bungle causes one user to lose millions, hackers attempt to bribe a Tesla employee into infecting the company's network, and are we ready for a sky full of drones?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Visit https://www.smashingsecurity.com/194 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Jessica Barker.Sponsored By:Immersive Labs: Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses.Go to immersivelabs.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Confident Cyber Security by Jessica Barker.Tweet by John McAfee about the mathematical impossibility of Bitcoin being less than $1 million by the end of 2020.The Dickening Countdown to John McAfee Dick Eating.Bitcoin Holder Loses $16 Million in BTC to Well-Known Scam — Decrypt.Electrum user says he has lost 1400 Bitcoin — GitHub.Electrum Bitcoin wallets under siege — Malwarebytes.Electrum vulnerability announcement — Github.Sybil attack — Wikipedia.Fawlty Towers: The best of Sybil — YouTube.Electrum Bitcoin Wallet homepage.Elon Musk Says Tesla Saved From 'Serious' Ransom Attempt — Data Breach Today.Jennifer Lopez - Jenny from the Block (Official Music Video) — YouTube.The security impact of drones: Challenges and opportunities for the UK (PDF) — University of Birmingham.Security analysis of drones systems: Attacks, limitations, and recommendations — NCBI.Drone Delivery? Amazon Moves Closer With F.A.A. Approval — New York Times.What Security Threats Are Posed By Drones? — Avast.The Surprising Ways Drones Are Saving Lives — National Geographic.HEAVE HO!Heave Ho - Launch Trailer — YouTube.Behind the Schemes: Heave Ho with Le Cartel — YouTube.StartUp (TV series) — Wikipedia.StartUp - Launch Trailer — YouTube.Steal the Stars podcast — Tor Labs.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

2 Sep 202048min

Whatever happened to Crackas with Attitude, perfidious Albion College's approach to locking down Coronavirus, and the Bridgefy mesh messaging app falls down when it comes to security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Visit https://www.smashingsecurity.com/193 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Anna Brading.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:CIA boss has his personal email account hacked… and yes, it’s on AOL — Graham Cluley.Two years' detention for UK teenager who 'cyberterrorised' US officials — The Guardian.Kane Gamble sentencing remarks (PDF).What It’s Like for a Hacker to Get Back Online After a Two-Year Internet Ban — Motherboard.Fearing coronavirus, a Michigan college is tracking its students with a flawed app — TechCrunch.Bridgefy, the messenger promoted for mass protests, is a privacy disaster — Ars Technica.Bridgefy’s Commitment to Privacy and Security.Mesh Messaging in Large-scale protests: Breaking Bridgefy — Technical paper by Martin R Albecht, Jorge Blasco, Lenka Marekova, and Rikke Bjerg Jensen of Royal Holloway, University of London.How to Watch The Avengers Movies in Order — Digital Trends."Thor: Ragnarok" Official Trailer — YouTube.Sounds of the 90s with Fearne Cotton — BBC.Super Sapiens: a card game to help change the world — Etsy.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

26 Aug 202058min

A scam involving restaurant bookings at The Ritz is suitably sophisticated, the second wave of UK coronavirus testing apps, and we take a look at one of the biggest studies ever into the scourge of robocalls.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Rory Cellan-Jones.Visit https://www.smashingsecurity.com/192 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rory Cellan-Jones.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Tech Tent podcast — BBC World Service.Sir Frederick Barclay releases footage of alleged Ritz bugging — The Guardian.Tea at the Ritz soured by credit card scammers — BBC News.Tweet from The Ritz London.Coronavirus: England's contact-tracing app gets green light for trial — BBC News.Coronavirus: England's contact tracing app trial gets under way — BBC News.A simple telephony honeypot received 1.5 million robocalls across 11 months — ZDNet.Who's Calling? Characterizing Robocalls through Audio and Metadata Analysis — USENIX.Pick of the Week archive — Smashing Security.13 Minutes to the Moon — BBC World Service.Borrasca — QCODE.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

19 Aug 202049min

Can a video game help your company's staff choose stronger passwords? Why might satellite-based internet communications be bad for security? And what are the alternatives to TikTok?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/191 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Passworld: A Serious Game to Promote Password Awareness and Diversity in an Enterprise — USENIX.Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks — Black Hat USA 2020.Satellite Broadband Security - James Pavur — YouTube.Twitter and TikTok reportedly have had talks about a deal — The Verge.Trump bans US transactions with Chinese-owned TikTok and WeChat — The Guardian.These apps are scrambling to become the next TikTok — Wired.Introducing Instagram Reels — Facebook.Quoridor — Wikipedia.Quoridor — BoardGameGeek.BLACK & DECKER 20V LBX20 Li-Ion Battery USB Power Source Adapter w/DC 12V Port — eBay.The Young Offenders — BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

12 Aug 202054min

Special guest Geoff White can't resist using the podcast to promote his new book, "Crime Dot Com", but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don't give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes - the technology fighting back at facial recognition.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by "Crime Dot Com" author Geoff White.Visit https://www.smashingsecurity.com/190 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:A free chapter of Geoff's book, "Crime Dot Com"Start-Up Helps Conservative Websites Like the Daily Caller Store User Names, Postal Addresses of Anonymous Readers — Jezebel.Permission Shmarketing: How does GetEmails work? — YouTube.Some say we're criminals. Many say we're unethical. We think we're geniuses. But we're so, so bad... — YouTube.Three charged in massive Twitter hack, Bitcoin scam — KTVU.Three Individuals Charged For Alleged Roles In Twitter Hack — Department of Justice.Defund Facial Recognition Before It's Too Late — The Atlantic.'Atlas of Surveillance' now provides searchable, interactive database of police surveillance — VentureBeat.Clearview AI—Yet Another Example of Why We Need A Ban on Law Enforcement Use of Face Recognition Now — Electronic Frontier Foundation.Facial Recognition Map.This Tool Could Protect Your Photos From Facial Recognition — The New York Times.Fawkes - Image "Cloaking" for Personal Privacy.Fawkes: Protecting Personal Privacy against Unauthorized Deep Learning Models (USENIX Security 2020) — YouTube.Rush Hour (puzzle) — Wikipedia.Rush Hour games — ThinkFun.How To Play: Rush Hour - by ThinkFun — YouTube.Unblock Me — iOS App Store.Origins - How the earth shaped human history — Lewis Dartnell.The Umbrella Academy — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

5 Aug 202048min

Why are students faking their own kidnappings? What's the story behind Garmin's ransomware attack? And a genetic genealogy website suffers a hack or two.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray [REDACTED].Warning: This podcast may contain nuts, adult themes, and rude language.Links:Tribe of Hackers Podcast.Golden State Killer pleads guilty to 13 murders — BBC News.Joseph James DeAngelo — Wikipedia.Hackers Attacked Two Leading Genetic Genealogy Websites — Buzzfeed News.GEDmatch confirms data breach after users’ DNA profile data made available to police — TechCrunch.Garmin outage caused by confirmed WastedLocker ransomware attack — Bleeping Computer.Charges Announced in Malware Conspiracy — FBI.Garmin staggers back online after ransomware attack — Graham Cluley.Coronavirus: China warns students over 'risks' of studying in Australia — BBC News.Chinese students in Australia targeted in virtual kidnapping scam — BBC News.Chinese students in Australia are being targeted in kidnapping scams, police warn — South China Morning Post.Chinese Students in Australia Are Faking Their Own Kidnappings. Here’s Why — Vice.SecondHandSongs.Doomsday Algorithm — Just in case you didn't understand Ray's explanation...Incredibox.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Immersive Labs - Giving security professionals practical and gamified content to keep pace with the latest threats. Listeners can get access to more than 24 hours of free labs AND a new lab to try out each week.LastPass - The trusted enterprise password manager of over 33,000 businesses.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: “Vinyl Memories” by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

29 Jul 202049min

Who stopped Twitter's hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.Visit https://www.smashingsecurity.com/188 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:The Twitter mega-hack. What you need to know — Tripwire State of Security.The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried — Graham Cluley.Twitter Hackers Could Have Stolen A Whole Lot More Bitcoin — Forbes.Twitter says hackers downloaded private account data — BBC News.UK condemns Russian Intelligence Services over vaccine cyber attacks — GOV.UK.Britain’s charges of hacking & meddling ‘make no sense’ but Russia is ready to turn the page & work with UK – ambassador — Russia Today.Russian Cyber Espionage Group Targets COVID-19 Vaccine Research and IP — IP Watchdog.Google bans ads for stalkerware apps—with some exceptions — Ars Technica.Google’s ad ban won’t stop stalkerware apps from promoting themselves — Graham Cluley.1 in 10 Americans uses stalkerware to track partners and exes, poll finds — CNET.Stalkerware: Domestic Abuse Victims Face Invisible Threat — Digital Trends.How to Check Your Devices for Stalkerware — Wired.Find and remove stalkerware and bossware from your phone — Traced.President Trump goes one-on-one with Chris Wallace — YouTube.Montreal Cognitive Assessment (MOCA) — A similar test to that taken by President Donald Trump.Quiz: Could you pass Donald Trump's cognitive test? — BBC News."How to cognitive" — Sarah Cooper on Twitter.Don't F**k with Cats: Hunting an Internet Killer — IMDB.60 Versions of Leonard Cohen's 'Hallelujah,' Ranked — Newsweek.Hallelujah (COVER) - Shaun Brown & Jeremy Dunham — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

22 Jul 20201h 2min