Smashing Security

Apps that belch out sensitive military information, what could the world learn from South Korea's digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump... and why?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the "Power Corrupts" podcast.Plus we have a bonus feature interview with Rachael Stockton from Logmein, the folks behind LastPass, all about their report into the psychology of passwords.Visit https://www.smashingsecurity.com/179 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Brian Klaas and Rachael Stockton.Sponsored By:LastPass: LastPass's "Psychology of Passwords" report surveyed over 3,000 people around the world to highlight the current state of online security behaviors – and the results are alarming.Download it now at smashingsecurity.com/passwordreportImmersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Military And Intelligence Personnel Can Be Tracked With The Untappd Beer App — Bellingcat.What South Korea's Nightclub Outbreak Can Teach Other Countries — Time.When audio deepfakes put words in Jay-Z’s mouth, did he have a legal case? — Ars Technica.Jay-Z’s Deepfake Hamlet Recital — To Sue, Or Not To Sue — Forbes.Vocal Synthesis — YouTube channel.Doordash and Pizza Arbitrage — Ranjan Roy.Iron Chef Japan episodes — YouTube.Rabbit Hole podcast.The Psychology of Passwords — LastPass.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

20 Mai 20201h 2min

Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Lisa Forte.Visit https://www.smashingsecurity.com/178 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.Oracle: Check out the free cloud security reports that Oracle is making available for listeners of "Smashing Security" and learn how organizations can make security an essential part of the culture of their business.Read the free reports at smashingsecurity.com/oraclereportLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Me Too! — Microsoft tells the story of the Bedlam DL3 email storm.Microsoft employees swept up in GitHub reply-all email apocalypse — Business Insider.Microsoft now blocks reply-all email storms to end our inbox nightmares — The Verge.Reply All Storm Protection in Exchange Online — Microsoft Tech Community.The NHS's massive email storm — Graham Cluley.Entertainment Law Firm Hacked in Major Data Breach, Ransomware Attack — Variety.Coronavirus: Commuters told to 'prepare to queue' in new guidance — BBC News.Employers Rush to Adopt Virus Screening. The Tools May Not Help Much — The New York Times.Robot dog enforces social distancing in city park — BBC News.Onkalo spent nuclear fuel repository — Wikipedia.Into Eternity — Wikipedia.Finland buries its nuclear past — BBC News.The plan to protect humans from radioactive waste with color-changing cats — Business Insider.How colour-changing cats might warn future humans of radioactive waste — The Guardian.The Summit trailer — YouTube.No Way Down: Life and Death on K2 — Amazon.com.Jim Lahey's No-Knead Bread Recipe — Leite's Culinaria.No Knead Bread Recipe — YouTube.No-Knead Bread Recipe — New York Times.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

13 Mai 202050min

What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down the man behind one of history's biggest virus outbreaks in Manila? And what on earth is a hacker doing breaching Roblox security?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.Visit https://www.smashingsecurity.com/177 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:DomainTools: Join our friends at DomainTools for a webinar as they walk you through the process of identifying a nefarious domain, mapping connected infrastructure, and reverse-engineering a ransomware attack which used a Coronavirus disguise.Learn more about how DomainTools helps security analysts turn threat data into threat intelligence and watch the webinar at domaintools.com/smashingOracle: Build, test, and deploy applications on Oracle Cloud - for free.Sign up at smashingsecurity.com/oracle and you'll soon be building, testing and deploying cloud applications securely with Oracle.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the EU Security Blogger Awards!Graham Cluley on Earworm Island — Earworm Island podcast.Carole Theriault on Earworm Island — Earworm Island podcast.Elon Musk tweets a photo of his newborn child — Twitter.World Password Day — Days of the year.Grimes explains the baby's name — Twitter.Don’t Make These 5 Password FAILS! (But Do Notch These 2 Password Wins) — ID Agent.Love Bug Virus Creator Comes Clean — Geoff White.Memories of the Melissa virus — Naked Security.Roblox — Wikipedia.What is Roblox? — Digital Trends.Hacker Bribed 'Roblox' Insider to Access User Data — Motherboard.I'm Officially RICHER Than ROBLOX!! (WORLD RECORD BROKEN) — Linkmon99 on YouTube.WM97/Michael-B virus analysis — Sophos.Bookcase Credibility — @BCredibility on Twitter.Five Minutes With: Brian Sewell — YouTube. So you can see how good Graham's impression is.Syncplay.Netflix Party.Whole Chicken in a Can — Ashens on YouTube.Poundland Food Special - All Day Breakfast — Ashens on YouTube.MRE & Ration Reviews — YouTube. A man experiencing and reviewing military rations from 1863-current day.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

6 Mai 20201h

Journalists spying on their rivals, the NHS rejects Apple and Google's approach to Coronavirus-tracing, and universities are hit by an old-fashioned sexy lady attack. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Rik Ferguson.Visit https://www.smashingsecurity.com/176 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rik Ferguson.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Vote for Smashing Security in the EU Security Blogger Awards!Financial Times reporter accessed private calls at Independent and Evening Standard — The Independent.FT suspends journalist accused of listening to rival outlets' Zoom calls — The Guardian.Sky News admits it hacked Canoe Man’s email — Naked Security.Is it ever acceptable for a journalist to hack into somebody else’s email? — Naked Security.NHS rejects Apple-Google coronavirus app plan — BBC News.Threat Actors Repurpose Hupigon in Adult Dating Attacks Targeting US Universities — Proofpoint.Warwick University kept data hack secret from students and staff — Birmingham Live.JustWatch - The Streaming Guide.Just Watch — Apple App Store.Just Watch — Google Play.Fire for Kids Unlimited — Amazon UK.Kindle Limited for Kids — Amazon.com.J! Archive.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

29 Apr 202045min

Will deepfake disguises hit a video conference near you, can Coronavirus-tracing apps be trusted, and should Facebook shut down anti-quarantine events?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/175 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice. Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Iain Thomson in fancy dress on Zoom. — Twitter.Smashing Security 134: Sextortion, silicone face masks, and a DDoS doofus.Avatarify: Avatars for Zoom and Skype — GitHub."Elon Musk joined our Zoom call" — YouTube.Avatarify demo — YouTube.This Open-Source Program Deepfakes You During Zoom Meetings, in Real Time — Vice.Trailer for Zardoz (1974) — YouTube.Coronavirus: Governors ask Trump to call off lockdown protests — BBC News.Facebook sort-of blocks anti-quarantine events – how many folks are actually behind these 'massive' protests online? — The Register.COVID-19 apps — Wikipedia.Would You Give Up Health or Location Data to Return to Work? — The New York Times.European scientists and researchers raise privacy concerns over coronavirus contact tracing apps — VentureBeat.European experts ready smartphone technology to help stop coronavirus — Reuters.2 billion phones cannot use Google and Apple contact-tracing tech — Ars Technica.Contact Tracing in the Real World — Light Blue Touchpaper.Tracking the Global Response to COVID-19 — Privacy International.Apple and Google Respond to Covid-19 Contact Tracing Concerns — Wired.Sketchplanations - A weekly explanation in a sketch.Make These Projects to Fight COVID-19 Right Now — Make.3D Print This Simple Tool Now, To Help Local Sewists Make More Masks for Covid-19 — Make.Fix The Mask.Turn a T-shirt into a face mask — Ronit Bose Roy on Twitter.Educational Documentaries on Netflix — YouTube.Remote Tourism.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

22 Apr 202049min

World-chess-champion-turned-activist Garry Kasparov joins us as we discuss celebrity lookalikes, smartphone fleeceware, the impact Coronavirus is having on security, and how a popular new video game is being used for political ends. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Garry Kasparov.Yes, the Garry Kasparov. Graham was pretty excited too.Visit https://www.smashingsecurity.com/174 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Garry Kasparov.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Don’t let fleeceware sneak into your iPhone — Sophos.Fleeceware apps persist on the Play Store — Sophos.Fleeceware apps discovered on the iOS App Store — ZDNet.How to see or cancel subscriptions on your iPhone, iPad or iPod touch — Apple Support.How to cancel, pause, or change a subscription on Google Play — Google Play Help.Global Move to Telecommute Work Increases Security Risks — Voice of America.Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book — Malwarebytes.Animal Crossing.The Vegan Guide to 'Animal Crossing: New Horizons' — PETA Kids.Chinese gamers decorate Animal Crossing with propaganda and Covid-19 references — Abacus.Nintendo game pulled from Chinese platforms after Hong Kong protest — Reuters.Animal Crossing removed from sale in China amid Hong Kong protests — BBC News.Animal Crossing game removed from sale in China over Hong Kong democracy messages — The Guardian.Retirement day fighter jet ride ends in chaos after OAP pulls ejector seat lever — Daily Star.Extraordinary Times: A COVID-19 Visual Journal — Maria Photinakis.French air investigation report.Coronavirus: 20 suspected phone mast attacks over Easter — BBC News.Coronavirus: Scientists brand 5G claims 'complete rubbish' — BBC News.The Weirdly Enduring Appeal of Weird Al Yankovic — The New York Times.‎The Daily: The Sunday Read: Weird Al Yankovic’s Weirdly Enduring Appeal — Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

15 Apr 202046min

We take a look at the stinky backside of surveillance, gas about the latest video-conferencing threats, and jump into the murky world of 5G conspiracy theories.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland and featuring an interview with LastPass's Barry McMahon.Visit https://www.smashingsecurity.com/173 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Barry McMahon and David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Engineers unleash car-seat identifier that reads your rear end — Phys.org.Identifying personal microbiomes using metagenomic codes — PNAS.A mountable toilet system for personalized health monitoring via the analysis of excreta — Nature.'Magic toilet' could monitor users' health, say researchers — The Guardian.Toilet hackers could snoop on your poop, steal data of a “personal nature” — Graham Cluley.Zoomed In: A Look into a Coinminer Bundled with Zoom Installer — Trend Micro.PSA: Fake Zoom installers being used to distribute malware — Bleeping Computer.Was a 5G Tower Torn Down in China To Stop COVID-19? — Snopes.Coronavirus 5G Conspiracy Theory: UK Cell Towers Burned Over Claims It Causes COVID-19 — International Business Times.Coronavirus 5G conspiracy theory spreads as cellphone towers attacked — USA Today.5G is not accelerating the spread of the new coronavirus — Full Fact.Influencers among 'key distributors' of coronavirus misinformation — The Guardian.How the 5G coronavirus conspiracy theory tore through the internet — Wired.Call for social media platforms to act on 5G mast conspiracy theory — The Guardian.Totally Reliable Delivery Service - The Game About Terrible Delivery Drivers.Totally Reliable Delivery Service - Launch Trailer — YouTube.LET'S GO LIVE with Maddie & Greg — YouTube.Power Corrupts Podcast.The godfather of fake news — BBC News.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

8 Apr 20201h 3min

Carole details how companies are spying on their stay-at-home workers, Mikko Hyppönen discusses the trustworthiness of video chat apps, and Graham gets embarrassed when he admits he's bought a Facebook Portal for his in-laws.All this and much much more is discussed in the latest edition of the award-winning "Smashing Security" podcast with Graham Cluley and Carole Theriault.Visit https://www.smashingsecurity.com/172 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mikko Hyppönen.Sponsored By:DomainTools: DomainTools helps security analysts turn threat data into threat intelligence. Its solutions give organizations the ability to use and create a forensic map of criminal activity, assess threats and prevent future attacks.Learn more about their products at domaintools.com, or visit domaintools.com/smashing to enter their Capture The Flag competition and be in with a chance to win a $100 gift card.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Herrasmieshakkerit — Mikko's security podcast (in Finnish) with Tomi Tuominen.Video trailer for Herrasmieshakkerit — YouTube.Has Houseparty really been hacked? $1 million reward offered to unearth who is behind widespread claims — Graham Cluley.Houseparty declares that all accounts are safe — Twitter.Houseparty announces $1,000,000 bounty — Twitter.Zoom Meetings Do Not Support End-to-End Encryption — The Intercept.The most popular smartphones in 2019 — DeviceAtlas.The Zoom IPO (with Santi Subotovsky) — Acquired podcast.Cyber Volunteers – Protecting and Responding for our healthcare services! — CV19.Bosses Panic-Buy Spy Software to Keep Tabs on Remote Workers — Bloomberg.Your Bosses Are Trying To Spy On You Now More Than Ever — Futurism.Companies are using webcams to monitor employees working from home — Business Insider.Something Rhymes with Purple — Acast.Susie Dent on Twitter.Virtual choir from Finland: "Song of the Fearless" — YouTube.Someone's built the entire Earth in Minecraft - to scale — Eurogamer.The Earth in Minecraft, 1:1 scale ...for the first time — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

1 Apr 202051min