Cyber biowarfare, giant ladybugs, and strippers

A security threat researcher is badly hacked in a revenge attack. Some people want to save Adobe Flash, but is that wise? And a poorly-secured electronic billboard starts displaying offensive images...All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Hackers Leak Data From Mandiant Security Researcher in Operation #LeakTheAnalyst — Bleeping Computer.Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm — The Next WebLinkedIn profile of a Mandiant employee — Warning - contains image of hairy bottom. This is really here just for Maria.How to choose a strong password - simple tips for better security — YouTube video from 2009, featuring Graham (and filmed by Carole). So, who remembered correctly what we actually said in the video?Smashing Security podcast: Protecting webmail — A Smashing Security splinter.Flash & The Future of Interactive Content — Adobe.Petition to open source Flash and Shockwave — Github.Adobe Flash Fans Want a Chance to Fix Its One Million Bugs Under an Open Source License — Gizmodo.Hackers hijack central Cardiff billboard to display swastikas and more... — Graham Cluley.Hackers plant obscene image on electronic billboard in Atlanta — Graham Cluley.Motorists warned of Dalek invasion by hacked road sign — Naked Security.How to Lock Down TeamViewer for More Secure Remote Access — How-To Geek.Long Distance — Reply All podcast by Gimlet Media.Tickled movie — Wikipedia.Tickled documentary to air on HBO with bonus follow-up special — The A.V. Club.Clock face with actual human face uses eyes to tell time — Mashable.Picture of Carole's clock (which Graham hates) — Twitter. Privacy & Opt-Out: https://redcircle.com/privacy

3 Aug 201744min

China is forcing people to install smartphone spyware, young cyberoffenders are offered rehab, and robot vacuum cleaners want to sell maps of the inside of your house to tech firms.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dan Ring.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dan Ring.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:Xinjiang Users Arrested over State Spyware Usage — Infosecurity MagazineChina crams spyware on phones in Muslim-majority province — The Register.Rehab camp aims to put young cyber-crooks on right track — BBC News.Roomba vacuum maker iRobot betting big on the 'smart' home — Reuters.iRobot Wants to Sell Mapping Data Collected by Roomba Vacuums to a Tech Company Like Apple — Mac Rumors.Griffin BreakSafe Magnetic USB C Charging Cable — To make your upgraded MacBook Pro a little less of a downgrade.USB-C MagSafe - Will it work!?!? — iJustine's video on YouTube.Chipotle Blames Norovirus Outbreak on a Sick Employee — Pick of the week?Jim'll Paint It — See what Microsoft Paint can do in the hands of a genius.MS Paint is here to stay — Microsoft. Privacy & Opt-Out: https://redcircle.com/privacy

26 Juli 201737min

The UK government wants you to give your credit card details to porn sites, Ashley Madison offers compensation to the people whose lives it ruined, and an adult website wants you to pass its unorthodox and below-the-belt biometric identity check... gulp!All this and Myspace, Google Glass, Fleabag, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:BBC One - X-Ray, Summer Specials, Photography Special — Watch David McClelland on iPlayer if you're in the UK. There may also be ways of watching this outside the UK. We couldn't possibly comment...Vladimir Putin Cut From Two Upcoming Hollywood Movies — Hollywood ReporterIt's not Yourspace, it's Myspace — Leigh-Anne Galloway shares her research on Myspace's diabolical security.Myspace fixes account security hole - but delete your account anywayThe UK will block online porn from next year. Here's what we know — WiredAshley Madison will pay $11.2 million to data breach victims — EngadgetYou can now use a dick pic as a password. Why, god? Why. — MashableNasty Bug Left Thousands of Internet of Things Devices Open to Hackers — MotherboardMillions of IoT devices at hacking risk due to flaw in open source software library — Bitdefender Box blogMeet the Thirteenth Doctor Who — YouTube.Fleabag — Sadly there is no way at all for anyone outside the UK to watch shows on BBC iPlayer. Definitely not. Nope. No way at all. Impossible.IRL Podcast: Online Life is Real Life — Mozilla's new podcastGoogle Glass is officially back with a clearer vision — EngadgetBlack Mirror: The Entire History of You — We didn't mention it on the podcast, but this episode of "Black Mirror" includes the new Doctor Who - Jodie Whittaker.This Startup Wants to Replace Your Office With 3D Holograms - Bloomberg — Article about Meta, which is testing augmented reality technology on its employees Privacy & Opt-Out: https://redcircle.com/privacy

20 Juli 201748min

Is password manager 1Password treating its customers unfairly? Are autonomous cars driving us around the bend? And what is this Net Neutrality thing anyway? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks from PC Pitstop.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Michael Hucks.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:sweetsweet — Michael's band.Why Security Experts Are Pissed That ‘1Password’ Is Pushing Users to the Cloud — Motherboard report.1Password irks security experts in push toward cloud-based vaults — AppleInsider report.Are local vaults going to exist for the foreseeable future? — AgileBits Support Forum — 1Password's support forum.1Password wants you to sync via the cloud, but won't force youThe new Audi A8 luxury sedan is a high-tech beast that can drive itself — The Verge.Tesla owners are ignoring autopilot safety advice and putting the results on YouTube — The Verge.The biggest threat facing connected autonomous vehicles is cybersecurity — TechCrunch.Join the Battle for Net NeutralityThe coming battle over 'net neutrality' — BBC NewsThe FCC Insists It Can't Stop Impostors From Lying About My Views On Net Neutrality — Karl Bode isn't very happy in this Techdirt article.A Bot Is Flooding The FCC Website With Fake Anti-Net Neutrality Comments... In Alphabetical Order — Arnold Aardvark isn't a fan of net neutrality apparently.Alexa calls cops on man allegedly beating his girlfriend — Horrendous report from the New York Post, but for once Amazon's Alexa sounds like it did some good.Southern Rail on Twitter — Eddie takes over Southern Rail's Twitter account.Work experience boy runs Southern Rail's Twitter account — Sky News.The Red Pill movie — Wikipedia.Rapidfire Chimney Starter — Weber.Griddled spatchcock poussins with shallot vinaigrette recipe — Apparently Carole makes a mean one of these, although we've only got her word for it. Privacy & Opt-Out: https://redcircle.com/privacy

13 Juli 201742min

The iPhone 8 is on its way and may use 3D facial recognition rather than a fingerprint sensor to lock out intruders, and the UK's Automobile Association claims it hasn't leaked any credit card data, so why is it getting so upset about security researchers publishing screenshots of leaked data?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by umm.. nobody.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing SecurityLinks:Yes - despite what it says - AA customer credit card data was exposedApple Readies iPhone Overhaul for Smartphone’s 10th Anniversary - BloombergThe World's Blackest Material - An Inside Look At Vantablack — YouTube video.About Touch ID advanced security technology - Apple SupportHe thought a book would stop a bullet and make him a YouTube star. Now he’s dead. - The Washington PostFirik Sleep Headphones — For those of you who want to look like John McEnroe when you're snoozing in bed. Privacy & Opt-Out: https://redcircle.com/privacy

6 Juli 201735min

Another major ransomware outbreak rattles the world - but no-one can decide what it's called, the danger posed to driverless cars by kangaroos, and do you really want an Amazon Echo Show?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest David Bisson.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David Bisson.Sponsored By:Rapid7: Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial now.Support Smashing SecurityLinks:Martijn Grooten on Twitter: "Seriously injured man lies next to tree..." — Martijn seems to be suggesting the infosecurity industry might have the wrong priorities.Global ransomware outbreak hits organisations hardCybereason discovers NotPetya kill switch — You might want to create a file called "perfc" in your Windows folder.Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday — Don't pay the ransom folks...Driverless cars: Kangaroos throwing off animal detection software — Cripes!How Flying Cars Will Boost Intel, Uber and AirbusAmazon’s New Echo Show Is Very Cool And A Little Creepy[PSA] Intercom (drop-in) does require calling to be enabled and needs access to your contact listMalicious Life podcast — Interviewing Graham Cluley, Vesselin Bontchev, and others about the early days of malware.50th anniversary of the ATM opens debate about mobile paymentsWhy Was The World's First Cash Machine In Enfield?"On The Buses" - YouTube — Starring Reg Varney, famous for being one of the first people in the world to use an ATM.The Bright Sessions podcast Privacy & Opt-Out: https://redcircle.com/privacy

29 Juni 201744min

In this special "splinter" episode, regular hosts Graham Cluley and Carole Theriault are joined by special guest Kevin Gorsline to discuss the European Union's General Data Protection Regulation (GDPR), and what it means for your business even if you're not based in Europe.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Kevin Gorsline.Support Smashing SecurityLinks:The EU's GDPR legislation — A gentle read before bedtime...EU data protection rules affect everyone, say legal experts — The EU's new data protection rules will impact every entity that holds or uses European personal data both inside and outside of Europe, according to legal experts.Preparing for GDPR - 12 steps to take now (PDF) — Advice from the UK's Information Commissioner's Office.EU GDPR demystified: a straight-forward guide for US firms (Part I) – — Our own Carole Theriault writes about GDPR on the TBG Security blog.EU GDPR demystified: a straightforward reference guide for US firms (Part II) — More from Carole Theriault on the TBG Security blog. Privacy & Opt-Out: https://redcircle.com/privacy

22 Juni 201726min

Microsoft gives us a Patch Tuesday shock, malware grows up for the Mac, and your mouse movements might reveal if you're an identity thief. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik of AlienVault.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Javvad Malik.Sponsored By:Foursys: IT security professionals! Register for your free place at SecureTour17, being held at Manchester United's Old Trafford stadium on July 6 2017, and hear security experts (and Graham) talk about threats and the latest technology to fight them.Support Smashing SecurityLinks:June 2017 security update release — Microsoft reveals it is releasing security updates for older versions of Windows that are no longer officially supported.Microsoft security advisory — Guidance related to June 2017 security update release.Microsoft security advisory - guidance for older platformsMacSpy: OS X RAT as a Service — Information from experts at AlienVault on the MacOS malware-as-a-service threat.MacRansom: Offered as Ransomware as a Service — Fortinet's analysis of MacRansom.Identity theft can be thwarted by artificial intelligence analysis of a user's mouse movements — Your mouse movements can indicate whether you're lying.The detection of faked identity using unexpected questions and mouse dynamics — Check out the technical paper by Monaro, Gamberini and Sartori.Rude security video from Javvad Malik — Why spend thousands on complex and innovative security awareness activities, when all you need to do, is train your staff to be rude.Divide and conquer: How Microsoft researchers used AI to master Ms. Pac-Man - Next at Microsoft — Microsoft's researchers have been busy...Video of Microsoft's Ms Pac Man-playing AI.Max Hawkins's website — "For the past two years I’ve been letting randomized computer programs decide what I do."Eager To Burst His Own Bubble, A Techie Made Apps To Randomize His Life — NPR take a look at the odd lifestyle of Max Hawkins.The Dice Man — 1971 novel by Luke Rhinehart.Logitech finally finds a good use for wireless charging: A mouse pad — Would you buy one of these? Seriously? Privacy & Opt-Out: https://redcircle.com/privacy

15 Juni 201738min