006: A romantic ransomware hotel break

AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with Alex Lawrence, principal security architect at Sysdig.Warning: This podcast may contain nuts, adult themes, and rude language. May? Who are we kidding...Episode links:199: A few tech cock-ups, and one cock lock-up - Smashing Security.Smart male chastity lock cock-up - Pen Test Partners.“My sexual urges are so out of control I’m considering buying a chastity cage” - Dear Deidre, The Sun.Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed - TechCrunch.Dispatch pauses AI sports writing program - Axios.Would Your Partner Cheat? These ‘Testers’ Will Give You an Answer - The New York Times.Loyalty Test.Nitpick: Why don’t induction hobs have knobs?Longevity… simplified - book by Dr Howard J Luks.Oxford Art Society Open Exhibition 2023.Carole Theriault art website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

6 Sep 20231h 7min

Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich's head, and how Graham is refusing to call Twitter "X".All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer - Forbes.Stranger sent dick pics so I convinced him he was dying - YouTube.Creeps Airdropping Dick Pics Is the Latest Air Travel Nightmare - Vice.Airdrop scam tokens - Trezor.Brother of Criminal Bitcoin Mixing CEO Pleads Guilty to Stealing 712 Bitcoins From IRS - CoinDesk.Blue-tick scammers target consumers who complain on X - The Guardian.Infinite Mac.Classic Mac OS - Wikipedia.Perplexity AI - chatbot.CrazyGames.Braingle. 40 Weirdest Things on Amazon That People Actually Love to Buy - Good Housekeeping.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Beyond Identity – Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

30 Aug 202337min

Surely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:One in three young people falling prey to ‘text pests’ as ICO calls for victims to come forward - ICO.My pizza order turned into a terrifying ordeal after creepy delivery driver stole my data & I was sent sinister messages - The Sun.Share your experience of unwanted contact after giving your personal information to a business for a legitimate reason - ICO.IoT, wearables and the new health insurance paradigm - IT-Online.Top 10 Innovative Wearable IoT Devices - IOT Design Pro.Explosive Growth Forecasted: IoT in Healthcare Market Set to Reach US$ 952.3 Billion by 2032 with a Remarkable CAGR of 18.0% - PharmiWeb.Sweat it out: Novel wearable biosensor for monitoring sweat electrolytes for use in healthcare and sports -Science Daily.New Apple Watch X Leaked: MAJOR Redesign & Magnetic Band System! -YouTube.Wearables | Privacy & security guide - Mozilla Foundation.5 trending wearables in 2023 to look out for - Ignitec.Internet of Things Becomes Greater Focus for Pharma -Health Leaders media.Hospitals are selling treasure troves of medical data — what could go wrong? - The Verge.Opt out of sharing your health records - NHS.Legal lullabies - Drift asleep listening to Instagram's terms of service.The Sound: Mystery of Havana Syndrome.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Beyond Identity – Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

23 Aug 202338min

AI chatbots are under fire in Las Vegas, the secrets of hackers' passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:100,000 Hackers Exposed from Top Cybercrime Forums - Hudson Rock.Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer - Hudson Rock.People coaxed AI into saying 9+10=21 and giving instructions for spying — it shows how these systems are prone to flaws and bias - Business Insider.These Women Tried to Warn Us About AI - Rolling Stone.Chatbots: Why does White House want hackers to trick AI? - BBC News.I, Claudius - BBC iPlayer.Drama Connections: I, Claudius - BBC documentary from 2005, on YouTube.'Painkiller' Review: Netflix Series Fails To Capture Opioid Crisis - Variety.”Painkiller” trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Sysdig – Is your cloud secure? Not without runtime insights! Sysdig delivers the industry’s ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) – powered by runtime insights – to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Beyond Identity - Enables companies with the ability to completely eliminate reliance on passwords and protect against password-based breaches, fraud, and ransomware attacks. Get a free demo.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

16 Aug 202334min

Razzlekhan, the self-proclaimed Crocodile of Wall Street, pleads guilty to the biggest crypto laundering scheme in history, and just how safe are you typing while on a Zoom call?Meanwhile, Graham rants about public EV chargers.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:With Nvidia Eye Contact, you’ll never look away from a camera again - Ars Technica.“A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” - Technical paper (PDF).New acoustic attack steals data from keystrokes with 95% accuracy - Bleeping Computer.Bitfinex users to share 36% of bitcoin losses after hack - BBC News.Bitfinex’s Latest News & Updates - BitFinex blog.Heather R. Morgan - Wikipedia.Razzlekhan and husband guilty of $4.5bn Bitcoin launder - BBC News.Record-high seizure of $4bn in stolen Bitcoin - BBC News.‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan - The Guardian.”Versace Bedouin” music video by Razzlekhan - YouTube.“Pho King Badd Bhech” music video by Razzlekhan - YouTube.SWARCO - Nit Pick of the Week.Esim Holafly - Holafly.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN – Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

9 Aug 202344min

Carole takes us into the sinister side of Barbie, while Graham describes a stalkerware operation that has been spilling its secrets.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SpyHide couldn’t hide forever - Maia arson crimew.Spyhide stalkerware is spying on tens of thousands of phones - ​TechCrunch.Coalition against Stalkerware.Use Google Play Protect to help keep your apps safe and your data private - Google.Eyeing Barbie movie download? Beware of online scam, says McAfee - Tech News.A Complete History of the Barbie Movie - Vanity Fair.20 Things You Probably Didn't Know About Barbie - Readers Digest.Influencer's 'Honest Review' of 'Barbie' Goes Viral - Newsweek.How scammers are using ‘Barbie’ craze to steal personal information - The Hill.‘Barbie’ Box Office to Blast Past $700M Globally After Record Week - The Hollywood Reporter.Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info - McAfee.History vs Hollywood.Weird: The Al Yankovic story - History vs Hollywood.The News Meeting - Tortoise podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Hunters – A SOC platform, built to empower your security team to reduce risk, complexity and costs.Moonlock - The cybersecurity wing of MacPaw. Developers of CleanMyMac X antimalware tech, Moonlock Engine.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

2 Aug 202337min

Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:90210 plastic surgeon Dr Gary Motykie.Dr Gary Motykie videos - YouTube.More plastic surgery patients have their nude photos and information leaked - DataBreaches.net.Typo watch: 'Millions of emails' for US military sent to .ml addresses in error - The Register.Hundreds of thousands of US military e-mails wind up in Mali - Le Monde.Beware of WormGPT: AI Tool Enables Cyber Attacks and Impersonation Scams - IB Times.WormGPT: a generative AI tool to compromise business emails - CSO Online.WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks - SlashNext.“Who shat on the floor at my wedding?”Futurama - Wikipedia.Radiooooo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!ClearVPN - Hide your IP address, browse without geo-restrictions, and stay private online with a 30 day free trial of its premium plan.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

26 Juli 202351min

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson’s WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten’ passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion’ scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie’s “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

19 Juli 202336min