006: A romantic ransomware hotel break

It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Stop pixelating! New tool reveals the secrets of "redacted" documents - Hot for Security.Google Pixel exploit reverses edited parts of screenshots - The Verge.Tweet by researcher Simon Aarons - Twitter.aCropalypse demo.Samsung 'Fake' Moon Shots Controversy Puts Computational Photography in the Spotlight - MacRumors.Android phones can be hacked just by someone knowing your phone number - Graham Cluley.BBC advises staff to delete TikTok from work phones - BBC News.TikTok: UK ministers banned from using Chinese-owned app on government phones - BBC News.TikTok banned from official Welsh government phones - BBC News.Danish public broadcaster advises staff against using TikTok - BBC News.Canada bans TikTok on government devices - BBC News.European Commission bans TikTok on staff devices - BBC News.New bill would ban TikTok in the US but it faces long odds - BBC News.A Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless' - Entrepreneur.Retired Colorado teacher left homeless and broke after scammers hijack house sale - MSN.Homebuyers scammed out of nearly $200,000 - YouTube.Stolen life savings Vickie and Sarah Ragle - Go Fund Me.The Play That Goes Wrong.The Goes Wrong Show 90 Degrees clip - YouTube.The Goes Wrong Show Series One - Amazon Prime.Poo Pays.MiniPresso NS2 - Wacaco.Restart Podcast - BBC.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

22 Mars 202347min

The twisted tale of the two Teslas, and a deepfake sandwich.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:B.C. man says he accidentally unlocked and drove someone else’s Tesla using the app - Global News.A College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked Her - Rolling Stone.Denmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous Paintings UK PC Mag.Deepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store? - MSN.Spot the Deepfake - Microsoft.Sholay trailer - YouTube.Sholay: Review of the monumental Indian epic - YouTube.Rent or buy Sholay - YouTube Movies.Jazz Pianist Brad Mehldau Plays The Beatles - NPR.Brad Mehldau - Brad Mehldau website.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

15 Mars 202337min

Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Plus don’t miss our featured interview with Jason Meller of Kolide.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on them - CBC.Canada grandma helps stop fraud scheme targeting senior citizens - BBC News.A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - Wall Street Journal.Ransomware attack on US Marshals Service affects ‘law enforcement sensitive information’ - CNN.Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service - NPR.9 millionaires and billionaires with the most bizarre spending habits - Business Insider.Phishing still the leading way attackers breach security controls: IBM - IT World Canada.New White House cyber strategy picks a fight with ransomware - AXIOS. Happy Valley - BBC.My 80s TV.Everything Everywhere All at Once - IMDB.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

8 Mars 20231h 2min

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Wiretapping Italian police tune in to hear their secrets being sold - The Times.Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation - The Guardian.Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight - YouTube.Protests grow in Italy over the wiretapping of journalists - Independent.How I Broke Into a Bank Account With an AI-Generated Voice - Vice.TikTok under investigation by Canadian privacy authorities - BBC.The UN's cyber crime treaty could be a privacy disaster - IT Pro.TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.“Check It Out” episode about nuclear war from July 1980 - YouTube.The North-West Is Our Mother: The Story of Louis Riel's People, the Métis Nation - GoodReads.Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good - The Guardian.Fleishman is in Trouble - Disney+Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

1 Mars 202348min

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans...All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Testing Meta Verified to Help Creators Establish Their Presence - Meta.As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security - Graham Cluley.A pre-match message from Will Ferrell - QPR Twitter account.BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account - Deadline.Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It - Vice.‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny - Vice.Replika homepage - Replika.Click and Drag - xkcd.1110: Click and Drag - Explain xkcd.xkcd 1110: Click and Drag map - Zoomable map of “Click and drag”Only Murders in the Building - Disney Plus.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

22 Feb 202344min

AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AI - Vice.AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse - Vice.Video Game Voice Actors Doxed and Harassed in Targeted AI Voice Attack - Vice.ChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure Why - Vice.My Strange Day With Bing’s New AI Chatbot - Wired.We asked ChatGPT to write performance reviews and they are wildly sexist (and racist) - Fast Company.How social media affects teen mental health: a missing link - Nature.California bill to let parents sue social media gets second try - Bloomberg.How to protect children from big tech companies - Wall Street Journal.Three out of four parents say social media is a major distraction for students, according to new study - Phys.org.Remarks of President Joe Biden – State of the Union address as prepared for delivery - The White House.Why the past 10 years of American life have been uniquely stupid - The Atlantic.Now Mesa public schools are also declaring that they have failed in educating their children by suing social media - Techdirt.Seattle school district files laughably stupid lawsuit against basically every social media company for… ‘being a public nuisance’ - Techdirt.The evidence just doesn’t support any of the narratives about the harms of social media - Techdirt.Vasectomy - NHS.Birth of BASIC documentary - YouTube.Zero Waste Club reusable coffee filter - Peace with the Wild.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust. SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

15 Feb 202350min

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Plus don't miss our featured interview with SecurEnvoy's Chris Martin.Warning: This podcast may contain nuts, adult themes, and rude language.Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.NordLayer – NordLayer safeguards your company’s network, securing and protecting remote workforces as well as business data. It can even help you ensure security compliance. Get your first month free.SecurEnvoy - With growing cyber security threats everyone in your organisation needs authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy's free guide now.Episode links:Ubiquiti tells customers to change passwords after security breach - ZD Net.“No way out” trailer - YouTube.Ubiquiti sues journalist, alleging defamation in coverage of data breach - Ars Technica.Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack - Bitdefender.Final Thoughts on Ubiquiti - Krebs on Security.Former Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For Ransom - Department of Justice.Dutch Police Read Messages of Encrypted Messenger 'Exclu' - Vice.Shock and applause for Apple Watch's chilling real-life emergency call ad - Campaign Live. 911 call made from Apple Watch of Washington woman buried alive released - Yahoo! News.Apple Watch 8 series save yet another life - Live Mint.Some first responders are asking iPhone users to disable Emergency SOS and crash detection due to influx of false positives - 9to5mac.Emergency SOS via satellite available today on the iPhone 14 lineup in the US and Canada - Apple.Inoreader.”The Social Life of Animals” by Ashley Ward - Amazon.Black Butterflies - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

8 Feb 20231h 5min

Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Artis Pabriks.‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam - Manchester World.'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook lover - Manchester Evening News.Amazon Warns Employees to Beware of ChatGPT - Gizmodo. ChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmaker - Business Insider. ChatGPT raises red flags by acing MBA exam.ChatGPT passes exams from law and business schools - CNN. I asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and script - Business Insider. Real estate agents say they can’t imagine working without ChatGPT now - CNN. Science journals ban listing of ChatGPT as co-author on papers - The Guardian. Blakes 7 Bot - an automated bot that posts lines of dialogue from Blakes 7.Yarn - Find video clips by quotes.The New Gurus Podcast - BBC Sounds. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Bitwarden vaults are end-to-end encrypted with zero-knowledge encryption, including, the URLs for the websites you have accounts for. Migrate to Bitwarden for a more secure password manager.DigiCert – DigiCert’s Trust Lifecycle Manager sets a new bar for unified management of digital trust. Sealit – Zero Trust Data Protection: protect, share, and monitor confidential emails and files – without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit’s special offer to “Smashing Security” listeners.Support the show:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!Follow us:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.

1 Feb 202352min