006: A romantic ransomware hotel break

Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft's takeover of Activision good news for video game fanatics.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes of AMTSO.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Larry David promotes FTX in Superbowl ad - YouTube.Crypto giant FTX collapses into bankruptcy - BBC News.FTX's new CEO: "Never in my career have I seen such a complete failure" - CBS News.Tom Brady, Giselle Bündchen, Larry David & Steph Curry Caught In FTX Crypto Fallout With Class Action Suit - Deadline.Bankman-Fried's FTX, senior staff, parents bought Bahamas property worth $300 milion - Reuters.Tweet showing Sam Bankman-Fried deepfake scam - Twitter.FTX Founder Deepfake Offers Refund to Victims in Verified Twitter Account Scam - Vice.Crypto.com CEO admits company accidentally sent 320,000 ETH ($416 million) to another crypto exchange a few weeks prior - Web3 is going great.Sandia studies vulnerabilities of electric vehicle charging infrastructure - Sandia Labs.Review of Electric Vehicle Charger Cybersecurity Vulnerabilities, Potential Impacts, and Defenses - MDPI.Shocker: EV charging infrastructure is seriously insecure - The Register.Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device - Microsoft.Gaming for everyone, everywhere: our view on the Activision Blizzard acquisition - Microsoft.Video gaming market leaders - Statistics & Facts - Statista.Microsoft says UK influenced by Sony in probing Activision Blizzard deal - Reuters.Can Big Tech Get Bigger? Microsoft Presses Governments to Say Yes -New York Times.Microsoft Reveals Sony’s Activision Deal Is Blocking ‘Call Of Duty’ From Game Pass - Forbes.EU to launch advanced Microsoft-Activision probe - Politico.Microsoft / Activision Blizzard merger inquiry - Gov.uk.Microsoft Buying Activision Blizzard Might Be Good For Gamers, But Bad for Developers - Time.A Day in London 1930s in colour - YouTube.Ancient Apocalypse - Netflix.Ancient Apocalypse is the most dangerous show on Netflix - The Guardian.How to Draw Large Pictures with Da Vinci Eye -Youtube.Da Vinci Eye: AR Art Projector - Apple app store. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Pentera – Pentera’s Automated Security Validation Platform is designed to help teams increase their security posture against modern day threats across the entire attack surface. Evaluate your security readiness with continuous and consistent autonomous testing with granular visibility into every execution along the way. Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

23 Nov 202257min

Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Plus don't miss our featured interview with Pentera's Shakel Ahmed talking about automating continuous cyber defence validation.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Graham offers Dave Bittner some advice on “Welcome Datacomp”... in 1995! - Usenet.Elon Musk apologises to users for Twitter being slow - Twitter.Former Twitter employee doesn’t think Elon Musk knows what he’s talking about - Twitter.Eric Frohnhoefer says Elon Musk is wrong - Twitter.Twitter engineer calls out Elon Musk for technical BS in unusual career move - The Register.Elon Musk says that he is turning off microservices “bloatware” - Twitter.Twitter’s SMS Two-Factor Authentication Is Melting Down - Wired.Elon only trusts Elon - Platformer.Elon’s paranoid purge - Platformer.Google to pay nearly $400 million over deceptive location tracking practices - The Record.Follow Smashing Security on Mastodon.South Bay Man Pleads Guilty to Participating in a Multimillion-Dollar Real Estate Scam Involving Fake Open Houses at Not-for-Sale Homes - Justice.gov.A South Bay man accepted hundreds of offers from open houses. But the homes weren’t for sale - LA Times. The typing of the Regex.Fesshole - Twitter.If Books Could Kill - Apple Podcasts. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Pentera – Pentera’s Automated Security Validation Platform is designed to help teams increase their security posture against modern day threats across the entire attack surface. Evaluate your security readiness with continuous and consistent autonomous testing with granular visibility into every execution along the way. Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

16 Nov 20221h 11min

Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a guest this week.Warning: This podcast may contain nuts, adult themes, some snorting, and rude language.Episode links:Mastodon: What you need to know for your security and privacy - Graham Cluley.Follow Graham Cluley on Mastodon.Hushpuppi: Notorious Nigerian fraudster jailed for 11 years in US - BBC. Influencer involved in $1.1 million Qatar school financing scam jailed - Alarabiya. Influencer ‘Ray Hushpuppi’ jailed over plan to launder $300m - The Guardian. Hushpuppi’s wife, Imams write judge as US court sentences fraudster today - Premium Times.Living trailer - YouTube.Kleo - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

9 Nov 202243min

Twitter has a new chief twit in the form of Elon Musk and he's causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, dolphin noises, and rude language.Episode links:Twitter employees are sleeping on the office floor to meet Elon Musk’s deadlines - The Verge.Elon Musk shows what being Chief Twit is all about across weird weekend - The Register.Pranksters pretending to be laid-off Twitter employees leave San Francisco HQ - YouTube.Twitter Limits Content-Enforcement Work as US Election Looms - Bloomberg.Twitter’s Yoel Roth comments on the firm’s trust and safety staff having their access to moderation and enforcement tools frozen - Twitter. Paul Pelosi Conspiracy Theory Trends on Twitter After Elon Musk Pushes It - Rolling Stone.Yoel Roth describes how Twitter will warn users of misleading information - Twitter.Yoel Roth describes “surge in hateful conduct on Twitter” - Twitter.The Demise of Digg: How an Online Giant Lost Control of the Digital Crowd - Harvard.Follow Graham on Mastodon.How tech is helping us talk to animals - Vox.“The Sounds of Life: How Digital Technology Is Bringing Us Closer to the Worlds of Animals and Plants” - Book by Karen Bakker.Project CETI - The Cetacean Translation Initiative. Not to be mixed-up with Project SETI.The Dark Side Of VR - The Intercept. The Metaverse Is the Ultimate Surveillance Tool - Vice. What I Learned From Diving Headfirst Into The Metaverse - CNN. Zuckerberg thinks the metaverse is the future of work. So what will this look like? - Smart Company. Is the Metaverse Really the Future of Work? An Unbiased Investigation - Gizmodo.How to Turn Off the “Sign in with Google” Prompt on Websites - How-To Geek.Julia Davis and the Russian Media Monitor - Twitter.Weiner Staatsoper Opera House.Emojis instead of emotions in Simon Stone's Traviata in Vienna – BackTrack.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Akamai – Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

2 Nov 202255min

What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails? And what the flip is nano-targeting?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by fan favourite Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.No contortionists were hurt during the making of this episode.Episode links:Memorandum of sentencing of Bryan Wilson - United States District Court Western District Court of Kentucky at Louisville.Accurint for Law Enforcement - LexisNexis.LexisNexis illegally collected and sold people's personal data, lawsuit alleges - CBS News.Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos - Bitdefender.Congress should consider enhancing protections around scores used to rank consumers (PDF) - Government Accountability Office. Online Shoppers Beware: Scammers Most Likely to Impersonate DHL - Check Point.Why Am I Seeing That Political Ad? Check Your ‘Trump Resistance’ Score - New York Times.I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too - New York Times.Mixed Idioms.Apollo Remastered.Cosmic Background.Death of an Artist - Pushkin podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Sealit - Zero Trust Data Protection: protect, share, and monitor confidential emails and files - without passwords. Integrated with Gmail, Outlook, and file systems. Learn more and take advantage of Sealit's special offer to "Smashing Security" listeners.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

26 Okt 202252min

Someone's election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by runZero's Chris Kitsch.Plus don't miss our featured interview with Akamai's Patrick Sullivan talking about how retailers can better thwart bots this holiday season.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The rundown on becoming runZero: What I learned rebranding a company - Chris Kirsch on the runZero blog.Tweet by Melissa Shusterman - Twitter.Apple AirTag Used To Find Over 100 Stolen Democratic Campaign Signs, Police Say - Forbes.Wie eine russische Firma ungestört Deutschland hackt - ZDF Magazin Royale on YouTube.German cybersecurity chief investigated over Russia ties - AP News.German cybersecurity chief sacked following reports of Russia ties - The Guardian. Fraudster swindled Virgin Trains out of £116,000 in 'sophisticated' scam - MSN. Virgin Trains worker, 37, swindled rail firm out of £116,000 in 'delay and repay' compensation scam by photoshopping tickets to exploit flaw in system - Daily Mail. Train delays:How to claim if it's late or cancelled - Money Saving Expert.How many trains arrive on time - Gov.uk.Employee swindled Virgin Trains out of £116,000 in delay and repay compensation scam - Birmingham Mail. Fat Bear Week 2022.‘Fat Bear Week’ Hit By Voter-Fraud Attempt - Rolling Stone.PimEyes - Face search engine.The Fear of God: 25 Years of the Exorcist - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Akamai – Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

19 Okt 20221h 10min

A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit pig-butchering scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo again this week.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC.Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter.Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian.Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News.Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian.ZÈRTZ game.ZÈRTZ - Wikipedia.GIPF project - Wikipedia.The Capture - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

12 Okt 202238min

Has new UK prime minister Liz Truss been careless with her mobile phone, and hear the most extraordinary story of corporate cyberstalking.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by nobody for reasons that will become obvious.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths - Graham Cluley.Two Former eBay Executives Sentenced to Prison for Cyberstalking - US Department of Justice.Jonathan Pie: Welcome to Britain. Everything is Terrible - NYT Opinion.UK Supermarket’s Loans-for-Groceries Offer Attracts Huge Take Up - Bloomberg.Liz Truss' mobile number is being sold online for £6.49 - Daily Mail.How to Cook a Soft Boiled Egg Perfectly Every Time - YouTube.11 Best Twitter Bots to Follow to Boost Productivity - Gadgetshouse.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Akamai - Make the most of Cybersecurity Awareness Month by connecting with Akamai’s experts on how you can achieve unmatched security. Where else can you take advantage of insights from 7 trillion DNS queries per day?Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.Become a Patreon supporter for ad-free episodes and our early-release feed!Follow us:Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Thanks:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

5 Okt 202239min