Smashing Security

A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Visit https://www.smashingsecurity.com/243 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comAttivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport Smashing SecurityLinks:Fake Walmart news release claimed it would accept cryptocurrency — BBC News.Alerts and story on Walmart to accept Litecoin payments withdrawn — Reuters.NOTICE TO DISREGARD - Walmart Inc. — Globe NewswireWalmart Statement in Response to Fake Litecoin Press Release — Walmart.Litecoin Foundation ‘Screwed Up,’ Lee Says of Walmart Snafu — Bloomberg.Walmart-Litecoin Pact Hoax Jolts Crypto Market — YouTube.Official statement from Litcoin Foundation — Twitter.Apple rushes to block 'zero-click' iPhone spyware — BBC News.Pegasus: Spyware sold to governments 'targets activists' — BBC News.Smashing Security #237: NuNa, NuNu, NaNa — Podcast episode where we previously discussed NSO Group's activities.The rise and fall of Theranos: so many lessons in a drop of blood — The Conversation.Theranos Didn’t Just Harm Investors — Bloomberg.Theranos founder Elizabeth Holmes 'lied and cheated', trial hears — BBC News.Theranos Founder Elizabeth Holmes Is on Trial. Silicon Valley Is Watching — Wired.#susanalbumparty: The ad campaigns that accidentally (or not) launched filthy hashtags — BBC.‎Bad Blood: The Final Chapter — Apple Podcasts."The Trip" trailer — YouTube.TraffickCam.101 Great Cuss/Swear Word Alternatives — WeHaveKids.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

15 Sep 202148min

ProtonMail finds itself in a privacy pickle, the big problem with Facebook's algorithmic amplification, and strange things are happening on Banksy's website.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/242 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comPrivacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:ProtonMail logged IP address of French activist after order by Swiss authorities — TechCrunch.Important clarifications regarding arrest of climate activist — ProtonMail.Information for Law Enforcement Authorities — ProtonMail.Tweet by Andy Yen, founder of ProtonMail.Why Facebook Won’t Stop Pushing Propaganda — Mother Jones.Fake Banksy NFT sold through artist's website for £244k — BBC News.A fake Banksy sold for $330K is a perfect symbol of a wild NFT market — The Next Web.Banksy was warned about website flaw before NFT hack scam — BBC News.McCartney 3,2,1 - Trailer — YouTube.Classic Albums — BBC Four.Backyard Coaster POV | Little Thunder — YouTube.Inside the Most Impressive Backyard Roller Coaster I've Ever Seen: Little Thunder — Coaster 101.Pre-owned Rides for sale.Netflix Drops Trailer for New Norwegian Vampire Comedy Post Mortem: No One Dies in Skarnes — Netflix.Post Mortem: No One Dies in Skarnes — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

8 Sep 202156min

How to find your match on the Bumble dating app, convicted criminals make money out of cryptocurrency, and there are concerns about data in Afghanistan.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/241 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.Support Smashing SecurityLinks:Vulnerability in Bumble dating app reveals any user's exact location — Robert Heaton.How Tinder keeps your exact location (a bit) private — Robert Heaton.The Taliban Have Seized U.S. Military Biometrics Devices — The Intercept.A U.S.-built biometric system sparks concerns for Afghans — NBC News.This is the real story of the Afghan biometric databases abandoned to the Taliban — MIT Technology Review.Sweden must give Bitcoin worth €1.3 million back to drug dealers after costly legal misstep — Euronews.Miles Davis: Birth of the Cool — Netflix.What We Do in the Shadows — BBC iPlayer.Watch What We Do in the Shadows — Hulu.Radio Garden.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

1 Sep 202147min

A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer.All this and much much more can be found in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC cybersecurity correspondent Joe Tidy.Visit https://www.smashingsecurity.com/240 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Joe Tidy.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Attivo Networks: It’s time to get serious about preventing and detecting credential abuse, privilege escalation, and entitlement exposures.Attivo Networks gives you visibility on identity exposures, vulnerabilities, and attack paths from endpoints to Active Directory to the cloud - all while creating an active defense, delaying and derailing attacks, empowering the defender and eliminating an attacker's advantage.Learn more and kick credential attacks to the curb, by visiting attivonetworks.comSupport Smashing SecurityLinks:We Broke Into A Bunch Of Android Phones With A 3D-Printed Head — Forbes.Wake up this morning and see this on my 3D printer (I use octoprint and now I’m scared) — Reddit.What’s *THAT* on my 3D printer? Cloud bug lets anyone print to everyone — Naked Security.A detailed analysis of the security incident last night — The Spaghetti Detective.The PewDiePie Hackers: Could hacking printers ruin your life? — BBC News.The $600 million Poly Network hacker's Q&A — Twitter.Crypto hacker offered reward after $600m heist — BBC News.Hackers steal nearly $100m in Japan crypto heist — BBC News.Altsbit Crypto Exchange Gets Hacked, 'Almost All Funds' Are Gone — Bitcoinist.Bitpoint Exchange Hacked for $32 Million in Cryptocurrency — CoinDesk.Coincheck: World's biggest ever digital currency 'theft' — BBC News.The Inside Story of Mt. Gox, Bitcoin's $460 Million Disaster — Wired.Buying a pink NFT cat was a crypto nightmare — BBC News.Hearings Continue In Case Of Wealthy Robotics Founder Sued By His Wife For ‘Indefensible’ Sale Price Of His Startup — Forbes.Google ‘founder’ created revenge site against estranged wife — New York Post.Billionaire investor who helped launch Google is accused of 'divorce terrorism' in bitter break-up — Daily Mail.Cracker (British TV series) — Wikipedia.Cracker — BritBox.K&F Concept 4K WiFi 30MP Trail Camera Game Camera with 940nm Infrared Outdoor IP66 Waterproof Hunting Infrared Night Vision Camera — K&F Concept.Keeping the Wolf Out — BBC Radio 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

25 Aug 202151min

The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes (who has a very controversial Pick of the Week...)Visit https://www.smashingsecurity.com/239 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:Thousands of Wikipedia Pages Vandalized With Giant Swastikas — Gizmodo.Video of Wikipedia defacement — Twitter.Scottish Wikipedia.Um, almost the entire Scots Wikipedia was written by someone with no idea of the language – 10,000s of articles — The Register.Protection policy — Wikipedia.Austrian soldier imprisoned for showing photos of swastika tattoo on testicle — Jewish News.Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain — IOT Inspector.TikTok adds more safety features for teens — CNET.TikTok Vigilante Group the Great Londini Has Made Hunting Down Trolls Its Mission — Insider.Who is TikTok’s masked vigilante? — BBC News.News Bunny — Wikipedia.Nestflix.The Movies That Made Us — Netflix.The School of Life — YouTube.How Not to be Boring — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

18 Aug 202151min

Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Paul Ducklin.Visit https://www.smashingsecurity.com/238 to check out this episode’s show notes and episode links.We're going to be taking a holiday for a couple of weeks, but will be back with a regular show later in August.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:1Password: Cybercrime is at an all-time high, and it’s not slowing down, so why should you? This August, you’re invited to Security Summer School, a brand new webinar series hosted by the 1Password team. Learn from security experts at top organizations, hear about sizzling security trends, and get quick tips for building a culture of security at home and work.Get exclusive perks like 1Password swag for attending events, enjoy the chance to network with top security leaders, and much much more. Find out more and enroll now.Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!Support Smashing SecurityLinks:DEF CON masks and vaccination FAQ.Hacking DEF CON 29 — Reznok.Tweet by Jeff Moss (Dark Tangent) thanking Reznok.PetitPotam proof-of-concept tool — GitHub.Windows “PetitPotam” network attack – how to protect against it — Naked Security.Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands — Bitdefender.The Trigan Empire — Wikipedia.The Rise and Fall of The Trigan Empire: Volume 1 — Treasury British Comics Shop.Tangle Teezer — If you want to be a Fashion Captain, like Duck.Modern Love trailer — YouTube.Modern Love (TV series) — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

28 Juli 202153min

Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a "Freedom Phone" be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Visit https://www.smashingsecurity.com/237 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Thom Langford.Sponsored By:KnowBe4: Did you know that 91% of successful data breaches started with a spear phishing attack?Find out what percentage of your employees are at risk with KnowBe4's free phishing security test.Plus, see how you stack up against your peers with the new phishing industry benchmarks.Find out more at knowbe4.com/freetestOffensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:The Pegasus project — The Guardian.Revealed: leak uncovers global abuse of cyber-surveillance weapon — The Guardian.Pegasus: NSO clients spying disclosures prompt political rows across world — The Guardian.Pegasus: Spyware sold to governments 'targets activists' — BBC News.Revealed: murdered journalist’s number selected by Mexican NSO client — The Guardian.Forensic Methodology Report: How to catch NSO Group’s Pegasus — Amnesty International.Mobile Verification Toolkit (MVT) — Forensic tool to look for signs of infection in smartphone devices.Freedom Phone.MAGA World’s ‘Freedom Phone’ Actually Budget Chinese Phone — Daily Beast.Hacker Fantastic on Twitter.Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threats — Graham Cluley.Campbell Conroy & O’Neil Provides Notice of Data Privacy Incident – — Campbell Conroy & O'Neil.They were competitive eaters. Then they fell in love — Wired.Brickit: Rebuild your Lego.Central Park — Apple TV.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

21 Juli 20211h 2min

How did investigators ask a romance scammer out on a date, smart homes continue to play dumb, and is it time for social media sites to do more about racist football fans?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.Visit https://www.smashingsecurity.com/236 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:Offensive Security: With the skills gap increasing, it’s more important than ever to train your staff effectively and efficiently. Industry-leading Offensive Security provides training for your organization designed by the same minds behind Kali Linux and the OSCP.Visit smashingsecurity.com/offsec to learn more!Privacy.com: Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase. Go to privacy.com/smashing to sign up now.1Password: Around 80% of business data breaches result from weak or reused passwords. Using 1Password can close the gaps in your company’s security, combat shadow IT, and help your employees stay both productive and secure, wherever they are.1Password makes the secure thing to do the easiest thing to do. Instant control, effortless management. Quickly deploy 1Password to a single team, multiple teams, or your entire enterprise. Provision employees using trusted systems, respond quickly to domain breach reports, and offer every business user a free 1Password Families account for work-from-home security.Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing SecurityLinks:How Does The Secret Service Track Fugitives? One Romance Scammer Hunt Started With A Simple Text — Forbes.Stingrays bought, quietly used by police forces across England — Ars Technica.Euro 2020: Why abuse remains rife on social media — BBC News.Clapper commercial — YouTube.Samsung Washing Machine App Requires Access to Your Contacts and Location — Vice.Why first-time buyers should buy into smart home tech for their first move — Property Reporter.Graham Cluley with his Columbo mug — Twitter.The Columbophile fan site.How Columbo Became an Unlikely Quarantine Hit — GQ.Bose QuietComfort Earbuds — Bose.Late Night POV Cooking with J Kenji López-Alt — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

14 Juli 20211h