Smashing Security

Login chaos for England's contact tracing service, our drill-down on the Britain's Huawei 5G ban, MGM's blockbuster breach, and how to pronounce "Gigabyte."All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Plus we have a bonus featured interview with Scott Petry, the co-founder of Authentic8, all about how you can browse the internet safely, securely, and anonymously when conducting research, collecting sensitive evidence, and analyzing data.Visit https://www.smashingsecurity.com/187 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Maria Varmazis and Scott Petry.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8Support Smashing SecurityLinks:Coronavirus: Contact tracers in England 'locked out of accounts' — Sky News.TalkTalk’s ex-CEO Dido Harding heads up the UK’s Coronavirus tracing app… — Graham Cluley.Apparently Coronavirus-tracing scammers won’t sound professional… (Yeah, right!) — Graham Cluley.Huawei 5G kit must be removed from UK by 2027 — BBC News.US sanctions make Huawei more of a security risk, says leaked UK report — The Verge.A different future for telecoms in the UK — NCSC.Commerce Addresses Huawei’s Efforts to Undermine Entity List, Restricts Products Designed and Produced with U.S. Technologies — U.S. Department of Commerce.A hacker is selling details of 142 million MGM hotel guests on the dark web — ZDNet.WindowSwap.How do you pronounce "Gigawatt"? — Waldo Jaquith on Twitter.Metric (SI) Prefixes — NIST.No podcast.In the No Part 1 — Radiolab.21 OSINT Tools for Cyber Threat Intelligence — Authentic8.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

15 Juli 20201h 3min

A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by investigative journalist Michelle Madsen (or is it Michelle Damsen? Hmm...).Visit https://www.smashingsecurity.com/186 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Michelle Madsen.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8Support Smashing SecurityLinks:Ray Hushpuppi's Instagram account.Your 2.3m Instagram fans won't stop the FBI... Web star accused of plotting to launder millions from cyber-crime — The Register.Hushpuppi and Mr. Woodbery, BEC scammers: Welcome to Chicago! — CyberCrime & Doing Time.Dubai Police operation Fox Hunt 2 against Hushpuppi. — Vimeo.Cosmic Lynx Threat Dossier — Agari.Domain Message Authentication Reporting & Conformance — DMARC.How to Combat Fake Emails — Australian Cyber Security Centre.My fake news whodunnit: Caught up in a Senegal fake news scam — BBC News.The Documentary: My fake news whodunnit — BBC World Service.TikTok grabbing the contents of an iPhone clipboard every 1-3 keystrokes — Twitter.Popular iPhone and iPad Apps Snooping on the Pasteboard — Mysk.The Life and Times of David Lloyd George (with Ennio Morricone theme tune) — YouTube.Dogmatix chasing a Roman legionary, to the tune of Ennio Morricone's Chi Mai. — YouTube.A Tribute to Ennio Morricone. — Tableau.An Abridged Micro List — Malaika Kegode on Facebook.Karen (slang) — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

8 Juli 202049min

Who's been dressing Robox players up in red baseball caps? Which ransomware victim's negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Visit https://www.smashingsecurity.com/185 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:Authentic8: Silo for Research (Toolbox) from Authentic8 is a secure and anonymous web browsing solution that enables threat intelligence, security, and public safety professionals to conduct research, collect evidence, and analyze data across the open, deep and dark web.To learn how Silo for Research enables teams to timely and efficiently investigate, while ensuring maximum security and oversight to ensure compliance - including GDPR - go to smashingsecurity.com/authentic8LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Roblox accounts being hacked in support of Trump re-election — Bleeping Computer.Add 2-Step Verification to Your Roblox Account — Roblox.Ransomware Groups Promise Not to Hit Hospitals Amid Pandemic — Wired.NetWalker Ransomware - What You Need to Know — Tripwire.Update on IT Security Incident at UCSF — UC San Francisco.How hackers extorted $1.14m from University of California, San Francisco — BBC News.Pizzagate conspiracy theory — Wikipedia.A TikTok Twist on ‘PizzaGate’ — The New York Times.‘PizzaGate’ Conspiracy Theory Thrives Anew in the TikTok Era — The New York Times.TikTok Teens Are Obsessed With Pizzagate — The Daily Beast.Building the Perfect Squirrel Proof Bird Feeder — YouTube.DARK Season 1 Trailer — YouTube.DARK - The Official Guide — Netflix.Conan Doyle estate sues Netflix for giving Sherlock Holmes too many feelings — The Verge.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

1 Juli 202047min

A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades' worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.Visit https://www.smashingsecurity.com/184 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Zoe Kleinman.Sponsored By:MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:How photographs are airbrushed — A 2010 BBC News article, starring Zoe Kleinman.Elon Musk Bitcoin vanity addresses used to scam users out of $2 million — ZDNet.Kate Winslet responds to Bitcoin scam faking her endorsement — Decrypt.Bitcoin scam uses Prince Harry, Meghan Markle to dupe would-be investors — Decrypt.Covid-19 tracing tool on smartphones is 'not app' — BBC News.‘BlueLeaks’ Exposes Files from Hundreds of Police Departments — Krebs on Security.Koko Analytics — A privacy-friendly analytics plugin for WordPress.Fathom — Fast, simple and privacy-focused website analytics.Upload trailer — YouTube.Backspace and beyond — Audioboom.The Magnus Archives — Horror podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

24 Juni 202051min

A TV gameshow with cash prizes if you're obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/183 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Mr Blobby — Wikipedia.Noel's House Party — Wikipedia.A man is surprised at home by Noel's House Party — YouTube.Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy — Amnesty International.Coronavirus: Alarm over 'invasive' Kuwait and Bahrain contact-tracing apps — BBC News.‘Are You At Home?’ Winner Selection Rules — Bahrain's Information & eGovernment Authority.Bahrain BeAware — iOS App Store.Bahrain BeAware — Google Play Store.Six Former eBay Employees Charged with Aggressive Cyberstalking Campaign Targeting Natick Couple — Department of Justice.Ex-EBay CEO's 'Inappropriate' Messages Played Role in Ouster — TheStreet.MAMIL throws a tantrum — Twitter.Maryland cyclist arrested for assaulting 3 people posting Black Lives Matter flyers — CNN.Smashing Security episode 063: Carole's back! — In which we discuss privacy issues involving fitness trackers.What It’s Like to Get Doxed for Taking a Bike Ride — New York magazine.Staged — BBC iPlayer.The Mars Challenge by Alison Wilgus — Macmillan.Mars trip to use astronaut poo as radiation shield — New Scientist.Culture quiz: from Bob Holness 007 to the Daily Mail's feast of filth — The Guardian.Quizzes — The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

17 Juni 202046min

Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.And don't miss our featured interview with Robbie O'Brien of MetaCompliance, all about the new book he's written - Cyber Security Awareness for Dummies.Visit https://www.smashingsecurity.com/182 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guests: Robert O'Brien and Thom Langford.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: Create a more security-conscious workforce with MetaCompliance's Cyber Security Awareness for Dummies book. Download it for free at smashingsecurity.com/cyberawareSupport Smashing SecurityLinks:Security firm leaves more than five billion records exposed on unsecured database — Graham Cluley."Following a legal threat from ███████ ████ I have removed their name from this article on my site..." — Graham Cluley on Twitter.Keepnet Labs confirms contractor exposed 'data breach database' of 5 billion records — Verdict.Public Statement in Relation to Data Briefly Exposed on an ElasticSearch Database — Keepnet Labs.After threatening me with legal action, Keepnet Labs finally issues statement over data breach — Graham Cluley.Goodbye Naked Security? — Graham Cluley.US Military Could Lose Space Force Trademark to Netflix Series — CBR.Space Force review: astonishingly bad show — The Verge.The number of credit card scams continues to soar during the pandemic — Verdict.Pandemic Brings Huge Increases In Card Fraud And Mobile Banking — Forbes.Credit Card Fraud During the Pandemic — Consumer Reports.Credit Card Fraud — Advice from the FBI.How to Reduce Credit Card Fraud — The New York Times.Ian's Shoelace Site – IntroductionMagnet – Window manager for Mac.The Host Unknown Podcast.DEVS — BBC iPlayer.Cyber Security Awareness for Dummies — A free book for listeners from MetaCompliance.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

10 Juni 20201h 1min

Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Visit https://www.smashingsecurity.com/181 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Mark Stockley.Sponsored By:Deep Instinct: Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented.Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.Support Smashing SecurityLinks:Cheating in online games — Wikipedia.UK Ad Campaign Seeks to Deter Cybercrime — Brian Krebs.DDoS attacks are illegal — National Crime Agency (NCA).Google doesn’t seem to believe booters are illegal — Light Blue Touchpaper.Google ad policies.NHS Test and Trace — Yes, the legitimate website.Phishing danger is just a hyphen away — The AntiSocial Engineer.Apparently Coronavirus-tracing scammers won't sound professional... (Yeah, right!) — Graham Cluley.This is how you can verify you are actually being contacted by the government’s Test and Trace service — Full Fact.Glastonbury calls for 5G inquiry — Glastonbury Town Council.Trading Standards squad targets anti-5G USB stick — BBC News.Reverse Engineering a 5g 'Bioshield' — Pen Test Partners.Glastonbury 5G report 'hijacked by conspiracy theorists' — BBC News.Tweet by the BBC's Rory Cellan-Jones.5GBioShield.Swopper chair — Stuhl.The Swopper by Aeris — YouTube.The Knowledge: How to Rebuild our World from Scratch — Book by Lewis Dartnell.Men hired for sexual fantasy break into wrong house — BBC News.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

3 Juni 202052min

On this special splinter episode of the podcast, we're joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter.Hear what happens in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Carole's cousin (!) Clare Blackwood.Visit https://www.smashingsecurity.com/180 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Clare Blackwood.Sponsored By:Immersive Labs: Immersive Labs gives security professionals practical and gamified content to keep pace with the latest threats.Listeners can signup at immersivelabs.com/smashing to get instant access to more than 24 hours of free labs AND a new lab to try out each week.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:All ages dance on TikTok during coronavirus quarantine — Los Angeles Times.Fugitive John McAfee’s location revealed by photo meta-data screw-up — Naked Security.Have I Been Pwned: Check if your email has been compromised in a data breach.Clare Blackwood's TikTok dance.The Miracle Sudoku — YouTube.Cracking The Cryptic YouTube channel.Puzzled man solving 'miracle' sudoku becomes YouTube sensation — The Guardian.Dumb-Dumbs and Dice.Into the Night — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

27 Maj 202046min