Smashing Security

A bank has some of the worst password advice ever, travellers are told to be wary when USB charging their smartphones and laptops, and a gamer has his YouTube account hacked.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White.Visit https://www.smashingsecurity.com/155 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Geoff White.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Giorgio Bonfiglio tweets about Fineco's bizarre attitude to passwords — Twitter.This Bank Had the Worst Password Policy We've Ever Seen — Motherboard.NIST password guidelines.Officials warn about the dangers of using public USB charging stations — ZDNet.MarcoStyle on Twitter.A YouTuber With 350,000 Subscribers Was Hacked, YouTube Verified His Hacker — Forbes.Massive wave of account hijacks hits YouTube creators — ZDNet.Popular gaming channel MarcoStyle has been hacked for days, running scams, but YouTube isn't responding — Reclaim the net.How my Youtube Channel got hacked for 2 weeks — MarcoStyle on YouTube.The Crown — Netflix.Aberfan disaster — Wikipedia.Aberfan - 50 years on — WalesOnline.Cliff Michelmore eyewitness report from Aberfan — YouTube.Dolly Parton's America — WNYC Studios.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

20 Nov 201950min

The UK's Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple's credit card is accused of being sexist, and what is Google up to with Project Nightingale?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.Visit https://www.smashingsecurity.com/154 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: John Hawes.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:That "sophisticated" Labour cyber-attack - don't panic — Graham Cluley.General election 2019: Labour Party hit by second cyber-attack — BBC News.Election 2019: Security flaw leaves donors’ details online — The Times.Apple's 'sexist' credit card investigated by US regulator — BBC News.Apple's credit card caper probed over sexism claims – after women screwed over on limits — The Register.Google has access to detailed health records on tens of millions of Americans — Ars Technica.Google’s ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans — WSJ.Google buys Fitbit for $2.1 billion — Ars Technica.Smart condom ring i.Con is like a Fitbit for your man bits — CNET.The Missing Cryptoqueen — BBC Sounds.Undone — Amazon Prime.Speed Monopoly - How to Play in under 30 minutes! — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

13 Nov 201950min

The cybercrime lovebirds who hijacked Washington DC's CCTV cameras in the run-up to Donald Trump's inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.Visit https://www.smashingsecurity.com/153 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Lisa Forte.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Ransomware attack impacted 70% of Washington DC police surveillance cameras — Graham Cluley.The Hapless Shakedown Crew That Hacked Trump’s Inauguration — Wall Street Journal.Eveline Cismaru's Instagram account.London Investment Bankers Charged in Insider-Trading Ring — Bloomberg.Trade-Secrets Case Linked to Google Seen as Warning to Silicon Valley — Wall Street Journal.Uber concealed massive hack that exposed data of 57m users and drivers — The Guardian.Uber's statement about its 2016 "Data Security Incident"Hackers who extorted Uber and LinkedIn plead guilty — ZDNet.Maersk: Springing back from a catastrophic cyber-attack — I-CIO.The Master Game — Wikipedia.BBC's The Master Game — The Kenilworthian.Gogglebox — Channel 4.Ndemic Creations, makers of Plague Inc.Plague Inc. trailer — YouTube.‎Plague Inc. — iOS App Store.Plague Inc. — Google Play.The great contemporary art bubble. BBC documentary - YouTube — YouTube.BBC art documentaries playlist — YouTube.Painters and artists documentaries — YouTube.Art documentaries playlist — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

6 Nov 201949min

What's the problem with IoT-enabled pet feeders? Can hacking ever be illustrated without a hoodie? And just how are landlords using smart home technology to snoop upon their residents?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.Visit https://www.smashingsecurity.com/152 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:Immersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingLastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Security researcher gets access to all Xiaomi pet feeders around the world — ZDNet.Xiaomi crowdfunds the Furrytail Pet Smart Feeder with app control for 199 yuan ($28) — Gizmochina.How to say Xiaomi — BBC News.Xiaomi Furrytail Boss Cat Bed — YouTube.Remember that competition for non-hoodie hacker pics? Here's their best entries — The Register.Cybersecurity visuals challenge finalist catalog (PDF)SmartRent - Smart Apartment Solutions.Smart home tech can help evict renters, surveillance company tells landlords — CNet.SmartRent funding heralds new wave in 'smart home' market — Reuters.SmartRent's Privacy Policy.Sci-fi interfaces.Did Stanley Kubrick invent the iPad? — BFI.Factfulness: Ten Reasons We're Wrong About The World - And Why Things Are Better Than You Think by Hans Rosling — Amazon.The Joy of Stats, Hans Rosling's 200 countries, 200 years, 4 minutes — BBC Four.Joe Rogan Experience #1368 - Edward Snowden — YouTube.Joe Rogan Edward Snowden Podcast Interview Transcript: Rogan Spends Almost 3 Hours Interviewing Snowden.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

30 Okt 201954min

Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn't the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, with a featured interview with Rachael Stockton from Logmein.Visit https://www.smashingsecurity.com/151 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Rachael Stockton.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Support Smashing Security on Patreon — Now also includes free stickers!RobbinHood ransomware attack brings down parts of City of Baltimore's computer network — Tripwire.Some Baltimore City Services Still Shut Down Due To Ransomware Attack — YouTube.Baltimore government could have lost its website last week. And not because of hackers — Baltimore Brew.Baltimore transfers $6 million to pay for ransomware attack; city considers insurance against hacks — Baltimore Sun.Baltimore IT department uses ‘mind-boggling,' outdated data storage method, audit findsCouncilman “mind-boggled” by Baltimore City IT department ineptitude — Ars Technica.The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up — Techdirt."Backin Up" by The Gregory Brothers — YouTube.Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping — Security Research Labs.Zoomquilt 2.Arkadia Zoomquilt.Historia Civilis — YouTube.2019 Global Password Security Report — LastPass.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

23 Okt 201955min

Footballers' wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it's in a political ad), and things take a horrific turn in Japan, as a stalker uses a scary technique to find out where his pop idol lives.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Visit https://www.smashingsecurity.com/150 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Tweet by Coleen Rooney on Twitter.Tweet by Rebekah Vardy on Twitter.Prince Harry launches phone-hacking case against Sun and Mirror owners — The Guardian.Mark Zuckerberg: An Elizabeth Warren presidency would 'suck' for Facebook — CNN.In leaked audio, Mark Zuckerberg rallies Facebook against critics, competitors, and Elizabeth Warren — The Verge.Elizabeth Warren Facebook ad mocks Facebook's fact checking policies — Engadget.Graham getting thrashed by Garry Kasparov — @gcluley on TwitterStalker zoomed in on Japanese idol's eyes to find out where she lived — Graham Cluley.Obsessed fan finds Japanese idol's home by zooming in on her eyes — AsiaOne.Ni No Kuni: Wrath of the White Witch - Nintendo Switch Trailer — YouTube.Funny English Idioms - and why we say them! — YouTube.Vice — Amazon Prime.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

16 Okt 201951min

We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting Match.com's profits.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ran Levi of the "Malicious Life" podcast.Visit https://www.smashingsecurity.com/149 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Ran Levi.Sponsored By:Code42: Code42 provides data loss protection for when employees quit. 60% of employees who quit their jobs admit to taking data. Your organization's data is more portable than ever and you have employees leaving everyday. Most organizations rely on prevention but there are simply too many ways for data to leave.To learn more about how to protect your company’s data from insider threats visit www.code42.com/smashingImmersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:The "You Think I'm Funny?" scene from "Goodfellas" — YouTube.20 Defendants Charged with Crimes, Including Racketeering, Extortion, Loansharking — Department of Justice.Indictment against Joseph Amato and others (PDF) — Department of Justice.GPS cyberstalking of girlfriend brings surveillance and indictment for alleged American mobster — The Register.How to Find a GPS Tracker on Your Vehicle.Former Yahoo Software Engineer Pleads Guilty To Using Work Access To Hack Into Yahoo Users’ Personal Accounts — Department of Justice.Former Yahoo engineer pleads guilty to searching 6,000 user accounts for nudes — The Verge.Using Match.com? Read this — FTC Consumer Information.Why Match.com allegedly luring lonely customers with fake ‘winks’ is just another form of ‘phishing’ — MarketWatch.Fembots land Ashley Madison in hot water with the FTC — Graham Cluley.Mark Lewisohn Official Website.Hornsey Road with Mark Lewisohn.The Beatles' Abbey Road (Super Deluxe Edition) — Spotify.Jigsaw Explorer — Online Jigsaw Puzzles.Criminal — Netflix.Criminal Review: Netflix Crime Drama With Parts Better Than the Whole — Collider.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

9 Okt 201946min

Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has... uh... deepened, and Carole is less than happy about Amazon's announcement about new Alexa integrations.All this, an annoying goose, and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Visit https://www.smashingsecurity.com/148 to check out this episode’s show notes and episode links.Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:Immersive Labs: Immersive Labs provides the world's first fully interactive, on-demand, and gamified cyber skills platform.Try it for free at immersivelabs.com/lite/ and drive down your organisation’s cyber risk while reducing training costs.LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Wonderbra 'Hello Boys' advert voted most iconic of all time — Daily Mail.Hello boys! The greatest billboard ads of all time — The Sun.Outdoor advertisements and signs: a guide for advertisers (PDF) — UK Government.Pornographic video plays on I-75 billboard, police investigating — WXYZ Detroit.Porn plays on I-75 billboard, police searching for suspects caught on video — Detroit Free Press.Threesome Blowjob Scene on Giant Highway Billboard Could Have Caused an Accident, Police Say — Motherboard.Xev Bellringer's filmography — IMDB.Two people broke into shed, hacked into computers to put pornography on billboard — WXYZ Detroit.Motorists warned of “Zombies Ahead” on hacked road sign — Naked Security.Motorists warned of Dalek invasion by hacked road sign — Naked Security.Hacked Seattle road sign says ‘Impeach the Bastard’ — Q13Fox.Hackers have been f**king with downtown LA's road signs — Graham Cluley.The FaceForensics dataset — GitHub.This Deepfake of Mark Zuckerberg Tests Facebook’s Fake Video Policies — Motherboard.The Deepfake Detection Challenge.Smashing Security episode 063 — The first time Maria discussed deepfakes.Amazon bolsters Alexa privacy after user trust takes a hit — CNET.Alexa’s new Echo eyeglasses and ring show big tech’s privacy conundrum — Vox.Amazon's Rekognition software lets cops track faces: Here's what you need to know — CNET.Amazon may soon be able to track your phone’s location, activists warn — Business Insider.Your Google history.Untitled Goose Game.Find wi-fi hotspots with hotspot directories — BT Wi-Fi.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Privacy & Opt-Out: https://redcircle.com/privacy

2 Okt 201950min