Smashing Security

Millions of Facebook user accounts put at risk after hack! The UK Conservative party's conference app causes a privacy omnishambles! And Facebook (again) has been doing something naughty with the phone numbers you give it for security reasons! Oh, and Maria gets very excited about something to do with Star Trek.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:Our Podcast Awards trophy acceptance video — Even though we didn't actually win, we still thought you might like to see it.Virus Bulletin conference, Montreal — Say "Hi" to Carole if you see her there.Everything that went wrong during Theresa May’s 2017 conference speech - YouTubeDie Hard on the One Show - Charlie Brooker's Weekly Wipe - YouTubeConservative Party conference app reveals MPs' numbers - BBC NewsThe Tories Say They Were "Let Down" By A Conference App Platform After It Allowed Access To The Personal Numbers Of Hundreds Of MPsConference apps are crap and (mostly) pointlessSecurity Update – Facebook NewsroomThe Facebook Security Meltdown Exposes Way More Sites Than FacebookInvestigating sources of PII used in Facebook’s targeted advertising (PDF) — Research from Northeastern University.Facebook Is Giving Advertisers Access to Your Shadow Contact InformationYou Gave Facebook Your Number For Security. They Used It For Ads — The EFF is not impressed.The The One Show Show on iTunesmanwhohasitall (@manwhohasitall) on TwitterTiburn Enterprise Star Trek PC at Lenovo Tech World 2018 - YouTubeLenovo Sets Computer to Stun, Unveils Star Trek Enterprise PCSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

3 Okt 201851min

Why was Zoho's website taken offline by its own domain registrar? How are dash cams making you less secure? And why are robocalls on the rise in the United States?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Dave Bittner.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:Update on Zoho Services Disruption - Zoho BlogZoho CEO Sridhar Vembu asks for help on TwitterWhoa – oh no, Zoho: Domain name no-show deals CRM biz, 40m punters a crushing blowDomain registrar oversteps taking down Zoho domain, impacts over 30Mil usersBlackvue Dash-Cams Broadcasting Live Video and GPS of Your Car PUBLICLY by DEFAULT! - YouTubeTim Woodruff's tweet about BlackVue dash camsYes, It’s Bad. Robocalls, and Their Scams, Are SurgingYouMail - Robocall Index4.2 Billion Robocalls in August Set All-Time Record for YouMail Robocall IndexDoes Local Presence Dialing Really Work?National Do Not Call RegistryThe Robocall Nightmare Is Getting WorseUS Court Finds Anti-Robocall Rule Made Nearly Every Smartphone User a CriminalStop Unwanted Robocalls and Texts - FCCLeatherman Micra 10-in-1 Multi-ToolTechmoan - YouTubeThe Guild of Ambience - YouTube Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

26 Sep 201844min

Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee's bitcoin bet, and our guest gets a shock...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week (for a while at least) by David Bisson.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David Bisson.Sponsored By:Boxcryptor: Boxcryptor encrypts your sensitive files and folders in Dropbox, Google Drive, OneDrive and many other cloud storages. It combines the benefits of the most user friendly cloud storage services with the highest security standards worldwide. Encrypt your data right on your device before syncing it to the cloud providers of your choice.Listeners can get a 40% discount on the Boxcryptor Personal License (private use) and Boxcryptor Business (perfect for self-employed) by visiting smashingsecurity.com/boxcryptorSupport Smashing SecurityLinks:'Pull your finger out' - the phrase's meaning and originAmazon Investigates Employees Leaking Data for Bribes - WSJAmazon staff said to be taking bribes to leak dataCrooked firms bribe customers with free gifts to leave fake reviewsSmashing Security 063: Carole's back! (where Maria Varmazis discusses deepfakes)Carnegie Mellon Researchers Develop New Deepfake MethodTransferring One Video Into the Style of Another - YouTubeThe Secret to Detecting Deep Fakes Is in the Eye BlinksReddit bans ‘deepfakes’ AI porn communitiesBitcoin Price Prediction TrackerSerious Eats: The Destination for DeliciousJoyofBaking.comHow to cook the perfect ... Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

19 Sep 201833min

Malicious script is being blamed for the British Airways hack, Trend Micro's apps are booted out of the Mac App Store for snaffling private data, and Paul Manafort's daughter wants Twitter to remove a link.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Emm of Kaspersky Lab.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David Emm.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:A Deceitful 'Doctor' in the Mac App StoreAlert: Adware Doctor stealing your files - YouTube videoApps that steal users' browser histories kicked out of the Mac App storeTrend Micro apologises after Mac apps found scooping up users' browser historyBritish Airways hacked - customer data and details of 380,000 card payments stolenThe British Airways Breach: How Magecart Claimed 380,000 VictimsBritish Airways hack: Infosec experts finger third-party scripts on payment pagesLaw firm launches £500 million group action over British Airways hackBritish Airways Fly The Flag We'll Take More Care Of You 1979 UK Advert - YouTubeHacked texts from family of former Trump campaign manager surface on the dark webManafort's Daughter's Lawyers Pressured Twitter to Delete Links to Hacked Text MessagesWikileaks Refused To Publish Manafort Family Texts, So Someone Else DidAirHelpHow Employing Autistic People Can Help Stop Cyber-AttacksMcFadden's Cold War (@Coldwar_Steve) on TwitterWhen Phil Mitchell met Trump: Coldwar Steve and his Brexit Britain mashupsNoel Edmonds - WikipediaSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

12 Sep 201842min

What's the danger when browser extensions go bad? Is Twitter sharing your online status a boon for stalkers? And which of the show's hosts is going to admit to cheating in their exams?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist David McClelland.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: David McClelland.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:MEGA.nz Chrome extension caught stealing passwords, cryptocurrency private keysSecurity warnings for MEGA Chrome extension usersTwitter testing new feature that reveals when you're online... Who other than stalkers actually wants this?Giving social networking back to you - The Mastodon ProjectGraham Cluley on MastodonPhotomath - Camera calculatorTechnology Gives Students Innovative Tools for CheatingStudents’ cheating takes a high-tech turnMicrosoft Education: Take a Test - YouTubeRequired to install school malware on my personal computer - RedditThe Lord of the Rings (1978 film) - WikipediaRotoscoping - WikipediaTower – Official Trailer - YouTubeTower - NetflixCone - Live Color PickerThe dress - WikipediaA professor and his son-in-law came up with a brilliant invention to slash water use by 98% – Ikea is already a partnerAltered:CompanyAltered:Nozzle - YouTubeSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

5 Sep 201852min

How do fraudsters exploit abandoned domains to steal your company's secrets? How can you better protect your privacy when looking for love online? And who has the longest arms in the animal kingdom?All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who were joined briefly by a man in a wind tunnel for this episode.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:What do the drsolomon.com and sands.co.uk domains look like now?Hacking law firms with abandoned domain namesFraudsters Can Access Sensitive Information from Abandoned DomainsHave I Been Pwned: Domain searchJohn and Lorena BobbittHe Used Tinder to Hunt the Women He Raped and Killed, Police SayMissing Paperwork Got Him Out of Jail. Then, Police Say, He Raped and KilledMan jailed after attempting to rob man he met on dating appSearch for images with reverse image searchSwytch lets you use up to five 'burner' UK phone numbers from a single deviceSmashing Security 072: Why are firms so cr*p with our private data?A Hacker's Guide to Protecting Your Privacy While Dating How to Protect Your Privacy While Online DatingGibbons have the longest arms relative to body size of any primateBomb Chicken Teaser Trailer - YouTubeBomb Chicken for Nintendo SwitchFortnite fury over how Google handled its security holeThe Godless Spellchecker podcastSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

29 Aug 201837min

Is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm's files? And why on earth would a firm of lawyers start producing pornographic videos? You'll be surprised by the answers!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Paul Ducklin.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Support Smashing SecurityLinks:Connected car data handover headache: There's no quick fix... and it's NOT just Land RoversShock Land Rover Discovery: Sellers could meddle with connected cars if not unboundThe hidden data danger of the ‘Connected’ carYour BMW or Merc may also be at risk of being hacked, because of your iOS appSamy, the MySpace worm written by Samy KamkarApple hacked by 16-year-old who “dreamed” of working for firmMelbourne teen hacked into Apple's secure computer network, court toldPrenda Law stories at TechdirtMinneapolis lawyer pleads guilty to federal fraud, money laundering charges in porn troll schemeCybercrime Investigations podcast with Geoff WhiteFlash Drives for FreedomFinal SpaceSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

22 Aug 201851min

Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they won't be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banned from Twitter?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:The Podcast Awards - The People's ChoiceSex extortion emails now quoting part of their victim's phone numberNew Extortion Tricks: Now Including Your (Partial) Phone Number!In post-massacre Vegas, security policies clash with privacy valuesKatie Moussouris tweets about her Las Vegas hotel experienceVideo Shows Hotel Security at DEF CON Joking About Posting Photos of Guests' Belongings to SnapchatGoogle Spectre whizz kicked out of Caesars, blocked from DEF CON over hack 'attack' tweetOpen letter to the Hacker Community from DEF CON's Head of SecurityAlex Jones banned from YouTube, Facebook, and Apple, explainedFacebook, Apple, YouTube and Spotify ban Infowars' Alex JonesNow even YouPorn has banned Alex Jones, but he’s still on TwitterTwitter temporarily blocks Alex Jones from tweetingThe Twitter RulesGiving social networking back to you - The Mastodon ProjectCharlottesville: Why one man is suing Alex Jones for defamationShannon Coulter tweets about blocking Fortune 500 companies until Alex Jones is banned from Twitterlichess.org - Free Online ChessMagnus Carlsen playing as Dr Drunkenstein - YouTubeOctopath Traveler for Nintendo SwitchAlex Jones Rants as an Indie Folk Song - YouTubeSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

15 Aug 201848min