Smashing Security

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest The CyberWire's Dave Bittner.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Dave Bittner.Sponsored By:Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrMetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGSupport Smashing SecurityLinks:FSLabs' A320 installer seems to include a Chrome password extraction toolFlight Simulator Add-On Tried to Catch Pirates By Installing Password-Stealing Malware on Their ComputersA320-X DRM clarification - Flight Sim Labs ForumsFlightSimLabs Alleged Malware Analysis – Luke GormanA320-X DRM - what happened - Flight Sim Labs ForumsLawsuits threaten infosec research - just when we need it mostFacebook plans to use U.S. mail to verify IDs of election ad buyersFacebook’s secret weapon in the fight against foreign meddling? PostcardsFact-Checking a Facebook Executive’s Comments on Russian InterferencePunycode - WikipediaIDN Safe for ChromeIDN Safe for FirefoxIDN Safe for OperaFirefox users - Spot phishing URL's more easily by enabling Show PunycodePrivacy.com — (Dave's recommendation, not ours)How to remove your credit card information from your iPhoneChange or remove your Apple ID payment information - Apple SupportSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

21 Feb 201839min

Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.Rapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrSupport Smashing SecurityLinks:Government websites hijacked by cryptomining pluginRussian nuclear scientists arrested for allegedly hijacking supercomputer to mine BitcoinsNow that's taking the p... Sewage plant 'hacked' to craft crypto-coinsSalon website gives you a choice: turn off your ad blocker or let us mine cryptocurrenciesCoinhive review: Embeddable JavaScript Crypto Miner - 3 days inSmashing Security 059: An intro to Bitcoin and BlockchainYouTube Kids app still showing disturbing videosSomething is wrong on the internet – James BridleAmazon Echo Dot ad cleared over cat food orderBroadcast Code - ASASarah Huckabee Sanders warns Twitter about Amazon Echo after 2-year-old orders $80 Batman toyCat Food (Amazon Echo Commercial) - YouTubeDinosaur ChessThe Furby Organ, A Musical Instrument Made From Furbies - YouTubeWintergatan - Marble Machine (music instrument using 2000 marbles) - YouTubePoppy introduces a plant - YouTubePoppy is a disturbing internet meme seen by millions. Can she become a pop sensation?Smashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

15 Feb 201849min

A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest HaveIBeenPwned's Troy Hunt.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Troy Hunt.Sponsored By:MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.Go to smashingsecurity.com/metacompliance Promo Code: SMASHINGRapid7: InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. You can download a 30-day trial by visiting www.rapid7.com/insightidrSupport Smashing SecurityLinks:Namecheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-DomainsThat’s not how security works, security is not obscurityUpdate on Recent Hosting Breach - Namecheap BlogHave I been pwned? Pwned PasswordsHow Long is Long Enough? Minimum Password Lengths by the World's Top SitesCenter for Humane TechnologyAdam Alter: Why our screens make us less happyEx Facebook, Google Employees Launch Anti-Tech CampaignSocial Networking Sites and Addiction: Ten Lessons Learned'Fiction is outperforming reality': how YouTube's algorithm distorts truthAlphaGo movieIn Two Moves, AlphaGo and Lee Sedol Redefined the FutureUbiquiti NetworksBasic Crepe Batter RecipeGateau de crepesSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

7 Feb 201843min

Fitness trackers breaching your privacy, how anyone can create convincing celebrity porn, and how ransomware authors are getting ripped off by scammers.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Maria Varmazis.Sponsored By:Chess CyberSecurity: Chess CyberSecurity is taking the pulse of the IT nation. Complete their three-minute quiz and you could win amazing prizes - including limited edition t-shirts, wireless headphones, an iPad Pro and a Sony PS4.Support Smashing SecurityLinks:Strava's Global HeatmapNathan Ruser tweets about Strava's global heatmapPrivacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared onlineThar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombsAdvanced Deanonymization through StravaFake celebrity porn is blowing up on Reddit, thanks to artificial intelligenceReddit User Outperforms Disney with AI-Generated Princess LeiaFake News Is About to Get Even Scarier than You Ever DreamedJosh Turner of The Other Favorites - YouTubeThe Levee by The Other Favorites - YouTubeBlood on the Tracks by Bob DylanUnited denies woman's attempt to bring peacock onto flightDexter The Peacock on InstagramReforestation Drones Can Plant 100K Trees In An HourSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

1 Feb 201845min

Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more with special guests David McClelland and Vanja Švajcer.Follow the "Smashing Security" podcast on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guests: David McClelland and Vanja Švajcer.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Tinder's Lack of Encryption Lets Strangers Spy on Your SwipesTinder drift demo - YouTubeUsing public Wi-Fi - a Smashing Security splinterWatchdog Wednesday: WiFi hackers - BBCApple drops requirement for apps to use HTTPS by 2017Amazon Go debuts, and its prying cameras foil our shoplifting attemptsHacker Infects Gas Pumps with Code to Cheat CustomersMaking Blake's Seven 101 - YouTubeJon Alpert Speaks On His Film, "Cuba and the Cameraman" - YouTubeReview: ‘Cuba and the Cameraman’ Lavishes Love on a Country … and CastroCARROT Weather on the iOS App StoreSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

24 Jan 201844min

User interfaces and poor procedures lead to pandemonium in Hawaii, hackers are attempting to trick victims into opening cryptocurrency-related email attachments, and yet more pox-ridden apps are found in Android's Google Play store.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Hawaii's ballistic missile false alarm and a user interface failureHawaii missile alert: How one employee ‘pushed the wrong button’ and caused a wave of panicWhat Hawaii Was Like After the False Nuclear AlarmCryptocurrency as the lure, an ISO as the attachment – why not open it?Malware Displaying Porn Ads Discovered in Game Apps on Google PlayGames with pornographic ads sneak into the Play Store, get 3 million downloadsFake WhatsApp app tricked over a million users@ruanyf on Twitter's picture of a visual display for a Chinese lavatoryPolice give out infected USBs as prizes in cybersecurity quizIBM distributes USB malware cocktail at AusCERT security conferenceIBM has been shipping malware-infected USB sticksOlympus Stylus Tough camera carries malware infectionGoogle Arts and Culture app: How to find which famous painting you look like – and why people don't want to Google Arts & CultureSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

17 Jan 201850min

The chips are down, as tech companies struggle to protect against the Meltdown and Spectre flaws. The White House is getting tough on leakers by banning personal devices from the West Wing. And someone has been embedding a Bitcoin wallet into their hand...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: David McClelland.Sponsored By:CloudBerry Lab: Backup files, folders and system images to the cloud storage of your choice - with built-in 256 bit encryption ensuring your precious data remains private.Support Smashing SecurityLinks:Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPadsSpectre? Meltdown? F*CKWIT? Calm down and make yourself some teaUntil your anti-virus adds this Registry key, you aren't getting any more Windows security updatesImportant information about Microsoft Meltdown CPU security fixes, antivirus vendors and youOuch! Microsoft's Meltdown and Spectre security update bricks some AMD-powered PCsRipple soars, becomes second-biggest cryptocurrency by market capBICHIPWould you store Ripple and Bitcoin in 'mark of the beast' microchip?Biohacker Summit 2017 – Uniting Technology & NatureMeet the first humans to sense where north is White House bans use of personal devices from West Wing“Fire and Fury” Is a Book All Too Worthy of the President Portal Knights - The award-winning sandbox action-RPG adventure gamePortal Knights trailer for Nintendo Switch - YouTubeFocus - Productivity Timer on the App StoreCasefile: True Crime PodcastSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

10 Jan 201840min

In this special "splinter" episode of the "Smashing Security" podcast we take a look at Bitcoin and Blockchain. What's all the fuss about cryptocurrencies? How can you protect your Bitcoin wallet? And how does the Blockchain work?Lots of questions, and Graham offers to sell his family.Listen to the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Peter Ullrich of the "Explain Blockchain" podcast.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Peter Ullrich.Support Smashing SecurityLinks:Bitcoin Resources from Jameson LoppMastering Bitcoin book by Andreas AntonopoulosExplain Bitcoin Like I’m FiveBitcoin ExchangesSilk Road's Ross Ulbricht sentenced to life in prison, without paroleBitcoin Energy Consumption IndexJaxx mobile cryptocurrency walletTrezor hardware Bitcoin wallet"Explain Blockchain" podcastSmashing Security on FacebookSmashing Security merchandise (t-shirts, mugs, stickers and stuff)

3 Jan 201826min