Smashing Security

What can you do to better protect your online email accounts?In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin tips on how to defend your Gmail/Yahoo/Hotmail/Outlook/etc account.SHOW NOTES:Passwords - a Smashing Security splinter How to better protect your Google account with two-step verification and Google Authenticator - Graham CluleyHow to protect your Yahoo account with two-step verification (2SV) - Graham CluleyNIST declares the age of SMS-based 2-factor authentication over - TechCrunchThe lesson we all must learn from the Celebgate nude photo hack - Graham Cluley Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

30 Mars 201730min

Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane? All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Alex Eckelberry.SHOW NOTES: Sorry for the Nazi spam from my Twitter account - Graham Cluley Newsweek reporter Kurt Eichenwald on Fox News, 15 December 2016 - YouTube Maryland man arrested for cyberstalking - US Dept of Justice US man held for sending flashing tweet to epileptic writer - BBC News Epilepsy site hacked with seizure images - CBS News How to really pronounce GIF - howtoreallypronouncegif.com Gif's inventor says ignore dictionaries and say 'Jif' - BBC News How to disable animated GIFs in different web browsers - The Windows Club How to disable autoplaying videos on Twitter - Twitter This is the email that hacked Hillary Clinton’s campaign chief - Bitdefender Hot for Security Fry all the things! USB Kill zaps tons of computing devices - Graham Cluley UK flight ban on electronic devices announced - BBC News Electronics banned from cabins on some Middle Eastern and African flights to U.S. - CNN Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Alex Eckelberry.Sponsored By:Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intelSupport Smashing Security

23 Mars 201733min

Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Graham Cluley, Carole Theriault and special guest Nick FitzGerald discuss the latest news from the world of computer security. SHOW NOTES: Preinstalled Malware Targeting Mobile Users - CheckPoint Chinese Android smartphone comes with malware pre-installed - Graham Cluley WikiLeaks says it will work with software vendors to fix CIA zero-day exploits... but when? - Graham Cluley Kaspersky launches a range of perfumes to, er, defend your odour - The Register Toilet hackers could snoop on your poop, steal data of a "personal nature" - Graham Cluley Beauty blogger Scarlett London launches Threat de Toilette in bid to stop youngsters oversharing online - The Sun Jackie Chan and Eugene Kaspersky - YouTube Packin' the K music video - YouTube   This episode of Smashing Security is made possible by the generous support of Recorded Future — the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats. Sign up for free daily threat intelligence updates at recordedfuture.com/intel Thanks to Recorded Future for their support.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Nick FitzGerald.Support Smashing Security

16 Mars 201728min

Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control? Computer security veterans Graham Cluley, Carole Theriault and special guest Paul Ducklin discuss. SHOW NOTES: Nintendo Classic Mini WikiLeaks says it releases files on CIA cyber spying tools The CIA didn't break Signal or WhatsApp, despite what you've heard After NSA hacking exposé, CIA staffers asked where Equation Group went wrong Apple, Samsung Respond To Wikileaks Claims Of CIA Hacking Programs Twitter reactions to the WikiLeaks CIA data dump Is the CIA's Weeping Angel spying on TV viewers? Satan ransomware: old name, new business model 3 (free) things that journalists can do right now to protect their data and their sources at the border The US Gov Can Download the Entire Contents of Your Computer at Border Crossings What Are Your Rights if Border Agents Want to Search Your Phone? Stop Fabricating Travel Security Advice  This episode of Smashing Security is sponsored by Foursys - check out their free end-user cybersecurity training kit - it's everything you need to roll out infosecurity best practice training (right from your desk). Grab it now from https://www.foursys.co.uk/toolkit Thanks to Foursys for sponsoring this episode of Smashing Security. Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Paul Ducklin.Support Smashing Security

9 Mars 201733min

A creepy teddybear leaks two million voicemail messages, Windows 10 pushes you into only installing vetted apps, and Boeing warns 36,000 employees their personal information could have been exposed after a worker sends a spreadsheet to his wife.All this and more is discussed by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault.SHOW NOTES: Announcing the first SHA1 collision Tavis Ormandy: Cloudflare Reverse Proxies are Dumping Uninitialized Memory Incident report on memory leak caused by Cloudflare parser bug List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak Quantifying the impact of "CloudBleed" CloudPets commercial Data from connected CloudPets teddy bears leaked and ransomed, exposing kids' voice messages Microsoft slaps Apple Gatekeeper-like controls on Windows 10: Install only apps from store Boeing Notifies 36,000 Employees Following Breach This episode of Smashing Security is sponsored by NetFort - https://www.netfort.com/ NetFort LANGuardian is easy-to-use network traffic and security monitoring software that tells you what is really happening on your network - no specialist hardware required!Check out the demo of LANGuardian and download a free trial from https://www.netfort.com/. Mention "Smashing Security" and you'll save 20% off your order!Thanks to NetFort for sponsoring this episode of Smashing Security.Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security

2 Mars 201736min

The Lazarus malware attempts to trick you into believing it was written by Russians, second-hand connected cars may be easier to steal, and is your child a malicious hacker?All this and more is discussed by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault.Oh, and Carole makes Graham and Vanja apologise for their past mistakes.SHOW NOTES: You Only Live Twice - space capsule scene Lazarus's false flag malware Hackers behind bank attack campaign use Russian as decoy It’s too easy to steal a second-hand connected car Nissan Figaro Is your child a hacker? Liverpudlian parents get warning signs checklist How do I remove a tag from a Facebook photo or post I’m tagged in? Code Red IIS worm Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security

23 Feb 201726min

Do you run an anti-virus on your Mac?  Should you?In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss the malware threat for Apple Macs and MacBooks.SHOW NOTES: 600,000 Macs infected with Flashback trojan, 274 in Cupertino Flashback to the biggest Mac malware attack of all time - Is it still a threat? Hackers target Iranian activists’ Mac devices with revamped malware Microsoft Office macro malware targets Macs 12 security suites for Mac OS X put to the test Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security

21 Feb 201716min

Handbags at dawn for CrowdStrike and NSS Labs! Donald Trump's insecure Android phone! File-less malware - is that so new? And StalkScan makes it easier to reveal what Facebook users have been carelessly sharing... Computer security veterans Graham Cluley, Carole Theriault and Vanja Svajcer discuss.SHOW NOTES AEP Public Test Announcement NSS Labs Report Confirms Testing of CrowdStrike Falcon was Incomplete and Wrong Some thoughts on the CrowdStrike vs NSS Labs debacle Which Android phone does Donald Trump use? Senators raise concerns over Donald Trump's smartphone security Google claims ‘massive’ Stagefright Android bug had 'sod all effect' A Scary New Kind of Malware Is Invading Banks All Over the World Fileless attacks against enterprise networks StalkScan This creepy Facebook tool is revealing a LOT about you Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!Warning: This podcast may contain nuts, adult themes, and rude language.Special Guest: Vanja Švajcer.Support Smashing Security

16 Feb 201728min