Smashing Security

Smashing Security

www.smashingsecurity.com
News and views from the world of cybersecurity, hacking, and internet threats
057: Mikko - live from the sauna - talks Bitcoin security
Dec 13 • 40 min
How to protect yourself from Bitcoin hackers, why you should think twice before giving Amazon the keys to your house, and how a private investigator tried to hack Donald Trump's tax returns. All this and much much more is discussed in the latest edition…
056: Peeping Toms, prison hacks, and parliamentary passwords
Dec 6 • 41 min
Why you should check your Airbnb for hidden cameras, a hacker attempts a different kind of jailbreak, and British MPs prove that they really are clueless when it comes to cybersecurity. All this and much much more is discussed in the latest edition of the…
055: Uber, net neutrality, and website hacks
Nov 30 • 28 min
Uber covers up a data breach, the noose tightens on net neutrality, and Bulletproof's website spills the data beans. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham…
054: A great big fat macOS bug
Nov 29 • 8 min
Yes, you can log into macOS High Sierra's root account with no password. In this special "emergency" edition of the podcast computer security veterans Graham Cluley and Carole Theriault discuss the breaking news of a serious Apple macOS bug that allows…
053: Game of Thrones, a major Amazon cloud leak, and web tracking gone crazy
Nov 22 • 40 min
The FBI think they've identified the HBO hacker, the US military have been caught with a leaky bucket, and web tracking has just got scarier than ever. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by…
052: Facebook tackles vengeful scumbags, and a sex toy privacy boob
Nov 15 • 39 min
Is your dildo listening to you? Do you trust Facebook with your most intimate photos? And just how did a vengeful DDoSer come up with that nickname? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by…
051: Robots, romance, passwords, and CrunchyRoll
Nov 8 • 41 min
Passwords are under the microscope again, CrunchyRoll leads anime fans to malware, a sexy robot gains Saudi citizenship, and Carole begins her career as an agony aunt. All this and much much more is discussed in the latest edition of the "Smashing…
050: MailChimp, Piers Morgan, and The Dark Overlord
Nov 1 • 42 min
There's little time to celebrate our 50th episode, because there are rants to be had about MailChimp's switch to single opt-in, Graham upsets Piers Morgan on Twitter, and the Dark Overlord hacking gang are up to some pretty horrid tricks. All this and…
049: Hacking funeral homes, crypto mining websites, and careful with that hairspray
Oct 25 • 44 min
Scammers show a lack of imagination after hacking a funeral home, more websites are secretly stealing visitors' resources to mine for cryptocurrency, and everyone is very confused about the USA's airline laptop ban. All this and much much more is…
048: KRACK, North Korea, and an 18th century cyber attack
Oct 18 • 33 min
KRACK! Has the Wi-Fi vulnerability got you worried? Did North Korea hack a British TV company to prevent a "slanderous farce" from being made? And what have Dutch police learnt from Pokémon? All this and much much more is discussed in the latest edition…
047: Kaspersky, AI, and a well-handled data breach
Oct 11 • 40 min
America turns the heat up on Kaspersky anti-virus, Disqus announces a data breach, Elon Musk plans a bolthole on Mars to escape our robot overlords, and Graham gets to play chess with Garry Kasparov. All this and much much more is discussed in the latest…
046: Good beard bad beard
Oct 4 • 38 min
Bearded man entangled in dark web drugs market bust, Google researches how to make browser security warnings less confusing, and (ahem) "bedroom entertainment systems" probed for security holes. All this and more is discussed in the latest edition of the…
045: Deloitte fail, CCleaner, and dotards on Twitter
Sep 27 • 36 min
Deloitte suffers an embarrassing hack, CCleaner spreads malware, and Twitter explains why it isn't planning to ban Donald Trump from Twitter anytime soon. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer…
044: Bonus behind the scenes - shower time
Sep 25 • 6 min
Carole wants to know why Graham keeps FaceTiming her from the shower. Can you help solve the mystery? ("Bonus" behind-the-scenes content.) Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes. Remember: Subscribe on…
043: Backups - a necessary evil?
Sep 20 • 29 min
In this special "splinter" episode of the "Smashing Security" podcast we tackle the tricky subject of backups - when did you last backup your data? how and what should you backup? and where should you store them? Lots of questions and Graham gets to do…
042: Equifax, BlueBorne, and the iPhone X
Sep 13 • 45 min
Equifax's shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple's iPhone X comes with Face ID. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham…
041: Hacking Instagram, facial failures, and spying bosses
Sep 7 • 46 min
It's easy to phone up a celebrity on Instagram following security breach, facial recognition at Notting Hill Carnival can't tell the girls from the boys, and companies are spying on their workers' activities. All this and more is discussed in the latest…
040: The show that cost Troy Hunt 14 dollars
Aug 30 • 47 min
Are public figures lying about being hacked? What were online criminals doing with 711 million email addresses? And how could scammers profit from Hurricane Harvey? All this and more is discussed in the latest edition of the "Smashing Security" podcast by…
039: Woah - are we talking to a cyborg?
Aug 23 • 46 min
Hackers could change emails in your inbox after they are delivered, the web is getting more and more encrypted, and hacked robots can be commanded to umm… stab you. All this and more is discussed in the latest edition of the "Smashing Security" podcast by…
038: Gents! Stop airdropping your pics!
Aug 16 • 44 min
WannaCry hero Marcus Hutchins (aka MalwareTech) pleads not guilty to malware charges, the Scottish parliament is hit by a brute force attack, IoT smart locks aren't so smart, and.. ahem.. someone is sending intimate pics via AirDrop to unsuspecting…
037: Boobs, dragons and data breaches
Aug 9 • 37 min
Hackers are holding HBO to ransom after a massive data breach, and have leaked the phone numbers and email addresses of "Game of Thrones" cast members. Has security firm Carbon Black been leaking customers's sensitive files while trying to scan them? And…
036: Flash? Clunk flush… and hacking security researchers
Aug 2 • 44 min
A security threat researcher is badly hacked in a revenge attack. Some people want to save Adobe Flash, but is that wise? And a poorly-secured electronic billboard starts displaying offensive images… All this and more is discussed in the latest edition of…
035: Up the Roomba with mandatory Chinese spyware
Jul 26 • 37 min
China is forcing people to install smartphone spyware, young cyberoffenders are offered rehab, and robot vacuum cleaners want to sell maps of the inside of your house to tech firms. All this and more is discussed in the latest edition of the "Smashing…
034: The pen is mightier than the password
Jul 20 • 48 min
The UK government wants you to give your credit card details to porn sites, Ashley Madison offers compensation to the people whose lives it ruined, and an adult website wants you to pass its unorthodox and below-the-belt biometric identity check… gulp!…
033: 1Password, net neutrality, and spatchcock chicken
Jul 13 • 42 min
Is password manager 1Password treating its customers unfairly? Are autonomous cars driving us around the bend? And what is this Net Neutrality thing anyway? All this and more is discussed in the latest edition of the "Smashing Security" podcast by…
032: The iPhone 8, a data breach at the AA, and a mystery no show
Jul 6 • 35 min
The iPhone 8 is on its way and may use 3D facial recognition rather than a fingerprint sensor to lock out intruders, and the UK's Automobile Association claims it hasn't leaked any credit card data, so why is it getting so upset about security researchers…
031: Petya (don’t know the name of this ransomware)
Jun 29 • 44 min
Another major ransomware outbreak rattles the world - but no-one can decide what it's called, the danger posed to driverless cars by kangaroos, and do you really want an Amazon Echo Show? All this and more is discussed in the latest edition of the…
030: GDPR - The good and the bad
Jun 22 • 26 min
In this special "splinter" episode, regular hosts Graham Cluley and Carole Theriault are joined by special guest Kevin Gorsline to discuss the European Union's General Data Protection Regulation (GDPR), and what it means for your business even if you're…
029: Exploits to get your English teeth into
Jun 15 • 38 min
Microsoft gives us a Patch Tuesday shock, malware grows up for the Mac, and your mouse movements might reveal if you're an identity thief. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security…
024: Reality Winner, Gordon Ramsay and a leaky bucket
Jun 7 • 38 min
Evidence of Russia hacking the US election leaks from the NSA and Reality is not a winner, confidential data is accidentally exposed in the cloud by a defence contractor, and Gordon Ramsay has a few choice words for his hacking father-in-law. All this and…
023: Covfefe
May 31 • 40 min
Hackers are blackmailing cosmetic surgery patients, and threatening to release their naked photos. A British Airways IT snafu causes travel chaos for thousands. And Germany is threatening to throw hefty fines at Facebook if it can’t police its content…
022: Walk this way… to defeat biometrics
May 24 • 31 min
The Samsung Galaxy S8 claims that its iris recognition technology provides "airtight security", but the Chaos Computer Club knows better and shows how it can be easily bypassed. Australian researchers create a wearable gizmo that authenticates you through…
021: WannaCry - Who’s to blame?
May 18 • 35 min
The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturing the keystrokes of its laptop users. Then we briefly…
020: Phishing for Donald Trump
May 10 • 30 min
Gizmodo's attempt to reveal Donald Trump's administration ineptitude when it comes to cybersecurity fails to impress. Mac users are warned that the HandBrake DVD-ripping app has been compromised by malware. And will the US Army insist IT security…
019: The Love Bug virus
May 3 • 29 min
On May 4th 2000, the Love Bug virus (also known as ILOVEYOU or LoveLetter) rapidly spread around the world, clogging up email systems. Computer security veterans Graham Cluley and Carole Theriault are joined this week by special guest John Hawes for a…
018: Windows is a virus. True or False?
Apr 27 • 30 min
Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers’ PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again. All this and…
017: Data breaches, zero day exploits, and toenail clippings
Apr 20 • 30 min
Hotel malware has been stealing guests’ payment card details… again, should businesses relay delay rolling out vulnerability patches, and Burger King’s Whopper TV ad campaign tries to take advantage of viewers’ Google Home devices with predictable…
016: Wonga wronga!
Apr 13 • 27 min
Spyware companies are filmed plotting to break global sanctions to ship surveillance and spying equipment to dodgy authoritarian regimes, an unsecured database exposed diabetics’ sensitive data, and a massive data breach leaves hundreds of thousands of…
015: Bad vibrations
Apr 5 • 26 min
Don’t let an internet-enabled sex toy make your most private moments oh-so-public. Samsung’s wannabe-Android-killer is found lacking. And did you hear about the firm that is micro-chipping its employees? All this and more is discussed by computer security…
014: Protecting webmail - a Smashing Security splinter
Mar 30 • 30 min
What can you do to better protect your online email accounts? In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin tips on how to defend your…
013: Assault with a deadly tweet
Mar 23 • 33 min
Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane? All this and more is…
012: Eau de Eugene Kaspersky
Mar 16 • 28 min
Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Graham Cluley, Carole Theriault and special guest Nick…
011: WikiLeaks and the CIA
Mar 9 • 33 min
Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control?…
010: The dolls must be destroyed
Mar 2 • 36 min
A creepy teddybear leaks two million voicemail messages, Windows 10 pushes you into only installing vetted apps, and Boeing warns 36,000 employees their personal information could have been exposed after a worker sends a spreadsheet to his wife. All this…
009: False flags and hacker clues
Feb 23 • 26 min
The Lazarus malware attempts to trick you into believing it was written by Russians, second-hand connected cars may be easier to steal, and is your child a malicious hacker? All this and more is discussed by computer security veterans Graham Cluley, Vanja…
Macs and malware - a Smashing Security splinter
Feb 21 • 16 min
Do you run an anti-virus on your Mac? Should you? In this special “splinter” episode (or should it be a “shard”?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss the malware threat for Apple Macs and MacBooks. SHOW NOTES: 600,000…
008: I’ll give you my Android when you pry it from my cold, dead paws
Feb 16 • 28 min
Handbags at dawn for CrowdStrike and NSS Labs! Donald Trump’s insecure Android phone! File-less malware - is that so new? And StalkScan makes it easier to reveal what Facebook users have been carelessly sharing… Computer security veterans Graham Cluley,…
Using public Wi-Fi - a Smashing Security splinter
Feb 13 • 21 min
The tricky problem of public Wi-Fi hotspots. In this special “splinter” episode (or should it be a “shard”?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss, and offer some advice and tips for computer users. SHOW NOTES: VPN…
007: ASCII art attack
Feb 9 • 22 min
Printers start churning out ASCII art after a vigilante hacker hijacks 160,000 devices, a researcher reveals how you can get Donald Trump to tweet an embarrassing spoof video of himself, and has your smart TV been snooping on you? Computer security…
Email attachment malware - a Smashing Security splinter
Feb 8 • 18 min
Email attachment malware is the thorny topic tackled by computer security veterans Graham Cluley, Carole Theriault and Vanja Svajcer in this “splinter” episode from the Smashing Security team. Listen to this before you click! Oh, and Carole would like to…
Passwords - a Smashing Security splinter
Feb 7 • 13 min
Passwords - everything you need to know about how to make them safer, and better secure your online accounts. In this special “splinter” episode (or should it be a “shard”?) regular hosts Graham Cluley, Carole Theriault and Vanja Svajcer discuss the…
006: A romantic ransomware hotel break
Feb 2 • 28 min
Were hotel guests really trapped in their rooms by ransomware? Does anti-virus increase your attack surface so much that it’s not worth running at all? And 11% of people on the internet are running ad blockers, says company which blocks ad blockers. Oh,…
005: Upskirt insecurity
Jan 26 • 25 min
An alleged hacker finds the downside to car rental, a New York Times Twitter account announces Vladimir Putin is planning to launch a missile attack against the United States, and an “upskirt” website leaks its user data. Oh, and Vanja forces Graham to…
004: You don’t mess with Brian Krebs
Jan 19 • 30 min
The Spora ransomware offers you more than just your encrypted files back, Brian Krebs busts the alleged masterminds behind the Mirai botnet, and be careful that your IT staff aren’t the only ones who know your corporate passwords. Computer security…
003: Alexa! Get me an axe!
Jan 12 • 26 min
Donald Trump and *that* secret dossier, MongoDB databases under attack, Microsoft employees suffering from PTSD and Alexa buying doll houses. Computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault chit-chat about the world of online…
002: Invest in carrier pigeons
Jan 5 • 22 min
Donald Trump talks cybersecurity and explains how to keep your messages top secret, Ukrainian soldiers are being spied upon by Android malware and an artist has devised a novel way of avoiding facial recognition technology. Computer security veterans…
001: One cup, two hotel guests
Dec 26, 2016 • 27 min
We discuss the pains of providing tech support to family and friends, when writing down your passwords is actually a good idea, and muse on cloud backup services. Cool gadgetry, smart basketballs, below-par hotel services and, of course, Christmas being…