Smashing Security

Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Unsaflok - Security vulnerabilities in Saflok hotel locks.3 million doors open to uninvited guests in keycard exploit - The Register.Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - Wired.Google's new AI search results promotes sites pushing malware, scams - Bleeping Computer.Man who sent nude picture to teenage girl is jailed under new cyberflashing laws  - The Independent.Cyber-flashing convict is first to be jailed under new law - BBC News.What to do if you’re a victim of cyber flashing and how to report it - Metro.The first cyberflasher has been convicted: meet the woman who made it happen - Yahoo!What is cyber flashing? 'Banter' – or a sinister breach of consent - UK News.Love Island star sent unsolicited pictures online calls for tougher cyber laws - Bristol Live.Secret Agent Shenanigans: 13 Weird Spy Weapons And Gadgets - Stay Weird.Baldur’s Gate 3.Merlin Bird ID - Conell Labs.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide

There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Search engine market share - Oberlo.A compilation of Bing ads - YouTube.With Edge, Microsoft’s forced Windows updates just sank to a new low - The Verge.Microsoft fixes Edge browser bug that was stealing Chrome tabs and data - The Verge.Is this Microsoft Bing Popup Malware? - Reddit.Microsoft confirms Bing pop-up ads in Chrome on Windows 11 & Windows 10 - Windows Latest.‘A 22-carat disaster’: what next for British Library staff and users after data theft? - The Guardian.LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review - British Library.The Disturbing Impact of the Cyberattack at the British Library - The New Yorker.Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them? - The Guardian.Have we literally broken the English language? - The Guardian.According to the dictionary, "literally" now also means "figuratively" - Salon.Good Morning, Monster: A Therapist Shares Five Heroic Stories of Emotional Recovery - Amazon.Good Morning, Monster - Apple Podcasts.Smashing Security merchandise (t-shirts, mugs, stickers and...

Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Smashing Security episode 317 - Includes a discussion of which came first - Battle Bots or Robot Wars?“Disgraceful”: Messy ToS update allegedly locks Roku devices until users give in - Ars Technica.Dispute resolution terms - Roku.Enshittification - Wikipedia.Craig Shergold - Wikipedia.“Why TikTok Is Becoming A Conspiracy Playground” - YouTube.Dave Bittner’s AI-generated image of Graham Cluley - Twitter.Graham’s AI-generated video about pig butchering - Twitter.Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies - New York Times.Drivers concerned as automakers share driving data with insurance companies - NewsByte.Carmakers are sharing driving habits with insurance companies, unbeknownst to owners - TechSpot.Google Arts & Culture.WELI - Kangaroo Time (Club Edit) (From Dance Your PhD 2024 - OVERALL WINNER) - YouTube.Dance Your Ph.D. - Wikipedia.Animal DNA Run - CrazyGames.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money....

Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mogilevich claims it has breached Epic Games - Twitter.Fraudster’s fake data breach claims should remind media to be carefu what we report - DataBreaches.net.Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender.US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters.Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired.Vastaamo data breach - Wikipedia.The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security – Sophos.Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle.Prosecutors call for maximum penalty over Vastaamo hacking - Helsinki Times.Self-pay gas station pumps break across NZ as software can’t handle Leap Day - Ars Technica.Citrix, Sophos software impacted by 2024 leap year bugs - Bleeping Computer.Resident Alien trailer - YouTube.

Your smartphone may be toast - if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger - ArXiv.FBI offers free decryption help for LockBit ransomware victims - Paul Ducklin.LockBitsupp unmasked!!? Graham’s reaction to the FBI and NCA’s LockBit ransomware revelation - YouTube.Dating Statistics And Facts In 2024 – Forbes Health.Romantic AI Chatbots Don't Have Your Privacy at Heart - Mozilla Privacy Not Included.Promptsmart.Solving a celestial mystery: the Sun, Earth and Moon model - Museum of Natural History, Oxford.Lotus Bud.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market todayKolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or

Heaven's above! Scammers are exploiting online funerals, and LockBit - the "Walmart of Ransomware" - is dismantled in style by cyber cops.All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus! Don't miss our featured interview with Keiron Holyome about how BlackBerry is using predictive AI to stay one step ahead against threats.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Law enforcement disrupt world’s biggest ransomware operation - EuropolFeds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - Krebs on Security.International investigation disrupts the world’s most harmful cyber crime group - UK National Crime Agency.LockBit Victim Reporting Form - FBI.Fake Funeral Live Stream Scams Are All Over Facebook - 404 Media.Closed Captions (CC) vs Subtitles - Subly.Fingernails — Official Trailer - YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:BlackBerry – BlackBerry helps keeps you one step ahead. Cylance AI stops more attacks, earlier and with less effort than other solutions in the market todayKolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the a...

Holy mackerel! AI is jumping on the religion bandwagon, ransomware gangs target hospitals, and what's happened to your old mobile phone number?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by "Ransomware Sommelier" Allan Liska.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:I changed my number and now i can log into others accounts - Reddit.Post by Alexander Hanff - LinkedIn.Meta says risk of account theft after phone number recycling isn't its problem to solve - The Register.Things to bear in mind when you change your mobile number - T-Mobile.20+ hospitals in Romania hit hard by ransomware attack on IT service provider - Graham Cluley.Ransomware gang claims responsibility for Christmas attack on Massachusetts hospital - The Record.Cyberattack Disrupts Operations at Chicago Children’s Hospital: An Examination of the Threat and Its Impact - Medriva.Gods in the machine? The rise of artificial intelligence may result in new religions - The Conversation.AI: a way to freely share technology and stop it being misused already exists - The Conversation.The Friar Who Became the Vatican’s Go-To Guy on AI - The New York Times.How AI could change our relationship with religion - The Conversation.Meet the Vatican’s AI mentor – POLITICO.Focus Areas - AI and Faith - Rome Call.Are chatbots changing the face of religion? Three faith leaders on grappling with AI - The Guardian.“One Day” - Netflix.[Clicks...

Is this the real life? Is this just fantasy? A company in Hong Kong suffers a sophisticated deepfake duping, be one your guard from pig butchers as Valentine's Day approaches, and spare a moment to feel sorry for poor ransomware gangs.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:‘Everyone looked real’: multinational firm’s Hong Kong office loses HK$200 million after scammers stage deepfake video meeting - South China Morning Post.Countdown’s Rachel Riley is deepfaked by HSBC - Vimeo.Scameter - Cyber Defender HK.Warning as scammers fake police Scameter app - The Standard.Ransomware payment rates drop to new low – now 'only 29% of victims' fork over cash - The Register.New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying - Coveware.Romance scam reports rose by a fifth in 2023, says Lloyds Bank - The Independent. What is a ‘pig-butchering’ scam – and why is it on the rise? - BBC. Pig butchering mining scams: What they are and how to stop them - SC Media.No love for romance scammers in 2024 - Consumer Advice.Romance scammer reveals how he tricks women after failing to fool Go Public reporter - CBC.Sudoku Exchange.Learn Improv at Laugh at Leeds.Mr Mercedes - Disney+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that...

The iPhone security setting that you should enable right now, the worrying way that AI is predicting what criminals look like, and we play a game of face fake or real...All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mobile phone stolen every six minutes in London, says Met Police - BBC News.iPhone Thief Explains How He Breaks Into Your Phone - YouTube.About Stolen Device Protection for iPhone - Apple.Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It - Wired.Will ChatGPT write ransomware? Yes - Malwarebytes.AI chatbots are making scams more convincing than ever, warn spy chiefs - The Telegraph.Test yourself: which faces were made by AI? - New York Times.AI vs. Human Writing: Experts Fooled Almost 62% of the Time- Neuroscience News.I know that I know nothing - Wikipedia.Yours truly, Johnny Dollar - Comic book.I Heart Umami.Libby.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for...

This week the podcast is more lavatorial than usual, as we explore how privacy may have gone to sh*t on Google Maps, our guest drives hands-free on Britain's motorways (and is defamed by AI), and ransomware attacks an airplane-leasing firm.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by BBC Technology Editor Zoe Kleinman.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The Great British Public Toilet Map.How one man’s pay-to-use toilet gag revealed Google Maps can be used to track people - Crikey.Please Rob Me site exposes danger of sharing too much information online - Graham Cluley.Artist creates a virtual traffic jam in Google Maps - YouTube.How to Get Google to Quit Tracking Your Location - PC Magazine.Grieving With Google Street View - Slate.Zoe describes her curious tangle with AI - Twitter.What happens when you think AI is lying about you? - BBC News.Aercap confirms cyber threat involving ransomware - Air Finance.Ransomware crims slime AerCap, claim to have stolen 1TB - The Register.AerCap discloses cybersecurity incident - Reuters.BBC staffers warned of payroll data breach. BA and Boots also affected by MOVEit vulnerability - Graham Cluley.Randy Rainbow - YouTube.Donald in the John With Boxes - A Randy Rainbow Song Parody - YouTube.Zoe drives hands-free on a British motorway - Twitter.How to Play Taco Cat Goat Cheese Pizza - Wikihow.Asmodee Taco Cat Card Game - John Lewis.Smashing Security merchandise (t-shirts, mugs, stickers and...

Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And Indian men have hard feelings after falling for a money-for-sex scam.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:What Rishi Sunak gets up to over Christmas… - YouTube.Boris Johnson's Love Actually parody (Conservative Party election broadcast) - YouTube.UK's Rishi Sunak becomes richest ever occupant of Number 10 - Reuters.Over 100 Deep-Faked Rishi Sunak Ads Found on Meta’s Platform - Fenimore Harper Communications.Slew of deepfake video adverts of Sunak on Facebook raises alarm over AI risk to election - The Guardian.23andMe Blames User “Negligence” for Data Breach - Infosecurity Magazine.All India Pregnant Job service: Indian men conned by 'impregnating women' scam - BBC News.World War II: From the Frontlines - Netflix.Spintronics - Upper Story.Reacher - Amazon Prime.The Trust - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...

Chuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb scammer.All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Chief executive of collapsed crypto fund HyperVerse does not appear to exist - The Guardian.Crypto hedge fund CEO may not exist; probe finds no record of identity - Ars Technica.BUSTED: Fake HyperVerse CEO Who Stole $1.3 Billion Unmasked! - YouTube.Hyperverse’s Steven Reece Lewis outed as Steve Harrison - Behind MLM.HyperVerse crypto promoter ‘Bitcoin Rodney’ arrested and charged in US - The Guardian.GenAI could make KYC effectively useless - TechCrunch.Airbnb Grifter Busted for $7.5 Million 'Bait-and-Switch' Scam, Feds Say - The Daily Beast.I Accidentally Uncovered a Nationwide Scam Run by Fake Hosts on Airbnb - Vice.Percentage Point vs. Percent Difference - Macroption.“Is Math Real?” - Book by Eugenia Cheng.“Julia” trailer - YouTube.Watch Before We Die - Channel 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your...

Piers Morgan is less than happy after a judgement that there is "no doubt" he knew phone hacking was going on at the Daily Mirror, and a shopper comes a-cropper just before Christmas.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Piers Morgan denies knowing of phone hacking after judge rules he did - The Guardian.I've never told anyone to hack a phone - Piers Morgan tells Laura Kuenssberg - BBC News.Piers Morgan interviewed by BBC’s Amol Rajan about phone hacking at Daily Mirror  - BBC News.Piers Morgan will find many ways to deny phone hacking – but how long before his number is up? - Archie Bland’s article in The Guardian.Piers Morgan tells Charlotte Church how to stop her mobile phone from being hacked - YouTube.I'm sorry, Macca, for introducing you to this monster - Piers Morgan describes in the Daily Mail a voicemail he heard between Paul McCartney and Heather Mills.The human cost of phone hacking - Graham Cluley.Eudesignhouse.shop Review – Unmasking the Store Closing Scam - MyAntiSpyware.Whois Domain Lookup.Myth Maker: The Lost Legacy of Donald Cotton - SoundCloud.15 virtual Christmas party games to play this festive season - Country Living.21 Virtual Christmas Games To Play On Zoom With Adults - Team Building.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing...

A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Fuzzy Duck - Wikipedia.Cybercrime author Geoff White demonstrates his NSFW balloon trick at the "Smashing Security" podcast Christmas party - Reddit.Rule 34 - Wikipedia.We are (temporarily) offline - InflateVids on Patreon.Fast Company’s Apple News access hijacked to send an obscene push notification - The Verge.Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ - Vice.The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) - Paul Ducklin.Russian influence and cyber operations adapt for long haul and exploit war fatigue  - Microsoft.How Zelensky became Hollywood man of the hour - The Guardian.Nigel Farage wishes Hugh Janus a happy birthday - YouTube.Don Johnson - Cameo.Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky - The Register.Winning hearts and minds - Military Wiki.AdGuard Home - GitHub.Garmin Edge 130 Plus - Garmin.Garmin Connect IQ - Garmin.The Thermapen.Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool - Amazon.

Hacking fears are raised at Western Europe's most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Why Facebook Is Rebranding Itself as Meta - INSEAD.Windscale fire - Wikipedia.Sellafield nuclear site hacked by groups linked to Russia and China - The Guardian.Response to a news report on cyber security at Sellafield - UK Government.Response to Guardian news article - Office for Nuclear Regulation.Common Facebook Marketplace scams and how to avoid them - Comparitech.Advice from Google on how to remove malware and unsafe software from Android devices - Google.New Report Reveals Truths About How Teens Engage with Pornography - Common Sense Media.‘A lot of it is actually just abuse’- Young people and pornography - Children's Commissioner for England.Implementing the Online Safety Act: Protecting children from online pornography - Ofcom.UK age assurance guidance for porn sites gives thumbs up to AI age checks, digital ID wallets and more - TechCrunch.Meet Your Second Wife - Saturday Night Live sketch, YouTube.‘Modern Love Podcast’: Our 34-Year Age Gap Didn’t Matter, Until It Did - New York Times.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Push Security – Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.