Smashing Security

Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Max Power of Bitwarden. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Australian cyber-op attacked ISIL with the terrifying power of Rickrolling“Breaking the code: Cyber Secrets Revealed”Scam Alert: Woman tries helping injured bird, ends up losing Rs 1 lakh to cyber criminalsToll-free Hijack Alert (misdial scam)“Connected: the hidden science of everything”“Connections” with James Burke“I wanna marry Harry” reality show“Space cadets” reality showUnreal: A Critical History of Reality TVFamous StudiosUnreal: A Critical History of Reality TVSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideCentripetal SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Plus don't miss our featured interview with David Ahn of Centripetal. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 8 new top-level domains for dads, grads and techiesTweet by Citizen Lab’s John Scott-RailtonFile Archiver in the browserA Lawyer's Filing "Is Replete with Citations to Non-Existent Cases" - Thanks, ChatGPT?Ely riot: Live updates as police investigate CCTV showing police van following bike moments before fatal crashCardiff riot: Police force refers itself to watchdog as CCTV shows its van following e-bike before fatal crashTwo boys killed in Cardiff crash which was followed by riot are namedCardiff riots: social media rumours about crash started unrest, says police commissionerBlack ButterfliesBlack Butterflies trailer“The End of the World Is Just the Beginning: Mapping the Collapse of Globalization” by Peter ZeihanScience VsSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolide

13 years jail for spoofing scammer, a rogue IT security expert's Bitcoin blackmail goes wrong, and Facebook's eyewatering GDPR fine may be only the beginning of its problems. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast's Zoë Rose. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Man convicted of blackmail and other offencesEU hits Meta with record €1.2B privacy finePolice text 70,000 victims in UK's biggest anti-fraud operationiSpoof fraudster guilty of £100m scam sentenced to 13 yearsFraudster pleads guilty to £100m iSpoof scam300: Interplanetary file systems, iSpoof, and don’t delete Twitter"John Was Trying to Contact Aliens"Sleep maskBlackout blind with suction cupsJewish MatchmakingSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideCentripetal SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release...

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Vote for "Smashing Security" in the European Security Blogger Awards.Re-Victimization from Police-Auctioned Cell PhonesFraud Strategy: stopping scams and protecting the publicSpanish Police Takes Down Massive Cybercrime Ring, 40 ArrestedSocial media firms should reimburse online fraud victims, say UK bankersHow Many People Use Social Media in 2023?Scam social media quizzes dupes people into revealing personal detailsWhere are you most likely to be scammed: phone, text or social media?Major bank calls out Meta for huge rise in scams on its platformsThe Legend of Zelda: Tears of the KingdomScanSnap SV600Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideOutpost24 SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity reporter John Leyden. Plus don't miss our featured interview with Outpost24's John Stock. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Introducing Twitter Circle, a new way to Tweet to a smaller crowdTwitter Circles Is Broken, Revealing Nudes Not Meant For The General PublicInsurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payoutWhat is Hostile or Warlike?: An in-depth look at the Merck war exclusion decision and its shortfallsEurovision voting scandal: Six juries cheated and voted for each otherEurovision: MP seeks assurances contest voting will be protected from Russian threatsFears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next weekCyber security experts hope to protect Eurovision voting from possible Russian threatThe technology of the Eurovision Song ContestCyber security experts hope to protect Eurovision voting from possible Russian threatEurovision voting scandal: Six juries cheated and voted for each otherEurovision 2023: Tickets for Liverpool sell out after huge demandEurovision 2023: Hotel...

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Hackers steal emails, private messages from hookup websitesScam Interceptors‘They’re coming up with devious ways to take your money’: the TV hackers taking on the scammersDid BBC break the law by using a botnet to send spam?How a horse whisperer can help engineers build better robotsHow Scientists Are Using AI to Talk to Animals“I don’t know”, sung by 76-year-old Paul McCartney“I don’t know”, sung by AI Paul McCartneyAI makes Paul McCartney’s voice youthful“New”, sung by the AI BeatlesAI Freddie Mercury sings “Yesterday”The EvaporatedTetrisSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideOutpost24 SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on

A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava's privacy isn't so private, and a private investigator uncovers some TikTok tall tales. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Finnish therapy clinic’s CEO fired after despicable data breach and blackmail threatsLizard Squad Member: Why I Took Down Xbox and PlayStationHacker Charged With Extorting Online Psychotherapy ServiceFinland’s Most-Wanted Hacker Nabbed in FranceEx-CEO of hacked therapy clinic sentenced for failing to protect patients' session notesHackers can find your home on Strava even if you use privacy settings, researchers findIron Bianca hashtag on TikTokInvestigators warn of fake suicide scams on social media platformsHow did Iron Bianca die? Tribute Pours In As Tiktok Star Passed AwaySpill-the-Tea-007 TikTok ChannelMike Bolhius Private InvestigatorPaint trailer Bob Ross: Happy Accidents, Betrayal & GreedStar Trek: PicardThe DiplomatSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden

Graham wonders what would happen if his bouncing buttocks were captured on camera by a Tesla employee, and we take a look at canny scams connected to China's Operation Fox Hunt. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. (Oh, and when Carole mentioned Colin the Accountant as her "Pick of the Week" she really meant "Colin from Accounts". Sorry!) Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Countering Threats Posed by the Chinese Government Inside the USCriminals Pose as Chinese Authorities to Target US-based Chinese CommunityFBI: How fake Xi cops prey on Chinese nationals in the USSpecial Report: Tesla workers shared sensitive images recorded by customer cars303: Secret Roomba snaps, Christmas cab scams, and the future of AILawsuit: Tesla must be punished for “tasteless” sharing of car-camera imagesCustomer Privacy NoticeTesla hit with class action lawsuit over alleged privacy intrusionTesla About Autopilot“Wet Nellie”Device Orchestra“Smoke on the Water”, as performed by Device Orchestra“Eye of the Tiger”, as performed by Device OrchestraCabin CameraColin from AccountsSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden

Everyone's talking juice-jacking - but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn't been hacked. And Carole hosts the "AI-a-go-go or a no-no?" quiz for Dave and Graham. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Uber driver info stolen yet again: This time from law firmLetter from law firm Genova Burns to impacted Uber drivers (PDF)Tweet by FBI Denver FBI warns against using public phone charging stations'Juice Jacking': The Dangers of Public USB Charging StationsStop! Don’t charge your phone this wayThis Seemingly Normal Lightning Cable Will Leak Everything You TypeCybersecurity Myths You Might Still Believe – Debunked!China to require 'security assessment' for new AI productsCybercrime: be careful what you tell your chatbot helper…12 Jobs that AI will never replaceChatGPT Fabricates Sexual Harassment Scandal, Names Real US Law Professor As AccusedInsurable cyberattacks?UBI board gameThe Eye, The Pyramid, The Map: The Psychogeography of ‘The World According to Ubi’They Finally Let Me Into Abbey Road Studios!

An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: These Men's Rights Activists Literally Worship Elon MuskFlorida principal who sent $100K to scammer posing as Elon Musk says she was 'groomed'Florida principal resigns after sending $100K to scammer posing as Elon MuskAfroman - Will You Help Me Repair My DoorOfficial Music Video for Because I Got High performed by AfromanPolice sue rapper Afroman for using footage of home raid in his music videosAfroman ComplaintAfroman Got Raided by Cops, So He Put Them in His Music VideoAfromanAfroman sued by seven officers who raided his homeAfroman Isn’t Worried About a Police Lawsuit Over His Music VideosAfroman Cops Wrecked My Home In Raid, For Nothing ...I Need Ben Crump!!!Afroman I'm Missin' $400 In Cash After Raid... Thinks Cops Swiped ItAtlas ObscuraOak Beams, New College OxfordBeyerDynamic DT 770 PRO HeadphonesSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden

A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Tweet by Euler Finance confirming security breachEuler Finance to Offer $1M Reward as It Reels From Nearly $200M ExploitHackers stole over $500m in cryptocurrency in record-making heist, Ronin saysHacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to ProtocolPresident Biden kind of mostly bans commercial spyware from US govtUtah Law Could Curb Use of TikTok and Instagram by Children and TeensUtah’s social media for kids law could be coming to a state near youUtah Governor Spencer Cox signs a landmark social media billRRRRRR trailerRRR Naatu Naatu dance sceneBest films of 2022 in the UK, No 7: RRRHe Died with a Felafel in His HandSwarmNight of the LepusSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden

It could be a case of aCropalypse now for Google Pixel users, there's a warning for house buyers, and just why is TikTok being singled out for privacy concerns? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Stop pixelating! New tool reveals the secrets of "redacted" documentsGoogle Pixel exploit reverses edited parts of screenshotsTweet by researcher Simon AaronsaCropalypse demoSamsung 'Fake' Moon Shots Controversy Puts Computational Photography in the SpotlightAndroid phones can be hacked just by someone knowing your phone numberBBC advises staff to delete TikTok from work phonesTikTok: UK ministers banned from using Chinese-owned app on government phonesTikTok banned from official Welsh government phonesDanish public broadcaster advises staff against using TikTokCanada bans TikTok on government devicesEuropean Commission bans TikTok on staff devicesNew bill would ban TikTok in the US but it faces long oddsA Retired Teacher and Her Daughter Were Scammed Out of $200,000 Over Email: 'I'm 69 Years Old and Now I'm Broke and Homeless'Retired Colorado teacher left homeless and broke after scammers hijack house saleHomebuyers scammed out of nearly $200,000Stolen life savings Vickie and Sarah Ragle

The twisted tale of the two Teslas, and a deepfake sandwich. All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: B.C. man says he accidentally unlocked and drove someone else’s Tesla using the appA College Girl Found Deepfake Porn of Herself Online. Who Did It Shocked HerDenmark Tries to Attract Tourists Using ChatGPT, Deepfakes, and Famous PaintingsDeepfake Tools Are Made To Facilitate Harassment—So Why Are They Available in the App Store?Spot the DeepfakeSholay trailerSholay: Review of the monumental Indian epicRent or buy SholayJazz Pianist Brad Mehldau Plays The BeatlesBrad MehldauSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideDrata Support the show: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via

Scammers get pwned by a Canadian granny! Don't be seduced in a bar by an iPhone thief! And will the US Marshals be able to track down the villains who stole their data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading. Plus don’t miss our featured interview with Jason Meller of Kolide. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: They thought they could scam this Windsor grandmother of nearly $10K. She turned the tables on themCanada grandma helps stop fraud scheme targeting senior citizensA Basic iPhone Feature Helps Criminals Steal Your Entire Digital LifeRansomware attack on US Marshals Service affects ‘law enforcement sensitive information’Hackers steal sensitive law enforcement data in a breach of the U.S. Marshals Service9 millionaires and billionaires with the most bizarre spending habitsPhishing still the leading way attackers breach security controls: IBMNew White House cyber strategy picks a fight with ransomwareHappy ValleyMy 80s TVEverything Everywhere All at OnceSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideDrata

Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Wiretapping Italian police tune in to hear their secrets being soldJeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegationSilvio Berlusconi interviewed by Jeremy Paxman on BBC NewsnightProtests grow in Italy over the wiretapping of journalistsHow I Broke Into a Bank Account With an AI-Generated VoiceTikTok under investigation by Canadian privacy authoritiesThe UN's cyber crime treaty could be a privacy disasterTikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ “Check It Out” episode about nuclear war from July 1980The North-West Is Our Mother: The Story of Louis Riel's People, the Métis NationFleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too goodFleishman is in TroubleSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolide

Boyfriends who are bots, Facebook's checkmark charge, Twitter Blue, and Will Ferrell's taunt of football fans... All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Testing Meta Verified to Help Creators Establish Their PresenceAs Twitter forces users to remove text message 2FA, it’s in danger of decreasing securityA pre-match message from Will FerrellBBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter AccountReplika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren't Buying It‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too HornyReplika homepageClick and Drag1110: Click and Dragxkcd 1110: Click and Drag mapOnly Murders in the BuildingSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BitwardenKolideSecurEnvoy Support the show: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or

AI-generated voices are weaponised by online trolls, how ChatGPT reflects who we are as a society, and social media is in the firing line again. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: ‘Disrespectful to the Craft:’ Actors Say They’re Being Asked to Sign Away Their Voice to AIAI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for AbuseVideo Game Voice Actors Doxed and Harassed in Targeted AI Voice AttackChatGPT Can Be Broken by Entering These Strange Words, And Nobody Is Sure WhyMy Strange Day With Bing’s New AI ChatbotWe asked ChatGPT to write performance reviews and they are wildly sexist (and racist)How social media affects teen mental health: a missing linkCalifornia bill to let parents sue social media gets second tryHow to protect children from big tech companiesThree out of four parents say social media is a major distraction for students, according to new studyRemarks of President Joe Biden – State of the Union address as prepared for deliveryWhy the past 10 years of American life have been uniquely stupidNow Mesa public schools are also declaring that they have failed in educating their children by suing social mediaSeattle school...

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger... why are police happy that criminals keep using end-to-end encrypted messaging systems... and why is the Apple Watch being accused of crying wolf? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Plus don't miss our featured interview with SecurEnvoy's Chris Martin. Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored by: BitwardenNordLayerSecurEnvoy Episode links: Ubiquiti tells customers to change passwords after security breach“No way out” trailerUbiquiti sues journalist, alleging defamation in coverage of data breachMan charged with Ubiquiti data breach and extortion was employee assigned to investigate hackFinal Thoughts on UbiquitiFormer Employee Of Technology Company Pleads Guilty To Stealing Confidential Data And Extorting Company For RansomDutch Police Read Messages of Encrypted Messenger 'Exclu'Shock and applause for Apple Watch's chilling real-life emergency call ad911 call made from Apple Watch of Washington woman buried alive releasedApple Watch

Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Plus don't miss our featured interview with DigiCert’s Brian "PKI" Trzupek. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Artis Pabriks‘I left my partner and lost £80,000 to a fake Facebook romance’: Manchester mum’s warning over catfishing scam'I know I have been a fool but these are the things we do for love', says mum duped out of £80k by Facebook loverAmazon Warns Employees to Beware of ChatGPTChatGPT's soaring popularity has added $5 billion to the wealth of Nvidia's founder as Wall Street bets on AI boom for the chipmakerChatGPT raises red flags by acing MBA examChatGPT passes exams from law and business schoolsI asked ChatGPT how to negotiate a raise. Career coaches said I'd probably get one by following the AI chatbot's steps and scriptReal estate agents say they can’t imagine working without ChatGPT nowScience journals ban listing of ChatGPT as co-author on papersBlakes 7 BotYarnThe New Gurus PodcastSmashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Bitwarden

What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Sponsored by: BitwardenManageEngine PAM360NordLayer Episode links: The Complete Idiot's Guide to Writing Erotic RomanceThe Many Ingenious Ways People in Prison Use (Forbidden) Cell PhoneHow Did They Run an Elaborate “Sextortion” Scam From Prison? CellphonesAlarm Over Death Row Cell Phone ThreatsHow to completely own an airline in 3 easy stepsU.S. airline accidentally exposes ‘No Fly List’ on unsecured serverCyber-crime gangs' earnings slide as victims refuse to payRansomware Revenue Down As More Victims Refuse to PayLeaked Ransomware Docs Show Conti Helping Putin From the ShadowsLuxe Listings Sydney trailerLuxe Listing Sydney