Smashing Security

Graham Cluley & Carole Theriault
Smashing Security
SMASHING SECURITY+

Get early access to the show and listen ad-free

US$4.99/month or US$39.99/year

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

  1. 2 DAYS AGO

    Digital arrest scams and stream-jacking

    In our latest episode we discuss how a woman hid under the bed after scammers told her she was under "digital arrest", how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 'You are under digital arrest': Inside a scam looting millions from Indians - BBC News.Digital Arrest Scam: How You Can Stay Safe - YouTube.Tamil Nadu Professor Placed Under Digital Arrest, Duped of Rs 10 Lakh - YouTube.'Mann Ki Baat' episode 115 - India Prime Minister Narendra Modi.“My YouTube Channel Got Deleted Last Night..” - Bitz on YouTube.NCA shuts down major fraud platform responsible for 1.8 million scam calls - National Crime Agency.O2 launches free anti-scam caller identification for millions of customers - O2. AI Scambaiters: O2 creates AI Granny to waste scammers’ time - YouTube.“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams - Guardio.Graham Cluley on Bluesky.Maria Varmazis on Bluesky.Dan Da Dan - Netflix.Butter by Asako Yuzuki - Harper Collins.'Butter' book review: Meditations on murders - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation…...

    45 min
  2. 14 NOV

    Who needs a laptop to hack when you have a Firestick?

    Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil's COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he was placed under police protection... in a Travelodge outside Oxford. Plus Bengal cat lovers in Australia should be on their guard, as your furry feline friends might be leading you into a dangerous trap., and there's yet more headaches for troubled 23andMe. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford. Plus don't miss our featured interview with Paul Fryer from BlackBerry. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: FBI issues warning as crooks ramp up emergency data request scams - The Register.Optimistic father of LAPSUS$ hacking suspect says he’s going to try to stop him using computers - Graham Cluley.LAPSUS$: GTA 6 hacker handed indefinite hospital order - BBC News.This Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him - Wall Street Journal.Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign - Sophos.Struggling DNA-testing site 23andMe to lay off 40% of its workers - BBC News.Remember That DNA You Gave 23andMe? - The Atlantic.Big Pharma Would Like Your DNA - The Atlantic.Addressing Data Security Concerns - Action Plan - 23andMe Blog.YTCH - YouTube-like cable TV.Space: 1999 opening titles - YouTube.Space: 1999 - Wikipedia.Wicked movie: Mattel 'deeply regrets' porn site misprint on dolls - BBC News.The Wicked Movie - Official Wicked Movie site.Mattel's 'Wicked' Movie Dolls Mistakenly List Porn Site on Packaging - Variety.Smashing Security merchandise (t-shirts, mugs,...

    1h 3m
  3. 7 NOV

    Pasta spies and private eyes, and are you applying for a ghost job?

    Mamma Mia! A major hacking scandal in Italy has expanded to include alleged involvement from Israel and the Vatican, and just why are companies advertising jobs that don't exist? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Massive hack-for-hire scandal rocks Italian political elites - Politico.Dossieraggi, i contatti con il Mossad e i dati passati al Vaticano. “Aiutiamo la Chiesa contro la Russia o no?” - La Repubblica.That position you just applied for might be a 'ghost job' that'll never be filled - The Register.Ghost jobs: why do 40% of companies advertise positions that don’t exist? - The Guardian.Job boards are still rife with 'ghost jobs'. What's the point? - BBC.How To Spot Ghost Jobs And Make Your Job Search More Efficient - Forbes.What Are Ghost Jobs and How Can You Avoid Them? - Tech.coThat job you applied for might not exist. Here's what's behind a boom in "ghost jobs." - CBS News.The Coming Storm - BBC Radio 4.Things fell apart - BBC Sounds.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Flashpoint - Access the industry’s best threat data and intelligence. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or a href="https://apple.co/2J1YMCu"...

    31 min
  4. 31 OCT

    The secret Strava service, deepfakes, and crocodiles

    In this week's episode your hosts practice standing on one leg, Carole gives Graham a deepfake quiz, and we investigate how Strava may be exposing the movements of world leaders. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Smashing Security #063: Carole’s back.Privacy of fitness tracking apps in the spotlight after soldiers' exercise routes shared online - We Live Security.Smashing Security #330: Deepfake Martin Lewis, and a deadly jog in the park.How Emmanuel Macron can be tracked - Le Monde.How Emmanuel Macron can be tracked - YouTube.The Pentagon Wants to Use AI to Create Deepfake Internet Users - Intercept.Is AI eroding democracy ahead of the US election? - BBC News.Fooled twice: People cannot detect deepfakes but think they can - PMC.Detect Fakes - Kellogg Northwestern.DON'T LET AI STEAL YOUR VOTE! - YouTube.Deepfakes fool more than half of Americans, UVU study shows - KLS News radio.Crocodiles Of The World.Here's How Long You Should Be Able To Stand On 1 Leg By Age - Huffington Post.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us...

    35 min
  5. 24 OCT

    When security firms get hacked, and your new North Korean remote worker

    The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: SolarWinds Sunburst supply chain attack - Wikipedia.Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.Watch “Undercover: Exposing the Far Right” - Channel 4.Undercover film exposing UK far-right activists pulled from London festival - The Guardian.Kermode and Mayo’s Take - YouTube.The Fear of God: 25 Years of the Exorcist – BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000...

    31 min
  6. 17 OCT

    WordPress vs WP Engine, and the Internet Archive is down

    WordPress's emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: WP Engine is not WordPress - WordPress.Secure Custom Fields - ​​WordPress.Tweet from Advanced Custom Fields.Advisory: Advanced Custom Fields changes - Tim Nash.WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly - The Register.Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer.The Internet Archive is still down but will return in ‘days, not weeks’ - The Verge.Dimsdale podcasts - OTR radio drama comedy and more.Jeff Goldblum’s furiously fun Greek gods drama is a masterpiece - The Guardian.KAOS - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Flashpoint - Access the industry’s best threat data and intelligence. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed! FOLLOW US: Follow us on

    38 min
  7. 10 OCT

    Vacuum cleaner voyeur, and pepperoni pact blocks payout

    Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner might be spying on you, and ordering a pizza could cost you your right to sue. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: We hacked a robot vacuum — and could watch live through its camera - ABC News.Their Uber Driver Crashed. A Pizza Order Unraveled Their Injury Lawsuit - NY Times.A court blocks a couple from suing Uber over a crash, citing terms and conditions - NPR.Taken for a Ride: Parents Can't Sue Uber Over Crash After Daughter's Uber Eats Order - Law.incNew Jersey Court Bars Uber Crash Victims from Lawsuit, Citing App Agreement - The Legal Journal.Couple Seriously Injured in Uber Crash Blocked From Court by Uber Eats Terms - The Insurance Journal.Disney axes bid to stop wrongful death lawsuit over Disney+ terms - BBC.Sherwood - BBC iPlayer.Chocolate Guinness Cake - Nigella.The Best Banana Cake I've Ever Had - Sally's Baking Addiction.My Favorite Carrot Cake Recipe - Sally's Baking Addiction.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener noreferrer"...

    40 min
  8. 3 OCT

    Breaches in your genes, and Kaspersky switcheroo raises a red flag

    From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice.Sophos punts anti-virus for Klingons - The Register.Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury.Kaspersky says Uncle Sam snubbed its verification proposal - The Register.Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV  - PC Mag. Kaspersky software replaced by 'UltraAV' on some US PCs -   The Register.Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky.US bans Kaspersky antivirus software for alleged Russian links - BBC News.Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security.MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database.100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing

    33 min

About

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.

Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada