254 episodes

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...
Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over six million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.
Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Smashing Security Graham Cluley, Carole Theriault

    • Technology
    • 4.8 • 4 Ratings

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...
Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over six million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.
Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

    253: Cybercrime unicorns, HVAC hacks, and NFT piracy - with Mikko Hyppönen

    253: Cybercrime unicorns, HVAC hacks, and NFT piracy - with Mikko Hyppönen

    Heating systems are left vulnerable to attack in the high courts, cybercrime unicorns have become a reality (but what are they?), over 15 Terabytes of NFTs are made available for anyone to download ... and Carole reveals her Pick of the Year.


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen.


    Visit https://www.smashingsecurity.com/253 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Mikko Hyppönen.
    Sponsored By:
    Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...

    Listeners who mail in referencing Smashing Security get a 10% discount on their order!Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.

    Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform.

    Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.

    Learn more and request a demo at perimeter81.com1Password: 1Password 8 for Windows has been reimagined to feel right at home on the world's most popular desktop operating system.

    From Dark Mode and passwordless integration to smart search and secure item sharing, 1Password 8 is the new home for your digital life.

    Productivity improvements, enhanced security and privacy features, and a modern design deliver a first-class experience that offers the best of Windows 11.

    1Password 8 for Windows helps you manage, remember, and protect your sensitive information more easily and securely than ever before.

    Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing Security
    Links:
    Royal Courts of Justice HVAC systems had unsecured Wi-Fi AP — The Register.Tweet by Tristan Kirk, court correspondent of the London Evening Standard.Target Hackers Broke in Via HVAC Company — Brian Krebs.Former Security Guard Who Hacked Into Hospital’s Computer System Sentenced to 110 Months in Federal Prison — FBI.Video by Jesse McGraw (aka "PhantomExodizzmo") — YouTube.Cybercrime Unicorns: How Hackers Are Building Empires That Rival Tech's Most Sophisticated, Highly Valued Startups — International Business Times.Will we see a cybercrime unicorn? — Comic strip featuring Mikko Hyppönen.'Piracy' website offers NFT art as free downloads — BBC News.Someone Made a Pirate Bay for NFTs — Motherboard.The NFT Bay.NFTs are causing chaos in online artist communities — Polygon.Think cryptocurrency is bad? NFTs are even worse — Mashable.MailMate.The Ted Dabney Experience — Podcast about vintage video games.Ruben Brandt, Collector — IMDB.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 48 min
    252: Hotel hacks, workplace spies, and the FBI

    252: Hotel hacks, workplace spies, and the FBI

    Booking.com got hacked five years ago, and didn't tell its customers... but now we know who might have been behind it. Bossware rears its ugly head again in the workplace, spying on employees. And did you receive a warning email from the FBI?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the "Power Corrupts" podcast.


    Plus we have a featured interview with Perimeter 81 co-founder and CEO Amit Bareket.


    Visit https://www.smashingsecurity.com/252 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guests: Amit Bareket and Brian Klaas.
    Sponsored By:
    Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.

    Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform.

    Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.

    Learn more and request a demo at perimeter81.comQualys: Qualys was one of the first SaaS security companies, and delivers continuous, critical security intelligence via its Qualys Cloud Platform and integrated Cloud Apps.

    Its powerful solutions empower organisations to streamline and consolidate their security and compliance solutions in a single platform and achieve greater business agility, better outcomes and substantial cost savings.

    Qualys recently announced three new solutions designed to address today’s challenges faced by enterprises: Ransomware Risk Assessment, Cybersecurity Asset Management, and Zero Touch Patch Management.

    Learn more at qualys.com
    1Password: 1Password 8 for Windows has been reimagined to feel right at home on the world's most popular desktop operating system.

    From Dark Mode and passwordless integration to smart search and secure item sharing, 1Password 8 is the new home for your digital life.

    Productivity improvements, enhanced security and privacy features, and a modern design deliver a first-class experience that offers the best of Windows 11.

    1Password 8 for Windows helps you manage, remember, and protect your sensitive information more easily and securely than ever before.

    Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing Security
    Links:
    American spy hacked Booking.com, company stayed silent — NRC.Booking.com was reportedly hacked by a US intel agency but never told customers — Ars Technica.Dutch newspaper links Booking.com break-in to US spy groups — The Register.Belgium’s largest telecoms company says it was hacked — Graham Cluley.GCHQ “infected Belgium’s largest telecom company with spyware” — Graham Cluley.Is your company secretly monitoring your work at home? — Los Angeles Times.School janitor says she was fired for not installing smartphone tracking app — Graham Cluley.Hawaii’s ballistic missile false alarm and a user interface failure — Graham Cluley.FBI system hacked to email 'urgent' warning about fake cyberattacks — Bleeping Computer.Hoax Email Blast Abused Poor Coding in FBI Website — Krebs on Security.Vinny Troia's website.FBI Statement on Incident Involving Fake Emails — FBI.What is Trailmakers? — YouTube.Trailmake

    • 1 hr 1 min
    251: PrawnHub, Tesla recall, and IoT luggage

    251: PrawnHub, Tesla recall, and IoT luggage

    Fishing fanatics find themselves in deep water, Teslas go haywire after an update, and is there actually some good news about IoT?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ken Munro.


    Visit https://www.smashingsecurity.com/251 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Ken Munro.
    Sponsored By:
    1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.

    Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.

    Work securely from home or in the office. 1Password allows secure access to logins and important resources anywhere you work.

    Instantly deploy, grant and revoke access to shared vaults. You can securely add new team members and recover locked-out user accounts.

    Find out more and try 1Password free for 14 days at 1Password.comQualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.

    Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career.

    To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegasSupport Smashing Security
    Links:
    Notice of a cyber security incident — Announcement from Angling Direct on London Stock Exchange.Angling Direct: Criminals net website of UK fishing site — The Register.Tweet from user of Angling Direct. — Twitter.Tweet by Angling Direct customer — Twitter.Internet-connected radio equipment and wearable radio equipment — European Commission.Internet of Things Cybersecurity Improvement Act of 2020 — US LIbrary of Congress.Information privacy: connected devices — Californian senate bill.Tesla Full Self-Driving recall came amid increased regulatory scrutiny - The Washington Post — Washington Post.Tesla recalls nearly 12,000 U.S. vehicles over software communication error — Reuters.The World of the Unknown series of books: UFOs, Ghosts, and Monsters — Usborne.World of the Unknown UFOs trailer — YouTube.Airwheel SR5 Intelligent Suitcase.Hijacking smart luggage — Pen Test Partners.AeroPress Coffee Maker.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 41 min
    250: Yes, you heard that correctly. Two hundred and fifty

    250: Yes, you heard that correctly. Two hundred and fifty

    A game about Squid Game pulls the rug from under cryptocurrency investors in what appears to be a scam, PayPal hackers use a devious trick to break into 2FA-protected accounts, and have you received a job offer that's too good to be true?


    All this and much much more is discussed in this celebratory edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dr Jessica Barker.


    Plus don't miss our featured interview with the CEO and president of Qualys, Sumedh Thakar.


    Oh, and huge thanks to Darknet Diaries' Jack Rhysider, F-Secure's Mikko Hyppönen, The Cyberwire's Dave Bittner, and Host Unknown's Andrew Agnês, Thom Langford, and Javvad Malik for their special contributions to this episode.


    Visit https://www.smashingsecurity.com/250 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guests: Andrew Agnês, Dave Bittner, Jack Rhysider, Javvad Malik, Jessica Barker, Mikko Hyppönen, Sumedh Thakar, and Thom Langford.
    Sponsored By:
    Qualys: Qualys Security Conference 2021 is taking place in Las Vegas November 15-18 2021, and you can attend either in person or online.

    Hear from experts such as Chris Krebs, former Director of the DHS & CISA, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career.

    To learn more about attending the Qualys Security Conference 2021 in person or online visit smashingsecurity.com/qualyslasvegas1Password: From start-up to enterprise, 1Password makes it easy for your team to store, generate and share strong passwords. The less time you need to spend dealing with hacks, phishing scams, and lost passwords, the better.

    Not just for IT and Security teams – all kinds of teams like Finance, HR, Legal, and Marketing can also store and share business credit cards, sensitive documents and shared logins in 1Password.

    Work securely from home or in the office. 1Password allows secure access to logins and important resources anywhere you work.

    Instantly deploy, grant and revoke access to shared vaults. You can securely add new team members and recover locked-out user accounts.

    Find out more and try 1Password free for 14 days at 1Password.comSupport Smashing Security
    Links:
    Squid Game cryptocurrency rockets in first few days of trading — BBC News.Squid Game crypto token collapses in apparent scam — BBC News.'I Lost Everything': How Squid Game Token Collapsed — CoinMarketCap.Squid Game Cryptocurrency Scammers Make Off With $3.3 Million — Gizmodo.The Booming Underground Market for Bots That Steal Your 2FA Codes — Vice.Scammers Are Using Fake Job Ads to Steal People’s Identities — ProPublica.FBI Warns Cyber Criminals Are Using Fake Job Listings to Target Applicants’ Personally Identifiable Information — FBI.Don’t let job scams block your path forward — FTC Consumer Information.Pit — Wikipedia.Pit game description — Board Game Geek.Metal Shop Masters — Netflix.Metal Shop Masters trailer — YouTube.Techjunkie Tools.15 Secret Websites — Alphr.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

    • 1 hr 1 min
    249: Devious licks, Netflix, and sensitive hackers

    249: Devious licks, Netflix, and sensitive hackers

    Ransomware attackers have got hurt feelings, what does Netflix know about you, and why are schoolkids stealing lavatory seats?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by 1Password's Matt Davey from the "Random but Memorable" podcast.


    Visit https://www.smashingsecurity.com/249 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Matt Davey.
    Sponsored By:
    Thinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...

    Listeners who mail in referencing Smashing Security get a 10% discount on their order!1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.

    Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.

    Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.

    Visit 1Password University for free online security resources, made for everyone.Support Smashing Security
    Links:
    Governments turn tables on ransomware gang REvil by pushing it offline — Reuters.REvil ransomware - what you need to know about the criminal enterprise — Tripwire.REvil ransomware rampages following Kaseya supply-chain attack — Graham Cluley.Meat supplier JBS probed after paying $11 million ransom to attackers. US Congress has a beef with those who pay ransoms to cybercriminals — Graham Cluley.Hitting the BlackMatter gang where it hurts: In the wallet — Emsisoft.Ransomware gang outraged at “bandit-mugging behavior of the United States” after REvil group pushed offline — Graham Cluley.All the ways Netflix tracks you and what you watch — Wired.The inside story of Bandersnatch, the weirdest Black Mirror episode yet — Wired.Netflix’s Secret Special Algorithm Is a Human — The New Yorker.Why Netflix Might Run Ads: Analysts See $1 Billion Revenue Upside — Variety.Devious Licks Trend — Know Your Meme.TikTok's 'devious licks' challenge source of destruction in Summit County schools, businesses — MSN.TikTok Bans 'Devious Licks' Trend Which Saw High School Students Arrested — Newsweek.TikTok to be in congressional hotseat over school-trashing content — Reuters.Kid destroys printer for TikTok in front of his parents — Reddit.To combat all the devious licks, we are now met with angelic yields — TikTok.Woodmere Avenue Width Restriction Crashes Compilation — YouTube.Woodmere Avenue Crashes YouTube channel.Moment 11 vehicles including a police van smash into steel post in just four weeks — Daily Mail.Jon Richardson & The Futurenauts podcast.Dead Air podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

    • 47 min
    248: Press F12 to hack

    248: Press F12 to hack

    A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place for facial recognition?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.


    Visit https://www.smashingsecurity.com/248 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Dave Bittner.
    Sponsored By:
    1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.

    Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.

    Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.

    Visit 1Password University for free online security resources, made for everyone.Support Smashing Security
    Links:
    Missouri teachers’ Social Security numbers at risk on state agency’s website — St Louis Post-Despatch.Missouri governor vows criminal prosecution of reporter who found flaw in state website — Missouri Independent.State of Missouri Addresses Data Vulnerability — State of Missouri Office of Administration press release.Governor Parson Press Conference MO Education Website Hack — YouTube.Doctor set for £100k pay-out after judge ruled neighbour's Ring doorbell cameras breached privacy — Daily Mail.The pandemic is testing the limits of face recognition — MIT Technology Review.ICO to step in after schools use facial recognition to speed up lunch queue — The Guardian.The most sassy bride in history of Married At First Sight Australia — YouTube.Married at First Sight Australia — All 4. (Series 6 is the one to watch, according to Graham)Dark Air with Terry Carnation — Audioboom.Vigil — BBC iPlayer.Art Bell — Wikipedia.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

    • 45 min

Customer Reviews

4.8 out of 5
4 Ratings

4 Ratings

ref_rdf ,

Smashingly amusing time

This is a podcast that supplies reasons to laugh rather than an in depth analysis of an issue. A very good way to introduce people outside the tech industry to cyber security. If I need some light and breezy morning-y show to make my ride pleasant, this is definitely it.

Top Podcasts In Technology

You Might Also Like