SMASHING SECURITY PLUS

Get early access to the show and listen ad-free

‏١٩٫٩٩ ‏ر.ق.‏ كل شهر أو ‏١٤٩٫٩٩ ‏ر.ق.‏ كل سنة

Smashing Security

Graham Cluley

Stories from the world of hacking, cybersecurity, and rogue AI. Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity keynote speaker and industry veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle. Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

  1. This developer wanted to cheat at Roblox. It cost millions

    قبل ١٥ ساعة

    This developer wanted to cheat at Roblox. It cost millions

    A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. Meanwhile, there's a 1980s phone protocol called SS7 that lets shadowy surveillance companies track anyone, anywhere, via their mobile phone. Governments know about it. Telecoms know about it. Nobody's fixing it. All this and more in episode 465 of the "Smashing Security" podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball. Plus! Don't miss our featured interview with Rob Edmondson of CoreView, discussing how to lock down Microsoft 365 before it's too late. EPISODE LINKS: Burglar alarm biz gets burgled, ShinyHunters pursues ransom - The Register.Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers - Tom’s Hardware.Grok tells researchers pretending to be delusional ‘drive an iron nail through the mirror while reciting Psalm 91 backwards’ - The Guardian.Vercel April 2026 security incident - Vercel.App host Vercel says it was hacked and customer data stolen - TechCrunch.Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials - Hacker News.Sorry for the Nazi spam from my Twitter account - Graham Cluley.Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors - Citizen Lab.Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say - TechCrunch.The rapid rise of phone surveillance firms - The Bureau of Investigative Journalism.Please shut up about your Spotify Wrapped - The New World.Think For Yourself - Beatles Song Identification Game.Nodes: Free Connection Puzzle & Vertex Game Alternative.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Elastic – AI is transforming security operations, but security is still a data problem. Learn how context-rich data drives faster, more reliable defence.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ١ س ٥ د
  2. Rockstar got hacked. The data was junk. The secrets it revealed were not

    ٢٢ أبريل

    Rockstar got hacked. The data was junk. The secrets it revealed were not

    A company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called Internet Yiff Machine thought that sounded like a challenge, with predictable results... Meanwhile, Rockstar Games gets hacked again - and the stolen data turns out to be less embarrassing than the financial secrets it accidentally revealed. GTA Online is still making half a billion dollars a year. Red Dead Redemption is not. All this and more in episode 464 of the "Smashing Security" podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest BBC cybersecurity correspondent Joe Tidy. Plus! Don't miss our featured interview with Ryan Benson of Meter. EPISODE LINKS: Grinex exchange blames "Western intelligence" for $13.7M crypto hack - Bleeping Computer.Are Former Black Basta Affiliates Automating Executive Targeting? - Reliaquest.Apple is working on passcode bug locking out iPhone users - The Register.Hackers who stole crime tip records offering data cache for $10k - San.P3 Advertised 20+ Years and 0 Security Breaches. You Can Guess What Happened Next - Databreaches.net.Portland police urge residents to avoid Crime Stoppers following hack - San.GTA-maker Rockstar Games hacked again but downplays impact - BBC News.Rockstar hackers release their stolen data, reveal that Rockstar was right to not pay them anything for it - PC Gamer.XCancel.”We Are Anonymous” by Parmy Olson - Penguin.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Elastic – AI is transforming security operations, but security is still a data problem. Learn how context-rich data drives faster, more reliable defence.Meter – Network infrastructure for the enterprise. Get a free personalised demo.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٥١ د
  3. This AI company leaked its own code. It's also built something terrifying

    ١٥ أبريل

    This AI company leaked its own code. It's also built something terrifying

    A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600. Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way, they've also just revealed they've built an AI model called Mythos that can find and chain together software vulnerabilities faster than any human. Sleep well. All this and more in episode 463 of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, joined this week by special guest Tanya Janca. EPISODE LINKS: Booking.com warns customers of hack that exposed their data - The Guardian.GTA-maker Rockstar Games hacked again but downplays impact - BBC News.Meta removes ads for social media addiction litigation - Axios.Hackers claim control over Venice San Marco anti-flood pumps - Security Affairs.Venezia, attacco hacker al sistema di pompe che difende piazza San Marco dall'acqua: «Abbiamo i codici, possiamo disattivarlo» - Corriere del Veneto. Digging into the Claude Code source - Dave Schumaker’s write-up of Anthropic leaking data in February 2025.Anthropic goes nude, exposes Claude Code source by accident - The Register.Assessing Claude Mythos Preview’s cybersecurity capabilities - Anthropic.Smashing Security transcripts!Shrinking - Apple TV. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Meter - Network infrastructure for the enterprise. Get a free personalised demo.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٥١ د
  4. LinkedIn is spying on you, and you agreed to nothing

    ٨ أبريل

    LinkedIn is spying on you, and you agreed to nothing

    LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you're job hunting, what religion you are, and whether you have ADHD. And none of this is mentioned anywhere in their privacy policy. Meanwhile, California's crypto millionaires are learning that no amount of encryption can protect you from someone who knocks on your door pretending to deliver a pizza. All this and more in episode 462 of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, joined this week by special guest Dave Bittner. EPISODE LINKS: Russian government hackers broke into thousands of home routers to steal passwords - TechCrunch.Refusal to Give the Government Passwords to Personal Mobile Device Criminalized in Hong Kong - US Consulate in Hong Kong."I didn't think millions would see this..." Russians are calling each other through a cat feeder - GUBDaily.BrowserGate.Scanned extensions database - BrowserGate.LinkedIn secretly scans for 6,000+ Chrome extensions, collects data - Bleeping Computer.Translate into LinkedIn speak - Kagi.Security - xkcd.Wealthy California crypto holders targeted in violent ‘wrench attacks’ - KTLA 5.Lost Doctor Who episodes to be released this week - BBC News.Doctor Who: The Daleks’ Master Plan - The Nightmare Begins - BBC iPlayer.Doctor Who: The Daleks’ Master Plan - Devil’s Planet - BBC iPlayer.Milton Bradley Grandmaster Robotic Chess Computer - YouTube.Robot Chess - One-armed gambit - Techmoan on YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: ESET - 30 years of threat research behind unique global telemetry, AI-native technology, and human expertise working together to keep your business protected.Meter - Network infrastructure for the enterprise. Get a free personalised demo.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٤٢ د
  5. This man hid $400 million in a fishing rod. Then it vanished

    ١ أبريل

    This man hid $400 million in a fishing rod. Then it vanished

    A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. There's just one small problem: the access codes were tucked inside his fishing rod case, which has mysteriously vanished. Or has it? Because this week, one of his frozen wallets suddenly woke up and moved $35 million - and someone had to identify themselves to do it. Meanwhile, Ajax Football Club scores a spectacular cyber own-goal, as a data breach that the club claimed affected "a few hundred" fans turns out to may have exposed the personal details of 300,000 supporters - along with the ability to steal match tickets and quietly remove people from the stadium ban list. All this and much more in episode 461 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, joined this week by special guest journalist Danny Palmer. EPISODE LINKS: Iran-linked hackers breach FBI director's personal email, publish photos and documents - Reuters.Windows PCs crash three times as often as Macs, report says - TechSpot.Wife used CCTV to steal $176M of husband’s crypto, UK court told - Coin Telegraph.Gardaí open €30m bitcoin virtual wallet, first of 12 accessed since seizure in 2019 - Irish Times.Irish Drug Dealer’s Lost BTC Stack Worth $400m Has Woken Up - Arkham.Ajax FC data breach exposes 300,000 fans, hacker steals tickets an stadium ban details - Cybernews.Small Prophets - BBC iPlayer.RPG Taverns - Dungeons and Dragons tavern in London.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.Meter - Network infrastructure for the enterprise. Get a free personalised demo.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٤٦ د
  6. Never knock on the door of a nuclear submarine base and ask for a selfie

    ٢٦ مارس

    Never knock on the door of a nuclear submarine base and ask for a selfie

    A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from a company called "Loot." Meanwhile, two people drive up to the entrance of the UK's nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between? Plus: Female Muslim punk rock group, and a little red book that might save your sanity in a post-truth world. All this and more in episode 460 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe. EPISODE LINKS: A Top Google Search Result for Claude Plugins Was Planted by Hackers - 404 Media.Iowa-based Intoxalock cyberattack disrupts calibration service for interlock users - DysruptionHub.China hacker group leaks $7M crypto theft operation targeting wallet supply chains​ - Crypto News.Federal Jury Convicts Charlotte Man For Cyber Extortion Scheme That Targeted International Technology Company - DOJ.Iranian and Romanian charged after allegedly trying to enter UK nuclear naval base - Sky News.LadyParts - Spotify.On Disinformation: How to Fight for Truth and Protect Democracy - Lee McIntyre.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Meter - Network infrastructure for the enterprise. Get a free personalised demo. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٤١ د
  7. This clever scam nearly hijacked a tech CEO's Apple ID

    ١٩ مارس

    This clever scam nearly hijacked a tech CEO's Apple ID

    In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg - involving MFA fatigue, real Apple alerts, a convincing support call, and a phishing page that oh-so-nearly worked. If a famous techie could have this happen to you, can you be sure you're immune? Plus: would you donate your lifetime medical history to science if you were promised anonymity? We unpack serious concerns around UK Biobank, where “de-identified” data may not be as anonymous as you think — and how surprisingly little information it takes to reveal everything. And! Human-powered “AI”, and a punishment worse than prison: eight hours on the RSA expo floor... All this, and much more, in episode 459 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Paul Ducklin. EPISODE LINKS: DOGE employee stole Social Security data and put it on a thumb drive, report says - TechCrunch.Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show - Reuters.New font-rendering trick hides malicious commands from AI tools - Bleeping Computer.Lockdown Mode - Apple support.Gone (Almost) Phishin’ - Matt Mullenweg.Listen to the Live Scam Call Targeting Matt Mullenweg’s Apple Account - YouTube.Confidential health records from UK BioBank project exposed online - The Guardian.A message from Professor Sir Rory Collins, Chief Executive and Principal Investigator of UK Biobank - UK BioBank.Psychotherapy data breach blackmailer sent to prison - Paul Ducklin.Your AI slop bores me.Post by Vaughan Shanks - LinkedIn.Judge Sentences CISO to 8 Consecutive Hours on RSA Expo Floor as Formal Punishment for Security Breach - The Exploit.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Adaptive Security - request a custom demo featuring a real CEO deepfake simulation.Meter - Network infrastructure for the enterprise. Get a free personalised demo. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٥٥ د
  8. How not to steal $46 million from the US government

    ١٢ مارس

    How not to steal $46 million from the US government

    A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call. Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick. All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard. EPISODE LINKS: Major data leak forum dismantled in global action against cybercrime forum - Europol.Ericsson blames vendor vishing slip-up for breach exposing thousands of records - The Register.How hackers bypassed MFA with a $120 phishing kit – until law enforcement  shut them down - Hot for Security.Wikipedia hit by self-propagating JavaScript worm that vandalized pages - Bleeping Computer.FBI arrests crypto thief accused of stealing $46 million from seized government wallet - Tom’s Hardware.Twitter thread by ZachXBT about John Daghita’s arrest - Twitter.Asterix - Wikipedia.Robin Hobb.The Complete Farseer trilogy - Harper Collins.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.Meter - Network infrastructure for the enterprise. Get a free personalised demo. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. Privacy & Opt-Out: https://redcircle.com/privacy

    ٤١ د
مشاهدة الكل (٤٧٧)

مقطع ترويجي

المضيفون والضيوف

حول

Stories from the world of hacking, cybersecurity, and rogue AI. Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity keynote speaker and industry veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle. Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

المعلومات

  • صناع العمل
    Graham Cluley
  • سنوات النشاط
    ٢٠١٧ - ٢٠٢٦
  • الحلقات
    ٤٧٧
  • التقييم
    ملائم
  • حقوق النشر
    © Graham Cluley
  • موقع البرنامج على الويب
    Smashing Security
  • المزود
    Graham Cluley

قد يعجبك أيضًا