SMASHING SECURITY PLUS

Get early access to the show and listen ad-free

SAR 19.99/month or SAR 179.99/year

Smashing Security

Graham Cluley

Stories from the world of hacking, cybersecurity, and rogue AI. Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle. Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

  1. How to scam someone in seven days

    8 HR AGO

    How to scam someone in seven days

    Romance scammers have apparently discovered astrology... and Taurus is their secret weapon. In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto. Then Lesley "hacks4pancakes" Carhart delivers a reality check on the dire cybersecurity jobs market for juniors: why entry-level roles are evaporating, how automated CV screening is chewing candidates up, and what hopeful newcomers (and weary veterans) can do about it. Plus, Graham talks to ThreatLocker CEO Danny Jenkins about why misconfigurations are behind an uncomfortable number of breaches, how default-deny security actually works in practice, and why detecting attacks after they’ve started is already too late. All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Lesley Carhart. EPISODE LINKS: Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet - Hackread.Ilya Lichtenstein, Bitcoin hacker behind massive crypto theft, credits Trump for early prison release - CNBC.How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection - Securonix.A scammer's guide: How cybercriminals plot to rob a target in a week - Reuters.Game of Wool: Britian’s Best Knitter - Channel 4.Game of Wool trailer - YouTube.Earthrise One: Melbourne's Premier Sci-Fi Escape Room Adventure.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.Meter - Network infrastructure for the enterprise. Get a free personalised demo. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    1h 1m
  2. The Kindle that got pwned

    18/12/2025

    The Kindle that got pwned

    Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card. Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each. And because it's the last show before the Christmas break, there's also a Pick of the Week that veers from cosy rom-com comfort to pointy-polygon nostalgia.  All this, and more, in episode 448 of the "Smashing Security" podcast with Graham Cluley, and special guest Danny Palmer. 🎅 🎄 Thanks to everyone for listening to "Smashing Security" during 2025 - we look forward to being back in your ear'oles in early January. Stay safe! 🎅 🎄 EPISODE LINKS: Password manager provider fined £1.2m by ICO for data breach affecting up to 1.6 million people in the UK - ICO.Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg.Russian ban on Roblox gaming platform sparks rare protest - Reuters.Once upon an exploit: how fake audiobook led to Kindle takeover - Cybernews.Four years later, Irish health service offers €750 to victims of ransomware attack - Bitdefender.When Harry Met Sally - Wikipedia.When Harry Met Sally trailer - YouTube.Tomb Raider 1-3 Remastered review - you were never going to smooth these games out - Eurogamer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    37 min
  3. Grok the stalker, the Louvre heist, and Microsoft 365 mayhem

    11/12/2025

    Grok the stalker, the Louvre heist, and Microsoft 365 mayhem

    On this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily doxxing real people, mapping out stalking "strategies," and handing out revenge-porn tips. Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the French crown jewels in broad daylight, exploiting our assumptions about what "looks normal" - the same kind of bias we’re now baking into security AIs. Plus, Graham chats with Rob Edmondson from CoreView about why misconfigurations and over-privileged accounts can make Microsoft 365 dangerously vulnerable. All this, and more, in episode 447 of the "Smashing Security" podcast with Graham Cluley, and special guest Jenny Radcliffe. EPISODE LINKS: Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware - The Record.US Posts $10 Million Bounty for Iranian Hackers - Security Week.Infostealer has entered the chat - Kaspersky.Dave Portnoy posts a photo of his lawn (including a manatee-shaped mailbox) - Twitter.Elon Musk’s Grok AI Is Doxxing Home Addresses of Everyday People - Futurism.Elon Musk’s Grok Is Providing Extremely Detailed and Creepy Instructions for Stalking - Futurism.How the Louvre thieves exploited human psychology to avoid suspicion – and what it reveals about AI - The Conversation.Outrageous (TV series) - Wikipedia.Outrageous trailer - YouTube.Man charged with theft after allegedly swallowing Fabergé pendant in jewellery store - The Guardian.Free Microsoft 365 Tenant Security Scanner - CoreView.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.CoreView - Benchmark your Microsoft 365 tenant security against the Center for Internet Security (CIS) controls.  SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    56 min
  4. A hacker doxxes himself, and social engineering-as-a-service

    04/12/2025

    A hacker doxxes himself, and social engineering-as-a-service

    A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer... and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime – and how next year could be even nastier than 2025. Plus, Graham rants about recipe sites that won’t shut up, and there's even more love for Lily Allen's album "West End Girl" album. All this and more is discussed in episode 446 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Rik Ferguson. EPISODE LINKS: Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin - The Register.4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign - Koi.Uncovering a Calendly-themed phishing campaign targeting business ad manager accounts - Push Security.Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ - Krebs on Security.Jonathan Ross email goof highlights Twitter security issue - Graham Cluley.VIDEO: Mark Zuckerberg’s password choices are dadada-dumb! - Graham Cluley.Password to Louvre’s video surveillance system was 'Louvre', according to employee - ABC News.Just the Recipe.West End Girl - Wikipedia.West End Girl - Spotify.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: 1Password - Take the first step to better security by securing your team’s credentials.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    45 min
  5. The hack that brought back the zombie apocalypse

    27/11/2025

    The hack that brought back the zombie apocalypse

    America's airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts. Meanwhile, we look at how a worker at a cybersecurity firm allegedly leaked internal information to a hacking gang - raising big questions about insider threats. Plus: Frankenstein on Netflix, Vine nostalgia, and why Barney the Dinosaur may be the true criminal mastermind behind it all. All this and more is discussed in episode 445 of the “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Dan Raywood. EPISODE LINKS: Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix - Acronis.Tokyo Court Finds Cloudflare Liable For Manga Piracy in Long-Running Lawsuit - TorrentFreak.Former Google chief accused of spying on employees through account ‘backdoor’ - LA Times.Bogus zombie apocalypse warnings undermine US emergency alert system - Ars Technica.2013 EAS Zombie Hoax - Emergency Alert System Wiki.The 1987 Max Headroom incident - YouTube.Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings - Ars Technica.ESPN 97.5 Houston Victim Of Barix Hack - Radio Insight.ESPN Houston apologises to viewers - Facebook.CrowdStrike fires ‘suspicious insider’ who passed information to hackers - TechCrunch.Frankenstein official trailer - YouTube.Frankenstein - Netflix.Vine: Six Seconds that changed the world - Global Player.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    41 min
  6. We’re sorry. Wait, did a company actually say that?

    20/11/2025

    We’re sorry. Wait, did a company actually say that?

    Stop the press - a company has actually said "sorry" after a data breach, and hotels are helping hackers phish their own guests. In episode 444 of "Smashing Security" we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning. And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career. All this and more is discussed in episode 444 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard. Plus - don't miss our featured interview with Snehal Antani from Horizon3.ai! EPISODE LINKS: A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers - Wired.British hacker must repay £4m after hijacking celebrity Twitter accounts - BBC News.Cloudflare experiences a massive outage - LifeHacker.Protecting our Merchants: Standing up to Extortion - Checkout.A miracle: A company says sorry after a cyber attack - and donates the ransom to cybersecurity research - Hot for Security.Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware - The Hacker News.Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests - Akamai.Doctor Who Animation: Daleks' Master Plan - The Nightmare Begins. Part 1 - YouTube.Doctor Who Animation: Daleks' Master Plan - The Nightmare Begins. Part 2 - YouTube.Being Eddie - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    55 min
  7. Tinder’s camera roll and the Buffett deepfake

    13/11/2025

    Tinder’s camera roll and the Buffett deepfake

    Tinder has got a plan to rummage through your camera roll, and Warren Buffett keeps popping up in convincing deepfakes dishing "number one investment tips." Meanwhile, will agentic AI replace your co-hosts before you can say "EDR for robots"? and why you should still read books. All this, plus Lily Allen's new album and Claude Code come up for discussion in episode 443 of the "Smashing Security" podcast, with special guest Ron Eddings. EPISODE LINKS: ‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones - TechCrunch.Cyber insurers paid out over twice as much for UK ransomware attacks last year - The Register.Lost iPhone? Don’t fall for phishing texts saying it was found - Bleeping Computer.Tinder to use AI to get to know users, tap into their Camera Roll photos - TechCrunch.Facebook’s AI can now suggest edits to the photos still on your phone - TechCrunch.Berkshire warns of AI deepfakes impersonating Warren Buffett - Reuters.West End Girl - Wikipedia.West End Girl - Spotify.Claude Code.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    38 min
  8. The hack that messed with time, and rogue ransomware negotiators

    06/11/2025

    The hack that messed with time, and rogue ransomware negotiators

    Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock — with chaos potentially only a tick away. Plus when ransomware negotiators turn to the dark side, what could possibly go wrong? All this and more is discussed in episode 442 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Dave Bittner. EPISODE LINKS: Alleged Meduza Stealer malware admins arrested after hacking Russian org - Bleeping Computer.Tap-and-Steal: The Rise of NFC Relay Malware on Mobile Devices - Zimperium.Postcode Lottery's lucky dip turns into data slip as players draw each other's info - The Register.Chinese Ministry of State Security MSS WeChat post - WeChat.China blames US for cyber break-in, claims America is world's biggest bit burglar - The Register.Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says - Chicago Sun Times.MicroMacro: Crime City.Star Wars 3.5 foot animated LED R2-D2 - Home Depot.TrackaLacker.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. ENJOYED THE SHOW? Make sure to check out our sister podcast, "The AI Fix". Privacy & Opt-Out: https://redcircle.com/privacy

    39 min
See All (459)

Trailer

Hosts & Guests

About

Stories from the world of hacking, cybersecurity, and rogue AI. Smashing Security isn’t your typical tech podcast. Hosted by cybersecurity veteran Graham Cluley, it serves up weekly tales of cybercrime, hacking horror stories, privacy blunders, and tech mishaps - all with sharp insight, a sense of humour, and zero tolerance for tech waffle. Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jack Rhysider. Follow the podcast on Bluesky at @smashingsecurity.com, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Information

  • Creator
    Graham Cluley
  • Years Active
    2017 - 2026
  • Episodes
    459
  • Rating
    Clean
  • Copyright
    © Graham Cluley
  • Show Website
    Smashing Security
  • Provider
    Graham Cluley

You Might Also Like