260 episodes

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...
Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over seven million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.
Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Smashing Security Graham Cluley, Carole Theriault

    • Technology
    • 4.6 • 225 Ratings

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...
Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over seven million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.
Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

    259: Techquilibrium and mediocre linguistic escapades

    259: Techquilibrium and mediocre linguistic escapades

    Wordle - good or bad for the world? Whatever your opinion, at least someone wants to spoil players' fun. Meanwhile, we take a look at the threat mobile phones can pose to your mental health.


    All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.


    Visit https://www.smashingsecurity.com/259 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Sponsored By:
    1Password: Secure online payments and grow your business with Brex and 1Password.

    Brex and 1Password have partnered to make online payments secure and frictionless. 1Password customers can now use Brex virtual credit cards to check out online with just two clicks.

    1Password's integration with Brex is available right now to 1Password Teams and Business customers based in the United States.

    Learn more at smashingsecurity.com/brexThinkst: Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Go to canary.tools to find out why its Physical, VM and Cloud Based Canaries are deployed and loved on all 7 continents...

    Listeners who mail in referencing Smashing Security get a 10% discount on their order!Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.comSupport Smashing Security
    Links:
    Wordle - A daily word game.Friend of the show Mark Stockley bragging about his Wordle play — Twitter.Wordle Accessibility — Generates descriptive text for your Wordle result.Twitter suspends Wordle-ruining bot — The Verge.Screen Time: How to make peace with your devices and find your techquilibrium — Book by Becca Cady.2022 Cell Phone Usage Statistics: How Obsessed Are We? — Reviews.org.Is Your Phone Affecting Your Mental Health? — Butler Hospital.The people deciding to ditch their smartphones — BBC News.No place is sacred: Addicted Americans use cell phones at weddings, funerals, on the toilet! — Study Finds.Is Your Mobile Phone Use Bad for Your Mental Health? — Mental Health.From low sense of control to problematic smartphone use severity during Covid-19 outbreak: The mediating role of fear of missing out and the moderating role of repetitive negative thinking — PLOS.Ten ways to take control of your smartphone — The Guardian.It's A Knockout 1973, Heat 4 - Ely Vs Hertford — YouTube.It's a Royal Knockout, 1987 — YouTube.The Grand Knockout Tournament — Wikipedia.Embarrassing 80's - Royal It's a Knockout — YouTube.'Brand New Cherry Flavor' Review: Dark New Netflix Show Gets Gross — Variety.Brand New Cherry Flavor — Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 42 min
    258: Tesla remote hijacks and revolting YouTubers

    258: Tesla remote hijacks and revolting YouTubers

    Carole's still on jury service, but the show must go on! We take a look at how some Tesla owners are at risk of having their expensive cars remotely hijacked, and why YouTubers are up in arms over NFTs.


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.


    Visit https://www.smashingsecurity.com/258 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Sponsored By:
    Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.com1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.

    Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.

    Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.

    Visit 1Password University for free online security resources, made for everyone.Support Smashing Security
    Links:
    Monty Hall problem — Wikipedia.Monty Hall problem explanation video — Numberphile on YouTube.David Colombo's Twitter account.How a Hacker Controlled Dozens of Teslas Using a Flaw in Third-Party App — Vice.Graham or Carole? NFT, posted by Mark Stockley — OpenSea.The Fart Jars NFT story doesn't pass the smell test — Input Magazine.WOW! Disgusting Youtuber Exploitation Scandal, MrBeast Beat a Child, MLK Controversy, & Today's News — Philip DeFranco's YouTube account.Gaming YouTubers have had their likenesses stolen and sold as NFTs — EuroGamer.Prominent Gaming YouTubers' Likenesses Sold As NFTs Without Consent — Nintendo Life.Cleanup.pictures — Remove objects, people, text and defects from any picture for free.Quick, Draw!Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 33 min
    257: Pokemon-hunting cops and the Spine Collector scammer

    257: Pokemon-hunting cops and the Spine Collector scammer

    Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors? Which pot contains an elephant? And why has Graham been listening to podcasts about pest control marketing?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.


    Visit https://www.smashingsecurity.com/257 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Sponsored By:
    Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.com1Password: 1Password has put its 15 years of security experience into creating 1Password University, a fun, dynamic, and free learning resource for people of all skill levels.

    Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and learn how to create form an entire ecosystem of tools and tactics that help keep you safe on the internet.

    Whether you’re a business leader looking to create a culture of security in the workplace, or you’re just trying to understand why you need a unique password for each account, 1Password University’s growing catalogue of courses has something for you.

    Visit 1Password University for free online security resources, made for everyone.Support Smashing Security
    Links:
    Pokémon Go: Police fired for chasing Snorlax instead of robbers — BBC News.Pokémon Go-Playing LAPD Officers Fired For Ignoring Robbery — Kotaku.Court of appeal documents (PDF).The Mysterious Figure Stealing Books Before Their Release — Vulture.FBI Arrests Man Accused of Stealing Unpublished Book Manuscripts — The New York Times.ViacomCBS security group 'crucial' for FBI manuscript theft investigation, says Karp — The Bookseller.The Spine Collector: Man arrested for using fake email addresses to steal hundreds of unpublished manuscripts — Hot for Security.Pest Control Marketing Live! — YouTube.Pest Control Marketing Podcast.Pest Control Marketing Jingles.Think with Pinker — BBC Radio 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 44 min
    256: Virgin Media just won't take no for an answer, NFT apes, and bad optics

    256: Virgin Media just won't take no for an answer, NFT apes, and bad optics

    After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your sleeping girlfriend's facial recognition.


    All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined by Mark Stockley for our last episode of the year!


    Visit https://www.smashingsecurity.com/256 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Mark Stockley.
    Sponsored By:
    1Password: The first annual 1Password “State of Access” benchmark study illuminates the grave dangers unwittingly posed by checked-out, apathetic employees — including security professionals.

    Burned-out employees are 3 times more likely to say security rules and policies “aren’t worth the hassle,” and nearly half of burned-out security professionals say it’s unrealistic for companies to be aware of and manage all apps and devices that employees use.

    Read the report and find out what you can do at 1password.com/resources.
    Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.comSupport Smashing Security
    Links:
    Log4Shell: The race is on to fix millions of systems and internet-connected devices — Graham Cluley.Virgin Media Limited monetary penalty notice (PDF) — Information Commissioner's Office.Virgin Media fined £50k for spamming opted-out customers — The Register.Bored Ape NFT accidentally sells for $3,000 instead of $300,000 — BBC News.Man steals $23K using ex's phone through facial recognition: report — NY Post.Man sentenced to 3.5 years in prison after transferring $23,500 on ex-girlfriend's phone by pulling up her eyelid — Global Times.What Every Heart Emoji Really Means — Emojipedia.Graham or Carole? NFT for sale — OpenSea.Mare of Easttown: Official Trailer — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 50 min
    255: Revolting receipts, a Twitter fandango, and shopkeeper cyber tips

    255: Revolting receipts, a Twitter fandango, and shopkeeper cyber tips

    "Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical?


    All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.


    Visit https://www.smashingsecurity.com/255 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Special Guest: Dinah Davis.
    Sponsored By:
    Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.com1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure?

    100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.

    That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.

    Act fast! This deal is only good until December 16, 2021. Find out more and claim your discount at 1Password.com
    Support Smashing Security
    Links:
    CEO of US mortgage company fires 900 employees on a Zoom call — YouTube.Better.com Zoom firing: Employees share what it was like — CNN.Antiwork subreddit — Reddit.Hackers Are Spamming Businesses’ Receipt Printers With ‘Antiwork’ Manifestos — Motherboard Vice.Hackers are spamming printers with 'antiwork' slogans — Metro.How To Get Back At Your Annoyingly Loud Neighbors — Dumpaday.Attention Shoppers: Internet Is Open — The New York Times.A Brief History of E-commerce — Michael Tefula.NetMarket.Global retail e-commerce market size 2014-2023 — Statista.Ecommerce Fraud Prevention: How To Protect Your Online Store — Big Commerce.How to Secure Your E-Commerce Website: 6 Basic Steps — PC Magazine.How to Secure Your eCommerce Website: 7 Tips — MailMunch.Twitter Will Take Down Pictures of People Posted Without Their Permission — The New York Times.Far-right activists using Twitter new rule against anti-extremist researchers — The Washington Post.Far-right target critics with Twitter's new media policy — BBC News.The Guardian Crosswords.‎Guardian Puzzles & Crosswords for iOS — iOS App Store.Guardian Puzzles & Crosswords for Android — Google Play store.Now that's what I call a Hacker — Jitbit.Taskmaster — YouTube.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 53 min
    254: A dead hamster, a brass pen, and The Beatles

    254: A dead hamster, a brass pen, and The Beatles

    Cryptocurrency traders suffer a hamster-related loss, beware of charity scammers this holiday season, and do you have the patience to sit through Peter Jackson's eight-hour Beatles documentary?


    All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo this week.


    Visit https://www.smashingsecurity.com/254 to check out this episode’s show notes and episode links.


    Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.


    Remember: Follow us on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


    Warning: This podcast may contain nuts, adult themes, and rude language.


    Theme tune: "Vinyl Memories" by Mikael Manvelyan.
    Assorted sound effects: AudioBlocks.
    Sponsored By:
    Uptycs: Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

    Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

    Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

    Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

    Find out more and try it for free at uptycs.com1Password: It’s that time again when we’re all thinking about plans for the upcoming year. Does your plan include making your team more productive and secure?

    100,000 businesses use 1Password to secure employees at scale by encrypting their passwords and sensitive information and helping them get more done, faster.

    That’s why, for a limited time only, new customers can get 25% off the first year of 1Password Business and find out how 1Password can boost productivity while protecting their most sensitive data.

    Act fast! This deal is only good until December 16, 2021. Find out more and claim your discount at 1Password.com
    Perimeter 81: Perimeter 81 is the first-ever Cybersecurity Experience Platform, designed around Instant Deployment, Unified Management, Integrated Security, and Full Visibility.

    Perimeter 81 allows organizations of any and all industry sizes to support IT teams with robust tools to secure and manage your global network with one unified platform.

    Securing remote access for cloud and hybrid businesses and organizations, Perimeter 81 provides unified solutions such as Zero Trust Network Access, Firewall as a Service, Device Posture Check, and more.

    Learn more and request a demo at perimeter81.comSupport Smashing Security
    Links:
    How Stanley Kubrick Staged the Moon Landing — The Paris Review.The Day the World Didn't End — NASA.Does Finland Exist? Many Don't Think So — The Culture Trip.Mr Goxx, the crypto-trading hamster beating human investors — BBC News.Mr Goxx's Twitch channel — Twitch.RIP Mr. Goxx: Cryptocurrency trading HAMSTER DIES of unknown causes — Daily Mail.Epstein’s death proves feeding ground for conspiracy theories — Financial Times.Smashing Security episode 114: Darknet Diaries, death, and beauty apps — In which we discussed the Quadriga case.Find QuadrigaCX’s missing $190 million, and you could win a $100,000 bounty — Graham Cluley.Fraud: Charities warned to be extra vigilant over coming months — UK Fundraising.Donate safely this Giving Tuesday — FTC.Watch The Beatles: Get Back — Disney +The Beatles: Get Back trailer — YouTube.Kaweco Brass Sport pen.Smashing Security merchandise (t-shirts, mugs, stickers and stuff

    • 37 min

Customer Reviews

4.6 out of 5
225 Ratings

225 Ratings

[REDACTED] USER ,

Great stuff

Great weekly podcast absolutely worth listening to and always includes a good laugh.

USA Mknitter ,

Tips for Online Stores (#255)

Greatly appreciated Dinah Davis’ tips for online stores. Even though I don’t sell anything online I learned WHY certain information is, or is not, collected and retained. Thanks to Dinah for those “eye openers.”

RampnukieDoug ,

One of my favorites!

This podcast is one of my absolute favorites, not just out of infosec podcasts, but out of ALL of the different podcasts I listen to. Funny, clever, informative…and they always have interesting guest hosts. Keep it up you guys, and thank-you so much for all the effort you put in!

Top Podcasts In Technology

Lex Fridman
WBUR
Jason Calacanis
Jack Rhysider
NPR
Tristan Harris and Aza Raskin, The Center for Humane Technology

You Might Also Like

Cybereason
CyberWire Inc.
CyberWire, Inc.
The Record Media
Jack Rhysider
VICE