Smashing Security

News and views from the world of cybersecurity, hacking, and internet threats

About the show

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...

Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over seven million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.

Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Smashing Security on social media


  • 275: Jail for Bing, and mental health apps may not be good for you

    May 19th, 2022  |  1 hr 5 mins
    hacking, malware, mental health, privacy, ransomware, telegram, vulnerability

    A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up to?

  • 274: Hands off my biometrics, and a wormhole squirmish

    May 12th, 2022  |  49 mins 10 secs
    biometrics, carl sagan, clearview ai, cryptocurrency, domain, facial recognition, wormhole

    Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole?

  • 273: Password blips, and who's calling the airport?

    May 5th, 2022  |  50 mins 11 secs
    denial of service, dublin airport, noise, passwords, sms, telephone

    We find out why calls to Dublin airport's noise complaints line have soared, and Carole quizzes Graham to celebrate World Password Day.

  • 272: Going ape over the Kardashians, and the face of romance scams

    April 28th, 2022  |  50 mins 23 secs
    bored ape yacht club, cryptocurrency, instagram, kardashians, kim kardashian, online dating, roblox, scam, wallet

    Members of The Bored Ape Yacht Club get that sinking feeling, a face unwittingly launches hundreds of romance scams, and is an as-yet unseen Kim Kardashian sex tape a load of old Roblox?

  • 271: Crypto break-in, Google blurring, and mics not muting

    April 21st, 2022  |  50 mins 46 secs
    apple, cryptocurrency, google, icloud, metamask, microphone, privacy, russia, social engineering, ukraine, zoom

    A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia... or has it?

  • 270: Bearded Barbie, EDR scams, and hobbyist crime detectives

    April 14th, 2022  |  51 mins 1 sec
    barbie, catfishing, data breach, dna, edr, facebook, hamas, israel, malware, police

    Pulchritudinous women with glossy long hair are targeting Israeli officials via Facebook - but why? Scammers have found a new way to gain access to your most sensitive information - but how? And armchair detectives are helping investigating cold cases involving DNA - but should they?

  • 269: Trezor Deep Throat, a CCTV stalker, and Amazon's list of banned words

    April 7th, 2022  |  50 mins 9 secs
    amazon, cctv, cryptocurrency, data breach, hardware wallet, mailchimp, malware, phishing, stalking, trezor

    There's monkey business involving cryptocurrency thieves and MailChimp, a stalker exploits his ex-partner's CCTV cameras, and what are the naughty words Amazon doesn't want its staff using?

  • 268: LinkedIn deepfakes, doxxing Russian spies, and a false alarm

    March 31st, 2022  |  48 mins 38 secs
    ai, autocorrect, deepfake, doxxing, espionage, linkedin, ringcentral, russia, ukraine

    Strange goings-on on LinkedIn, Ukraine publishes a list of alleged Russian FSB agents, and police in Pittsburgh investigate an odd report of an active shooter.

  • 267: Virtual kidnapping, two helipads, and a naughty Apple employee

    March 24th, 2022  |  53 mins 50 secs
    apple, banking, bitcoin, cryptocurrency, fraud, kidnapping, malware, npm, open source, protestware, russia, supply chain, ukraine

    A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid being virtually kidnapped.

  • 266: Cyberflashing, Kaspersky, and secret spies

    March 17th, 2022  |  58 mins 21 secs
    airdrop, airtag, apple, bluetooth, bsi, cyberflashing, dick pics, eugene kaspersky, germany, kaspersky, osint, russia, ukraine

    Germany tells consumers to stop using Kaspersky anti-virus products, OSINT reveals a secret government department (with help from an Apple AirTag), and the UK says it's taking a hard line on cyberflashing.

  • 265: The Nigerian supercop and Alexa vs. Alexa

    March 10th, 2022  |  54 mins 10 secs
    abba kyari, alexa, amazon, bec, drugs, echo, fraud, hushpuppi, nigeria, police, smart speaker, vulnerability

    The most famous policeman in Nigeria is in hot water over his links to Hushpuppi, has your Amazon Echo been talking to itself, and can an AI girlfriend save your marriage?

  • 264: Hacked car chargers, Telegram sextortionists, and secret bossware

    March 3rd, 2022  |  47 mins 56 secs
    bossware, ev charging, hacking, horizon, post office, russia, sextortion, supply chain, telegram, ukraine

    Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace?

  • 263: Problèmes de Weefeee, AI artists, and Web 3.0

    February 24th, 2022  |  1 hr 6 mins
    ai, art, france, nft, opensea, phishing, radio jammer, web 3.0, wi-fi

    Ooh la la! Horreur Wi-Fi en France! Some folks have experienced the drawbacks of Web 3.0 as their NFTs are stolen, and should computers own the copyright over the art they produce?

  • 262: Macro progress, eyeball-tracking ads, and encryption backdoors

    February 17th, 2022  |  57 mins 59 secs
    concept, encryption, macro, malware, microsoft, microsoft word, moviepass, privacy

    How does Microsoft hope to defeat the macro terror? How is the UK Government trying to influence the public's opinion on end-to-end encryption? And what is MoviePass hoping to do with your eyeballs?

  • 261: North Korea hacked, DEA cosplay, and Horizon Worlds drama

    February 10th, 2022  |  50 mins 42 secs
    dea, facebook, meta, metaverse, north korea, social engineering, vulnerability

    Who's wearing the pyjamas while they take down North Korea's internet? Is it a case of cop or cosplay in Oregon? And what's to fear about the metaverse?

  • 260: New hire mystery, hacktivist ransomware, and digi-dating

    February 3rd, 2022  |  47 mins 40 secs
    belarus, dating, insider threat, ransomware, remote working, russia, ukraine

    Who's that new guy working at your company, and why don't you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date?