Smashing Security

238: Fashion captain, fraud family, and DEF CON. D'oh!

July 29th, 2021  |  53 mins 30 secs

def con, fraud family, idor, netherlands, petitpotam, police, privacy, vulnerability

Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.

237: NuNa, NuNu, NaNa

July 22nd, 2021  |  1 hr 2 mins

freedom phone, iphone, malware, nso group, pegasus, ransomware, spyware

Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a "Freedom Phone" be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed.

236: Stingrays, soccer, and smart homes

July 15th, 2021  |  1 hr 36 secs

columbo, facebook, football, iot, privacy, racism, romance scam, smart homes, stingray, twitter

How did investigators ask a romance scammer out on a date, smart homes continue to play dumb, and is it time for social media sites to do more about racist football fans?

235: REvil returns, TikTok grows, and Gettr defaced

July 8th, 2021  |  59 mins 9 secs

gettr, kaseya, malware, privacy, ransomware, revil, tiktok, vulnerability

A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter.

234: Cozy Bear, dildo scams, and robo hires and fires

July 1st, 2021  |  56 mins 26 secs

amazon, cozy bear, data breach, dildo, flex, malware, microsoft, nobelium

Microsoft warns about a hacking gang that is far from cuddly, algorithms rather than managers are firing people, and our guest receives a surprising email from "Amazon"...

233: Peloton problems, romance regret, and Weiner woes

June 24th, 2021  |  1 hr 22 mins

peloton, romance scam, treadmill, twitter, ukraine, vulnerability, zack weiner

We take a look at why Peloton is being accused of ransomware-like behaviour, how one man lost $250,000 in a romance scam, and how a chap called Weiner has found himself in a political pickle.

232: Zoomolympics and language matters

June 17th, 2021  |  50 mins 39 secs

blacklist, coq, data breach, ea games, electronic arts, ioc, japan, olympics, videogames, whitelist

Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort.

231: Sexy snaps and encrypted chat traps

June 10th, 2021  |  1 hr 8 mins

an0m, apple, australian federal police, encryption, fbi, privacy, usa today

Criminals are caught in a encrypted chat trap, should you trust Apple's repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website?

230: Flash card f-up and energy pipe pilfering

June 3rd, 2021  |  41 mins 18 secs

cryptomining, david berglas, flashcards, magic, nuclear weapons, west cork

The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners.

229: Dating leaks, right to repair, and a stinky bishop

May 27th, 2021  |  1 hr 11 mins

cheese, data leak, dating, encrochat, fingerprints, phishing, right to repair

A big cheese ends up in jail, a Japanese dating site spills the dirt after a hack, and we learn all about the right to repair.

228: Pipeline pickle, Blockchain bollocks, and Eufy SNAFU - with Rory Cellan-Jones

May 20th, 2021  |  1 hr 12 mins

bitcoin, blockchain, colonial pipeline, cryptocurrency, darkside, dogecoin, elon musk, eufy, ransomware

The Colonial Pipeline attack has shone light on the activities of the Darkside ransomware gang, we take a skeptical look at cryptocurrencies and the blockchain, and Eufy security cameras suffer an embarrassing security failure.

227: Phishing foul-up, Twitter tip jars, and Facebook's Apple fury

May 13th, 2021  |  49 mins 9 secs

apple, facebook, ios, paypal, phishing, twitter

Facebook says it's sticking up for the little guys as it picks a fight with Apple, there are testing times on the trains, and Twitter takes a tip.

226: Cryptocrazies and NFTs

May 6th, 2021  |  50 mins 56 secs

ads, cryptocurrency, google, nft, scam, tiktok

How did the SCAM cryptocurrency become a success? Why is Google allowing government rip-off ads to still appear on search results? And why on earth is everyone suddenly spending millions of dollars on NFTs?

225: Master of your domain, gripe sites, and John Deere Farmergeddon

April 28th, 2021  |  56 mins 36 secs

argentina, combine harvester, domain, google, gripe sites, iot, john deere, tractor, vulnerability

Google loses its domain in Argentina, how do gripe sites make their dough, and has John Deere solved the cybersecurity problem?

224: The Lazarus Heist, Facebook faux pas, and no-cost security

April 22nd, 2021  |  1 hr 5 mins

data breach, facebook, lazarus, malware, north korea, pisces, ransomware, sony pictures

Facebook has managed to do the seemingly impossible - and had a data breach about its handling of a data breach. Meanwhile, we chat to the host of the brand new podcast about North Korea's hackers targeting the rest of the world, and discuss if an intern can be trusted to monitor your security.

Graham Cluley and Carole Theriault are joined this week by Geoff White of "The Lazarus Heist" podcast.

223: Booze, nudes, and insurance dudes

April 15th, 2021  |  51 mins 34 secs

alcohol, domain, insurance, malware, motor vehicle, phishing, ransomware, scam, wine

Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic?