Smashing Security

News and views from the world of cybersecurity, hacking, and internet threats

About the show

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...

Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over four million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Jamie Bartlett.

Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Smashing Security on social media


  • 137: Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED

    July 18th, 2019  |  44 mins 8 secs
    hacking, instagram, keyboard, lawyers, porn, vulnerability

    Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody's account.

  • 136: Oops, we created Iran's hacking exploit

    July 11th, 2019  |  49 mins 59 secs
    business email compromise, deepfake, deepnude, iran, malware, outlook, privacy, trevor noah, vulnerability, webcam, zoom

    Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

  • 135: Zombie grannies and unintended leaks

    July 4th, 2019  |  56 mins 26 secs
    android, apollo 11, chillow, dark, facebook, fediverse, iot, malware, pillow, smart lock, twitter

    We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.

  • 134: Sextortion, silicone face masks, and a DDoS doofus

    June 27th, 2019  |  47 mins 3 secs
    belgium, ddos, fire bomb, france, scam, sextortion

    Scammers steal millions by impersonating a French politician, we offer fashion tips for DDoS attackers, and hear how a small town fought a sextortionist preying on young women.

  • 133: Cookie cock-ups, Hong Kong protests, and smart TV virus scans

    June 20th, 2019  |  56 mins 26 secs
    china, cookies, firechat, gdpr, hong kong, ico, malware, samsung, smart tv, telegram, tiananmen square

    We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won't believe whose website is not GDPR-compliant.

  • 132: CBP cyber attack, an iPhone privacy boost, and Twitter list abuse

    June 13th, 2019  |  48 mins 14 secs
    apple, cbp, data breach, firestorm, gerry anderson, ios, iphone, troll, twitter

    United States Customs and Border Protection had sensitive data stolen, but the hackers didn't have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims.

  • 131: Zap yourself from the net, and patch now against BlueKeep

    June 6th, 2019  |  34 mins 14 secs
    bluekeep, chernobyl, malware, microsoft windows, nellie bly, privacy, vulnerability, wannacry

    Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after your murder your podcast co-host?

  • 130: Doctored videos, Bcc blunders, and a diva

    May 30th, 2019  |  48 mins 10 secs
    data breach, deepfakes, email, facebook, fake news, gdpr, google, malware, privacy, samantha-antoinette smith, twitter, video

    You won't believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware... and how Carole gets her diva on.

  • 129: Too Long; Didn't Listen

    May 23rd, 2019  |  51 mins 34 secs
    2fa, china, google, hackers, phishing, scam, social media

    Don't hire a hacker, they might scam you! What works and what doesn't when it comes to protecting your email account? And China's controversial social credit system comes under the microscope.

  • 128: Shackled ankles, photo scrapes, and SIM card swaps

    May 16th, 2019  |  50 mins 34 secs
    ankle bracelet, bitcoin, cryptocurrency, ever, facial recognition, police, privacy, sim swap

    A bad software update causes big headaches for Dutch police, but brings temporary freedom to criminals. SIM swaps are in the news again as fraudsters steal millions. And does your cloud photo storage service have a dirty little secret?

  • 127: I do love the Dutch

    May 9th, 2019  |  45 mins 23 secs
    ashley madison, cyberwarfare, drugslab, hamas, israel, roomba, scam, sextortion

    Israel strikes back at Hamas's hacking HQ, a new sextortion email comes with a twist, and Carole saves the world with some help from hacked Roomba vacuum cleaners.

  • 126: Zombie chickens and fast-food victims

    May 2nd, 2019  |  49 mins 10 secs
    black summer, business email compromise, chickens, domain name, jason statham, mcdonald's, romance scams, scams, spider-man

    What's the worst that can happen if you join a Hollywood hard man's Facebook page? What drove a man to hijack a website's name at gunpoint? And can you solve the mystery of the Canadian Hamburglar?

  • 125: Pick of the thief!

    April 25th, 2019  |  47 mins 18 secs
    apple, facial recognition, fingerprint, malwaretech, marcus hutchins, nokia, passwords, samsung

    WannaCry's "accidental hero" pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up.

  • 124: Poisoned porn ads, the A word, and why why why Wipro?

    April 18th, 2019  |  52 mins 40 secs
    alexa, amazon, angler exploit kit, brian krebs, ddos, malvertising, malware, porn, ransomware, reveton, wipro

    The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

  • 123: Backups - a necessary evil? (replay)

    April 11th, 2019  |  30 mins 45 secs

    In this special "splinter" episode of the "Smashing Security" podcast from September 2017 we tackle the tricky subject of backups - When did you last backup your data? How and what should you backup? And where should you store them?

    Lots of questions and Graham gets to do his Tina Turner impression.

  • 122: The big fat con at Office Depot

    April 4th, 2019  |  48 mins 44 secs
    car alarm, facial recognition, malware, office depot, officemax, pc health check

    Office Depot and OfficeMax are fined millions for tricking customers into thinking their computers were infected with malware, car alarms can make your vehicle less secure, and facial recognition in apartment blocks comes under the microscope.