Smashing Security

News and views from the world of cybersecurity, hacking, and internet threats

About the show

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast...

Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over four million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.

Follow the podcast on Twitter at @SmashinSecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Smashing Security on social media


  • 148: Billboard boobs, face forensics, and Alexa gets way too personal

    October 3rd, 2019  |  50 mins 24 secs
    alexa, amazon, billboard, deepfake, hacking, porn, privacy

    Drivers are distracted by a hacked billboard, Maria takes a deeper look at how the deepfake problem has... uh... deepened, and Carole is less than happy about Amazon's announcement about new Alexa integrations.

  • 147: Don't Snapchat and drive

    September 26th, 2019  |  49 mins 59 secs
    data breach, driving, milton keynes, mobile, privacy, recruitment, skills gap

    How is private medical data leaking onto the streets of Milton Keynes, what is widening the cybersecurity skills gap, and how is Australia controversially tackling the problem of drivers using their mobile phones?

  • 146: Password secrets and baking brownies

    September 19th, 2019  |  38 mins 56 secs

    In the latest edition of the "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils of passwords, and Rachael Stockton from LastPass drops by for a chat.

  • 145: Apple and Google willy wave while home assistants spy - DoH!

    September 12th, 2019  |  44 mins 21 secs
    alexa, android, apple, dns, doh, google, home assistant, https, ios, malware, nintendo wii, siri

    Apple is furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.

  • 144: Google helps the FBI, Twitter Jack’s hijack, and car data woes

    September 5th, 2019  |  51 mins 34 secs
    android, car, doctor who, fbi, google, jack dorsey, location services, privacy, terrance dicks, twitter

    Should Google really be helping the FBI with a bank robbery? What's the story behind the Twitter CEO claiming there's a bomb in their offices? And how much does your car really know about you?

    And we mourn the loss of Doctor Who legend Terrance Dicks...

  • 143: Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians

    August 29th, 2019  |  43 mins 34 secs
    astronaut, cryptomining, deepfake, jordan peterson, nasa, online banking, power plant, space, ukraine

    Was a cybercrime committed on the International Space Station? What on earth were Ukrainian scientists thinking when they plugged a nuclear power station into the internet? And someone has cloned Canadian clinical psychologist Jordan Peterson's voice...

  • 142: Mercedes secret sensors, smart cities, and ransomware runs riot

    August 22nd, 2019  |  49 mins 31 secs
    car, facebook, malware, mercedes, privacy, ransomware, smart cities, tracking

    Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the security threats impacting smart cities, and a new feature coming to your Facebook app.

  • 141: Black Hat and Bridezillas

    August 15th, 2019  |  51 mins 30 secs
    black hat, cable, camera, crown sterling, dslr, encryption, iphone, lightning, malware, ransomware, time ai, vulnerability

    Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you're about to plug into your MacBook?

  • 140: Love, PINs, and 8chan

    August 8th, 2019  |  54 mins 51 secs
    8chan, banking, cloudflare, dating, monzo, passcode, pin, romance scam, the boys

    Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet...

  • 139: Capital One hacked, iMessage flaws, and anonymity my ass!

    August 1st, 2019  |  47 mins 59 secs
    amazon, capital one, data anonymization, data breach, gdpr, imessage, ios, iphone, legend of zelda, steve jobs, vulnerability, walter isaacson

    Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to... Penelope?

  • 138: Logic bombs, brain data exploitation, and Digga D tweets

    July 25th, 2019  |  49 mins 52 secs
    brain, digga d, drill rap, garfield, hacking, hoverboard, knots, logic bomb, metropolitan police, neuralink, siemens, spreadsheet, twitter

    Logic bombs in Excel spreadsheets, how should we protect our brain data from big companies, and how did bizarre messages about Drill rap end up on the Metropolitan Police's Twitter account and website?

  • 137: Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED

    July 18th, 2019  |  44 mins 8 secs
    hacking, instagram, keyboard, lawyers, porn, vulnerability

    Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody's account.

  • 136: Oops, we created Iran's hacking exploit

    July 11th, 2019  |  49 mins 59 secs
    business email compromise, deepfake, deepnude, iran, malware, outlook, privacy, trevor noah, vulnerability, webcam, zoom

    Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

  • 135: Zombie grannies and unintended leaks

    July 4th, 2019  |  56 mins 26 secs
    android, apollo 11, chillow, dark, facebook, fediverse, iot, malware, pillow, smart lock, twitter

    We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.

  • 134: Sextortion, silicone face masks, and a DDoS doofus

    June 27th, 2019  |  47 mins 3 secs
    belgium, ddos, fire bomb, france, scam, sextortion

    Scammers steal millions by impersonating a French politician, we offer fashion tips for DDoS attackers, and hear how a small town fought a sextortionist preying on young women.

  • 133: Cookie cock-ups, Hong Kong protests, and smart TV virus scans

    June 20th, 2019  |  56 mins 26 secs
    china, cookies, firechat, gdpr, hong kong, ico, malware, samsung, smart tv, telegram, tiananmen square

    We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won't believe whose website is not GDPR-compliant.