Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865. Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...) All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:Tweet by Jameson Lopp.Bitcoin user’s costly error leads to record transaction fee of $510,000 - Cryptoslate.Root Admin User: When Do Common Usernames Pose a Threat? - GovInfoSecurity.Dave’s conversation with Crosstalk’s Chris Sherwood - Hacking Humans podcast.Passkey authentication - Wikipedia.Passkeys: Accelerating the Availability of Simpler, Stronger Passwordless Sign-Ins - FIDO Alliance.Test your mental image ability - Aphantasia.How to create your own personal deepfake - Axios.Deepfakes are being used for good – here’s how - Connecting Research - University of Reading.Six things you need to know about deepfakes - BBC Radio 4.Mitigating Aphantasia with Generative Reality - Medium.Ethical Deepfake Maker - Synthesia.HeyGen deepfakes - HeyGen.Deepfakes are being used for good – here's how - The Conversation.Search engines required to stamp out AI-generated images of child abuse under Australia’s new code  - The Guardian.Induction Hob with Rotary Controls - Cookology.Top 10 WTF Mr Blobby Moments - YouTube.<a...

Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?

A helpful and hilarious take on the week's tech SNAFUs. 

Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy.   It's not your typical cybersecurity podcast...

Winner of the "Best Cybersecurity Podcast" in 2018, 2019, and 2023, and the "Most Entertaining" in 2022 and 2023, Smashing Security has had over nine million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones.

Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK).

Technology

Tech News

Podcasting

Gadgets

Software How-To

Comedy

News

The UK Government takes aim at IoT devices shipping with weak or default passwords, a man spends two years incarcerated after being mistaken for the person who stole his identity, and are you au fait with the latest scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:New laws to protect consumers from cyber criminals come into force in the UK - UK Government.Mirai - Wikipedia.Identity theft victim wrongly locked up for 2 years is exonerated at last - Paul Ducklin.Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds - The Guardian.5 scams you need to know about in 2024 - Which? News.How fraudsters are getting fake articles onto Facebook - BBC News.Five Scams To Beware In 2024 - Forbes Advisor UK.Eerie ‘breathing’ mistake to listen out for exposes costly AI ‘audio deepfake' scam calls that take just seconds to make - The Sun.How to spot fraud - UK Government.Etymology Monday: David Crystal on the word ‘gaggle’ - Literary Minded.Moon - Wikipedia.Baby Reindeer - Netflix.Why row over Baby Reindeer sleuths will change real-life drama for ever - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:Sonrai’s Cloud Permissions Firewall – A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!<a href="https://www.kolide.com/smashing" rel="noopener...

The closed loop conundrum, default passwords, and Baby Reindeer

Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:When a breach goes from 25 documents to 1.3 terabytes… - Graham Cluley.Leicester street lights stuck on all day due to cyber attack - Leicester Mercury.Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned - Washington Post.AI deepfakes threaten to upend global elections. No one can stop them - Washington Post.Models, dead netas, campaigning from jail: How AI is shaping Lok Sabha polls - India Today.Why Elections Take So Long in India - The New York Times.How A.I. Tools Could Change India’s Elections  - The New York Times.Bollywood deepfakes fuel AI election meddling fears in India - GG2.World Explained: How India's politicians are using AI to reach voters in the world’s most populous country - The Scotsman.12 Angry Men - Wikipedia.VIA Rail.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:Sonrai's Cloud Permissions Firewall - A one-click solution to least privilege without disrupting DevOps. Start a 14 day free trial now!Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
SUPPORT THE SHOW: Tell your...

Keeping the lights on after a ransomware attack

Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he?  And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:Animal Crossing with Garry Kasparov - Smashing Security.Gary Barlow - Wikipedia.I was catfished by a fake Gary Barlow on Facebook - Daily Mail.Video shows Clark County man charged with murder confront Uber driver - Springfield News.Uber driver, 61, shot dead by Ohio man, 81, who was being targeted by scammers - Daily Mail.Boxfit classes - Better.Waschii - PocketSized SolarHeated Washjing Machine - Indiegogo.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:Kiteworks – Step into the future of secure managed file transfer with Kiteworks.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed! 
 ﻿FOLLOW US: Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and <a href="https://www.smashingsecurity.com/" rel="noopener noreferrer"...

Gary Barlow, and a scam turns deadly

MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff - Politico.How I was targeted in the Westminster honeytrap - BBC News.The Westminster honeytrap plotter tried to catch me too - The Times.How Westminster WhatsApp ‘honey trapper’ targeted party conference season - Politico.William Wragg quits Commons roles over Westminster honeytrap - BBC News.A new prescription - The Economist.Change Healthcare faces second ransomware dilemma weeks after ALPHV attack - The Register.‘The Drew Barrymore Show’ Targeted by Fraudsters in Celebrity Scamming Effort  - Yahoo! News.‘Drew Barrymore Show' Targeted in Hacking, ID Fraud Scam by Imposter Who Posed as Producer and More - Variety.Guy Fieri Calls Drew Barrymore “Gangster” For Talking With Her “Mouth Full Of Food” On ‘The Drew Barrymore Show’ - Decider. Beware The Fake Drew Barrymore Le Creuset Cookware Giveaway Scam - Malware Tips.Carmen - Royal Opera House.Mandy - BBC iPlayer.Anita de Monte Laughs Last - Bloomsbury.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:Kiteworks – Step

WhatsApp at Westminster, unhealthy AI, and Drew Barrymore

Google says it is deleting your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links:Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot - 404.Biden Bans Rival Nations From Buying Sensitive US Data - Good Luck - Wired.6 practical reasons to use Incognito mode in your browser - USA Today.Brown v. Google LLC Settlement Agreement - DocumentCloud.Google agrees to settle $5bn lawsuit claiming it secretly tracked users - The Guardian.Chrome updates Incognito warning to admit Google tracks users in “private” mode - Ars Technica.Google changes wording for Incognito browsing in Chrome - Malwarebytes.The Incognito Mode Myth Has Fully Unraveled - Wired.Google Agrees to Delete ‘Incognito’ Browsing Data to Settle Class-Action Lawsuit - TIME.Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver - Graham Cluley.Concorde - Lego.Cover song: samsung dryer no. 2 - YouTube.Play Drums on Samsung Washing Machine Song - YouTube.With samsung washing machine violinist  - YouTube.Samsung Washing Machine Song with Piano [Franz Schubert's "Die Forelle"] - YouTube.Duet for harp and dryer - YouTube.<a href="https://www.youtube.com/watch?v=fYS0XenM19I" rel="noopener...

Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?

Download our free app to listen on your phone