Sign up to save your podcasts
Or
Share How to lose friends and DDoS people
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How to lose friends and DDoS people
When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and tampered with parts of their own archive to smear the blogger's name.
In this episode, we unravel how a website designed to preserve history may have trashed its own credibility - and how Wikipedia responded when trust went out the window.
Plus a ransomware gang shoots itself in the foot with a classic case of buffoonery, accidentally corrupting the very keys victims would need to decrypt their data. When even the criminals can’t unlock your files, what happens next?
All this, a surprisingly zen Pick of the Week, and a gloriously splenetic rant against web forms, on episode 456 of the award-winning "Smashing Security" podcast, with cybersecurity veteran Graham Cluley and special guest Paul Ducklin.
EPISODE LINKS:
- This App Will Detect People Wearing Smart Glasses Near You - Lifehacker.
- Patients listed as dead after major NZ health app MediMap hacked - 1News.
- Why fake AI videos of UK urban decline are taking over social media - BBC News.
- FBI orders domain registrar to reveal who runs mysterious Archive.is site - Ars Technica.
- Archive.today CAPTCHA page executes DDoS; Wikipedia considers banning site - Ars Technica.
- Archive.today is directing a DDOS attack against my blog - Gyrovague.
- Critical buffer overflow bug - in ESXi ransomware - SolCyber.
- Yoga with Adriene - YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
View all episodes
By Graham Cluley
4.5
315315 ratings
When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and tampered with parts of their own archive to smear the blogger's name.
In this episode, we unravel how a website designed to preserve history may have trashed its own credibility - and how Wikipedia responded when trust went out the window.
Plus a ransomware gang shoots itself in the foot with a classic case of buffoonery, accidentally corrupting the very keys victims would need to decrypt their data. When even the criminals can’t unlock your files, what happens next?
All this, a surprisingly zen Pick of the Week, and a gloriously splenetic rant against web forms, on episode 456 of the award-winning "Smashing Security" podcast, with cybersecurity veteran Graham Cluley and special guest Paul Ducklin.
EPISODE LINKS:
- This App Will Detect People Wearing Smart Glasses Near You - Lifehacker.
- Patients listed as dead after major NZ health app MediMap hacked - 1News.
- Why fake AI videos of UK urban decline are taking over social media - BBC News.
- FBI orders domain registrar to reveal who runs mysterious Archive.is site - Ars Technica.
- Archive.today CAPTCHA page executes DDoS; Wikipedia considers banning site - Ars Technica.
- Archive.today is directing a DDOS attack against my blog - Gyrovague.
- Critical buffer overflow bug - in ESXi ransomware - SolCyber.
- Yoga with Adriene - YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
More shows like Smashing Security
View all
Hacked
188 Listeners
Security Now (Audio)
2,009 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,025 Listeners
Click Here
417 Listeners
Darknet Diaries
8,070 Listeners
Cybersecurity Today
178 Listeners
Hacking Humans
316 Listeners
CISO Series Podcast
194 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
140 Listeners
Hacker And The Fed
167 Listeners
The AI Fix
33 Listeners