We explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion, and we look at what is being done to better defend women and girls' safety online.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Incident Update: Unauthorized Activity Involving ETH Cold Wallet - Bybit.Bybit Launches Recovery Bounty Program with Rewards up to 10% of Stolen Funds - Bybit.ZachXBT links Bybit hack to Lazarus Group - Twitter.Online Safety Act: explainer - GOV.UKThese Are The 10 Most Complained-About TV Moments In Ofcom's History - Ofcom. Ofcom to push for better age verification, filters and 40 other checks in new online child safety code - TechCrunch.UK’s internet watchdog toughens approach to deepfake porn - TechCrunch.Girlguiding research exposes alarming online harms facing girls - Charity Today News.Ofcom's approach to implementing the Online Safety Act - Ofcom. Women's abuse online: 'I get trolled every second, every day' - BBC. Amanda’s funniest moments in Motherland - YouTube.Amandaland - BBC iPlayer.Cassandra Sci-Fi Thriller limited series - Netflix. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.Scanner.dev provides a new technology offering fast search and threat detections for security data in S3 helping teams reduce the total cost of ownership of their SIEM by up to 90%. Try the interactive...

The story of how hackers managed to compromise the US Government's official SEC Twitter account to boost the price of Bitcoins, AI isn't helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware?All this and more is discussed in episode 404 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Jane Wakefield.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:SEC's Twitter account hacked to say Bitcoin ETFs approved - Hot for Security.Twitter says it’s not its fault the SEC’s account got hacked - Graham Cluley.SEC Twitter hack blamed on SIM swap attack - Hot for Security.The SEC’s X account got hacked by a 25-year-old who went by ‘AGiantSchnauzer’ and got paid in Bitcoin, feds say - Fortune.Pupils share conspiracy theories for fun, with girls ‘more susceptible’ - The Times.AI chatbots unable to accurately summarise news, BBC finds - BBC News.US-led cybersecurity coalition vows to not pay hackers' ransom demands - TechCrunch.35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments - Chain Analysis.Ransomware: proposals to increase incident reporting and reduce payments to criminals - GOV.UK.The 2024 Ransomware Landscape: ‘Looking back on another painful year’ - IT Wire.The Space Doctor’s Big Idea by Randall Munroe - The New Yorker.Reading guide: Creation Lake by Rachel Kushner - Booker Prizes.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored...

In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:ZachXBT’s thread - Twitter.Coinbase employee tells users not to use a VPN or ad blocker - Twitter.What PowerSchool won’t say about its data breach affecting millions of students - TechCrunch.QR code - Wikipedia.Reed–Solomon error correction - Wikipedia.Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express.Scam alert: QR code on an unexpected package - Consumer AdviceNew Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog.What You Must Know Before Scanning a QR Code - AARP.“More” - Niall Conlon.“Money Men” by Dan McCrum - Penguin Books.Bitter Orange Marmalade Recipe - Ballymaloe Cooking School.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.Cortex Symphony 2025 -...

What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee's actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations - CloudSEK.British Museum forced to partly close after alleged IT attack by former employee - The Guardian.Chart: What Do You Want to be When You Grow Up?- Statista.Tikked off: What happens when TikTok fame fades - Vox.Influencer burnout is real - Vox.Influencer slammed for staging fake kidnapping plot because she was ‘bored’ - Mirror Online."Mom influencer" Katie Sorensen sentenced to jail for falsely claiming couple tried to kidnap her kids at a crafts store - CBS News.Stock market influencer on the way to Coldplay concert kidnapped by data theft gang - The New Indian Express.Raycast.“Thank Goodness You’re Here” video game.The We Society Podcast - Academy of Social Sciences. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password – Secure every app, device, and identity – even the...

An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams.All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.Plus - don't miss our featured interview with Avery Pennarun of Tailscale.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Report from Corriere Di Bologna newspaper.Caro Musk, assumi subito l’hacker quindicenne di Cesena – Il Foglio.15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun – Hot for Security.90-year-old immigrant could lose Brooklyn home after deed theft scam, family says – CBS News. Protect your home. Spot the signs of deed theft – Better Business Bureau. Woman Charged for Scheme to Defraud Elvis Presley’s Family – DOJ.Home Title Theft: How To Protect Yourself – Forbes Advisor.Here’s How Scammers in America Can Take the Title to Your Home Without You Knowing It – Moneywise.Could a Criminal Use Deed Fraud to Steal Your Entire Home? – AARP.Could Fraudsters Steal Your Home From Under Your Nose? – HomeOwners Alliance.Wizard Zines.Listen for the Lie – Amazon.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!1Password – Secure every app, device, and identity – even the unmanaged ones at

The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Player of Games - Grimes.‘Path of Exile 2’ Players Call Bulls**t on Elon Musk’s Video Game Stream - Gizmodo.Elon Musk "Playing" Path of Exile 2 - YouTube.Elon Musk is Lying About Being Good at Video Games - YouTube.Elon Musk Streams His ”Totally Not Boosted” ‘Path of Exile 2’ Character, Proves He Has No Idea What He’s Doing - Vice.Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters - 404 Media.Inside the Black Box of Predictive Travel Surveillance - WIRED.Average Number of Smart Devices in a Home 2025 - Consumer Affairs.Global IoT and non-IoT connections 2010-2025 - Statista.U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review. How the Internet of Things will be good for the planet - Thales Group.The ‘Worst in Show’ CES products put your data at risk and cause waste, privacy advocates say - AP News.The CES worst in show awards lampoon AI everthing - The Register.The Worst Devices of CES 2025!! - YouTube. This Could Be Your AI Robot Girlfriend - For $175,000 - Forbes.

Ever wonder how those "free" browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets.Plus, we take a look at Kagi, the search engine you pay not to show you adverts, and discuss what you should do with your old, no-longer-wanted technology.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Exposing the Honey Influencer Scam - MegaLag on YouTube.The Honey Scam: Explained - Marques Brownlee on YouTube.14 million people don’t know how to erase their data from an old device - ICO. Electronics hoarding habit among Brits and Americans - SellCell.Practical advice for online and electronic devices - ICO. How to factory reset your Google Pixel phone - Google. How to factory reset your iPhone, iPad, or iPod touch - Apple. Reset your Android device to factory settings - Google. Erase your Mac and reset it to factory settings  - Apple.Reset your PC - Microsoft.How do I perform a factory reset on my Samsung mobile device? -  Samsung.Kagi search engine.Battery Heated Clothing - Fieldsheer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on

This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack.All this and more is discussed in the latest jam-packed edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of "The AI Fix" podcast.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:CAPTCHAs from hell - Reddit.“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising - Guardio.AI Safety Clock Ticks Closer To ‘Midnight,’ Signifying Rising Risk - Forbes.Krispy Kreme admits there's a hole in its security - The Register. Nutritional and Allergen Information - Krispy Kreme. &UDM=14.Does one line fix Google? - Tedium.ElevenLabs.The GCHQ Christmas Challenge 2024 - GCHQ.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on

A Canadian man is arrested in relation to the Snowflake hacks from earlier this year - after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Accused Kitchener hacker unmasked after threatening woman online - The Waterloo Region Record.Canadian Man Arrested in Snowflake Data Extortions - Krebs on Security.Who wants to be next? - Bluesky post by Allison Nixon.Crypto Trader Kills His Mum For £500k After Going Into Debt To Maintain 'Perfect Lifestyle' - IB Times. Autopsy reveals injuries on body of Colleen Rebelo’s body after alleged murder - Australia News.Influencer Marketing Statistics 2024 - Artios.BLACKkKLANSMAN trailer - YouTube.A Soft Murmur.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.BigID - Start protecting your sensitive data wherever it lives with BigID. Get a free demo to how your organization can reduce data risk and accelerate the adoption of generative AI.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on

A CEO is arrested for turning satellite receivers into DDoS attack weapons, and we journey into the world of bossware and "affective computing" and explore how AI is learning to read our emotions – is this the future of work, or a recipe for dystopia?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Korea arrests CEO for adding DDoS feature to satellite receivers - Bleeping Computer.Data on our minds: affective computing at work - IFOW. How Much Does 'Bossware' Really Curb Remote Work Slacking? - Inc. MN8 – 2 Channel EEG Headphones - Emotiv.Commercial EEG Headsets for Enterprises - Emotiv.‘Bossware’ computer tracking devices harm workers’ wellbeing, says report - The Times.Your Company’s Bossware Could Get You in Legal Trouble - 1Password.The Abandoned, Apocalyptic Architecture of One Bold 1970s Retail Chain - Atlas Obscura.Bankrupt - BEST Products Co. - YouTube.Defunct BEST Products Store Architecture Documentary - YouTube.Play Winning Cribbage - Amazon.Cribbage Classic - iOS App Store.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.BlackBerry - Tune in and empower your team with the knowledge to stay connected, no matter what crisis. Learn more about BlackBerry's critical event management solutions.ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. Start your 30-day free trial today!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on

A Kansas City man is accused of hacking into local businesses, not to steal money, but to... get a cheaper gym membership? A DNA-testing firm has vanished, leaving customers in the dark about what's happened to their sensitive genetic data. And Australia mulls a social media ban for youngsters.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:KC Man Indicted for Computer Hacking - Department of Justice.DNA testing company vanishes along with its customers’ genetic data - Malwarebytes.DNA firm holding highly sensitive data 'vanishes' without warning - BBC News.Australia proposes 'world-leading' ban on social media for children under 16 - Reuters.The government has introduced laws for its social media ban. But key details are still missing - The Conversation.Australia's under-16 social media age ban legislation excludes messaging apps - YouTube.Australia’s plan to ban children from social media popular but problematic - PBS News.Which Countries Are Considering Social Media Bans For Teens? - Newsweek.Graham’s previous encounter with hobs with knobs - Smashing Security.“The Day of the Jackal” trailer - YouTube."Anora” trailer  - YouTube. Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!ThreatLocker - the Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally....

In our latest episode we discuss how a woman hid under the bed after scammers told her she was under "digital arrest", how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:'You are under digital arrest': Inside a scam looting millions from Indians - BBC News.Digital Arrest Scam: How You Can Stay Safe - YouTube.Tamil Nadu Professor Placed Under Digital Arrest, Duped of Rs 10 Lakh - YouTube.'Mann Ki Baat' episode 115 - India Prime Minister Narendra Modi.“My YouTube Channel Got Deleted Last Night..” - Bitz on YouTube.NCA shuts down major fraud platform responsible for 1.8 million scam calls - National Crime Agency.O2 launches free anti-scam caller identification for millions of customers - O2. AI Scambaiters: O2 creates AI Granny to waste scammers’ time - YouTube.“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams - Guardio.Graham Cluley on Bluesky.Maria Varmazis on Bluesky.Dan Da Dan - Netflix.Butter by Asako Yuzuki - Harper Collins.'Butter' book review: Meditations on murders - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation…...