Privacy

Smashing Security podcast #190: Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition

Special guest Geoff White can’t resist using the podcast to promote his new book, “Crime Dot Com”, but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don’t give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes – the technology fighting back at facial recognition.

Twitter says a “phone spear phishing” attack helped hackers – what’s that?

What’s a phone spear phishing attack? Twitter shares some more details related to its serious security breach earlier this month which saw celebrity accounts tweeting a cryptocurrency scam.

Zoom bug meant attackers could brute force their way into password-protected meetings

Zoom has patched a security hole that could have allowed attackers to break their way into password-protected private calls.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #189: DNA cock-up, Garmin hack, and virtual kidnappings

Why are students faking their own kidnappings? What’s the story behind Garmin’s ransomware attack? And a genetic genealogy website suffers a hack or two.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray REDACTED.

Garmin staggers back online after ransomware attack

Garmin’s online services are beginning to come back to life after it was hit badly by ransomware last week.

But did it pay a ransom to its attackers or not?

Smashing Security podcast #188: Dinner with Elon Musk and Kris Jenner

Who stopped Twitter’s hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite?

Find out in the latest “Smashing Security” podcast, with special guest Lisa Forte.

Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack

Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week’s hack from leaving a lot more Twitter users with empty wallets.

Read more in my article on the Hot for Security blog.

Mitre, the creepy company checking your fingerprints on Facebook for the US Government

Cybercrime reporter Thomas Brewster has written a fascinating exposé of the activities of Mitre Corporation, which has taken on some eyebrow-raising projects for the US government.

The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried

The real worry of the Twitter hack is not the cryptocurrency scam that was spammed out, but that attackers might have accessed private messages sent and received by the rich and powerful.

Smashing Security podcast #187: Huawei ban, MGM hack, and a contact-tracing cock-up

Login chaos for England’s contact tracing service, our drill-down on the Britain’s Huawei 5G ban, MGM’s blockbuster breach, and how to pronounce “Gigabyte.”

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, and special guest Maria Varmazis.

Google’s ad ban won’t stop stalkerware apps from promoting themselves

Google has announced that from August 2020 it will be prohibiting ads for stalkerware products and services.

But a loophole means that the companies behind creepy stalkerware apps will still be able to advertise themselves.

Smashing Security podcast #186: This one’s for all the Karens!

A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast with Graham Cluley and Carole Theriault, joined this week by investigative journalist Michelle Madsen.

Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos

A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy

A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by the BBC’s Zoe Kleinman.

HEY pulls feature which could expose email threads without participants’ knowledge

HEY, a new service which aims to revolutionise users’ inboxes, admits it made a mistake which could have made it too easy for private messages to be exposed.

Pubs and restaurants left guessing after being told to collect customer data as lockdown eases

In just ten days, the UK Government says English pubs, restaurants, and cafes can open again for business.

However, they are told that they should collect contact information about every customer and visitor to their premises. But what they’re not told is how they should do this in a way that protects people’s security and privacy.