Smashing Security

Graham Cluley & Carole Theriault
Smashing Security
SMASHING SECURITY+

Get early access to the show and listen ad-free

£4.99/month or £39.99/year

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

  1. 3 DAYS AGO

    Zoom.. just one click and your data goes boom!

    Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend his life. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Elusive Comet advisory - Security Alliance.Mitigating Elusive Comet Zoom remote control attacks - Trail of Bits.Aureon Capital: The Fake VCs who Almost Hacked Me - David Z Morris.Requesting or giving Remote Control - Zoom knowledgebase article.Has Bryan Johnson’s anti-aging experiment backfired? Biohacker spending $2 million-a-year admits to a costly misstep - Economic Times.  How Blueprint Founder Bryan Johnson Sought Control Via Confidentiality Agreements - The New York Times.Anti-aging mogul Bryan Johnson claims NY Times preparing ‘hit piece’ about alleged use of prostitutes, drugs - NY Post.KOReader - document reader for E Ink devices.Killing Thatcher: The IRA, the Manhunt and the Long War on the Crown - Bookshop.org.The Urge - Our history of addiction by Carl Erik Fisher.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!1Password Extended Access Management – Secure every sign-in for every app on every device. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via a...

    33 min

  2. 16 APR

    Hacking the hackers... with a credit card?

    A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: Sell your forum accounts - PRODAFT.International Scammers Steal Over $1 Trillion in 12 Months in Global State of Scams Report 2024 - Gasa.org.Why Nigeria's internet scammers are 'role models' - BBC News.28-year-old fraudster surrenders to EFCC, confesses to romance scams - Punch Newspapers.Black Box - BBC iPlayer.Black Box trailer - YouTube.Katherine Ryan Battleaxe Tour - LW Theatres. Louis Theroux Interviews - Series 1: 5. Katherine Ryan - BBC iPlayer.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan! Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed! FOLLOW US: Follow us on Bluesky or a...

    33 min

  3. 9 APR

    Signalgate sucks, and the quandary of quishing

    QR codes are being weaponised by scammers — so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider. Plus! Don't miss our featured interview with Josh Donelson of Material and Tony Albano from Google, about detection and response in today's AI-driven world. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic.Here Are the Attack Plans That Trump’s Advisers Shared on Signal - The Atlantic.How the Atlantic’s Jeffrey Goldberg got added to the White House Signal group chat - The Guardian.From convenience to compromise: The rising threat of quishing scams - Fast Company.Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - Hacker News.QR Code Statistics 2024: Trends & Use Cases - QR Code.Honey Garlic Scallop Kabobs - Heinz.With QR Code Redemption Set to Surge to 5.3 Billion in 2025, Cybercriminals will Increase Their Quishing Attacks - Wealth & Finance International.Chess Masters: The End Game - BBC iPlayer.Cribbage Classic - iOS app store.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!1Password Extended Access Management – Secure every sign-in for every app on every device. SUPPORT THE...

    56 min

  4. 2 APR

    The fall of Troy, and whisky barrel scammers

    Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don't lose your life savings in a whisky scam... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don't miss our featured interview with Alastair Paterson, CEO and co-founder of Harmonic Security, discussing how companies can adopt Generative AI without putting their sensitive data at risk. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: A Sneaky Phish Just Grabbed my Mailchimp Mailing List - Troy Hunt.Thunderbird breach notice.Opération Cactus - Le Groupement d’Intérêt Public Action contre la Cybermalveillance.Cancer patient lost life savings to whisky barrel scammers - BBC. How to spot an investment scam - Saga Money.More than £612 million was lost to investment fraud in the UK last year - City of London Police. Adolescence - Netflix.Behind the scenes of Adolescence - YouTube.Thames Water: Inside the Crisis - BBC iPlayer.Who let the BBC inside Thames Water? - The New Statesman.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Harmonic - Let your teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. Harmonic Security gives you full control and stops leaks so your teams can innovate confidently.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="noopener...

    52 min

  5. 26 MAR

    Unleash the AI bot army against the scammers - now!

    A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: O2’s AI granny Daisy unveils what she’s learnt from her time on the phone to scammers – and what you can do to ruin their day - O2.Lenny - The Telemarketing Troll.I Built a Bot Army that Scams Scammers - Kitboga on YouTube.Takeaways From Our Money Laundering Investigation - The New York Times.Infiltrating scammer networks with the world’s top fraud fighters - YouTube.Open Street Map - Open Street Map.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. 1Password Extended Access Management – Secure every sign-in for every app on every device. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed! FOLLOW US: Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes. THANKS: Theme tune: "Vinyl Memories" by Mikael Manvelyan. Assorted sound effects: AudioBlocks. This...

    34 min

  6. 19 MAR

    Peeping perverts and FBI phone calls

    In episode 409 of the "Smashing Security" podcast, we uncover the curious case of the Chinese cyber-attack on Littleton's Electric Light Company, and a California landlord's hidden camera scandal. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: This is the FBI, open up. China's Volt Typhoon is on your network - The Register.Landlord recorded nude videos of woman tenant with cameras hidden in bedroom smoke detectors, lawsuit says - The Independent.Landlord arrested after tenant discovers hidden camera in rented room - PBSO.Hidden Cameras: What Travelers Need to Know - The New York Times.Shakespeare insults t-shirt - Royal Shakespeare Company.OAS Exhibitions - Oxford Art  Society.Carole’s “Rusty Sage” - Bluesky.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. Acronis Threat Research Unit - Your secret weapon against cyber attacks. Access the reports now.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser. Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed! FOLLOW US: Follow us on Bluesky or Mastodon, or on the a href="https://www.reddit.com/r/smashingsecurity" rel="noopener noreferrer"...

    35 min

  7. 12 MAR

    A gag order backfires, and a snail mail ransom demand

    What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: 'We wanted to help': Students arrested after exposing FreeHour security flaw - Times of Malta.Medusa ransomware gang demands $2M from UK private health services provider - DataBreaches.net.Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - DataBreaches.net.HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply - DataBreaches.net.Security firm leaves more than five billion records exposed on unsecured database - Graham Cluley.After threatening me with legal action, Keepnet Labs finally issues statement over data breach - Graham Cluley.Sophos apologises for going legal on school techies - The Register.Mail Scam Targeting Corporate Executives Claims Ties to Ransomware - IC3.One of the nastiest ransomware groups around may have a whole new way of doing things - TechRadar.Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear - GuidePoint Security.Severance - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: 1Password Extended Access Management – Secure every sign-in for every app on every device.Palo Alto Networks - Get the 2025 Unit 42 Global Incident Response report to discover emerging threat trends, attacker tactics and expert recommendations to safeguard your business.a...

    33 min

  8. 5 MAR

    HP's hold music, and human trafficking

    Journey with us to Myanmar's shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company's mandatory hold time for tech support could lead to innocent users having their computers compromised. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Acronis CISO Gerald Beuchelt! Warning: This podcast may contain nuts, adult themes, and rude language. Episode links: HP deliberately adds 15 minutes waiting time for telephone support calls - The Register.HP mandated 15-minute wait time for callers - why that was good news for criminals - Bob Sullivan.How vulnerable people are trafficked to fuel a global cyber scam industry - ABC News.Hundreds of foreigners freed from Myanmar's scam centres - BBC News.'I need help': Freed from Myanmar's scam centres, thousands are now stranded - BBC News.Some foreigners pulled out of Myanmar scam centres face struggle to get home - Yahoo! News.'Pig Butchering' Scam: How China's 'Broken Tooth' stole over $75 bn from global investors using crypto currencies - The Economic Times.Scunthorpe problem - Wikipedia.Scunthorpe Sans font.Sociopath: A Memoir by Patric Gagne - Goodreads.Smashing Security merchandise (t-shirts, mugs, stickers and stuff) Sponsored by: Acronis - Integrated cybersecurity, data protection and endpoint management built for MSPs.Threat Vector - The podcast from Palo Alto Networks that gives you timely analysis of current security trends and challenges.Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on a href="https://apple.co/2J1YMCu"...

    54 min
See All (408)

Hosts & Guests

4.8
out of 5
257 Ratings

About

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner of the best and most entertaining cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, Smashing Security has had over ten million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @smashinsecurity, and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). This podcast uses the following third-party services for analysis: OP3 - https://op3.dev/privacy

Information

  • Creator
    Graham Cluley & Carole Theriault
  • Years Active
    2017 - 2025
  • Episodes
    408
  • Rating
    Explicit
  • Copyright
    © 2016-2025 Graham Cluley & Carole Theriault
  • Show Website
    Smashing Security
  • Provider
    Graham Cluley

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada