In episode 451 of "Smashing Security," we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more - and then helpfully posted screenshots (and even someone’s blood type) on an account called "I hacked the government."

Plus we discuss how researchers uncovered a creepy flaw that lets attackers hijack wireless headphones, listen in on calls, inject audio, and even turn your earbuds into a stalking device - all without you noticing.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Ray [REDACTED]

EPISODE LINKS:

• Tennessee Man Pleads in Hacking U.S. Supreme Court, AmeriCorps, and VA Health System - US Department of Justice.
• Paris Hilton’s hacker sentenced to 57 months in prison - Graham Cluley.
• WhisperPair.
• One Tap To Hijack Them All - A Security Analysis of the Google Fast Pair Protocol - YouTube.
• Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking - Wired.
• Line of Duty - Wikipedia.
• Line of Duty - BBC iPlayer.
• Forgive the haters - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale - sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked for.

And we dig into Grok, Elon Musk’s AI chatbot, after it started generating sexualised images of women and children - raising uncomfortable questions about guardrails, accountability, and why playing the censorship card doesn’t make the problem go away.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Monica Verma.

EPISODE LINKS:

• Free Speech Union website down after alleged funders exposed by trans hackers - Pink News.
• Illinois Man Charged in Snapchat Hacking Investigation - US Dept of Justice.
• Hackers get hacked, as BreachForums database is leaked - Hot for Security.
• Post by Malwarebytes - Bluesky.
• Post by Instagram - Twitter.
• Instagram denies breach amid claims of 17 million account data leak - Bleeping Computer.
• Ofcom asks X about reports its Grok AI makes sexualised images of children - BBC News.
• Musk’s Grok blocked by Indonesia, Malaysia over sexualized images in world first - CNN.
• Elon Musk shares AI images of Starmer in bikini in row over grim Grok deepfakes - Mirror.
• Soul Music - BBC Sounds.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".

Romance scammers have apparently discovered astrology... and Taurus is their secret weapon.

In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto.

Then Lesley "hacks4pancakes" Carhart delivers a reality check on the dire cybersecurity jobs market for juniors: why entry-level roles are evaporating, how automated CV screening is chewing candidates up, and what hopeful newcomers (and weary veterans) can do about it.

Plus, Graham talks to ThreatLocker CEO Danny Jenkins about why misconfigurations are behind an uncomfortable number of breaches, how default-deny security actually works in practice, and why detecting attacks after they’ve started is already too late.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Lesley Carhart.

EPISODE LINKS:

• Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet - Hackread.
• Ilya Lichtenstein, Bitcoin hacker behind massive crypto theft, credits Trump for early prison release - CNBC.
• How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection - Securonix.
• A scammer's guide: How cybercriminals plot to rob a target in a week - Reuters.
• Game of Wool: Britian’s Best Knitter - Channel 4.
• Game of Wool trailer - YouTube.
• Earthrise One: Melbourne's Premier Sci-Fi Escape Room Adventure.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".