logo
episode-header-image
Sep 2022
50m 53s

Chiquita banana, dumb criminals, and det...

Graham Cluley & Carole Theriault
About this episode

Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:


Sponsored by:

  • Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
  • Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
  • SolCyber – SolCyber delivers Fortune 500 level cybersecurity for small and medium-sized enterprises. If the bad guys aren’t being discriminating about who they’re attacking, how can you settle for anything less?

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.



This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy
Up next
Jul 2
Surveillance, spyware, and self-driving snafus
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly ... Show More
34m 5s
Jun 25
Operation Endgame, deepfakes, and dead slugs
In this episode, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Telegram.Meanwhile, Carole exposes the AI-generated remote hiring threat. Could your ... Show More
54m 59s
Jun 18
The curious case of the code copier
A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment, and somehow walks free... only to get boo ... Show More
32m 16s
Recommended Episodes
Feb 2023
A boom of infostealers and stolen credentials.
Keith Jarvis, Senior Security Researcher from Secureworks Counter Threat Unit (CTU), shares his thoughts on the alarming rise of infostealers and stolen credentials. Dave and Joe share some listener follow-up from Ron who writes in about a book, entitled "Firewalls Don't Stop Dra ... Show More
48m 27s
Oct 2017
Reaper looks like a criminal booter on the Chinese black market. BadRabbit shows some moves. Catch-All malicious Chrome extension. Android currency miners in Google Play. Indictments in Russia probe.
In today's podcast, we hear that the Reaper botnet is still quiet, and looking like a booter-for-hire. BadRabbit shows some odd stealth, and some interesting strategic selectivity. A malicious Chrome extension steals everything you put on a website. Currency miners on phones seem ... Show More
14m 40s
Feb 2019
Hybrid war and tactical influence operations. Separ lives off the land. NoRelationship attacks get past email filters. Responsible disclosure. Man-in-the-room bug. Ship hacking. Password managers.
In today’s podcast we hear about a test of influencing soldiers through their social media: Instagram works best, Twitter not so much. Separ credential-stealing malware successfully lives off the land. NoRelationship attacks get past some email filters. Spamming users to get your ... Show More
21m 33s
May 2023
133: I'm the Real Connor
One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days he’s ever had. SponsorsSupport for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce r ... Show More
39m 21s
Nov 2018
RATs and the long game. New ransomware, Learning from other espionage services. Advance-fee scams continue to infest Twitter. Fancy Bear says it can’t be sued.
In today’s podcast, we hear that tRAT indicates a criminal shift to a longer game. Chinese industrial espionage copies Russian services’ tricks. Dharma ransomware evolves. Bitcoin’s price may be tanking, but Bitcoin-based advance-fee scams are still all over Twitter, with bogus b ... Show More
20m 6s
Jan 2024
Another day, another Blizzard attack.
Cozy Bear breaches Hewlett Packard Enterprise. An investigation reveals global surveillance based on digital advertising. Cisco patches critical vulnerabilities. Meta aims to enhance the online safety of minors.  iOS notifications are exploited for tracking. EquiLend’s systems go ... Show More
35m 32s
Jan 2020
Curveball proofs-of-concept. CISA warns chemical industry. Military families harassed online. Phishing the UN. Fleeceware in the Play Store. Moscow says there was no Burisma hack.
Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers recei ... Show More
21m 50s
Jul 2023
Barking up the wrong Facebook page.
Mallory Sofastaii, consumer investigative reporter from WMAR TV, is discussing animal rescue organizations on Facebook pages being taken over by hackers. Listener George writes in to share how his bank is not doing enough to protect against fraud going on. Dave's story follows sc ... Show More
54m 52s
Mar 2022
The Rise of the Hacking Group LAPSUS$
It started with SIM swapping and escalated into hacks of Okta, Microsoft, Nvidia, and EA. They’re LAPSUS$, a hacking collective that’s been the boogeyman of big corporations for the past few years. People have wondered about their motivations and identities. Now, seven of them ha ... Show More
33m 17s
May 2020
The Dark Secrets of a Hacking Hero
In May of 2017, Marcus Hutchins saved the internet. A vicious ransomware attack known as WannaCry had infected computer systems across dozens of countries. It was the worst cyberattack in history at the time, and it seemed unstoppable. But Hutchins, a 23-year-old-hacker in Ilfrac ... Show More
30m 39s
Listen to millions of songs and podcasts on Anghami