Graham Cluley

Smashing Security podcast #458: How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn’t stirred since 2024 – and within ...
Graham Cluley

Smashing Security podcast #457: How a cybersecurity boss framed his own employee

When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker… who promptly sent ...
Graham Cluley

GCHQ: Graham Cluley’s cybersecurity newsletter

Do you want to make sure that you never miss a hot computer security story? Over 100,000 people follow my cybersecurity updates – and this is your chance to make ...
Graham Cluley

Smashing Security podcast #456: How to lose friends and DDoS people

When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email – they allegedly weaponised their own CAPTCHA page to ...
Graham Cluley

Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well

Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about – especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting. Sloppy redaction ...
Graham Cluley

The UK Cabinet is meeting on Zoom… here’s the meeting ID

UK Prime Minister Boris Johnson announced on Twitter this afternoon that he was chairing the first ever digital Cabinet, while he self-isolated himself at Downing Street after revealing he was ...
Graham Cluley

Smashing Security podcast #455: Face off: Meta’s Glasses and America’s internet kill switch

Could America turn off Europe’s internet? That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and ...
Graham Cluley

Smashing Security podcast #308: Jail after VPN fail, criminal messaging apps, and wolf-crying watches

When Ubiquiti suffered a hack the world assumed it was just a regular security breach, but the truth was much stranger… why are police happy that criminals keep using end-to-end encrypted messaging ...
Graham Cluley

Smashing Security podcast #364: Bing pop-up wars, and the British Library ransomware scandal

There’s a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack. All ...
Graham Cluley

Mastodon: What you need to know for your security and privacy

Mastodon is hot right now. After some years of only being used by geeks (yes, I’ve had an account for a while now) it’s at the tipping point of becoming mainstream… all because of two words: Elon Musk ...
Graham Cluley

Smashing Security podcast #339: Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?

Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee… just to send $1,865. Oh, and our guest mentions Mr Blobby (to the ...
Graham Cluley

Round 3! The toothbrush DDoS attack saga continues: Newspaper counters Fortinet’s translation claim in contentious interview

The newspaper Aargauer Zeitung published an article claiming that three million IoT-connected toothbrushes had launched a distributed denial-of-service attack against a Swiss company, causing its ...