A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect.

Meanwhile, Carole checks the rear-view mirror on the driverless car industry. Whatever happened to those million Tesla robotaxis Elon Musk promised by 2020? Spoiler: they’re here — sort of — but they sometimes drive into oncoming traffic.

Plus: Leighton House, heatwave survival gadgets, and an unflushable toilet situation (not what you think).

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Mexican drug cartel hacker spied on FBI official’s phone to track and kill informants, report says - TechCrunch.
• Audit of the Federal Bureau of Investigation's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - US Department of Justice Office of the Inspector General.
• Tesla driver tells police he was using 'self-drive' system when his car hit a parked police vehicle - AP News.
• ‘Lidar is lame’: why Elon Musk’s vision for a self-driving Tesla taxi faltered - The Guardian.
• Tesla invited influencers to test its robotaxi. Here's what they had to say - USA Today Europe.
• Elon Musk Hails 'Successful' Tesla Robotaxis Launch in Austin Amid Reported Glitches - eWEEK.
• A Fatal Tesla Crash Shows the Limits of Full Self-Driving - Bloomberg.
• The Arab Hall at Leighton House.
• Spandau Ballet’s “Gold” - shot at Leighton House!
• Shark FlexBreeze Fan With InstaCool Mist Attachment - Shark.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Trelica by 1Password- Access Governance for every SaaS app.

In this episode, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Telegram.

Meanwhile, Carole exposes the AI-generated remote hiring threat. Could your next coworker be a North Korean hacker with a perfect LinkedIn?

And BBC cyber correspondent Joe Tidy joins us to talk about "Ctrl-Alt-Chaos", his new book diving into the murky world of teenage hackers, ransomware gangs, and the strange motivations that lie behind digital mayhem.

Plus: competitive pond husbandry, dead slugs, Hitster the board game, and a shoutout to the AI startup that hijacked Graham's SEO.

All this and more is discussed in episode 423 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault - it's like a cauldron of life... but for cybersecurity.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• Operation Endgame.
• Ctrl+Alt+Chaos.
• Lizard Squad Member: Why I Took Down Xbox and PlayStation - YouTube.
• Reckoning With the Rise of Deepfakes - The Regulatory Review.
• Deepfake interviews: Navigating the growing AI threat in recruitment and organizational security - Fast Company.
• Why Your Hiring Process is Now a Cybersecurity Vulnerability - Pindrop.
• Best Practices for Defeating Deepfake Candidate Fraud - Dice Hiring.
• Phanpy - A minimalistic opinionated Mastodon web client.
• How to make a mini pond - Gardener’s World.
• Hitster board game.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• Flare- Uncover the latest threats across the dark web and Telegram. Start your free trial today.
• Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on

A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment, and somehow walks free... only to get booted back Down Under.

Plus: flow states, Bob Mortimer, and the joys of pretending to carry an owl around on a cushion.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• The Cheltenham Doughnut - Wikipedia.
• Summer placements - GCHQ.
• Spy school dropout: GCHQ intern jailed for swiping classified data - The Register.
• Former GCHQ intern jailed for taking top secret files home - Crown Prosecution Service.
• United States government says it will deport Australian hacker David Kee Crees - ABC News.
• Australian national known as “DR32” sentenced in U.S. federal court – DataBreaches.
• ICE takes steps to deport the Australian hacker known as “DR32” – DataBreaches.
• Aussie Travel Cover has hundreds of thousands of records stolen in hacking, policy holders not informed - ABC News.
• Australian cybercriminal to be deported from US - Information Age.
• Government sites hit by Aussie Travel Cover hacker - ZDNET.
• Abdilo, Australia-based computer hacker, live streams attack on US education sites - ABC News.
• Bob Mortimer's Pet Owl - YouTube.
• And Away… by Bob Mortimer - Simon & Schuster.
• Flow by Mihaly Csikszentmihaly - HarperCollins.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by: