Smashing Security29 Maalis 2023

Crypto hacker hijinks, government spyware, and Utah social media shocker

A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Tweet by Euler Finance confirming security breach - Twitter.
Euler Finance to Offer $1M Reward as It Reels From Nearly $200M Exploit - Coindesk.
Hackers stole over $500m in cryptocurrency in record-making heist, Ronin says - The Guardian.
Hacker Behind $200M Euler Attack Apologizes, Returns Millions in Ether, Dai to Protocol - Coindesk.
President Biden kind of mostly bans commercial spyware from US govt - The Register.
Utah Law Could Curb Use of TikTok and Instagram by Children and Teens - New York Times.
Utah’s social media for kids law could be coming to a state near you - Vox.
Utah Governor Spencer Cox signs a landmark social media bill - YouTube.
RRR - Netflix.
RRR trailer - YouTube.
RRR Naatu Naatu dance scene - YouTube.
Best films of 2022 in the UK, No 7: RRR - The Guardian.
He Died with a Felafel in His Hand - Wikipedia.
Swarm - Amazon Prime.
Night of the Lepus - Wikipedia.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
hCaptcha - hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats. Start your free trial today.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(472)

This AI security flaw might be impossible to fix

A website called "UK visa portal" has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They wer...

3 Kesä 57min

What your Oura ring won't tell you

CISA, the US government agency whose entire job is keeping America's critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile...

27 Touko 53min

High-speed train hacks and homicidal lawnmowers

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative...

20 Touko 55min

How ShinyHunters hacked the world's biggest universities

Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused t...

13 Touko 1h 4min

Meta sees everything, Copy Fail, and a deepfake gets hired

Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1...

6 Touko 1h 2min

This developer wanted to cheat at Roblox. It cost millions

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach ...

29 Huhti 1h 4min

Rockstar got hacked. The data was junk. The secrets it revealed were not

A company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 2...

22 Huhti 51min

This AI company leaked its own code. It's also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $60...

15 Huhti 50min