Smashing Security23 Loka 2024

When security firms get hacked, and your new North Korean remote worker

The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

SolarWinds Sunburst supply chain attack - Wikipedia.
Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.
SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.
Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.
Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.
67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.
A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.
US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.
Watch “Undercover: Exposing the Far Right” - Channel 4.
Undercover film exposing UK far-right activists pulled from London festival - The Guardian.
Kermode and Mayo’s Take - YouTube.
The Fear of God: 25 Years of the Exorcist – BBC iPlayer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

1Password Extended Access Management – Secure every sign-in for every app on every device.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(465)

This AI company leaked its own code. It's also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $60...

15 Huhti 50min

LinkedIn is spying on you, and you agreed to nothing

LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you're job hunting, what religion you are, and whether you have AD...

8 Huhti 41min

This man hid $400 million in a fishing rod. Then it vanished

A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. There's just one small problem: the access co...

1 Huhti 45min

Never knock on the door of a nuclear submarine base and ask for a selfie

A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from ...

26 Maalis 40min

This clever scam nearly hijacked a tech CEO's Apple ID

In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg - involving MFA fatigue, real Apple alerts, a convincing su...

19 Maalis 54min

How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite en...

12 Maalis 41min

How a cybersecurity boss framed his own employee

When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker... who promptly sent an inno...

5 Maalis 49min

How to lose friends and DDoS people

When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to ...

26 Helmi 48min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää