Smashing Security12 Loka 2022

Massive crypto bungle, and the slave scammers

A couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being forced to commit pig-butchering scams.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are flying solo again this week.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

DeFi bug accidentally gives $90 million to users, founder begs them to return it - CNBC.
Compound boss begs users to return $90 million worth of cryptocurrency they were accidentally gifted - Robert Leshner on Twitter.
Couple mistakenly given $10.5m from Crypto.com thought they had won contest, court hears - The Guardian.
Mother accused of spending spree after mistakenly receiving $10 million in crypto bungle heads to trial - 9 News.
Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis - The Guardian.
ZÈRTZ game.
ZÈRTZ - Wikipedia.
GIPF project - Wikipedia.
The Capture - BBC iPlayer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(472)

This AI security flaw might be impossible to fix

A website called "UK visa portal" has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They wer...

3 Kesä 57min

What your Oura ring won't tell you

CISA, the US government agency whose entire job is keeping America's critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile...

27 Touko 53min

High-speed train hacks and homicidal lawnmowers

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative...

20 Touko 55min

How ShinyHunters hacked the world's biggest universities

Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused t...

13 Touko 1h 4min

Meta sees everything, Copy Fail, and a deepfake gets hired

Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1...

6 Touko 1h 2min

This developer wanted to cheat at Roblox. It cost millions

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach ...

29 Huhti 1h 4min

Rockstar got hacked. The data was junk. The secrets it revealed were not

A company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 2...

22 Huhti 51min

This AI company leaked its own code. It's also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $60...

15 Huhti 50min