Smashing Security5 Feb 2025

Coinbase crypto heists, QR codes, and ransomware in the classroom

In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

ZachXBT’s thread - Twitter.
Coinbase employee tells users not to use a VPN or ad blocker - Twitter.
What PowerSchool won’t say about its data breach affecting millions of students - TechCrunch.
QR code - Wikipedia.
Reed–Solomon error correction - Wikipedia.
Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express.
Scam alert: QR code on an unexpected package - Consumer Advice
New Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog.
What You Must Know Before Scanning a QR Code - AARP.
“More” - Niall Conlon.
“Money Men” by Dan McCrum - Penguin Books.
Bitter Orange Marmalade Recipe - Ballymaloe Cooking School.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!
1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
Cortex Symphony 2025 - Ready to transform your cybersecurity? Register now to see the future of security innovation with exclusive insights, demos, and stories from pros.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(470)

The dark web's worst assassins, and Pegasus in the dock

In episode 452, a London-based YouTuber wins a landmark court case against Saudi Arabia after his phone was hacked with Pegasus spyware — exposing how a single, seemingly harmless text message can tur...

29 Jan 45min

I hacked the government, and your headphones are next

In episode 451 of "Smashing Security," we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more - and then helpfully posted screenshots (and even someone’s blood type) on ...

22 Jan 45min

From Instagram panic to Grok gone wild

Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale - sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked ...

15 Jan 36min

How to scam someone in seven days

Romance scammers have apparently discovered astrology... and Taurus is their secret weapon.In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with...

8 Jan 1h 1min

The Kindle that got pwned

Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook ...

18 Des 202536min

Grok the stalker, the Louvre heist, and Microsoft 365 mayhem

On this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily do...

11 Des 202555min

A hacker doxxes himself, and social engineering-as-a-service

A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer... and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and c...

4 Des 202544min

The hack that brought back the zombie apocalypse

America's airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency a...

27 Nov 202540min